Category: Company

Talk about Company or Business

Review my Procurement Team

The main questions Arvo encounter when we meet potential customers are:

  • EFFECTIVENESS IN OUTCOME: What does good look like? Are we effective? What are the best practices and where can we improve? What would the benefits be if we invest in these improvements? What are the risks if we do not invest? How do we compare to similar Procurement Teams?
  • EFFICIENCY IN PROCESS: Are we efficient in everything we do? Can we work smarter, faster, better, cheaper? Where can we become leaner?
  • SKILLED FOR IMPACT: Do we have the right skill-set for the growth of our business? Do my team require new learning and development opportunities?

Other customers also ask more direct questions for support:

  • I might have the expertise but I do not have the time. I might have the time but I do not have the expertise.
  • I just need help to get better costs, quality, service, flexibility, innovation, but I do not know where to start.
  • There is too much happening, what is my priority?
  • I know my team is working hard but I do not know if they are working smart. Can I measure the improvements when we invest in them?

Ultimately, these questions always come back to the 5 key pillars that support sustainable growth: trusted people, efficient process, procurement strategy, fit for purpose use of technology, empowering knowledge.

Within Arvo’s Procurement Reviews, we benchmark the People, Process, Knowledge, Technology and Culture. We have answered the above questions for many clients.

WHY ARVO?

We spend time with our customers to understand their business and specific challenges and where they want to be in 3 to 5 years’ time. We measure where they are now and then we design the procurement roadmap they need to reach to their destination. Over the last 5 years, we have supported the development and structure of award winning procurement functions, with many references available here.

We are proud to collaborate with our customers, to engage and empower their resources, to be part of their procurement strategy design and to enable their sustainable growth by doing things right and doing the right things.

We would very much welcome the opportunity to discuss your Procurement Objectives further so feel free to contact for a quick initial discussion.

While the outcome of the process assessment will be a customised efficiency roadmap where targets can be tracked against the improvement of the procurement team’s engagement across the business, for example:

 

Arvo Procurement Dashboard image

 

Contact Us Today to discuss your Procurement Team’s Improvement Plans

Past, Present and Future

Arvo Cost Management Energy audits consultancy tactical procurement

Recently the wonderful team at IGNITE in UCC, produced this fantastic infographic documenting the Arvo story from humble supply.ie beginnings to the current range of sourcing, consultancy and training offerings under the Arvo umbrella. Our focus for the past 10 years to “help companies to save time, money and hassle” has not changed but our solutions to address your evolving market needs, have matured with our growth.

In the beginning, our eSourcing platform (supply.ie), was used by over 5,000 Irish businesses to source 3 quotes quickly for goods and services. The success of this simple tendering solution led to an appointment in 2012 to the European Commission e-Tendering Expert Group, which has advised EU Government’s with regards eProcurement. At home, saving SME’s money on Print & Stationery soon led to a demand to reduce costs in other areas, such as Utilities, whereby our Smart Energy Services helped businesses to correct MICs/Tariffs, Group Buy to leverage scale and deliver instant cost savings, while proactive businesses then invest the savings in Energy Efficient Equipment.

Presently, the Arvo business is delivering value for a range of Procurement Stakeholders with;

1. Our Brexit Sourcing Services helping businesses prepare for the imminent supply chain threats posed by Britain’s exit from the EU, especially if a “no deal” or hard-Brexit transpires

2. Our Tendering Services help both buyers and suppliers, by supporting buyers through every stage of the Strategic Sourcing event, while assisting suppliers prepare, identify, qualify and respond professionally to appropriate bid opportunities

3. While our Strategic Procurement Services and Tactical Procurement Supports help both public and private-sector clients, with their strategic focus to deliver long-term value and impact, while our Tactical Procurement expertise supports the day-to- day operational aspects of sourcing and procurement.

While predicting what the future holds is an almost impossible task, but as outlined in this Business & Finance CEO Interview, Arvo’s focus is to grow the Procurement Transformation Institute (PTI), which is a competency centre that provides a gateway to procurement education, thought leadership and training while empowering the buying community. While we will continue to research the merits of creating a decentralised group trading platform with distributed ledger technologies, to enable seamless trading experience for unknown buyers and sellers. Stay tuned for this next (r)evolution…

The Procurement Transformation Institute

On January 31st we launched the Procurement Transformation Institute in partnership with IDDEA. The PTI is a not-for-profit organisation founded by a team of expert procurement practitioners, academics, advisors and thought leaders.

