Enhancing EPC Supply Chain Competitiveness Through Procurement Risk Management

See discussions, stats, and author profiles for this publication at: https://www.researchgate.
net/publication/263325305
Enhancing EPC supply chain competitiveness through procurement risk

management
Article in Risk Management · July 2011

DOI: 10.1057/rm.2011.6
CITATIONS READS
10 11,010
2 authors:
Enrico Cagno Guido J.L. Micheli

Politecnico di Milano Politecnico di Milano
390 PUBLICATIONS 6,024 CITATIONS 104 PUBLICATIONS 1,477 CITATIONS
SEE PROFILE SEE PROFILE
Some of the authors of this publication are also working on these related projects:
Circular management of water resources View project
project risk analysis and management View project
All content following this page was uploaded by Enrico Cagno on 14 October 2014.
The user has requested enhancement of the downloaded file.

Original Article
Enhancing EPC supply chain
competitiveness through procurement
risk management
Enrico Cagno and Guido J.L. Micheli*

Department of Management, Economics & Industrial Engineering, Politecnico
di Milano, Piazza Leonardo da Vinci, 32, Milan 20133, Italy.
E-mail: guido.micheli@polimi.it
*Corresponding author.
Abstract This article is intended to provide a risk-based procurement management

model. The Procurement Risk Cube (PRC) model originates a systematic approach
in the identification of the case-specific risks, their sources, the activities on which
they impact and the risk owners. The hierarchical breakdown structure helps data
aggregation by simply summing the values of exposure by owner/activity/source,
so that establishing a correct intervention priority plan to mitigate downside risks,
or to exploit upside risks, becomes easier and more effective. A deep insight into
case-specific procurement-related risks is provided by the PRC, which is necessary to
improve the understanding of the risks in the supply chain (SC) in order to achieve
benefit for the whole SC.
Risk Management (2011) 13, 147–180. doi:10.1057/rm.2011.6
Keywords: procurement management; risk; EPC sector
Introduction
I
f it is true that business competition is in broad terms shifting from
individual enterprise versus individual enterprise to Supply Chain (SC)
versus SC (Christopher, 1992), this is even plainer for a project-oriented
business such as the Engineering Procurement & Construction (EPC) sector.
In the EPC sector, each project is unique in terms of design, manufactur-
ing and technological requirements and constraints. Owing to this unique-
ness and complexity, only the best contractors can manage to successfully
achieve the requirements of a large project, supported by their whole SC.
In particular, the most impacting section of the SC in the EPC sector
is the one operating in Engineer To Order manner, which basically
© 2011 Macmillan Publishers Ltd. 1460-3799/11 Risk Management Vol. 13, 3, 147–180
www.palgrave-journals.com/rm/
Cagno and Micheli
includes the contractor and its sub-contractors (that is, main suppliers). This
is mainly because of a general shift in recent years towards the procurement
of complex systems. This differing distribution of expenditure for project
materials (that is, materials directly used in the construction of finished prod-
ucts; the average percentage value of project materials is anything from
80 per cent up to 97 per cent of the revenue of the sector, around S20 billion
in Italy) is part of a context in which contractors increasingly play the role of
integrators and coordinators of the entire realization process, whereas sub-
contractors have to be able to design and produce more and more complex
supplies (Cagno et al, 2004, 2006). As a result, competitive sub-contractors
are vital for the success of the SC. In addition, referenced suppliers imposed
by the owner of the project are getting more frequent, and socio-economic
and political events and globalization are making the context generally risky.
Thus, a greater integration between contractor and suppliers is necessary,
and effective approaches and techniques to clearly identify the procurement-
related uncertainty are desirable. In fact, a lack of proper supply risk manage-
ment can be detrimental to the success of the contractor and of the whole
SC (a percentage estimation value of ‘under-managed’ risk in the USA EPC
sector is 31 per cent with respect to the EBITDA – around US$15 billion –
Datamonitor, 2002).
Relevance of Procurement Management in the EPC SC

Although a number of definitions of SC exist, a common idea can be high-
lighted (Ellram and Krause, 1994; Blancero and Ellram, 1997; Spekman et al,
1998; Christopher and Jüttner, 2000; Beach et al, 2005): an SC is a network of
linked and interdependent companies, and in order to manage efficiently and
effectively all of the flows across the chain the companies need to interact.
Coordination and, whenever possible, collaboration across the network are
deemed the way of interacting that most likely leads the SC to success. To the
same extent, a generally accepted definition of Supply Chain Management
(SCM) refers to ‘integration’ as the key to SCM: ‘Supply Chain Management
is the integration of key business processes from end user through original
suppliers that provides products, services, and information that add value for
customers and other stakeholders’ (Cooper et al, 1997b), in the same way as
many other authors do (Oliver and Webber, 1982; Jones and Riley, 1985;
Cooper et al, 1997a, b; Metz, 1998; Handfield and Nichols, 2002; Aprile et al,
2005). The ‘integration’ requires a proper management of upstream and down-
stream relationships with suppliers and customers (Christopher, 1998), for
every kind of SC. In particular, the relevance of the management of the supply
(that is, procurement management) in the EPC sector is glaring: procurement
can be exploited to leverage a project’s performance and to reduce costs (Kini,
1999) and, according to Alarcón et al (1999) and to Yeo and Ning (2002), the
148 © 2011 Macmillan Publishers Ltd. 1460-3799/11 Risk Management Vol. 13, 3, 147–180
Enhancing EPC supply chain competitiveness
relevance (in both positive and negative sense) of procurement management is

mainly due to the following factors:
• procurement is a connecting function between engineering and

construction;
• procurement is highly dependent on external companies (mostly sub-
contractors);
• procurement strongly needs communication and negotiation with external
parties;
• project material cost represents a high portion of total costs of the EPC
project;
• complex supplies are very difficult to manage.
Shifting From Procurement Management Towards Procurement Risk

Management
In addition to the general relevance of procurement management, the general
perspective emerging from the literature is that SCM is becoming Supply
Chain Risk Management (SCRM) (Norrman and Jansson, 2004; Peck, 2006).
Traditional procurement management has focused on the optimization of
time, cost and quality; however, this vision has been overcome by SCM focused
on responsiveness, leanness and agility in order to face the growing complex-
ity of the competitive environment in terms of globalization, technological
innovation and outsourcing. These three approaches have caused an increase
in the complexity of supply chains and have drawn attention to focus on risk.
The risk within supply chains is due to these SCM approaches, as well as the
globalization of the market, the shortening of product and technology life
cycles, the increased use of outsourcing (Christopher and Lee, 2004), and
the uncertainty in supply (Christopher and Lee, 2004; Jüttner, 2005; Tang,
2006).
As far as the uncertainty in supply is concerned, as a main risk to be managed
through SCRM, a number of generic risk sources have been identified (Zsidisin
et al, 2000; Zsidisin, 2003a, b; Zsidisin and Ellram, 2003), in order to give
summary guidelines to identify the uncertainties, which can be grouped into
four main categories (Table 1): product-related, market-related, supplier-
related and other sources. Although it is a useful starting point, this list of
generic sources does not give any information about possible mitigation actions
to reduce risks and to exploit opportunities, nor does it provide any means to
identify case-specific risks.
In order to give useful information about possible mitigation actions to
reduce risks and to exploit opportunities, a major step is moved by Zsidisin
and Smith (2005), who analyse the role of early supplier involvement in miti-
gating the supply risk. The authors define early supplier involvement as a way
© 2011 Macmillan Publishers Ltd. 1460-3799/11 Risk Management Vol. 13, 3, 147–180 149
Cagno and Micheli
Table 1: Sources of supply risk
Category Source of supply risk Reference
Product-related Product design changes Zsidisin et al, 2000; Zsidisin, 2003a, b

