Supplier Compliance

Overview of Supplier Compliance

Ensuring supplier compliance goes beyond your organizations internal processes. With the multitude of business processes being outsourced to third parties and various other goods/services being acquired, companies have to pay close attention to ensure their third parties are compliant with your companies polices and legal regulations. No contractual agreement can mitigate events such as an expired insurance policy, a loss of private data, or the violation of local laws and regulations. Such events leave ever lasting damage on your companies brands.

Ensuring supplier compliance, goes across all of supplier management, including supplier performance, supplier risk and supplier sustainability. As these requirements will change, and a variety of information sources are required, a flexible platform, to allow you to manage all of these supplier initiatives, is required. If you are responsible for overseeing 3rd party providers, you want to avoid the potential pitfalls associated with non-compliance such as negative press coverage, legal action, or a hit to earnings.

How does it work?

ESM's Supplier Compliance module enables your organization to effortlessly have peace of mind and free up resources, by monitoring and collecting information as and when required from suppliers. Typical scenario's to use the Supplier Compliance module are:

• Identify compliance requirements across a wide range of programs and industry segments:
  • Financial – SOX, SEC, FCC, FTC
  • Environmental – EPA, RoHS, WEEE, Green
  • Safety – OSHA, FDA, EMAS
  • Data Privacy – HIPAA, GLB, EU Data Protection Directive
  • Security – I/T, Physical
  • Risk – Insurance, BCP, Political, Currency
  • Legal – Patriot Act, Homeland Security, Conflict of Interest
  • Quality – ISO, ANSI, CSA, ASME
  • Trade – C-TPAT
  • Performance - collect stakeholder questionnaire's to ensure internal customer satisfaction
• Ensure suppliers confirm and provide documentation of compliance requirements
• Leverage HICX's existing library and expertize of compliance guidelines
• Retain all certification and supporting documentation
• Automate periodic re-certification of processes and expiry notifications
• Distribute validation responsibilities across the enterprise