Risk management in the supply chain
Galp has a risk management methodology that involves distinct stages, namely the process of selection, qualification and performance assessment of our suppliers of goods or services.
With the objective of better managing our supply chain and the inherent risks associated to it, Galp tender qualification process and risk assessment procedures have improved significantly. By including a reference supplier evaluation platform connected with our Procurement platform: Supply4Galp, resulting in a more automatic, integrated, and agile process. GDPR and Cybersecurity risk are managed through One Trust platform, connected, with S4G and automatized, for tender processes containing such risks, as well as action plans to mitigate such risks. Compliance assessments, prior to the contracting of suppliers, with the objective of identifying potential red flags, corruption, money laundering, in accordance with law requirements of KYS and due diligence.
The new hybrid model which combines financial and non-financial information available in the market, the one provided by our partners, the available knowledge in our systems and the introduction of risk levels into the stratification model, means greater scope in monitoring several risk areas in our supply chain, namely ESG, Cybersecurity, GDPR, Business Continuity and HSE.
Risk is managed in the supply chain through several practices, namely:
- Assessing the supplier’s financial strength in the qualification process and in the procurement processes, whenever justified;
- Monitoring information on the supplier's economic situation;
- Tender qualification and evaluation of suppliers for services with risk in HSE, cybersecurity, GDPR and business continuity framed within the risks associated with each procurement process;
- Audit and evaluation of services rendered in terms of ESG;
- Conducting questionnaires, through S4G procurement platform, Procurement Catalyst and Achilles, on social risks (mandatory for new suppliers).
ESG risk assessment
ESG risk assessment results
CSR risk assessment results
We assess our tier 1 and most critical suppliers in terms of their corporate social responsibility risk:
In 2021, 69% of our critical suppliers have low risk or no risk in corporate social responsibility.
- Assess 100% of critical non-tier 1 suppliers in ESG risk matters
- 70% of our critical suppliers have low risk or no risk in corporate social responsibility