Quality Zsidisin et al, 2000; Zsidisin, 2003a, b;
Zsidisin and Ellram, 2003
Market-related Price increase Zsidisin, 2003a, b
Number of available suppliers Zsidisin, 2003a, b
Geographical concentration of Zsidisin, 2003a
suppliers
Supplier-related Capacity constraints Zsidisin, 2003a, b
Cost reduction capabilities Zsidisin, 2003a, b; Zsidisin and
Ellram, 2003
Lead time Zsidisin, 2003b
Environmental performance Zsidisin, 2003b
Financial health Zsidisin et al, 2000; Zsidisin, 2003b
Failure to meet delivery requirements Zsidisin, 2003a; Zsidisin and Ellram,
2003
Inbound transportation Zsidisin, 2003b
Information systems compatibility Zsidisin, 2003b
and sophistication
Inventory management Zsidisin, 2003b
Management vision Zsidisin, 2003b
Process technological changes Zsidisin et al, 2000; Zsidisin, 2003a, b;
Zsidisin and Ellram, 2003
Volume and mix requirement Zsidisin, 2003b; Zsidisin and Ellram,
changes 2003
Other sources Disasters Zsidisin, 2003b; Zsidisin et al, 2000
of vertical cooperation in which a company involves suppliers at an early stage

in the product development or innovation processes, generally at the level of
concept and design. Among the benefits of early supplier involvement are
the reductions of new product development lead times, the improvements in
product quality, the possibility of using supplier technological expertise and
the easier management of costs. In addition, the authors suggest that another
important benefit of early supplier involvement is the mitigation of supply risk
both on the customer side (cost, quality and lead times) and on the supplier
side (technological skills and delivery (time).
In short, early supplier involvement has a positive impact on the perform-
ance of both the customer and the supplier, and thus on the whole network.
It can be identified as an optimal strategy, typically by means of portfolio
approaches (for example, Kraljic, 1983), and it is particularly worth imple-
menting in the case of companies working by large projects (such as the EPC
sector), where the present-day time constraints lead to the involvement of
the main suppliers even before the signature of the project contract itself; none-
theless, in order to properly implement early supplier involvement, a deep
insight into case-specific procurement-related risks is necessary, as well as into

generic risk sources. In addition, an improved understanding of the risks in a
supply chain helps to make better decisions and decreases the risks of both a
single company and a whole network (Hallikas et al, 2004). Moreover, a high
understanding of the risks is acknowledged (Faisal et al, 2006) to indirectly
make the agility of the SC improve, which is vital for companies working by
projects in the EPC sector.
To summarize, a means to easily originate a deep insight into case-specific
procurement-related risks is necessary, at least for the major risks. In fact,
there is a problem in the limited capacity of the available risk-analysis models
to identify risks exactly – not only the ‘risk’ and its possible causes, but also
the activities that are directly or indirectly influenced by the effects of the
risk (or opportunity) and the players responsible for these activities (risk
owners) – and thus best balance risk mitigation actions and exploitation of
opportunities (Chapman and Ward, 2003) and also in view to involve the
suppliers early.
Risk Analysis in Project Management

In the same way, risk analysis has taken on an increasingly important role in the
broader context of project management, that is, the reference discipline within
the EPC sector (Cagno et al, 2007). This importance is mainly attributable to the
recognition of the general validity of the concept of risk as an uncertain event
that can have a significant impact on project results. In other words, controlling
the project risks has a positive effect on the control of project costs, as well as
on the timeliness and quality of project completion. Briefly, we can say that the
control of project risks means the control of the project itself.
Together with the term risk (generally defined as an uncertain event that
may or may not happen, but which, if it does occur, has a significant impact
on the project outcome), the concept of the source of uncertainty (any element
in the project or its context, be it a situation or a stakeholder, which influences
the realization of the project and may give rise to uncertainty, for example a
major supplier; Chapman and Ward, 2003) and risk cause (the state of the
source that can give rise to one or more risks, for example the major supplier’s
work overload determining a possible delivery delay; Hillson, 2000) are used.
For each risk event, stemming from a risk cause through a chain of intermedi-
ate events, the probability of occurrence P (probability that a risk might mate-
rialize), the magnitude of the impact M (measure of the deviation from expected
project outcome if the risk does occurs) and the exposure E (expected value of
deviation from forecasted outcome), calculated as the product of the probabil-
ity of occurrence and the impact magnitude, can be defined. It should be noted
that the magnitude can either be positive or negative, in view of the dual nature
of risk as a threat or as an opportunity (Chapman and Ward, 2003).
Cagno and Micheli
The risk management process can be divided into the following typical
phases: start-up of the risk management system, risk identification, qualita-
tive analysis, quantitative analysis, planning of mitigating actions, risk moni-
toring and control (Project Management Institute, 2004). Each of these phases
features the use of particular techniques (Project Management Institute,
2004). The most common are: Brainstorming, Checklists, Diagramming
Techniques and Delphi method to identify risks that may influence project
outcome, the ‘Impact-Probability’ matrix (Graves, 2000) for the qualitative
analysis, simulation techniques applied to a model of the project (for example,
a network model) for the quantitative analysis. Mitigating actions are nor-
mally based on classical approaches such as: risk avoidance/mitigation, risk
sharing, risk transfer or risk acceptance providing a suitable contingency
(Chapman, 1997).
In order to develop an effective approach to risk analysis (Cagno et al,
2007),
• there is the need to identify the basic elements of major risks, that is, the
source of uncertainty, the activities affected, the stakeholders representing
the risk owners, and, subsequently, to allocate the corresponding portion of
the overall project risk to each risk element. In particular, the allocation
of risk to the various risk owners is critical for a correct contractual risk
sharing among the project stakeholders;
• there is the need for a methodological approach that integrates the two
major aspects of risk analysis – the analysis of the normal variability of
project parameters (for example, the duration variability of project activities),
that is, those uncertainties that, if taken singularly, do not threaten the
project outcome, and the analysis of major risks (for example, the failure of
a major supplier), which can exert a significant influence, even singularly, on
the outcome of the project;
• there is the need to take into account the overall life cycle of the system rep-
resenting the outcome of the project (including for instance the operation
and maintenance phase);
• finally, there is the need to make a distinction between risk analysis during
the project conceptual phase (Alquier et al, 2002), considering all the stake-
holders involved (suppliers, customers, users and so on), in which the con-
tent of the project is to be defined and the execution phase, in which the
contractual content of the project has been frozen.
This article is intended to provide a risk-based procurement management

model that gives a deep insight into case-specific procurement-related risks,
at least for the major risks. This model is based on an existing Risk-Cube
model (Cagno et al, 2007), which uses hierarchical breakdown structures
to identify control elements. The use of the Procurement Risk Cube (PRC)
model originates a systematic approach in the identification of the case-specific

procurement-related risks, their sources, the activities on which they impact
and the risk owners. The hierarchical breakdown structure helps data aggrega-
tion by simply summing the values of exposure by owner/activity/source so
that establishing a correct intervention priority plan to mitigate or to exploit
risks becomes easier and more effective.
The Risk Cube (Cagno et al, 2007)

