Today we conclude our discussion of the pocket cube for exact purchasing, focusing on the low risk, but high complexity categories.

High Complexity, Low Risk, Low Impact: Spend Governance

In this situation, which Kraljic would likely also classify as “bottleneck” and Busch as “relationship governance”, Busch is quite close. High complexity, but low risk, is all about governance. It’s not about managing generic market risk, because that’s low, but managing assurance of supply because the complex requirements dictate that there aren’t a lot of suppliers who can supply the product, part, or raw material you require to your exacting specifications.

However, because the category is low impact and disruptions are recoverable, the focus is more on spend management across a potential supply base than supply assurance across a limited supply base. This is a key distinction. You’re not going to waste time going above and beyond in relationship building for something that isn’t critical, no matter how limited the global supply base might be. You’re going to go above and beyond for what is.

Potential categories here would be data centre construction (where there are multiple providers for everything, unless it’s an AI data center and you need Nvidia processors), BPO (for standard back-office functions), and facility management (which is run of the mill).

This brings us to our last category:

High Complexity, Low Risk, High Impact: Relationship Governance

When the complexity and impact are high, but you’re not too concerned about risk, you’re managing the relationship, even though this would likely be “strategic” category for Kraljic and “cost architecture for Busch. You’re making sure that the proven product from the sourced supplier at the pre-negotiated price points flows consistently and reliably. Especially when any disruption at all will be impactful and you know you can’t necessarily replace a source overnight.

Unlike other categories where you are focussed on the end-to-end price points (transaction-centric categories), market signals (market risk categories), and BoMs (cost architecture categories), in this category you are focussed as much on the obligations and SLAs, forecasts and consumptions, associated value-add services, and factors where the suppliers deliver against the complexity that you need.

If you look at Busch’s matrix, you’d think this was just service-categories, and most of them will fall here (because services are often complex and critical to your business, but low risk since you won’t select a risky supplier or one who doesn’t have the personnel ready to be deployed), but it’s also categories where service-augmentation is common. This could be utility categories (where the supplier is both building you a power plant or data centre and managing it for you), line equipment categories (where you need the equipment to power your production lines and suppliers to step in and fix it promptly if it breaks), software categories (where the supplier selects software and installs it for you), or any other category where the product comes with a service (including computer peripherals where the supplier handles all the warranty repair). It’s a bit of a mish-mash, and one of the most difficult to define and manage in the organization as each category that falls here could need to be managed quite differently.

This concludes our initial presentation and discussion of the pocket cube of exact purchasing, and I’m sure Jason will soon have a V2 model to present to you.

Today we continue our discussion of the pocket cube for exact purchasing, focusing on the high risk, but low complexity categories.

Low Complexity, High Risk, Low Impact: Continuous Market Monitoring

In this situation, which Kraljic would likely classify as a “bottleneck” and where Busch would likely say the answer is “relationship monitoring”, market risk starts to take central focus. But the answer isn’t really relationship governance, because you don’t govern a relationship for an easily replaceable item (low complexity) that has limited organizational impact, you quickly replace it. You do that by continuously scanning for market risks, and taking action right away when one is detected.

It’s very similar to what you would monitor for in a low complexity, low risk, high impact item, but instead of just monitoring the cost and the supply chain, you’re also monitoring the supply base for potential risks in the suppliers, carriers, and routes that you are using. And you are monitoring relevant index prices & future curves, oil prices and other indicators of local fuel costs, tariff announcements (and threats), currency movements, current promotions, and other related signals.

Common categories here will be less critical metals, energy, and food commodities. Most metals can be relatively easy replaced, especially if a moderate cost increase isn’t that detrimental; there are usually alternate energy / grid sources (and you can always build your own plant) that you can contract, for a bit more; and unless it’s a food commodity in limited supply globally where there is no substitute (like coffee), it’s just paying more. What falls here versus in the low complexity, low risk, high impact bucket will often be industry, and even company, dependent.

