Supply Chain Risk Management Services –
Vendor Risk, Procurement Risk & Supply Chain Audit India
A single supplier failure can halt production and create significant financial losses. Supply chain risk management is the structured process of identifying and mitigating risks across your entire supplier and procurement network — before disruption forces the issue.
The Framework
What Is Supply Chain Risk Management?
Supply chain risk management identifies all risks in a company's supplier, procurement, and logistics network. It covers financial risks from supplier defaults, operational risks from delivery failures, compliance risks from vendor non-compliance, and reputational risks from supplier misconduct. All four risk types can materialise simultaneously during a single supply chain disruption event.
N D Savla & Associates provides end-to-end supply chain risk management services. Our work spans vendor risk management services, procurement risk management, and supply chain audits. We also deliver third party risk assessments and disruption risk frameworks. Our practice connects with our Internal Audit, Business Cost Optimization, SOP Implementation, and Risk Control Matrix services — delivering integrated risk and efficiency improvement.
Why Supply Chain Risk Is a Board-Level Concern in India
Indian businesses face a distinct set of supply chain disruption risks. Monsoon disruptions, port congestion at JNPT and Mundra, and GST compliance failures by vendors all create regular pressure. Single-source raw material dependencies add further exposure. SEBI's BRSR framework now requires large listed companies to disclose supply chain sustainability practices — making supply chain risk assessment India a compliance requirement alongside an operational one.
Supply Chain Risk vs Procurement Risk — The Distinction
Procurement risk management focuses on the buying process — vendor selection, contract terms, and purchase controls. Supply chain risk management is broader. It covers the entire network from raw material origin to final customer delivery. Third party risk management India further extends to subcontractors of vendors, logistics providers, warehousing partners, and technology vendors. Our supply chain risk assessment India service maps the full network before assessing risk at each level.
Our Methodology
Four-Phase Supply Chain Risk Assessment India Approach
Our supply chain risk assessment India approach follows a structured four-phase process. Each phase builds on the previous one. Together they give management a complete, actionable picture of supply chain risk exposure — with every finding linked to a specific remediation action.
Supply Chain Mapping and Vendor Categorisation
We map the complete supply chain — all tier-1 and tier-2 suppliers, logistics partners, and critical subcontractors. We categorise vendors by spend, criticality, and replaceability. Single-source dependencies where no alternative vendor exists are flagged immediately as the highest-priority risk items.
We also assess geographic concentration risks. A manufacturer sourcing 70% of a key component from one region faces significant supply chain disruption risk — any disruption to that region can halt the entire production cycle. Our supply chain audit benchmarks geographic diversification against industry best practice from the first engagement week.
Vendor Risk Management Services Assessment — 5 Dimensions
Our vendor risk management services team assesses each critical vendor across five dimensions: financial health (balance sheet strength, credit rating, cash flow), operational capacity (production utilisation and backup facilities), compliance (GST filing status, statutory dues, regulatory licences), quality management (ISO certifications, rejection rates, incident history), and business continuity (documented BCP and alternate sourcing).
We also assess the vendor's own supplier dependencies to identify hidden tier-2 concentration risks. A supplier with a single raw material source passes that risk downstream to the client — and most clients never see it until a disruption occurs.
Procurement Risk Management Review
Our procurement risk management review covers the entire purchase-to-pay cycle. We examine vendor onboarding controls, purchase order authorisation, price benchmarking, and contract terms. We assess advance payment exposure to vendors with weak financials — a common but underestimated risk in Indian procurement practice.
We also review supplier concentration metrics — what percentage of spend flows to the top five vendors. Where procurement process redesign is needed alongside risk remediation, this work integrates with our Business Process Reengineering service for a coordinated engagement.
Supply Chain Disruption Risk Framework and KRI Design
The final phase builds the company's supply chain disruption risk framework. This includes risk heat maps by vendor and category, escalation protocols, and alternate supplier pre-qualification lists. Safety stock policies for critical materials form part of the framework — calibrated to the lead times and reliability of each critical supplier.
