By: Hank Hagedoorn

Published: June, 2021


supply chain risk management

Reducing Vulnerability and Ensuring Continuity

Following the release of Verify’s exciting new Supply Chain Risk Management (SCRM) tool to market, I wanted to talk with our company president, Alan McIntosh, about how we at Verify are laser-focused on emphasizing the criticality of Supply Chain Risk Management through the integration of our solution-set and delivering on Supplier Performance Management (SPM).

Verify’s new web-based tool is a multi-attribute risk assessment solution that provides objective granular visibility throughout the tiers of any complex supply chain and allows strategic global imaging. Configurable to the needs of customers, all our tools are built on decades of assessing and managing risk throughout the global supply chain.

I sat down with Alan McIntosh to understand why our emphasis on SCRM was not only timely but in line with our messaging since day one.

HANK: “What is the core reason for SCRM in today’s supply chains?”

ALAN: The core reason or reasons for managing supply chain risk have not changed. It is still all about reducing vulnerability and ensuring continuity. What has changed though, as a result of the global pandemic, is the increase in public awareness and the clear visibility of the impact when supply chains go wrong. Whether it’s a shortage in grocery stores or construction materials or chips in cars, the public can see clear vulnerability and a lack of continuity. Also – President Biden’s recent Executive Order on America’s Supply Chains has brought a direct correlation between the global supply chain and economic prosperity and national security (not that that has not always been the case).

In short – Supply Chain Risk Management is finally getting the airtime it always should have received

HANK: “What is the connection between SCRM and Supplier Performance Management?”

ALAN: They’re both parts of the same picture. Both are part of the objective to reduce vulnerability and ensure continuity. The best way to think of it is that SCRM is the established strategy and SPM provides the tools and methodologies to execute on the strategy.

I think the diagram on our website does a good job illustrating that connection. In basic terms, each phase of the SPM lifecycle contributes in varying degrees to managing risk. So whether we’re assessing, auditing, inspecting, or recovering supplier performance, we’re contributing to risk management.

HANK: “So what are the key SPM operational elements that a customer must get right?”

ALAN: As in most things in life we need to have a plan, we need to build a strong foundation, and we need to be able to have visibility and promptly respond when things go wrong. In supply chain terms that means, do we have a validated design and plan? Have we assessed capacity and capability – i.e. is the supplier qualified? Has the product been qualified before we make a million of them? And finally, do we have the ability to continually monitor (or surveil) supplier performance?

Just an interesting aside, Verify was originally known as “Vendor Surveillance Corporation” from 1976, and back then performing surveillance was just as important as it is today, but our tools have become much more sophisticated – but there again so has the global supply chain!

For that reason, Verify has invested significantly over the last several years. We needed to have effective online tools to manage information on behalf of our customers and suppliers. You really don’t want a bunch of disconnected spreadsheets or a collection of unsubstantiated reports from suppliers. You want a one-stop-shop that assesses supplier risk (and then identifies and manages when action is needed). Ideally, your tool will also detect or even predict where risk is likely to occur – maybe even prevent toilet paper or microchip shortages!

And the customer is either going to take care of it themselves in partnership with the supply chain or with a company like Verify that can act as a collaborative go-between, driving customer satisfaction and supplier advocacy at the same time

We believe that the latter option is the best because Verify can then have a seat in both camps, which we already do in most cases. Our unique position in the supply chain provides for objective evaluation of challenges between supplier and customer.

HANK: Where have our customers found the ROI on implementing a robust SCRM program?

ALAN: It really should be an easy sell. Let us think about some of the risks that customers face in the supply chain and let’s start with a simple example: non-conforming product from a certified supplier. That is, non-conforming product getting into the next stage of assembly and/or original equipment. Best case we could see delays and additional costs, the worst case we could see some form of a catastrophic event. We could see the loss of product, loss of life. We could see a company going under with the legal strain of responding to that crisis. We could see jail time and huge fines. So the investment of managing risk is a minimal investment to make to ensure you are not going to face those penalties, or at least minimize the impact because you had a plan, you did your diligence, you set the foundation correctly, and you continuously monitored performance.

So the basic ROI is preventing that enormous penalty for failure.

Of course, it’s not just product failures, it could be a compliance-related failure when you think of cyber or information security, for example.

Again, let’s say a supplier doesn’t have the necessary controls in place and classified information is not controlled sufficiently and a bad actor gets hold of that information. The product that the supplier is supposed to make maybe 100 percent conforming and be delivered on time at the right price, but all of a sudden the customer and supplier are facing huge risk and penalties because classified information is now in the hands of a potential foreign adversary – simply because of the lack of basic investment in managing risk.

Having that investment made early can make all the difference to preventing those types of horror stories and devastating publicity.

HANK: So do you feel there is a lack of awareness at both the customer and supplier on where the risks may be – and what is Verify doing to correct that?

ALAN: A lot of the suppliers at the lower tiers may not even realize what they are signing, or the type of obligations that are being flowed down that each party has to adhere to. For the supplier, it may be more about getting the contract and for the customer, it may be all about getting the lowest price.

Making the investment in managing risk is key.

That’s one of the exciting things that’s happening at Verify, we are clearly looking at what we do in terms of managing risk and what tools we bring to market to facilitate that type of program.

I like to think that we’re on a kind of crusade here to get that risk message out there. That you’re not doing these things to simply get a check in the box, but you’re doing it to protect your company, to protect your industry, and to protect your country.

Our prior message on SPM (Supplier Performance Management) was really the same. Get the right things done upfront to minimize or mitigate quality or delivery failures at a later date. Now the risk message is broader and is resonating at high levels across the industry, in boardrooms, at primes and subprimes, and of course now at the highest political levels.

HANK: So with this re-emphasis on Supply Chain Risk Management what are some of the more critical challenges

ALAN: Finding the right place to start or the right initial focus.

We are dealing with Primes and subprimes that have supply chains with thousands and thousands of suppliers. To be sure, these companies have been completing supplier scorecards for years, conducting capability assessments, etc., but the focus can be scattered.

Multi-tier, multi-attribute supply chain mapping is the path forward. Starting with simple due diligence or registration. You might have several hundred machine shops in your chain and collecting the meta-data upfront can help you determine which of those are critical, which are at risk.

This simple registration in one location for your stakeholders is very powerful.

From there you can start to develop risk assessments that land on those attributes that are most important. Our new online SCRM solution does just that and more, from registration to comprehensive risk assessments validated with boots on the ground. Our assessments not only tell the story about the overall health of your supplier but also provides prescriptive measures that develop a supplier and improve their performance and rating score. We also provide the means to strategically view your supply chain globally and drill down to each supplier to make decisions that will ultimately ensure that risk is eliminated and quality product is delivered on time.

For more information on Supply Chain Risk Management and our SCRM solutions, please our WEBSITE


Verify, Inc. is a global Supply Chain Risk Management (SCRM) company. specializing in Aerospace and Defense (A&D) and other quality critical and supply-chain centric industries.

Alan McIntosh is President and COO for Verify, Inc.

Hank Hagedoorn is Director, Business Development & Marketing for Verify, Inc.