Based on this, if a disruption occurs, you rapidly re-act and re-source to other pre-approved suppliers and carriers in your extended network.

Low Complexity, High Risk, High Impact: Market Risk Management

In this situation, which would likely be “strategic” under Kraljic and “cost architecture” under Busch, you graduate from continuous market monitoring to full-blown market risk management. Market monitoring and rapid reaction is not enough, because you can’t afford any potentially preventable disruptions in a high-impact category. In this situation, you’re monitoring everything you would for a low impact category, plus any ancillary data that could impact the category — such as weather for critical deliveries that need to be made on time, geopolitical signals that could indicate (escalating) conflicts or trade barriers, correlated material or commodities that often serve as indicators of forthcoming pricing changes, and any other signals that could indicate a future impactful event.

It also means that you’re pre-defining potential mitigation plans that will allow you to re-source very quickly if something happens. You’re not doing full-blown supply chain / cost architecture design because the category is not complex, and there should be lots of potential suppliers, but you are doing full blown risk-centric monitoring because you can’t risk unnecessary impacts to your business. And you’re defining what mitigating actions you can take so that you can immediately execute on one or more of them should you detect a disruption signal. This might be shifting current supply/orders 100% to the minority supplier, re-sourcing against a pre-approved supply base, sourcing a substitute item, etc.

Common categories here will be critical metals like meteoric iron, low background steel, tool steel, and ultrahigh carbon steel; rare earths which are only mined in a few countries; and critical food commodities with limited production sites (like that all important coffee bean).

Tomorrow we will conclude our discussion of the pocket cube of exact purchasing for our last two categories.

Today we continue our series on why Exact Purchasing is a Pocket Cube, continuing with the other two categories that are easier to effectively define.

High Complexity, High Risk, High Impact: Supply Chain Architecture

The classic “strategic” category in the Kraljic Matrix and the “cost architecture” category in the Busch Matrix, this is the toughest category to manage. It’s a category that needs to be architected, but not just from a cost perspective. The entire supply chain needs to be architected from the ground up!

Bills of material, substitution, and cost-to-serve is only the start. That’s how you deal with the high impact nature of the category. But that doesn’t deal wit the high complexity or high risk. The complexity management starts by monitoring the design stage data and understanding not only the potential material trade offs (which allows different raw materials from different regions to be used), but engineering trade offs (which allows different machining options and factories to be used), and even distribution tradeoffs (cold vs frozen, liquid vs solid, hazardous vs. not) to be considered and taken into account. And then there is the risk factor — optimizing cost vs complexity doesn’t deal with risk.

Risk in a high complexity, high impact category is the worst kind of risk you can have. Any disruption can be catastrophic. Even a little hiccup can be financially devastating.

Moreover, just monitoring for risk events isn’t enough — by the time you detect a risk event, it’s too late to do anything if you haven’t prepared for it already. You need to pre-design your supply chain in advance to absorb the risk event, because you won’t truly recover otherwise — no after-the-fact mitigation will ever be enough. You need to design your supply chain not only multi-source, but multi-regional so no single geopolitical, unrest, or (natural) disaster event can completely cut of supply, even for a limited time. You need to hedge bets in your carriers as well as your suppliers and raw materials. Your supply chain has to be designed from the ground up to adapt to any and every disruption imaginable that is likely to happen over a 5 year period.

You’re architecting your supply chain from a cost-effective managed-complexity supply assurance perspective — it’s a triple balance and overlooking any one aspect can result in serious disruption and loss.

Common categories are critical engine parts, ready-to-eat food products, key chemicals for your pharmaceuticals and health care products, and other processed chemicals and materials that make up your critical product lines. These are bill of material products that form the foundations of your primary product lines and can take your business down with them.

