GESTIÓN DE RIESGOS EN LOS PROCESOS DE COMPRAS DE GASTOS INDIRECTOS

Abstract

Risk management in procurement processes is not a new concept, but it was from the late 1970s when the large supply chains were developed and, as a consequence, risk management were developed to avoid supply failures. As Indirect procurement is not so critical, for now there has been no need to manage its risks. But it can be very interesting to develop and implement strategies to manage an organization’s spending portfolio in a way that contributes to the organization’s overall goals and to maximize the value released and/or minimize the total cost of ownership ISO 31000 is a family of standards for risk management, published by the International Standard Organization on 13th November 2009. One of the characteristics is that it is not a certifiable standard; it just intends to provide a high-level set of principles and to be a guideline document for organizations of all sizes and types. A practical example has been carried out with the risk management of the information security in a call center. On one hand a local provider in the offices of the organization has been evaluated; on the other hand, a supplier located in a foreign place has been evaluated. Both results have been compared.