Featured Product
This Week in Quality Digest Live
Risk Management Features
Oliver Binz
Better internal information systems help managers tell consumer demand from inflationary pressure
Steven I. Azizi
Take these steps to protect your employees and your company
Oliver Laasch
There’s unlikely to be a point of general stability anytime soon
Gleb Tsipursky
You shouldn’t trust your gut as a decision-maker: Here’s why.
NIST examines disinfection methods that could be critical in the future if PPE supply is low

More Features

Risk Management News
ISO 21434 automotive cybersecurity and implementing design and process FMEAs
Implementing a SIOP process can smooth supply spikes while improving cash flow and increasing profitability
Does your business’ security match up with competitors?
Prior to vote, IAF seeks industry feedback to understand the level of demand from businesses and regulators.
The acquisition targets the rapidly widening gap between quality data creation and leverage
Winter 2022 release of Reliance QMS focuses on usability, mobility, and actionable insights
Designed to offer a comprehensive safety solution for fleet vehicles and workforce personnel
A cybersecurity expert lays out crucial HR practices to amplify attack readiness for modern businesses
NordLocker study discloses industries at a heightened risk of ransomware attacks, with manufacturers taking a troubling second place

More News

Benjamin Mack

Risk Management

Mitigating Supplier Risk Through Cloud-Based Quality Management Portals

Automation = visibility

Published: Thursday, April 30, 2015 - 09:41

Suppliers play a major role in bringing products to market. This means that the product received from suppliers must be safe and of the highest possible quality, which is a must because stakeholders not only rely on their suppliers to help bring products to market—they also rely on them to help maintain their brand image.

Including suppliers in your business processes allows them to access your compliance standards and provides you with greater visibility into their processes, making collaboration between supplier and stakeholder faster and less prone to error.

Furthermore, when we look at businesses today, regardless of industry or size, we see the growing trend of tearing down informational silos. This is a good thing, because the less division stakeholders have in their data yields greater visibility into all aspects of the business. For processes around quality and compliance management, this means that there’s more information to pull from when trying to mitigate risk and improve compliance. For the supply chain, however, it’s an evolving process.

Companies now recognize the effect of the supply chain on quality and compliance, and are seeking ways to tear down the silos of information that separate supplier quality from their own four walls.

An increasing number of companies are seeing the value in providing suppliers with visibility into their quality and compliance system, and are thereby reaping the benefits of true collaboration.

Alleviate security concerns with a cloud-based portal

Although allowing visibility into your quality processes is beneficial for the supplier, there is still a level of concern that exists regarding data security when allowing suppliers into your internal systems. Many organizations opt not to connect with suppliers at all based on this concern. However, keeping suppliers completely separated when it comes to your quality system could do more damage in the long run. To enhance the security of the process, you can turn to the cloud to provide an intermediary portal between your business and your suppliers. This way you can extend your quality system in a limited fashion to your suppliers through an external, cloud-based supplier portal.

Cloud-based external systems allow suppliers to jump into a custom dashboard where they can see all of their events, post-market data, corrective actions, and even design changes, and they’ll be able to work on these processes, update them, and securely transfer the data to your business. Putting this in the cloud eliminates any security concerns, and you can show the suppliers only what they need to see.

This cloud environment can be configured to meet your supplier’s business needs exactly, while protecting data within your internal system. Only the data that suppliers need to work on will be available to them, and you’ll be able to protect the data that is within your four walls.

The ability to extend only necessary information to suppliers allows an organization to alleviate security concerns, while involving suppliers in the process to promote an efficient supplier relationship.

Connecting the supply chain to your quality system

The supply chain offers many benefits in a global economy—greater flexibility, specialized knowledge and products, ability to leverage new technologies, better brand focus, transference of risks, reduction of costs, faster time to market, and more.

However, there are inherent risks of moving elements of your production and processes to a supplier. Losing a critical internal skill set, intellectual property protection, cultural and business differences, visibility of processes, and overall quality can become areas of risk.

Perhaps the biggest challenge is in mitigating supplier risk and improving quality within the supply chain. If we look at the supply chain like any other business component, you have a set of data, information, and processes that are siloed off from your core business. The goal is to tear down that silo and bring greater visibility into supplier quality and compliance. An integrated quality management system makes this possible. By integrating key processes into the QMS, you can incorporate supplier data and manage the overall processes and materials from the suppliers, and provide details on how to handle these processes and materials. Furthermore, having an integrated and holistic approach to supply chain visibility allows you to make the suppliers a part of your internal process.

Below are some methods to improve supplier quality, increase visibility, and connect the supply chain to your QMS:

• Change management. By including suppliers into your change management process, you can conduct a failure modes and effects analysis (FMEA) or similar design process change, such as production part and approval process (PPAP), which ensures that suppliers are notified of these changes at the design phase. This way, they will know whether their components will conform to a new design, and will be able to mitigate any risks. The result is a finished product that has factored in the supplier components as well as the production process.
How it works: Building a system of notification and integration is the best way. Once a PPAP or FMEA is routed, have the suppliers included in the notification. It could be as simple as a design document in Excel, or an integrated, secure login to allow supplier review as part of the workflow. Or, they can access a supplier portal and view any changes assigned to them. Either way, you’re pushing suppliers to review and sign off on a new design and ensure that their components will fit into the new specification.