High Complexity, High Risk, Low Impact: Cost-First Architecture

In this situation you have a category which has all the complexity and risk of our last category, but the impact from even a worst case scenario will be manageable due to low impact. It’s the classic “bottleneck” category in the Krajic matrix and “relationship governance” in the Busch matrix. But neither is quite right. It can be a bottleneck if not replaced at some point, and relationship management might be key because the complexity limits the supply base, and this makes it a supply chain architecture category. Except, because it’s not a critical supply chain category and the organization can only design and monitor so many critical supply chain infrastructures at once (and this is one place where AI is of limited help … humans have to consider more factors than AI ever could due to lack of data), this is where the modelling focusses on the cost- and design-based aspects of the category and runs the model in real-time (on near real-time data) on every (re)sourcing event. If a disruption occurs, the model is spun back up, all current and projected data plugged in, alternate suppliers and carriers contacted to (re)confirm (product and route) availability and prices, and set up an autonomous sourcing event off of those pre-approved suppliers, carriers, and routes and re-secure supply at the best possible price as soon as possible.

This is where Busch’s model is mostly accurate. Fully up-to-date BoM, current material and ingredient options being tracked in real time, allowable substitutions from preferred materials and ingredients, typical cost-to-serve model, and relevant design stage data is a start — but it’s not mostly internal data — it’s internal data and external market price data, product availability data, and event monitoring data that could impact the decision you plan to make (and avoid options that might be as risky as the option you have now so that you get the lowest cost in a manner that assures supply at least in the short term.

It’s cost first, but not cost only. This is where Busch’s categories of packaging (when it has to be customized for the product), private label food (where you’re slightly altering and relabelling someone else’s TV, or is that Youtube, diner), contingent labour for sophisticated utility/commissioning projects, print and marketing (for traditional paper campaigns), and NPD.

In our next two installments we will move onto the more involved categories were complexity doesn’t match risk, where we end up with multiple categories being grouped into one in the Kraljic matrix (because high complexity or high risk means high on the blended dimensions), and we can’t source primarily based on impact (which is supposedly the big differentiator in the matrix model).

Today we continue our series on why Exact Purchasing is a Pocket Cube, starting with two of the easier categories to effectively define.

Low Complexity, Low Risk, Low Impact: Transaction Capture

The classic “non-critical” category in the Kraljic Matrix and the “transaction capture” category in the Busch Matrix, this category can be managed simply by capturing the transactions, ensuring they match the spend intent, and occasionally checking the market price. It’s simply checking the purchase against the plan.

As per Busch, the way to manage this category is to:

• check every PO & invoice line against the contracted price
• every shipping and handling charge against the current carrier rates
• every delivery receipt against the order amount

It’s simply a matter of paying what you contract for and contracting at market price.

Great examples are Busch’s examples of MRO, office products, and commodity IT hardware. You’re just buying the lowest cost you can and making sure you pinch every penny and don’t allow your suppliers to purloin any of those pennies you negotiated.

This is a perfect category for (deterministic) autonomous sourcing. Once you verify the suppliers (which can also be automated if you are integrated into government, compliance, carbon, and legal registries), verify their account info (which can also be automated if you are integrated with the right financial entity verification systems), and verify the products, you can auto-source with tail spend auctions and / or RFQs, auto contract with integrated e-signature, auto-order based on projected utilization, and auto-pay on receipt. After all, if it’s low impact, there’s no real risk of a supplier going out of business or their supply becoming unavailable — you can just find another source. And if you have to pay a bit more, no big deal.

Low Complexity, Low Risk, High Impact: Continual Transaction Monitoring

Now, things get a bit more complicated when it’s low complexity, low risk, but high impact. According to Kraljic, it’s a “leverage” item and according to Busch, it’s a “market risk”. But it’s not market risk. The market risk is low. The risk is the degree of impact of sudden unavailability that could cause a price surge, the missed opportunity if prices plunge and you aren’t able to capitalize on the opportunity, or big delays in delivery that cause temporary stock-outs and missed sales opportunities.

