Characterizing Risk Exposure

Objective

After completing this lesson, you will be able to summarize the characteristics of risk exposure in SAP Ariba Supplier Risk.

Risk Exposure

SAP Ariba Supplier Risk expresses a supplier’s overall risk exposure as a numerical value ranging from 1 to 100, with 100 representing the highest risk and 1 the lowest risk. Overall risk exposure combines the exposure in different risk categories based on your company's priorities.

The system also calculates a supplier’s current risk exposure in different risk categories. Unlike the supplier's overall risk exposure, category risk exposure can sometimes be 0 if there's no data for the category, or if the data results in an exposure of 0. For example, if the only data available for the Financial category is a count of 0 bankruptcies, the risk exposure for that category is 0.

Note

By default, SAP Ariba breaks down a supplier’s risk exposure into four categories, but your company can enable an optional feature that allows you to create up to 25 custom risk categories.

Sometimes, you may encounter a situation where a supplier's risk exposure is listed as unknown. This indicates that SAP Ariba Supplier Risk does not have sufficient information to calculate the exposure accurately. Ensuring your supplier data is comprehensive and up-to-date helps eliminate these information gaps.

Factors Affecting Risk Exposure

Several factors influence a supplier's risk exposure, and the system weights them based on your company's specific criteria. Here’s a summary of the key factors:

  • News items about the supplier: Relevant news articles can offer insights into potential risks.
  • Corporate information about the supplier: Financial health, management changes, and other corporate developments are considered.
  • Geographical data on natural disasters: The likelihood of natural disasters in the supplier's location can impact risk.
  • Compliance information about the supplier: Legal, regulatory, and environmental risks are taken into account.
  • Risk data associated with the supplier's country/region profile: Political and economic stability, among other factors, are considered.
  • Structured risk information based on the supplier's corporate hierarchy: Hierarchical information helps in assessing risks associated with parent companies or subsidiaries.
  • Custom fields defined by your organization: Additional relevant data, such as spend volume or internal ratings, can be added via CSV upload or API to contribute to risk exposure calculations as needed.

Note

SAP Ariba Supplier Risk gathers data, including articles, news reports, company information, and other third-party content, from multiple public and private service providers. This data often includes either links to third-party websites where the information is available or inverse links that bring the third-party data into SAP Ariba Supplier Risk. SAP Ariba believes the sources of information to be reliable but has no control over any aspect of these third-party sites, including accuracy, timeliness, products promoted, data collection policies, or potential for distribution of computer viruses. SAP Ariba doesn't review content from third-party providers; the information could contain errors and is provided to facilitate further research.

Risk Categories

Default Risk Categories

The default risk categories in SAP Ariba Supplier Risk are Regulatory & legal, Environmental & social, Financial, and Operational.

The following table provides examples of incidents related to each default risk category.

Default Risk CategoryIncident Examples
Regulatory & legal
  • Sanctions and watchlists​
  • Corruption​ and bribery
  • Legal​ issues
  • Cyber threats​
  • Fraud​ and forgery
  • Corporate crime​
Environmental & social
  • Human rights​
  • Labor issues​
  • Health and safety​
  • Environmental issues​
  • Conflict commodities​
  • Unethical practice​​
Financial
  • Bankruptcy​
  • Insolvency​
  • Mergers and acquisitions​
  • Credit rating downgrade​
  • Downsizing​
  • Price increases​
Operational
  • Natural disasters and accidents​
  • Labor issues​
  • Pandemic
  • Transportation issues
  • Plant disruption or shutdown​
  • Product issues​

Custom Risk Categories

If the custom risk categories feature (ARI-16780) is enabled in your site, your organization can create up to 25 custom risk categories for supplier risk exposure. These categories can include data from engagement projects, customer data, and external data from third-party data providers.

Note

Custom category data currently isn't supported in the following applications or areas:

  • SAP Ariba Buying
  • SAP Ariba Buying and Invoicing with the guided buying capability
  • The SAP Ariba Supplier Risk dashboard on SAP Analytics Cloud

If your organization enables custom risk categories, these applications and areas show overall risk exposure but not category risk exposure. Any type of search for suppliers by risk exposure based on custom categories isn't supported.

Custom category data is supported in the classic supplier 360° profile.

Summary

  • SAP Ariba Supplier Risk quantifies overall risk exposure using values from 1 (lowest risk) to 100 (highest risk).
  • Overall risk exposure combines multiple category exposures, influenced by company priorities; a category's risk exposure can be zero.
  • Factors affecting risk exposure include news, corporate info, geographical data, compliance, country/region profile, and supplier relationships.
  • Default risk categories include Regulatory & legal, Environmental & social, Financial, and Operational; an optional feature allows up to 25 custom categories.
  • Custom risk categories aren't supported in certain SAP Ariba applications, but are available in the classic supplier 360° profile.

Learning

SAP FacebookSAP YoutubeSAP LinkedIn