Advanced Diploma in

Purchasing and Supply

Risk Management and
Supply Chain Vulnerability

LEVEL 5

L5-02

Senior Assessors Report

Series
January 2012

INFORMATION FOR CANDIDATES

The senior assessors report is written in order to provide candidates with feedback
relating to the examination. It is designed as a tool for candidates - both those who
have sat the examination and those who wish to use as part of their revision for
future examinations.
Candidates are advised to refer to the Examination Techniques Guide (see the
following link: http://www.cips.org/en-GB/Qualifications/study-support/ ) as well as
this senior assessors report.
The senior assessors report aims to provide the following information:
An indication of how to approach the examination question
An indication of the points the answer should include
An indication of candidate performance for the examination question

Each question has a syllabus reference which highlights the learning objectives of the
syllabus unit content that the question is testing. The unit content guides are
available to download at the following link:
http://www.cips.org/Qualifications/About-CIPS-Qualifications/cipsqualifications/
ADDITIONAL SOURCES OF INFORMATION
The Supply Management magazine is a useful source of information and candidates
are advised to include it in their reading during their study. Please see the following
link to the Supply Management website: http://www.supplymanagement.com/

SECTION A
Candidates were required to answer TWO mandatory Section A questions related
specifically to the case study.
Question 1
This was a two part mandatory question - part a) being worth 13 marks and part b)
being worth 12 marks).

Q1a) Evaluate Flaires situation and the influences of the development of a new
CSR policy for managing risk and vulnerability.
(13 marks)
Analysis of the Question
The mandatory question sought to test candidate ability test candidate ability to
analyse a serious reputational issue, determine a pragmatic way forward and identify
the steps or measures an organisation could take to ensure the development of a fit
for purpose CSR policy which once developed is complied with by all its key suppliers
thereby reducing risk and vulnerability.
Analysis of the Answer
Candidates were expected to recognise the urgent Public Relations need for Flaire
to demonstrate that despite the Rascale incident it still very much aligns with the
principles of the Ethical Trading Initiative. To be able to demonstrate this Flaire
needs to adopt a course of action that shows it is not abandoning the rights of the
Eastern European workers who have had their rights violated. This likely means
embracing option 2 but with a focus on continuous improvement of the element of
its supply chain that is problematic. This would be more likely to restore confidence
in the company as a responsible organisation and crucially restore share price.
Revisiting or developing a new CSR policy is indicated with a focus on the manner in
which its potential or existing supply chain approaches worker rights. Possible steps
or measures might include: contractual obligations on suppliers to adopt
complementary polices and practices which align the Ethical Trading Initiative (ETI);
development of Key Performance Indicators for suppliers and possible penalties
and / or incentives for compliance / non compliance; auditing / Spot-checks on
practices being followed; regular employee surveys; PR considerations for suppliers
and sub-contractors; development of an ethical code of practice to be observed by
all members of Flaires supply chain; renegotiation of existing supplier
arrangements to ensure compliance.

Exam Question Summary

This mandatory question was reasonably well answered by candidates with most
managing to achieve a pass. Candidates seemed to give competent answers in the
form of an evaluation as called for in the question. Most answers recognised the
Public Relations need for Flaire to demonstrate it is committed to the Ethical Trading
Initiative. Similarly most answers latched onto option 2 and made a case for Flaire to
develop a new CSR policy. More marks would have been achieved had some
candidates talked about control measures to offer customers reassurance that the
required ethical standards are being met. Additionally, some candidates didnt bring
out the high cost to the company (e.g. bankruptcy, loss of shareholder value,
criminal and or civil prosecutions, loss of credit rating and of course loss of
reputation and confidence in the company). There were instances where some
candidate answers were very generic with limited linkage to the case study.

Q1b) Outline the content of a new CSR policy for Flaire to mitigate
supply chain risk in the future.
(12 marks)