The Risk Cube is a multi-dimensional project risk management model that
considers a risk as an entity involving the interaction of various project
elements. The model breaks the project structure down into work packages
(WP), an intersection between the Work Breakdown Structure (WBS) and the
Organization Breakdown Structure (OBS). The model can also analyse project
risks at various levels of detail, essentially on the basis of the project life cycle
phase in which the analysis is undertaken (context, company and analytical
level).
The risk is described by the effect of the occurrence of uncertain events
associated with each of the sources of risk (Hillson, 2000; PMI, 2004). This
effect has an impact on important performances in the WP. The definition
describes a risk as neutral, thus highlighting both the opportunities (upside
risks) and the possible damage (downside risks) resulting from the uncertain
events associated with the sources of risk (Ward and Chapman, 2003). Each
risk can, therefore, be assigned to a source, that is, an area of competence or
activities in which the events that cause the risk occur. The Risk Cube uses the
Risk Breakdown Structure (RiBS; Hillson, 2002) to represent the sources of
risk. The RiBS becomes the third axis on the WBS-OBS plane, giving the ‘risk
cube’ shown in Figure 1.
Once the project has been broken down by means of hierarchical structures,
the model summarizing the information on project major risks can be devel-
oped by means of the intersection of the above-mentioned three structures,
that is, RiBS, WBS and OBS. In a few words, the three structures describe
a three-dimensional space, which can be called the risk cube, in which each
risk event is defined by a point, related to its coordinates: the source, the WP
involved and the corresponding risk owner, respectively. A multi-dimensional
model of this kind allows identifying immediately situations in which a single
source is responsible for a number of risks, or a single WP is excessively critical,
or a single stakeholder carries an excessive amount of risk (‘risk overload’). A
project risk map is thus available, with all the organizational and operational
coordinates, which potentially represents the main control board for the project
from a managerial and contractual point of view. It also lends itself to the
development of software support, for example a database containing all the
risk-related information. Specifically, the use of information technology makes
Cagno and Micheli
RiBS
S 2.3
SOURCE 2
S 2.2
S2.1
RiBS
S 1.3
SOURCE 1
S 1.2
S1.1
WBS OBS
WP
Figure 1: The Risk Cube.
it possible to overcome the limitation to the number of dimensions of the model

(for example, adding a breakdown structure by product, by geographic area
and so on).
To overcome possible graphical complexity as a result of the use of a
three-dimensional representation, two-dimensional layouts (the RiBS-WBS,
RiBS-OBS – ref. Figure 2 – and WBS-OBS intersections) can be obtained from
the risk cube by collapsing one of the three axes.
In addition to representing an approach to analyse the project risks, the risk
cube can also be used for the collection and processing of the quantitative, but
also qualitative, data that describe the risks, that is, the occurrence probability
and the impact magnitude, thus identifying the elements of the project
most exposed to risk. The risk cube allows for a quantification of the risk load
allocated to each project element.
RiBS
S1 S2 S… Sm
Resp 1 E11 E1n
Resp 2 E21 E2…
OBS
Resp …
Resp n En1 Enm
Risk profile &

Risk overload
Figure 2: RiBS-OBS intersection: Project risk profile and risk load on project elements.
As far as the risk parameters are concerned, the value of risk exposure for
each major risk can be represented with increasing complexity by:
• qualitative values, for example low, medium, high;

• expected values, expressed in monetary, time or other quantitative terms;
• discrete or continuous probability distributions.
It should be noted that it is possible to take into account possible dependencies

between risks both in a qualitative (for example, similar to what happens in
the ‘roof’ of the House of Quality) and in a quantitative (for example, by
means of a correlation index) way.
The overall risk load for each project element can be obtained
• as an expected value just summing up the corresponding expected exposure

values of the risks affecting the project element;
• as an exposure distribution summing up through a simulation approach
the exposure distribution for each risk affecting the project element
considered.
It is worth noticing that the summarization of risk exposures, based on expected

values, allows for a quick and effective estimate of the overall risk load for
each project element, also in the case of possible dependencies between risks,
avoiding the use of more complex tools.
Cagno and Micheli
Nevertheless, it should also be noted that just having described major risks,
their cause and impact, and identified the related sources and affected activities
and owners already allows having a quite clear picture of risk dependencies
and their effect.
The trade-off between the simplicity in data collection and processing, on
the one hand, and the accuracy of risk parameters to be estimated, on
the other, must be decided each time the model is used, on the basis of the
availability of data and the allocation of resources to risk analysis.
The general risk exposure indicator, that is, the product of occurrence prob-
ability and impact magnitude, representing the expected impact of risk, can be
expressed in different ways that are more appropriate to either the context
level or the company level:
• use of a single point value equal to expected exposure;

• use of the distribution obtained as the product of the occurrence probability
and impact magnitude distributions, called exposure distribution.
Graphically, the risks can be shown in the cube as spheres of varying diameter
in function of the risk exposure (Figure 1).
Once the typical risk parameters have been estimated, we can move on to
the data processing phase. The model seeks to identify the overall risk associ-
ated with each type or source of risk, to each internal or external stakeholder
and to each WP or activity. Summary assessments of risk load (highlighting
different views of project risk profile and especially risk overload) on project
elements (that is, activities, owner, sources, … see, for example, Figure 2 for
the RiBS-OBS intersection) can be simply obtained by summing the respective
exposure values (for example summing E21 + + E2m for the Responsible R2;
Figure 2), having previously converted all exposure values into the same unit
of measure, generally monetary.
In this way, it is possible to allocate the correspondent risk load to each
project element (Eij ; Figure 2). Subsequently, important conclusions regarding
the priority of the mitigating actions to undertake can be drawn, so as to focus,
for instance, on the most significant causes of risk. For instance (Figure 2), it
would be the case of the Source 1 – S1, which exposure value is obtained by
summing E11 + E21 + + En1 – if it would belong to the 20 per cent of Sources
that originate 80 per cent of the cumulative risk exposure, following a Pareto
philosophy; or, the ones that overcome the acceptable risk profile, which is
subject to the specific needs of each company).
After having obtained the expected exposure or the exposure distribution
for each project element, we can trace up to the risk associated with the
superior levels in the hierarchical structure simply by summing the values for
the elements belonging to the same level of a given structure, potentially until
the value for the entire project is obtained. We could also draw a cumulative
curve for the overall project risk, which attributes a probability to each possible
value for the overall impact associated with the entire project.
When the allocation of risk to the project elements has been completed,
appropriate mitigating actions must be defined, that is, interventions to modify
the risk allocation until more balanced and acceptable conditions are obtained,
or suitable contractual provisions are identified, protecting from a possible risk
overload or providing a suitable risk reward.
One of the fundamental aspects of the Risk Cube is the need to divide risk
into internal and external sources. Both in terms of control and of allocation
of contractual responsibility, it is important to distinguish between sources
that are directly attributable to, and those that are not attributable to, the
contractor.
The model is built hierarchically on three levels, on the basis of the project
life cycle phase in which the analysis is undertaken at various levels of detail
and with increasing level of constraint (Figure 3).
The first level (context) analyses risks from a strategic viewpoint, focusing
on the interaction between the contractor and the other players (that is, com-
petitors, partners, suppliers, clients and so on) involved. The result of this risk
analysis is used to support the preparation of the bid and helps to identify the
so-called ‘major context risks’ (Ward, 1999; Cagno et al, 2007). The signing of
the contract (not only the main contract between customer and contractor, but
also those with sub-contractors, suppliers and so on) fixes the strategic frame-
work of the project defined at the second level (company) of the hierarchy.
Once the contracts have been awarded, the strategic situation of the context is
frozen and can only be modified by changes to the contracts. The company
level concerns the planning of activities for the actual execution of the project,
RiBS
CONTEXT LEVEL
(Major Context Risks)
WBS
RiBS
Constraints
COMPANY LEVEL
(Major Company Risks)
WBS
ANALYTIC LEVEL
(Normal Variability)
NETWORK
Figure 3: The multi-level framework of the model.