• Managing supplier performance. One of the biggest obstacles to supply chain quality is the accountability factor. Suppliers might be held to certain standards, but if they’re not able to have visibility into your system, they’re not always clear on how you’re rating them. Having a quantitative supplier rating system tied to risk-based methods will provide you and the business with a defined measure for supplier performance. Furthermore, allowing the supplier to jump in and see their ratings is also a benefit; now they can see how they rate, and see where they can improve to become a favored supplier.
How it works: Again, having the ability to grant secure access to the supplier is key to integration. You can limit this access in the system, and the suppliers will be able to jump in and see only their ratings and any open items that might pertain to them, such as a supplier corrective action (SCAR). From the business side, having the ability to tie all supplier-related activities—inspections, monitoring, nonconformances, and corrective actions—into the supplier rating calculation is an essential way to get a true picture of supplier performance. The system should be able to constantly update a rating from all activities where the supplier component is involved. Furthermore, with cloud-based supplier portals, the supplier can log into their secure portal and see their own ratings as well.

• Nonconformance and out-of-specification management. Sometimes things aren’t always as they seem, and components and material will be out of specification. In a siloed world, the business handles the issue, communicates to the supplier, and moves on. However, if you can automatically generate nonconformances and notify the supplier of anything that is out of specification, there’s a tighter collaboration. There may be an unforeseen deviation or solution that can be implemented, or a supplier can change and adapt more quickly if they are notified in real time vs. a time lag in other scenarios. Tying suppliers to the process helps in this facet. You can also build risk management into this dynamic. Having a risk ranking for each product event can help to filter and prioritize the severity of that event, and push those critical items to the top. Suppliers can see all this in a supplier portal. Product-based risk helps to identify all the known and potential hazards, measure risk levels based on effectiveness of current controls, react to high risks based on as low as reasonably practicable (ALARP) standards with follow-up actions, proactively identify the need for improvement based on trend data, and predict the effect of change by calculating residual risk levels from the change in the effectiveness of controls.
How it works: This all boils down to real-time notification. If a system can notify internal users when there’s a nonconformance, what’s to say they can’t notify a supplier as well? A notification is simply an email or something like an email that brings the affected user or group back into the system to review a record. Having the supplier notified is a much faster way of ensuring that you are getting results in a more real-time capacity, rather than using a less efficient way of communicating “offline.” Plus, a system with a comment history or record tracking can show what the supplier is doing to correct any specification issues and have visibility into time to complete, costs, or disposition types involved.

• Corrective actions. Internally, the corrective action process is effective for managing any systemic issues within the business. For the supply chain, it’s important that there’s a collaborative process to enable the supplier to complete a part of the corrective action. This is so that you’re able to continuously improve not only your finished product, but also enable the supplier to improve the components that make up that product. Designating a workflow step that forces the supplier to use your system to address these issues is a beneficial step in visibility. This way, you are not only tracking what you’re doing to improve, you’re also tracking what the supplier is doing to improve. Add in the concept of risk management and you’ve now created a quantitative measure that shows the criticality of that event. Suppliers can address those events that pose the greatest risk to the business and their relationship with the business. No longer does a SCAR go into a “black hole” once submitted to the supplier; they’re a part of the process.
How it works: As a business, you need to implement systems that will involve secure access to suppliers. The biggest challenge is the “You will know too much if I let you in” conundrum. Unfettered access is bad; limited access is the key. When looking to involve a supplier in your system’s corrective action process, it’s critical that you make sure that when they log in, they are only seeing what they’re required to see and nothing more. A strong security model is needed; this way, the supplier logs in, sees their steps to corrective action, fills them out, and routes them forward back to your side of the business. You’ve granted limited visibility for maximum benefit—get in, get it done, and get out.

Closing thoughts

By incorporating suppliers into your quality and compliance activities you’ll add a greater level of assurance into the quality of product that your suppliers are providing, the safety of the product they’re providing, and visibility into how each supplier compares to the other. Giving them access to this information only promotes the need to do better, while allowing you to update your acceptable supplier list (ASL) to ensure that the suppliers you use are providing you with the level of quality and safety that should reflect your organization, in turn nurturing your brand image.

Register here for a webinar on this topic on Tues., May 5, at 2 p.m. Eastern, 11 a.m. Pacific. The webinar will be presented by myself and hosted by Dirk Dusharme of Quality Digest.


About The Author

Benjamin Mack’s picture

Benjamin Mack

Benjamin Mack is the pre-sales engineer at EtQ Inc., in Farmingdale, New York. Mack has been with EtQ for more than seven years and was a member of technical support as well as technical services prior to joining the pre-sales team. He now helps demonstrate and shape the environmental, health and safety product for EtQ, and compliance management software for identifying, mitigating, and preventing high risk events through integration, automation, and collaboration.