Analysis of the Question

The mandatory question sought to test candidate depth of knowledge and
understanding of key CSR policy content to mitigate supply chain risk in the future.
Analysis of the Answer
Candidates were expected to bring out in their answers that Flaire should spend
time and effort up front pre-qualifying prospective fashion tailor suppliers from a
CSR perspective ensuring that all their sub contract supply chain embraces the
principles and ethos of the Ethical Trading Initiative. Other considerations for a CSR
policy content might include: Supplier receptiveness to ethical contractual
obligations & KPIs; Supplier organisational capability and capacity without excess
subcontracting; Openness and transparency regarding sub contract working
practices; Quality control & assurance capability; Health, safety & environmental
procedures; Management systems in place; Track record / past experience;
Commitment to continuous improvement and long term contract relationship.
Exam Question Summary
This mandatory question was reasonably well answered by candidates with most
managing to achieve a normal pass. Most candidates listed steps or measures that
could be taken - which gained marks to enable a pass but the majority of answers
failed to expand on bullet points. Stronger answers brought out the need to select
suppliers who build ethical procurement practices into every day work supporting
ethical trade and good working conditions. Supplier relationships should be open
and honest if problems arise that way reputational damage such as in the case of

the rogue tailor can be minimised. Recognition of cultural differences was

mentioned by some candidates.
Question 2

Q2)

Propose TWO suitable monitoring and control techniques that could

be used by Flaire to test supplier risk on an on-going basis to avoid a
recurrence of the Rascale Limited incident.
(25 marks)

Analysis of the Question

This mandatory question sought to test candidate depth of knowledge of monitoring
and control techniques that could be used in the context of the Flaire/Rascale
Limited case study to test risk on an ongoing basis.
Analysis of the Answer
Candidates were expected to select TWO from a broad choice of monitoring
techniques such as: Internal audits, Cross functional pre reviews, Quality inspection
and control / Quality systems / TQM (Total Quality Management), Benchmarking,
Competitor intelligence, Management consultant reviews, Use of external
experts/forensic style auditors. Irrespective of choice what was indicated was a
discussion around their application for effective risk management to maximise
avoidance of a recurrence of the Rascale event which severely damaged the
organisation reputation and share price. Following a monitoring process which
identifies and evaluates potential risks will help Flaire implement mitigation
strategies to manage supplier risks to a tolerable level and therefore meet
stakeholder expectations by achieving its strategies, objectives, targets and goals.
The chosen monitoring techniques will require commitment and leadership from the
top down and should accept that the real cost is not in providing assurance but in
the costs endured by breaches, failures, waste, inefficiency and adverse impact.
Exam Question Summary
Answers to this mandatory question varied in quality. Although many scored well,
others could have achieved more marks had they not veered off at a tangent and
talked about risk generally not supplier risk. Most candidates selected Internal audits
and Quality inspection and control as their techniques. Simple monitoring, control
and continual improvement techniques are deployed by cross functional teams to
help eliminate risk from the supply chain (in the case of Flaire - a complex
international network of tier 1 suppliers and very likely sub-contractors which may or
may not be transparent). The entire supply chain should be committed to the same
ideal of ethical working practices and quality output. Stronger candidate answers
expanded on this, giving examples.

SECTION B
Candidates were required to answer TWO from a choice of FOUR optional Section B
questions of a more general nature across the L5-02 Risk Management & Supply
Chain Vulnerability syllabus.
Question 3

Q3)

Discuss THREE alternative risk identification and analysis techniques that

could be used to aid decision quality.
(25 marks)

Analysis of the Question

This optional single (25 mark) question sought to test candidate knowledge,
understanding of different qualitative and / or quantitative risk identification and
analysis techniques to ensure better decision quality in reviewing alternatives for a
superior outcome in either an operational or project requirement.
Analysis of the Answer
Candidates were expected to focus their discussion around three alternative
techniques from a broad range such as: Risk identification, Identification
frameworks, Ishikawa cause & effect (or fishbone) diagram, IRM Risk management,
Scenario analysis, Auditing, Risk assessment workshops, Business process studies,
Brainstorming/Questionnaire, Delphi analysis, Decision trees, Dependency
modelling, SWOT analysis, Event tree analysis, Business continuity planning, PESTLE
analysis. What was indicated here was a comprehensive articulation of their use in
identifying and analysing risk to aid decision quality. It was permissible for answers
to take the form of a combination of diagrams and/or text).
Exam Question Summary
This was a popular optional question amongst candidates however the answers
varied in quality. Although 3 techniques were identified and briefly described by
most candidates there was a common weakness in not expanding to talk about their
use in analysing risk to aid decision quality. Most candidates chose to talk about
Decision trees, SWOT analysis, PESTLE analysis.
More marks were achieved by candidates that brought out that early up front effort
through the deployment of sound risk identification and analysis techniques greatly
enhance decision quality and ultimately increase the chance of a superior outcome
whether that be in a project or operational requirement.