Source: Cagno et al (2007).
Cagno and Micheli
exclusively considering the risk quota assigned to the contractor. The risk
owners considered at this level are internal to the contractor’s organization,
and the scope of the work focuses on obtaining the actual outcome of the
project. At this level, the ‘major company risks’, that is, those resulting from
the contract, are identified. The move from the second to the third level of risk
analysis requires the availability of detailed project plans (for example, based
on network or hierarchical models). Such detailed plans are not available
in the project’s early phase, but are developed subsequently, as the necessary
detailed information becomes available. The third level (analytical) concerns
the normal variability of project parameters, for example duration of individ-
ual activities. By means of suitable models, for example simulation applied to
network models in the case of duration variability, the overall variability affect-
ing the project in terms of cost, time and technical performance can be
estimated.
In Figure 3, a graphic representation of the overall structure of the multi-
level model is provided. It is worth noticing how each level is no more than
a zoom of the previous level (the second level analyses part of the risks at the
first level, whereas the third level analyses in detail an individual risk at the
second level).
Overall, there is an interesting and remarkable logical parallelism between
the concepts of ‘major risk’ (that is, a risk that can exert a significant influ-
ence, even singularly, on the outcome of the project) and ‘normal variability’
(that is, those uncertainties that, if taken singularly, do not threaten the
project outcome), typical of project management environment, and the con-
cepts of ‘disruption’ and ‘deviation’ (for example, Tang, 2006), typical of the
supply chain environment. Therefore, the considerable advantage in adopting
this model is that it provides the user with a summary map of the state of the
project, highlighting all the main problems and opportunities (‘major risks’,
those that can effectively be controlled in the fervour of operations) and pro-
posing different angles of vision of the current situation. Moreover, stepping,
from one level to the next one, a time and constraint evolving map of risks is
made available.
Other remarkable features of this model can be identified:
• it can be adapted to different risk metrics and distributions without any

forcing, and it can take account of dependencies between risks (see also
Cagno et al, 2000);
• it can be easily transferred into an informative system and be a pillar of a
knowledge-based system;
• it is easily upgradable to n-axes (Risk Hyper-Cube) and to an event-oriented
process (Dynamic Risk Cube; Cagno et al, 2008);
• it can be further developed with augmented layered risk analysis (Risk
Pyramid; Hillson et al, 2006).
The PRC
The PRC is a Risk Cube focused on the procurement domain rather than
the entire life cycle of a project. Consequently, the procurement process is
divided into three main stages – strategic planning, definition and execution –
corresponding to the different points in the progress of an industrial plant
project and ad hoc hierarchical breakdown structures.
During the strategic planning phase, the boundaries of the procurement
activities are set. Customer specifications are transformed into operational
plans and orders for the subsequent phases. The most important activities
during this phase can include: acquisition of customer specifications and inte-
gration into the procurement process, planning of purchasing strategy, identi-
fication of possible suppliers and definition of needs.
In the definition phase, the plans established at the previous level are
executed. The supply market is limited to those potential suppliers selected
previously, which are able to meet the required specifications (functional, qual-
itative and temporal). The design and comparison of the bid calls, the drafting
of qualification questionnaires and the detailed definition of each element of
the associated supplier and the final choice are also part of this phase. With
regard to time planning, greater detail is added to the output from the first
phase.
The execution phase deals with the operational management of the project
activities. This involves the issue of orders planned in the previous phase and
the carrying out of activities concerning material management, the ordering
cycle and payments.
The phases differ in terms of breadth and level of aggregation of the deci-
sions made, the types of problems addressed, the reference time frame and
the company areas involved. The phases are hierarchically interconnected,
and each generates additional constraints on the next, thus progressively
reducing opportunity of choice. The evolution of the phases results in a vari-
ation in the types of decision-making levers available. These are essentially
strategic in the first two phases and more operational in the last. In addition
to being logical, the sequence of phases is also temporal, although there are
some overlaps. Consequently, in progressing from one phase to the next, the
time available for each phase is reduced. As for the scope, the PRC is not
intended to substitute any possible portfolio approach aimed at identifying
the most proper procurement strategies (for example, ‘early supplier involve-
ment’) on the basis of some characteristics of the goods to purchase (impor-
tance for purchasing, Supply Market complexity, referring as an example to
Kraljic, 1983); rather, it allows for a purposeful focus on the most relevant
issues to face, all along the entire life cycle of a project (by means of the dis-
tinction of ‘strategic planning’, ‘definition’ and ‘execution’ phases), as shown
in the next section of the article.
Cagno and Micheli
Hereafter, a proposal for WBS, OBS and RiBS is presented for each of the
three macro-phases in function of the specific needs of EPC companies. The
examples are, however, easily modifiable and extendible to all companies
working by projects.
Work breakdown structure

Strategic planning phase
The WBS for procurement can be structured as a combination of the Product
Breakdown Structure (PBS) and the Activity Breakdown Structure (ABS) defined
for this level (Figure 4 shows a possible WBS for the design and construction
of a refinery).
With regard to the PBS, the following principal levels of breakdown have
been identified:
• Plant: object of the supply activities;

• Area: can be identified by function (production area) or by location (identifiable
on the plan of the site);
• Functional group: set of components to carry out a plant function fully;
• Category of merchandise: items in the functional groups.
Steam Cracking Plant
Production Area Other Areas…
Cracking furnaces Process gas Piping Hot zone Gas compression …

drying and cooling and caustic wash
Connections Pumps Expansion Valves Tubes

compensators
PBS
ABS
Definition of the Planning of strategic Selection of Suppliers Definition of needs

specifications purchasing
Publication of
technical Definition of order Analysis of bills
Sourcing
specifications formulation mode of materials
Choice of standard Choice of number Drawing-up of Calculation of

or tailor-made of sourcesof supply the long list minimum lot-sizes
materials
Decision on re-use of Mode of supplier Use of existing

existing designsre selection stock
Formalisation of Choice of Buyer- Use of ordered

budget limitations Supplier relationship supplies
Definition of
General planning
Supplie rrole
Figure 4: Example of WBS for the procurement strategic planning phase for a refinery.
For the ABS, the phases in the procurement process can be exemplified as
follows:
• Definition of specifications: by iterations between commercial and technical

functions, the specifications of the products to be procured are established:
° Publication of technical specifications;
° Choice of standard or tailor-made materials;
° Decision on reuse of existing designs;
° Formalization of budget limitations;
° General planning;
° …
• Planning of purchasing strategies: definition of the purchasing strategy,
which will have an impact on all subsequent activities.
° Definition of the order formulation mode;
° Choice of number of sources of supply;
° Mode of supplier selection;
° Definition of supplier role;
° …
• Supplier selection: a list of possible suppliers for a reference functional group
or category of merchandise is drawn up:
° Sourcing;
° Drawing up of the long list;
° …
• Definition of needs: volumes are decided for each item, starting from an
analysis of the items in each individual functional group:
° Analysis of items;
° Calculation of minimum volumes;
° Use of existing stock;
° Use of ordered supplies;
° …
Definition phase
An additional level of detail, the type of item, is added to the above PBS.
Type of item means a description of the product to be purchased without the
product code.
The ABS for this level of definition might include, for example:
• Preparation and publication of bid calls: the contractor contacts the

