مراقبة مخاطر الموردين والمورّدين
يراقب باستمرار المصادر العامة والداخلية عن إشارات مخاطر عند الموردين — ضائقة مالية، مشاكل امتثال، أخبار سلبية، تأخّر أداء — ويعلّم الموردين اللي يرتفع خطرهم. يخرّج قائمة مرتّبة لفريق المشتريات مع الدليل، عشان يقلّل مفاجآت سلسلة التوريد.
المتطلبات تصف قدرات يحتاجها النمط في بيئتك، مو الموردين اللي لازم تشتريهم. أي نظام يملأ متطلباً يحقّقه — وهذا اللي يخلّي الكتالوج قابلاً للنقل عبر الذيل الطويل من أدوات الشركات الصغيرة والمتوسطة.
vendor_masterThe list of vendors being monitored, with the context that matters.
- vendor master in the ERP or procurement system
- contract management system with vendor records
- vendor onboarding database
external_risk_signal_sourcesPublic sources of risk-relevant data: news, regulatory filings, security advisories, ratings.
- news monitoring service with vendor entity matching
- credit rating feed
- security advisory feeds
- regulatory filing alerts
- data breach notification services
internal_performance_signalHow the vendor is performing in the actual relationship: deliveries, defect rates, response times, invoicing accuracy.
- procurement system with delivery and quality records
- AP system with invoicing accuracy data
- internal SLA tracking
- contract management system with performance attestations
compliance_artifact_trackerVendor-provided compliance documents and their expiration: certifications, insurance, financial statements.
- compliance document store in the procurement system
- vendor portal where they submit certifications
- structured tracking in the GRC system
risk_destinationWhere rising risk signals surface for the vendor owners and procurement team.
- risk view in the procurement system
- weekly digest to vendor owners
- chat alerts for material changes
incident_response_routeWhere confirmed high-severity issues go for immediate action: supplier on hold, contract review, contingency activation.
- procurement leadership alerts with clear action options
- incident management process in the GRC system
- structured escalation to procurement, legal, and finance
- 01On regular cadence (daily for tier-1 vendors, weekly for others), refresh external risk signals
external_risk_signal_sourcesvendor_master - 02Pull recent internal performance data per vendor
internal_performance_signal - 03Check compliance artifact tracker for upcoming or expired documents
compliance_artifact_tracker - 04Compute combined risk score per vendor with weighted inputs based on vendor criticality
- 05Detect material changes from prior score and changes that cross thresholdقرار Score changes above threshold trigger alerts; stable scores don't generate noise.
- 06Surface rising risks to risk destination with reason codes and suggested actions
risk_destination - 07For severe events (financial distress, breach, certification lost), route to incident response
incident_response_route
مخرجات منظّمة ينتجها هذا النمط. أنماط ثانية وأنظمة العملاء تقدر تشترك فيها، وهكذا يتركّب الكتالوج مع الوقت.
vendor_risk_landscapePer-vendor risk score history and aggregate distribution. The view procurement leadership wants to see.
- procurement leadership dashboards
- board risk reporting
- annual vendor reviews
concentration_risk_signalPatterns where multiple critical vendors share risk factors (same region, same software dependency, same financial backer).
- supply chain risk management
- strategic procurement reviews
compliance_expiry_signalUpcoming compliance document expirations, surfaced in time to act.
- vendor management workflows
- compliance team alerts
- procurement owner workflows