Question 4

Q4)

Assess FIVE risks involved with using technology in an

organisational supply chain setting of your choice.
(25 marks)

Analysis of the Question

This optional single (25 mark) question sought to test candidate knowledge, test
candidate knowledge, understanding and ability to expand on technological
applications in the supply chain setting and to articulate where there might be risks
associated with the use of such technology.
Analysis of the Answer
What was indicated here was answers which articulated five examples of risk and
areas of vulnerability that are involved in using technology and then building on that
with a discussion of risks areas such as: Fraud, Hackers, Security, Reliance on
Technology, Storage of vital documents and materials etc.
The embedding of technology represents a large investment for many organisations
both in terms of initial implementation and subsequent maintenance. Organisations
quickly become reliant on such technology and the related running and maintenance
costs can be significant. Once embedded, most organisations quickly develop an over
reliance on information technology associated with supply chain management. It
shouldnt be underestimated the cost exposure with such technology and as such
this is a risk. A further risk is around technology security matters and issues. The risk
posed by computer hackers and related disruption to systems and capability to
functions such as procurement is high in most industries. The risk of fraud associated
with procurement / business technology is also high. Most organisations have the
risk associated with storing vital data and documents etc.
Exam Question Summary
This was an unpopular optional question which was not answered by a large
proportion of candidates. Those that did answer it achieved marginal scores. More
marks were achieved by candidates who expanded their discussion to talk about
safeguards and contingency planning considerations if things go wrong with
technology.

Question 5

Q5)

Explain, using examples, how you would evaluate the probability

of a supply chain risk occurring and possible consequences.
(25 marks)

Analysis of the Question

This optional question sought to test candidate ability to explain or evaluate the
probability of a risk occurring in particular circumstances, the possible consequences
and the potential range of mitigating actions and prioritisation.
Analysis of the Answer
What was indicated here was answers which included a discussion around a process
of risk management - capturing: identification of potential significant risks / hazards;
determination of the consequence of each risk / hazard (including who might be
affected); determination of the likelihood of each risk / hazard; assessing the overall
risk; removing the overall risk; re-assessing the overall risk. Numerous tools exist to
help with risk assessment and answers may incorporate a diagrammatic illustration
although this is not essential.
Exam Question Summary
This was a reasonably popular optional question amongst candidates. The quality of
answers varied. Some strong answers were evident, however many answers didnt
include a full summary of a typical risk management process as indicated above.
More marks were achieved by candidates who expanded their discussion to talk
about prioritisation of risks and courses of action to mitigate the risks and continue
to monitor etc
Question 6

Q6)

Critically analyse insurance as a mechanism to mitigate the

effects of supply chain risks and vulnerability.
(25 marks)

Analysis of the Question

This optional question sough to test candidate knowledge, understanding and ability
to critically discuss and analyse insurance as a mechanism or means to protect an
organisation against exposure to risk, vulnerability and uncertainty.

Analysis of the Answer

What was indicated here was answers which articulated why insurance can offer
protection specifically against supply chain related risk and vulnerability but also why
different organisations depending on their attitude to risk can be positive or negative
towards insurance.
Candidate answers should analyse and compare specific risk appetite of
organisations and perceptions of external factors occurring which might be out-with
organisational control in terms of its supply chain. Insurance is a mechanism which
companies can call on to back up risk that they have taken on for example liabilities
and indemnities given to another party under a contractual arrangement across the
supply chain. Without the insurance policy or cover in full force and effect the
indemnities given under the contract could be worthless as the party giving the
indemnity may not have sufficient substance.
Typical Insurances that are in place are: Suppliers/Contractors all risk insurance,
Employers liability insurance, Public liability insurance, Professional indemnity
insurance, Third party risks Insurance, Insurance against damage, Self insurance
and/or captive insurance)
Insurance premiums are increasing as underwriters take a more cautious view of
risks and there comes a point when organisations have to consider whether they
are a sustainable form of protection that they can afford.
Exam Question Summary
This was not such a popular question amongst candidates from this cohort.
The quality of answers from those who did attempt it varied. Some good answers
were evident, however some answers were weak in that they only listed a few types
of insurance with no reflection on whether the risk they might insure against are
within the control of organisations through procedures and controlled working
practices and behaviours etc. If such risks are within an organisations control then
there is a compelling case as to why insurance is necessary as the risks are
controllable. More marks were achieved by candidates who brought this out in their
answers.

APPENDIX
The matrix indicating the learning objectives of the new revised syllabus unit content
for L5-02 that each of the questions in the paper tested is summarised in the
attached appendix table.

10