suppliers with a formal request for information on the product to be
purchased:
° Request for Proposal (RFP)
° Request for Quotation (RFQ)
° Request for Information (RFI)
Cagno and Micheli
• Supplier qualification: from the long-list drawn up above, the best suppliers
must be selected:
° Information collection;
° Analysis of information already available;
° Preparation and dispatch of qualification questionnaires;
° Assessment of suppliers’ technical skills;
° Supplier qualifications;
° …
• Comparison of bids: bids are compared (a formal, well-defined structure
simplifies this activity), and the bid profile that best satisfies the require-
ments for the item in question is identified.
• Planning: general planning for the delivery dates of materials to the site is
undertaken:
° Feasibility check: check of required delivery dates in function of the
presence of materials needed to install the product itself;
° Date of order issue;
° Scheduling of delivery dates.
° …
• …
Execution phase
For the PBS, the output from the preceding phase is a specific order code
that includes information on the item to be supplied and the relative sup-
plier. Therefore, at this level, the items are identified with the respective
order code.
An example of ABS for the execution phase is shown in Figure 5:
• Order management:
° Order request;
° Approval;
° Order issue;
° …
• Management of materials ordered, of their movement on site (site logistics),
issue of following up and management of returns. On-site activities are also
included:
° Management of purchased materials;
° Goods reception;
° Management of returns;
° On-site activities;
° …
• Payments: all aspects of the economic transactions concerning closure of the
contract.
• …
Procurement
Order Material Payments

management management
Management of On-site
Returns
Order request Approval Order issue purchased Reception activities
goods management
Payment
Management
Check order Insurance of critical Invoice check
Receipt of Returns
amount and Confirmation Testing claims for any materials
confirmation procedure and spares
coherency damage
Identify Modifications Dispatch and Installation

Order Non-conformity
correct to purchase customs Protection and assembly
dispatch check
item request clearance
Identify
correct cost Inspection Handling
centre
Identify Identification
Expediting
supplier and check
Storage
Figure 5: Example ABS for the execution macro-phase.
Organization breakdown structure

Strategic planning and definition phase
The players involved in the strategic planning and definition phases are
generally:
• Competitors: the other, competing actors present in the market have an

‘indirect’ influence on the market itself;
• Users: in particular during formulation of specifications, the plant user can
be directly or indirectly involved;
• Suppliers: a key point in the procurement system. In the model, a macro-
distinction is made between:
° Regional suppliers: operating in the same economic system as the EPC
company;
° Global suppliers: not operating in the same economic system as the EPC
company. The decision to distinguish between suppliers on the basis of
the economic system both the EPC company and the supplier operate in,
is justified by the desire to distinguish, by means of a very simple proxy,
two significantly different risk situations. In one case (regional supplier:
both the EPC company and the supplier operate in the same economic
system), the cultural, behavioural, political, infrastructural and so on issues
are well known, so that the situation is generally more ‘controllable’.
Cagno and Micheli
On the other case, (global supplier: the EPC company and the supplier
operate in different economic systems), all those issues are very often
scarcely known, so that the situation is generally more ‘risky’.
• Commissioner: plays an essential role in determining specifications and in
the change order;
• Designers: must interact with procurement managers to produce the best
definition of the specifications, to which the entire procurement process will
be subject;
• Customer/Client: has a key role in issuing specifications and determining
budget limits;
• Licensee: holder of the license to use the patent. The role in procurement is
directly proportional to the importance of the patent for the project in
question;
• Local authorities: representatives of the state at the place of installation
can carry out controls of site activities and, as a consequence, take action.
At this level, local authorities can be divided into:
° Political;
° Administrative.
• Regulatory bodies: issue norms governing the undertaking of activities,
the making of products and the assembly of systems, and can be divided
into:
° Economic: regulating the mutual interaction between the players involved
and the market;
° Technical: regulations concerning the technical/functional features that
the purchased or installed products must bear.
• Procurement Manager: responsible for all the management and coordina-
tion activities in the procurement process.
Execution phase
The organizational structure for the execution phase generally includes:
• HSE Manager: responsible for safety and the environment;

• Construction Manager: responsible for building activities;
• Suppliers: at this level, the suppliers are known, so it is not necessary to
divide them into classes;
• Designers: their role is still important for urgent extensions, adaptations or
modifications of the project;
• Customer: in this phase, changes to the project or its implementation may be
requested;
• Local authorities: with respect to the higher level, the structure is consid-
ered in more depth, giving greater detail to the two classes introduced
above;
• Regulatory bodies;
• Procurement manager: the two main figures are:

° Purchasing staff: concerned with the activities of the purchasing process;
° Technical staff: concerned with activities and problems of a technical
nature.
• Control Manager: controls project phases.
Risk breakdown structure

Strategic planning and definition phase
In this phase (Figure 6), the sources of risk are divided into internal and
external risks, indicating, respectively, sources linked to factors within the
company and those outside.
Internal sources of risk The internal sources of risk can be traced back to four
macro areas: managerial, technical, competitive and financial
• Managerial: all risks attributable to the interaction and coordination of

company processes. There are three main categories:
° Organization;
° Information;
° Control system.
Risk sources–Strategic planning
Internal
Managerial Technical Competitive Financial
Organisation Information Management Design skills Planning skills Bids Availability Availability
Control of capital of funds (cash)
Communication Quality of
of information information
External
Time Environ- Work

Suppliers Political Legal Market Project Financial Competitors
window mental force
Number Trade-
Co- Hydro/oro- of
Political union
Breadth geological Laws suppliers Complexity Currency
ordination situation relation
conditions
Market
Appoint- Process Meteoro- Local Level of Fluctuation
logical Incentives short- Skills
ments ability authorities innovation commodities
conditions comings
prices
Technolo- Public Geographic
gical ability Norms concen- Stability
opinion
tration
Available Supplier
production patents
capacity
Fraud
Figure 6: Example RiBS of the strategic planning phase.
Cagno and Micheli
• Technical: essentially concerning two macro areas:

° Technical design skills;
° Planning skills.
• Competitive: risks tied to competition, that is, making a bid:
° Requests to bid and so on.
• Financial: at this level of aggregation, there are two main areas:
° Liquidity;
° Availability of capital.
• …
External sources of risk There are many possible sources of external risk. During
the planning phase, assessment of external risks means considering all the possi-
ble factors that can have an impact on procurement, but are not the result of
internal company processes. The structure for the external risks is as follows:
• Time window: this includes the risks attributable to different delivery

‘appointments’, in the sense both of the breadth of the time window remain-
ing to complete the procurement activities and of the deadlines set for the
various milestones:
° Time window;
° ‘Appointments’.
• Suppliers: includes the sources of risk associated to the suppliers in the
supply network:
° Process ability;
° Coordination;
° Technological ability;
° Available production capacity;
° Fraud;
° …
• Environmental:
° Hydro/orogeological conditions;
° Meteorological conditions;
° …
• Political: includes all the risks attributable to the socio-political context of
the areas where the plant is to be installed:
° Political situation;
° Local authorities;
° Public opinion;
° …
• Legal: all the risks related to the local legislation of the state where the plant
is to be installed:
° Laws;
° Incentives;
° Norms;
° …
• Market: risks that depend directly on the structure of the procurement
market:
° Number of suppliers;
° Market shortcomings;
° Geographic concentration of suppliers;
° Supplier patents;
° …
• Project: the project itself is a source of external risk for procurement:
° Project complexity;
° Level of innovation in the project;
° …
• Work-force: risks tied to the nature of the staff directly or indirectly involved
in procurement:
° Trade union relations;
° Skills;
° Stability;
° …
• Financial: risks deriving from the effects of fluctuations in exchange or
commodity markets:
° Currency;
° Commodity price fluctuations;
° …
• Competitors
• …
Execution phase
The structure proposed for the execution phase (Figure 7) differs significantly
from the preceding case. The breakdown structure does not envisage the
subdivision into internal and external risks, because in the execution phase
the only effective way to manage risk is as a complete entity.
The structure of the sources of risk is as follows:
• Technical: essentially referring to the correct functioning of the item