Partnering with 9 procurement competency centres in Europe, PTI is positioning procurement as a preferred career for today’s and tomorrow’s professionals for the benefit of competitiveness, job creation and innovation for organisations of all sizes in Ireland.

The PTI is based on the island of Ireland and works in collaboration with SMEs, multinationals, universities, professional associations and institutes. Our vision and mission are international; we research and translate procurement standards into deliverable value for organisations and individuals.

 

The PTI is built around 5 pillars:

PTI ACADEMY: whose mission is to develop a CPD Procurement Membership Body offering all procurement resources relevant mind set, skillset and toolset training that will steer and guide them on the progression on their career path.

PTI COMMUNITY: whose mission to create an environment of peer to peer communication and knowledge exchange, access up to date industry and European wide accepted standards, tools, insight, initiatives and trends. The PTI Community forum was launched on April 25th, 2018. See below for more information.

PTI EUROPE: As part of the Procure2Innovate H2020 Initiative, the PTI is excited to be part of the European Initiative to promote and disseminate Innovation Procurement Best Practices. The aim is to improve support for public procurers in implementing innovation procurement by establishing and expanding competence centres for innovation procurement in 10 EU member States. Indeed, to date, competence centres have largely worked autonomously and with little cross-border cooperation.

PTI EDUCATION: whose mission is to provide and promote European-wide accredited procurement certification in partnership with UCC, to pipeline and upskill procurement resource to benefit the growth of businesses.

PTI RESEARCH: whose mission is to deliver valuable and on-going research about the impact

of the changing environment on procurement. We want to ensure that the procurement profession stays relevant for the future. Through continuous optimisation and transformation, ongoing innovation is driven by industry-led research and thought leadership.

 

To keep up to date with the PTI and to gain greater insight into the world of public procurement, become a member of our inaugural Community forum by signing up here.

100 DAYS TO GDPR

The General Data Protection Regulation aims to strengthen the protection of personal data. The current data legislation dates back to 1995 with the Data Protection Directive which has a lack of harmony and has not evolved to deal with the current uses for Data eg marketing. The principles remain the same but the new policy is meant to update standards to fit today’s technology which has changed dramatically since 1995. Today, there are 3 billion internet users compared to 16 million 20 years ago, with the rise of social networks. The GDPR affects all businesses operating within the EU: EU Companies that process personal data, Non-EU companies who offer goods or services to individuals in the EU and Non-EU companies who monitor individual’s behaviour that takes place in the EU. It will come in effect on May 25th 2018 and we have to make these changes now to ensure that we are compliant.

MAIN CHANGES :

  • CONSENT : Permission and consent are required to send marketing information. The consent must be unambiguous, informed and freely given. Prior to giving consent, data subjects (individuals whom particular personal data is about) must be informed of the right to withdraw consent at any time and it must be easy for them to do so. For children under 16, a parent or guardian must give his approval.
  • RIGHTS FOR DATA SUBJECTS : Right to be informed, Right to access, Right to rectification, Right to erasure, Right to restrict processing, Right to data portability, Right to object, Rights in relation to automated decision making.
  • DATA BREACHES : for example the destruction, loss, alteration, unauthorised disclosure of or access to personal data, human error. New mandatory obligation to notify data breaches to the regulator ASAP but not later than 72 hours and if notification is not made after 72 hours a reasoned justification is needed.
  • ADMINISTRATIVE FINES AND COMPENSATION : Under the GDPR, data subjects will have a right to sue and recover material or non-material damages, e.g. loss of personal data, damage to reputation, loss of confidentiality. The current maximum fines are €3000 but GDPR fines are up to €20 million or 4% of the Turnover.
  • INCREASED TERRITORIAL SCOPE : The policy applies to all companies processing the data of E.U. subjects , regardless of the company’s location.
  • PRIVACY BY DESIGN : Data protection has to be included in the initial system design rather than added later.

