In just about every organisation the focus is on the largest suppliers, the most critical. And with regards to gathering data on suppliers it may make perfect sense for a purchasing department to allocate resources to where the greatest proportion of activity occurs. But when it comes to risk, dangers are equally likely at any point in the supplier base, whether the supplier be large or small.

There are plenty of examples of where production lines have been brought to a standstill by the failure in supply of a seemingly insignificant component – take for example, the incident two years ago at Toyota, where problems at a supplier of piston rings created a stoppage that lasted several days at twelve of the automotive manufacturer’s plants.

This incident may have been costly for Toyota, even somewhat embarrassing, however, far greater damage can result from a brand’s failure to identify and address the risks to its reputation from its smaller suppliers. Risks that may come about through a purchasing organisation’s inability to identify a small supplier’s non-compliance with issues such as: Health & safety, legal & statutory, data security, CSR and quality targets.

In areas such as Health & Safety supplier failure can be enormously damaging, not only in terms of reputation, but also in terms of cost and exposure to possible litigation. An accident is a hugely expensive, disruptive event but companies can no longer exonerate themselves by relying on a contract that abdicates responsibility to the supplier. The changing attitude of those in authority is that buyers should be active in monitoring and checking that suppliers are compliant, regardless of the size of the contract or the supplier. Conducting regular checks – or when justified, audits – of all suppliers and having detailed and up-to-date information on them, is the only way of mitigating this risk and of demonstrating to the authorities, along with other key stakeholders, that a buyer is diligent and responsible.

However, most companies, even the largest and most professional, do not have data on their smaller suppliers; they tend to concentrate on their top quartile, leaving 75 per cent or more of their suppliers completely off the radar. This is a significant exposure to risk.

If buyers are going to manage the growing and complex matrix of potential risks effectively, visibility of appropriate, accurate and verified information is going to be essential, across the full spectrum of the supply base. But the problem facing most companies is one of time, resources and the complexity of the task. For large multi-national companies that means gathering, evaluating and monitoring information in a consistent way across a supply base of perhaps several thousand suppliers. For any one company that is a major challenge.

What makes more sense is to work collaboratively within industrial sectors to share the burden of gathering and maintaining this comprehensive data resource. By working in collaborative communities within industrial sectors, much of the work associated with updating information and monitoring suppliers can be undertaken by just one independent party, to the mutual benefit of the entire community – including buyers and suppliers. Furthermore, tools and processes for identifying and ranking supplier risk can then be adapted for individual companies, so that they are used effectively to understand and manage the risks in any particular supply chain in a controlled way.

By the very nature of the way the vast majority of companies tend to structure their analysis and appraisal of potential risk around the top tier of suppliers, the significant exposure to the risks from the large raft of smaller suppliers surely makes a collaborative approach to this complex challenge the most compelling solution.