We help management define key risk indicators that teams monitor monthly. These KRIs give early warning of emerging supply chain risk before disruption occurs. Our Risk Control Matrix service formalises these controls within the company's broader internal control framework — making supply chain risk monitoring a standing discipline, not a one-time exercise.
The Five Dimensions of Every Vendor Risk Assessment
Deep-Dive Vendor Assessment
Supply Chain Audit — Financial, Operational and Compliance Review
A supply chain audit is a systematic review of a vendor's operations, financial health, and compliance status. It gives the buyer objective evidence of the vendor's actual risk profile — not just what the vendor represents. Our supply chain audit covers three distinct workstreams for every critical vendor.
Financial Health Audit
- Review of audited financial statements for two or three preceding years
- Working capital adequacy, debtor cycles, and debt level assessment
- Check for pending litigation, tax demands, and regulatory orders
- Deteriorating financials often surface suddenly — giving advance warning allows alternate-source development before disruption
Operational and Quality Audit
- Production facility review — verifying stated capacity matches actual capacity
- Quality control process assessment and rejection rate benchmarking
- Inventory management check — vendor holding insufficient safety stock faces its own disruption risk
- The vendor's own supplier relationships — a single-source raw material vendor passes tier-2 risk downstream
Compliance and Reputational Audit
- GST registration and filing status verification
- Factory licences, environmental clearances, and labour law compliance
- For BRSR-covered companies — ESG practice assessment of critical vendors
- Connects with our Anti-Bribery and Corruption Risk Assessment for vendors where corruption risk is elevated
A vendor with deteriorating financials may continue to meet commitments short-term — then fail suddenly. This pattern is the most dangerous in supply chain risk because it gives no immediate warning signal. Our vendor risk management services identify deteriorating financial trends early, giving clients time to develop alternate sources or restructure advance payment exposure before the vendor's situation becomes acute.
Beyond Direct Vendors
Third Party Risk Management India — Logistics, IT and Service Providers
Third party risk management India extends supply chain risk management beyond direct vendors. It covers all external parties whose failure could harm the company — subcontractors, logistics providers, IT vendors, and outsourced service providers. Most companies formally assess only their direct product suppliers — leaving the rest of the network unreviewed.
🚛 Logistics and Warehousing Partner Risk
Logistics providers and warehousing partners are critical single points of failure in many supply chains. Yet most companies conduct no formal third party risk management India assessment of these partners. A 3PL provider that loses licences, faces a labour strike, or suffers a warehouse fire creates immediate disruption — and the client's supply chain bears the full impact.
Our programme includes an annual risk assessment of all logistics partners above a spend or criticality threshold. We also assess contractual protection — performance guarantees, force majeure limits, and liability provisions. Weak contractual protection for logistics partners is one of the most common gaps found during supply chain audit engagements.
💻 IT and Technology Vendor Risk
Companies using vendor-managed ERP, warehouse management systems, or procurement platforms carry significant technology vendor risk. A technology vendor outage can freeze procurement and logistics operations entirely. Data security risks from technology vendors now also attract regulatory scrutiny — India's Digital Personal Data Protection Act creates specific obligations for buyers.
Our third party risk management India service assesses technology vendor contracts — reviewing data protection obligations, uptime guarantees, and exit provisions. This work connects with our Corporate Governance advisory where technology risk governance is part of the board's risk oversight mandate. The Risk Control Matrix then captures every vendor risk control for ongoing monitoring.