 

 

KEY ACTIONS TO BE TAKEN

1/ AUDIT :

  • You are required to document what personal data you hold, where it came from and who you share it with.
  • It is recommended to conduct an information audit across the organisation or within particular business areas which need to be GDPR compliant.

2/ IDENTIFICATION :

  • You should check your procedures to ensure they cover all the rights individuals have, including how you would delete personal data or provide data electronically and in common used format.
  • You should identify the lawful basis for your processing activity in the GDPR, document it and update your notices.

3/ UPDATE DATA PROTECTION POLICY :

  • You should update your procedure for dealing with subject requests to handle them within the new timescales;
  • You should review how to seek, record and manage consent and whether you need to make any changes.
  • You should also put a system in place to verify individuals’ age and to obtain parental or guardian consent for any data processing activity.
  • Finally you should make sure you have the right procedures in place to detect, report and investigate a personal data breach.

4/ UPDATE PRIVACY NOTICES :

  • After updating the data protection policy, it is important to review your current privacy notices and put a plan in place for making any necessary changes in time for GDPR implementation.
  • They have to be concise and in an easy-to-read format with limited legalese.
  • They must include : identity and contact details of the controller and the Data Protection Officer; purposes and legal basis for the processing; recipients of the personal data; retention periods; details on the right to access to personal data and rectification or deletion of it; right to withdraw consent; …

5/ UPDATE CONTRACTS WITH PROCESSOR AND CONTROLLERS : the contracts must set out :

  • The subject matter and duration of the processing
  • The nature and purpose of the processing
  • The type of personal data and categories of data subject
  • The obligations and rights of the controller

6/ CONSIDER AN APPOINTMENT WITH A DPO :

You should designate someone to take responsibility for data protection compliance and assess where this role will sit within your organisation’s structure. A Data Protection Officer can be outsourced to assist you in managing your organisation on its journey to becoming GDPR compliant . If your organisation operates in more than one EU member state, you should determine your lead data protection supervisory authority.

7/TRAINING :

  • You should ensure that everybody is aware that the law is changing to the GDPR (mostly decision makers and key people) so they can start identifying areas that could cause compliance issues.
  • You then have to train relevant staff and teach them how GDPR affects their role.

 

WHAT PROCUREMENT TEAMS SHOULD DO

Map the flow of personal data through supply chains. Identify recipients of personal data, including sub-processors. Note where and how the personal data is processed.

Identify existing supplier contracts that involve the processing of personal data and review the data protection provisions.

Consider the organisation’s approach to risk with existing and new contracts in relation to GDPR compliance. The financial risks posed by the regulation may change the risk profile of data processing contracts, necessitating a different approach Not sure what was meant here?? and data security breaches.

Carry out adequate due diligence on new suppliers to check their GDPR compliance, obtain guarantees regarding the measures that suppliers have in place and ensure there are rights of audit within the contract together with the other mandated data processing provisions.

Check whether existing insurance policies will cover data protection and security breaches including breaches by suppliers.

Check internal systems to ensure that processes are in place to enable the organisation to satisfy the 72-hour breach notification requirement.

 

USEFUL GDPR LINKS

For more information : https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/ OR https://gdprandyou.ie/organisations

Are you ready for GDPR ? make sure you have not forgotten anything thanks to this MCQ

You can also consult the Irish Data Protection Authority website.

Pixalert can help you by providing a software which locates all credit card data and critical data in your network to be GDPR compliant.

 

To assist you on how to get started and what GDPR means to your business, ISME Skillnet have designed GDPR Preparation training sessions called GDPR Essentials for SMEs specifically aimed at SMEs and business owners.

The first session in this series on Thursday, 15th February in the Clayton Hotel, Liffey Valley, Dublin is already booked out.

Additional sessions will take places in:

The Dun Library, Royal College of Physicians, 6 Kildare Street, Dublin on Wednesday 21st February

Clayton Hotel, Silver Springs, Tivoli, Cork on Tuesday, 6th March

Limerick Strand Hotel, Ennis Road, Limerick on Wednesday 7th March

BOOK YOUR PLACE NOW 

1 2 3 8