supplied;
• Managerial: these are divided into four areas: information, materials,
workforce and respect of deadlines;
• Legal: risks attributable to laws and norms that have an impact during the
execution of supply;
• Financial: as the timescale is medium/long term, the only relevant category
is liquidity;
Cagno and Micheli
Risk–sources Execution
Environ-
Technical Managerial Legal Financial
mental
Hydro/oro-
Non- Availability geological
Damage Information Materials Work-force Deadlines Norms
conformity of funds conditions
(cash) Meteoro-
Laws logical
conditions
Qualitative No delivery Injuries Spillage of
pollutants
Incomplete
Functional Strikes
delivery
Late/
Early Absences
delivery
Errors
Communi-
Availability
cation
Omissions
Quality of
Quantity Quality Protocols information
transmitted
Intrinsic Formal
quality protocols
Exploit- Informal
ability protocols
Selectivity of
the research
Figure 7: Example RiBS of the execution phase.
• Environmental: the categories of environmental risks are:

° Hydro/orogeological conditions;
° Meteorological conditions;
° Spillage of pollutants;
° …
• …
A Case Study
The PRC has been applied to a real case to test the model. The project was
related to the realization of a refinery in Middle-East Asia by an Italian main
contractor. The overall value of the lump sum turnkey contract was S170
million. The percentage of project material to be procured was 72 per cent
of the contract value. The analysis was initially carried out to support only
pre-proposal and proposal activities (Alquier et al, 2002). But afterwards,
the application of PRC followed the project progress. Hereafter, the initial
analysis results are reported.
In a nutshell, since the beginning, the project presented some critical aspects
related to the procurement process:
• competences (and thus clearness of vision) were not uniform throughout the
whole scope of work;
• the Italian contractor had not strong expertise in operating with local
sub-contractors;
• a number of critical suppliers were imposed by the commissioner.
More than 50 (53) risks were identified with PRC and layered on the different
levels: 16 for the strategic planning phase, 15 for the definition phase and
22 for the execution phase. All of them were downside risks; it is likely that
this feature was due to the high level of competition characterizing the project
context. The use of the hierarchical breakdown structures allowed the pursuit
of a rapid and effective analysis and allocation of each risk in terms of activities,
sources and owners involved.
In Table 2, some risks, identified for the strategic planning phase, are
reported; for example:
Looking at the first four risk owners – in terms of number of times involved –
in the strategic planning phase, the procurement manager – responsible for all
the planning and coordination activities typical of this phase – as logically
expected, turned out to be the most involved with 69 per cent of allocated risks
(Figure 8). Nevertheless, a main role was given to the designer (19 per cent)
as responsible for the technical specifications, but only one-third was attrib-
uted to the project manager (6 per cent) who – in the general, but not always
sound practice of the EPC projects – is always seen as the owner of and final
Table 2: Example of risks identified (4 out of 16) for the strategic planning phase
Risk ID Cause Risk Activity Source Owner
1 Low level of Publication Publication of Level of innovation Designer

knowledge about of wrong technical
the long-distance technical specifications
line specifications
8 Delayed Low team General Planning skills Project
project team performance planning Manager
composition
9 Lack of Slackened General Communication of Procurement
communication works in the planning information Manager
and coordination yard
between head-
quarters and
yard
11 Scope of work not Wrong design Publication of Quality of Procurement
fully deployed technical information Manager
specifications
Cagno and Micheli
69%
19%
6% 6%
Procurement Designer Project Local

Manager Manager authorities
Figure 8: Project risk profile for the strategic planning phase (number of risks on the first four
owners).
38%
31%
25%
6%
General Publication of Formalization Mode of

planning technical spec. of budget limit. supplier
selection
Figure 9: Project risk profile for the strategic planning phase (number of risks on the first four
activities).
responsible for all problems. The first four activities involved in the strategic
planning phase were (Figure 9): general planning (38 per cent), publication of
technical specification (31 per cent), formalization of budget limit (25 per cent)
and mode of supplier selection (6 per cent).
Following the classical procedure for risk analysis, a qualitative and then a
quantitative assessment of the risks involved were undertaken (Cagno et al,
2007). Four probability classes (Rare, Unlikely, Possible, Likely) and four
magnitude classes (Negligible, Marginal, Critical, Catastrophical) were identified
nd numerical ranges of monetary values ( < S5000; S5000–50 000;
S50 000–500 000; > S500 000) and probabilities ( < 0.25; 0.25–0.5; 0.5–0.75;
> 0.75 Events/Project) were associated in order to have a common view for the
analysis. Subsequently, using the evaluations given by the project team experts,
a probability of occurrence and an impact magnitude class were assigned to
each identified risk. Then, a magnitude-probability matrix, subdivided into
four different sectors (control, action, urgency, emergency – represented
through rising greyscale), was used to determine which types of risk were the
most critical for the project (Figure 10; the top-left matrix contains all the
53 identified risks represented by their identification numbers, that is risk IDs).
It was also possible to have a magnitude-probability matrix for each of the
PROJECT STRATEGIC PLANNING
Catastrophic 52-53 20-42-3-51 1-11-46 Catastrophic 20 1-11-46
8-28-12- 44-4-7-10- 14-19-22

Critical Critical 8-28 44-4-7 14-19
Magnitude
41
Magnitude
13-5-43 25-34-35
45-47-21-
9-6-33-36-
Marginal 17-16 24-30-15 27-2-31-32 Marginal 45-47 9 27
26-48-49
-39
Negligible 18-37 29-50-23 40-38 Negligible 29
Rare Unlikely Possible Likely Rare Unlikely Possible Likely

Probability Probability
Catastrophic 42 Catastrophic 52-53 3-51

Magnitude
Magnitude
Critical 12-13 10 Critical 41 5-43 25-34-35
Marginal 17 21-24-30 6-33-36 2 Marginal 16 15-39 26-48-49 31-32
Negligible 18 50 40 Negligible 37 23 38
Rare Unlikely Possible Likely Rare Unlikely Possible Likely