But there’s no complexity to the category, and always another supplier, so it’s still a transaction focussed category. Except it’s not just capture, it’s continuous monitoring of your supply chain AND your potential supply chain. It’s not just the PO price, the invoice price, and the receipt — but also the ASN and the PO ACK and the degree of conformance. Lack of PO Ack could mean a lack of a sophistication, lack of ASN can mean a missed shipment, and “errors”, particularly billed amounts (well) over contracts can signal financial jeopardy — all of which can mean that shipment ain’t coming on time, if at all!

But full end-to-end transaction monitoring on its own is not enough! You need market monitoring as well, because, if you detect an issue, you will have to find a new (temporary) source of supply quickly and/or expedite the current one. More importantly, if you’re contract is coming to an end soon or your strategy is spot-buy every six months on a winner-take-all RFQ or e-auction, and a sudden influx of supply in the market creates a significant drop in price that you might not see again for years, you have to rapidly react to take advantage of the opportunity. It’s just good procurement.

This is where you might include Jason’s energy category, even though that could be a market risk, but would more likely include critical commodity categories (like RAM, that skyrockets after every decennial RAM plant fire), MRO categories like fertilizer (that spike with every strait closure), or cellular (internet) plans (where every change in regulation or new entrant causes a shift in prices).

In other words, you need to be monitoring the information supply chain and the corresponding market information chain 24/7 and logging not only delays and discrepancies between expectations but also discrepancies between your supply chain and the market — if prices or delivery times go down, quality increases, anything that would benefit you, you need to be aware and take advantage of that situation as soon as you can — but if the opposite happens, you need to take steps to ensure your continued relationship with suppliers who charge you less, delivery higher quality, and do so faster than your peers.

Last month we told you that Jason was right when he said that we need exact purchasing, but as we clearly stated then, and stated now, it’s NOT a new matrix. Especially when the original Kraljic matrix didn’t really fix anything in the first place (as it just gave us a methodology to start thinking about Procurement methodically so that we could start on a journey to actually fixing Procurement).

However, any methodology that wants to fix Procurement can’t just try to reinvent the Kraljic Matrix, even if it takes a data, vs process, centric approach. (Although the correct answer will involve both data and process.)

There’s two reasons for this.

First, any answer must take into account people, process, and data. (It’s not tech, tech is just that which implements the process on the right data with the support of people, who at least need to define the process the tech will employ if automation is being deployed.)

Second, any answer must properly take into account the complexity, market risk, and category impact. The only way this can be done is if EACH dimension is analyzed separately — not bundled together in some arbitrary mish-mash of factors that tries to pretend two (or more) dimensions are more-or-less the same.

In traditional Kraljic, you balanced profit vs a risk-complexity mish-mash. It sounded good, except risk and complexity are NOT the same thing. Risk is external (market) risk that you can try to mitigate, but that you have no control over. Category and product complexity is completely under your control — you control the design, the raw material mix, the production process, etc. You can choose to make the product simpler or more complex, use better or worse materials (as long as they meet minimum/maximum industry and government safety and compliance requirements), or less (or more) intensive production processes. Your choice.

In the proposed Busch model, you replace impact with influence and map that against a risk-complexity mish-mash, and then you use this mapping to translate Kraljic’s definition of what a category is into an actual data-backed strategy to purchase it. It’s progress, but not the answer.

The answer, as per our last post, is the pocket cube, where you break out risk and complexity into their own dimensions and deal with the categories accordingly. Especially when there is a mis-match between the risk and complexity ratings.

It’s easy when the risk and complexity match in severity, and Jason is dead on when the risk, complexity, and category impact (not cost, or profit, but criticality) are low and when the risk, complexity, and category impact (again, not cost, or profit, but criticality) are high. In the first case, it’s transaction focussed (but not necessarily continuous real-time transaction monitoring) and in the latter case it’s fundamentally a cost-based architecture, but more complex than Jason presents.

Where it gets tricky is the grey areas when there is a mismatch in two of the categories and, more specifically, when risk and complexity are diametrically opposite. But we’ll get to that in a later post. Starting tomorrow, we’ll take the first two of the four easy categories.