Sector-Specific Focus
Industries We Serve — Key Supply Chain Risks by Sector
Each industry faces distinct supply chain disruption risks requiring sector-specific assessment approaches. The table below maps each sector to its primary risk and the management focus our supply chain risk assessment India programme applies.
| Industry | Key Supply Chain Risk | Primary Risk Management Focus |
|---|---|---|
| Manufacturing | Single-source raw materials, tier-2 vendor failure, geographic concentration | Vendor diversification, safety stock policy, tier-2 mapping |
| Pharmaceuticals | API sourcing concentration, vendor regulatory compliance, import dependency | Vendor qualification audits, compliance monitoring, alternate API source development |
| Retail and FMCG | Seasonal demand spikes, cold chain logistics failure, last-mile disruption | Logistics partner risk assessment, demand forecasting controls, cold chain audit |
| Construction and EPC | Material price volatility, subcontractor default, advance payment exposure | Procurement risk management, advance payment controls, subcontractor financial monitoring |
| IT and Technology | Third party software vendor risk, data security, SaaS platform dependency | Third party risk management India, contract review, exit provision assessment |
| Healthcare and Hospitals | Medical device and drug supply disruptions, critical consumable stock-outs | Supply chain audit of critical suppliers, safety stock policy, alternate vendor pre-qualification |
Our Services
Our Supply Chain Risk Management Services at N D Savla & Associates
We provide complete supply chain risk management services for manufacturing, trading, and service companies across India — delivering vendor risk assessments, procurement risk reviews, supply chain audits, third party risk assessments, and disruption risk frameworks in integrated engagements.
Supply Chain Mapping, Vendor Categorisation and Risk Heat Map
Vendor Risk Management Services — Five-Dimension Assessment and Supply Chain Audit
Procurement Risk Management Review and Third Party Risk Assessment
Disruption Risk Framework, KRI Design and Control Formalisation
Complete Supply Chain Risk Management Services — Vendor Risk, Procurement Audit and Disruption Risk Framework.
Supply chain mapping · Vendor risk assessment (5 dimensions) · Supply chain audit · Procurement risk management · Third party risk management India · Disruption risk framework · KRI design · Risk Control Matrix integration
+91 98190 00511 | +91 91670 58000 | +91 98190 00445 | nainitsavla@savlagroup.in
Contact UsF.A.Q.
Supply chain risk management identifies, assesses, and mitigates risks across a company’s supplier and procurement network. In India, MSME vendor failures, GST compliance gaps, and monsoon disruptions all create regular supply chain disruption risks. Port congestion adds further exposure for import-dependent businesses. Companies with structured supply chain risk assessment India programmes suffer shorter disruptions and recover faster than those without one.
A supply chain audit is a systematic review of a vendor’s financial health, operational capacity, quality controls, and compliance status. Our supply chain audit covers financial statement analysis, production capacity verification, and GST compliance. We also assess the vendor’s own supplier dependencies to identify embedded tier-2 risks. This gives the buyer objective evidence of the vendor’s actual risk profile.
Vendor risk management services assess the health and reliability of individual suppliers. Procurement risk management covers the internal buying process — purchase controls, contract terms, concentration limits, and advance payment exposure. Both are components of a complete supply chain risk management programme. Our supply chain risk assessment India service covers both in an integrated engagement.
Supply chain risk management feeds directly into the internal audit plan. Vendor risk assessments identify which suppliers warrant a deeper audit. Procurement risk management findings generate audit observations on purchase controls. Additionally, our Risk Control Matrix captures supply chain controls that internal audit tests annually. Findings translate directly into management action plans.
Third party risk management India extends beyond direct vendors to all external parties whose failure could harm the business. This includes subcontractors, logistics providers, IT vendors, and outsourced service providers. Furthermore, listed companies under the BRSR framework must disclose supply chain sustainability practices. This makes third party risk management India a compliance requirement as well as an operational one.
A supply chain risk assessment India engagement typically takes four to eight weeks. This covers a medium-sized company with 50 to 100 active vendors. Larger programmes covering 200 or more vendors may take three to four months. The timeline depends on vendor count, data availability, and whether on-site supply chain audit visits are required. Our team provides a detailed scope before every engagement.
Supply chain risk management and business cost optimization are closely linked. Vendor risk assessments often reveal over-reliance on high-cost sole-source vendors where competitive alternatives exist. Procurement risk management reviews identify advance payment practices that can be restructured to improve working capital. Additionally, supply chain disruption risk reduction lowers the hidden costs of emergency procurement and production stoppages.