Probability Probability
Figure 10: Magnitude-probability matrix for the project (top-left matrix), and for the three
phases of the procurement process (the other three matrices). Each matrix contains the risks
identified represented by their identification numbers.
three phases of the procurement process (Figure 10; the other three matrices
contain only those risks related to that particular phase of the procurement
process).
At this stage, each part of the risk cube had been completed, as each risk
had been identified in the three-dimensional space and associated with an
expected exposure, and thus a quantitative analysis was possible using the
PRC model.
By summing the exposure values along the axes of the cube (cf. Figure 2), an
estimate of the risk associated – with each source of uncertainty, with each
activity and with each stakeholder in the project – was obtained. The analysis
was performed for the whole procurement process and for each of its phases.
For the sake of greater graphical clarity, the use of two-dimensional matrix –
showing, for example, the intersection, WBS-RiBS for the strategic planning –
was preferred (Figure 11). The overall exposure related to the strategic planning
phase is estimated at S3.2 million, but the most critical risk is ‘wrong design’
(more than S1.8 million in Figure 11; ref. also to Table 2), due to fact that the
Cagno and Micheli
Risk sources
Internal External
Managerial … …
Technical Project
Information …… …
Level of
Design skills … … Quality of info … … innovation … … Total
Publication of technical
specifications
Definition of
specifications 8500 … … 1856000 … … 15000 … … 3141650
Activities
… … …… … …… … …… …
General planning
4500 … … …… 4100 … … 9600
… … … …… … …… … …… …
Total 33050 … … 2145000 … … 24500 … … 3180500
55550 2692350 … 72000 …
2747900 432600
Figure 11: WBS-RiBS matrix (part of) for strategic planning phase (the exposures of risks
presented in the matrix are estimated in S).
4857800
3747675
3180500
Stategic planning Definition Execution
Figure 12: Cumulated project exposure in time on the phases of the procurement process (in S).
‘scope of work was not fully deployed’, related to the quality of information
(RiBS), the publication of technical specifications (WBS) and procurement
manager (OBS; not shown in Figure 11). In Figure 11 it is also possible to
appreciate that the publication of technical specifications (activity on WBS)
bears a risk load of more than S3.1 million, while the quality of information
(source on RiBS) bears a risk load of more than S2.1 million.
The cumulated exposure in time on the three phases increases, as repre-
sented in Figure 12, from S3.2 million (only strategic planning) to S4.9 million
(whole procurement process considered). That level of exposure was not con-
sidered acceptable, because it was of the same order of magnitude as the
expected project margin.
It has to be noted that the phase that mostly contributes to the project
risk exposure is the strategic planning, in which the largest number of critical
Table 3: Exposures associated to owners in the phases of the procurement process (in S)
Stategic Definition Execution Total

planning
Construction manager — — 7000 7000

Control manager — — 14 625 14 625
Suppliers — — 554 000 554 000
Procurement manager 3 171 650 1050 9500 3 182 200
Designers 8850 — 525 000 533 850
Local authorities — 2250 — 2250
Regional suppliers — 186 375 — 186 375
Engineering services — 37 500 — 37 500
Construction services — 340 000 — 340 000
decisions for the procurement process are made, and which has more impacts
on the following phases. This could be expected from practitioner’s experi-
ence, and it is mainly due to the normal way of doing business by projects,
where every upside (that is: opportunity) and downside risk in the bidding
phase (strategic planning) dramatically becomes downside risk when the con-
tract is signed. Here lies one of the strengths of the PRC: that is, the power of
enabling to manage and control the shift of the immense risk load from the
strategic planning phase into the definition and execution phases, in a system-
atic way.
The results obtained were analysed critically by pointing out the stakehold-
ers, activities and risk sources associated with the greatest cumulative exposure
and thus most critical in the procurement process. The stakeholders bearing
the greatest risk were, apart from procurement manager, the suppliers (and
sub-contractors) and then the designers (Table 3).
Among the activities, the most critical were, apart from the publication of
the technical specifications, the installation and assembly, the non-conformity
check and the assessment of suppliers’ technical skills (Table 4).
Four suitable mitigation actions were then identified and proposed for the
strategic planning phase, the first phase that must be faced in order to be really
effective. These sought to eliminate or mitigate (downside) risks since proposal
and to share the risks more equally among the various stakeholders, in order
to balance the proportion borne by each, that is: to eliminate possible risk
overload. The actions proposed included:
• Definition of a standard procedure for supplier selection. The selection of

the suppliers was historically made by the contractor on the basis of con-
trasting objectives. There was a need to introduce selection criteria based on
commissioner requirements and usable for supplier evaluation. Moreover,
the issue of the suppliers imposed by the commissioner was a not a directly
removable constraint, but the opportunity to use alternative suppliers in
Cagno and Micheli
Table 4: Exposures associated to activities in the phases of the procurement process (in S)
Stategic Definition Execution Total

planning
Publication of technical specifications 3 141 650 — — 3 141 650

Mode of supplier selection 29 250 — — 29 250
General planning 9600 — — 9600
Analysis of information available — 37 500 — 37 500
Feasibility check — 40 000 — 40 000
Date of order issue — 11 250 — 11 250
Scheduling of delivery dates — 11 375 — 11 375
Preparation and publication of RFx — 2250 — 2250
Supplier qualifications — 176 050 — 176 050
Assessment supplier tech. skills — 288 750 — 288 750
Testing — — 4200 4200
Expediting — — 256 250 256 250
Inspection — — 4800 4800
Non-conformity check — — 288 750 288 750
Installation and assembly — — 549 145 549 145
Handling — — 7000 7000
case the imposed ones would not perform fairly, allowed to reduce the
impact of that imposition on project results.
• Development of partnerships with some of the most critical suppliers
(carried on just after the previous action). The issue of contractor limited exper-
tise in some project aspects (for example, long-distance line) could be overcome
by a joint planning and design of the project and of the technical specifications.
To this end, the involvement of main suppliers was needed to develop collabo-
ratively the technical specifications of the services and goods to be procured
and the project timing. The implementation of this action fostered the collabo-
ration between supply chain players for critical components and established
steady relationships with suppliers imposed by the commissioner or locals.
• Revision (at least partial) of the information system. The issues were the
quality and the communication of the information. The adoption of open
standards would allow an enhanced communication of information and a
more important sharing with all the other project players. Moreover, the
adoption of shared communication standards could be useful for the infor-
mation system centralization, giving rise to a project informative system,
which will allow project progress control and enhanced coordination.
• Implementation of a time and cost control system (carried on just after the
two previous actions). The control of time and cost is a critical element
for procurement progress; this is even more so in case of a large number of
suppliers with possible problems in terms of delays and over-costing. There
was the need to provide the procurement manager with a tool allowing to
monitor the performance of the procurement process and to implement miti-
gation actions.
245140
143903
22215
Stategic planning Definition Execution
Figure 13: Cumulated project exposure in time on the phases of the procurement process after
mitigation actions (in S).
Following the implementation of the above mitigation actions, the risk param-
eters were re-estimated by the project team experts. In some cases, the risks
were significantly reduced, whereas in others again, those that previously had
not been particularly critical remained unchanged. The new project exposure
was reduced by 95 per cent to about to S0.25 million, instead of the previous
value of S4.9 million. The cumulated project exposure in time on the phases of
the procurement process, after mitigation actions, is shown in Figure 13.
These mitigated values were then inserted in the risk cube and the overall
exposures were recalculated by source, by activity and by stakeholder,
thus initiating an iterative process. Finally, all the sources, activities and stake-
holders in the project were listed, showing the exposure before and after the
mitigation actions, together with the respective percentage variation in the
values (see for instance the variation of risk exposure for each risk owner in
Table 5 and for each activity in Table 6).
One should note the remarkable general (apart from a single case) reduction
of the risk exposure for both activities and stakeholders; however, in particular,
the one related to the suppliers (and sub-contractors) seems to be particularly
interesting from the supply chain point of view: reducing the estimated-
by-contractor project risk exposure on suppliers related to the procurement
process meant a more ‘robust’ and thus less risky relationship with contractor
(time and cost reduction and quality improvement for both players), and finally
increased competitiveness for the whole supply chain.
The new project risk profile related to the procurement process after mitiga-
tion actions was more balanced on the stakeholders; the risk is divided more
equally and risk overloads are reduced.
The implementation of a limited number of mitigation actions allowed to
obtain significant risk exposure reduction (S3.65 million) and was economically
Cagno and Micheli
Table 5: Exposures associated to owners before and after mitigation actions (in S)
Exposure Exposure Difference Percentage

pre-mitigaton post-mitigation variation
Construction manager 7000 1875 − 5125 − 73.2

Control manager 14 625 563 − 14 062 − 96.2
Suppliers 554 000 93 250 460 750 − 83.2
Procurement manager 3 182 200 18 965 − 3 163 235 − 99.4
Designers 533 850 9300 − 524 550 − 98.3
Local authorities 2250 1563 − 687 − 30.5
Regional suppliers 186 375 40 625 − 145 750 − 78.2
Engineering services 37 500 14 000 − 23 500 − 62.7
Construction services 340 000 65 000 − 275 000 − 80.9
Table 6: Exposures associated to activities before and after mitigation actions (in S)
Exposure Exposure Difference Percentage

pre-mitigaton post-mitigation variation
Publication of technical 3 141 650 8340 − 3 133 310 − 99.7

specifications
Mode of supplier selection 29 250 7875 − 21 375 − 73.1
General planning 9600 4300 − 5300 − 55.2
Analysis of information 37 500 14 000 − 23 500 − 62.7
available
Feasibility check 40 000 8750 − 31 250 − 78.1
Date of order issue 11 250 3750 − 7500 − 66.7
Scheduling of delivery dates 11 375 5625 − 5750 − 50.5
Preparation and publication 2250 1563 − 687 − 30.5
of RFx
Suppliers qualification 176 050 35 500 − 140 550 − 79.8
Assessment suppliers tech. skills 288 750 52 500 − 236 250 − 81.8
Testing 4200 4200 0 0.0
Expediting 256 250 33 750 − 222 500 − 86.8
Inspection 4800 600 − 4200 − 87.5
Non-conformity check 288 750 52 500 − 236 250 − 81.8
Installation and assembly 549 145 8313 − 540 832 − 98.5
Handling 7000 1875 − 5125 − 73.2
advantageous: the cost of the mitigation actions was limited (S1.9 million) and is
to be distributed over several projects and not only allocated to the present one.
The risk analysis carried out through the PRC in time, on the three phases,
highlighted that most of the risks related to the procurement process were
concentrated on the strategic planning phase and suggested to focus attention
on that phase to reduce them. The final result confirmed the effectiveness of
that choice with an average risk reduction of 52 per cent in the strategic plan-
ning phase, of 63 per cent in the definition and of 73 per cent in the execution
phase.
Moreover, it should be noted that the percentage reduction in exposure is

substantially greater for those sources, activities and stakeholders that were
previously the most critical. This confirms (following the hint of Cagno et al,
2007) that, as a result of the previous analysis, the mitigation actions resulted
effectively to be focused on those elements bearing the greatest risk (that is,
higher priority). Specifically, for the project considered, the initial value for the
expected exposure, related only to the procurement process, was approxi-
mately 3 per cent of the overall project value and was reduced to 0.15 per cent,
a figure that was considered more than acceptable, given that the average
margin in major plant projects may be in general estimated around a few full
percentage points.
Conclusion
The hierarchical breakdown structures of the PRC allow for analysis at
varying levels of aggregation, and offer guidelines for the choice of the mitiga-
tion actions. Furthermore, the division into different hierarchical levels allows
attention to be focused on a small number of risks at each level and, thus, on
efficient risk identification. In particular, the use of logically and temporally
consecutive hierarchical levels means that risks can be analysed in function of
project progress.
In short, a deep insight into case-specific procurement-related risks is given
by the PRC, which is necessary to improve the understanding of the risks in the
supply chain. The deep insight into case-specific procurement-related risks
allows having – for example, within an early supplier involvement strategy – a
positive impact on the performance of both the customer and the supplier, and
thus on the whole network. Furthermore, an improved understanding of the
risks in a supply chain helps make better decisions and decreases the risks for
both a single company and a whole network.
Moreover, a high understanding of the risks indirectly makes the agility of
the SC improve, which is vital for companies operating by projects in the EPC
sector.
The PRC can be used to support proposal and pre-proposal activities (identi-
fying the main areas of risk) and for the strategic selection of suppliers (con-
structing various supply scenarios).
It should be noted that the PRC is structured as a model to support risk
identification and assessment, and can be used independently from the specific
risk management process, affording a threat/opportunity-driven procurement
management process.
Finally, the proposed model is immediately adaptable to different contexts
simply by ‘re-scaling’ the hierarchical breakdown structures in function of the
specific needs.
Cagno and Micheli
References
Alarcón, L.F., Rivas, R. and Serpell, A. (1999) Evaluation and Improvement of the
Procurement Process in Construction Projects. Proceedings of the IGLC-7 Conference.
Berkeley, CA, USA.
Alquier, A.M., Cagno, E., Caron, F., Leopulos, V. and Ridao, M.A. (2002) Chapter 21–
Analysis of external and internal risks in project early phase. In: D. Slevin, D. Cleland
and J. Pinto (eds.) The Frontiers of Project Management Research. Pennsylvania, USA:
Project Management Institute (PMI).
Aprile, D., Garavelli, A.C. and Giannoccaro, I. (2005) Operations planning and flexibility
in a supply chain. Production Planning and Control 16(1): 21–31.
Beach, R., Webster, M. and Campbell, K.M. (2005) An evaluation of partnership devel-
opment in the construction industry. International Journal of Project Management
23(8): 611–621.
Blancero, D. and Ellram, L.M. (1997) Strategic supplier partnering: A psychological
contract perspective. International Journal of Physical Distribution & Logistics
Management 27(9–10): 616–629.
Cagno, E., Di Giulio, A. and Trucco, P. (2000) Risk and causes-of-risk assessment for
an effective industrial safety management. International Journal of Reliability, Quality
and Safety Engineering 7(2): 113–128.
Cagno, E., Di Giulio, A. and Trucco, P. (2004) State-of-art and development prospects
of e-procurement in the Italian engineering & contracting sector. Project Management
Journal 35(1): 24–29.
Cagno, E., Di Giulio, A., Micheli, G. and Trucco, P. (2006) Doing Procurement in the Italian
Engineering & Contracting Sector: An Evolving Scenario. Proceedings of the European
Operations Management Association (EurOMA) Conference, Glasgow, Scotland.
Cagno, E., Caron, F. and Mancini, M. (2007) A multi-dimensional analysis of major risks
in complex projects. Risk Management 9(1): 1–18.
Cagno, E., Caron, F. and Mancini, M. (2008) Dynamic analysis of project risk.
International Risk Assessment and Management 10(1–2): 70–87.
Chapman, C.B. (1997) Project risk analysis and management – PRAM the generic process.
International Journal of Project Management 15(5): 273–281.
Chapman, C.B. and Ward, S. (2003) Project Risk Management: Processes, Techniques
and Insights, 2nd edn. Chichester, UK: John Wiley & Sons.
Christopher, M.G. (1992) Logistics and Supply Chain Management. London, UK: Pitman
Publishing.
Christopher, M.G. (1998) Logistics and Supply Chain Management: Strategies for
Reducing Costs and Improving Services. London, UK: Pitman Publishing.
Christopher, M. and Jüttner, U. (2000) Developing strategic partnerships in the supply chain:
A practitioner perspective. European Journal of Purchasing & Supply Management
6(2): 117–127.
Christopher, M. and Lee, H. (2004) Mitigating supply chain risk through improved
confidence. International Journal of Physical Distribution & Logistics Management
34(5): 388–396.
Cooper, M.C., Ellram, L.M. and Hanks, A. (1997a) Meshing multiple alliances. Journal
of Business Logistics 18(1): 67–89.
Cooper, M.C., Lambert, D.M. and Pagh, J.D. (1997b) Supply chain management: More than
a new name for logistics. The International Journal of Logistics Management 8(1): 1–14.
Datamonitor. (2002) http://datamonitor-market-research.com/Merchant2/merchant.mvc,
accessed 26 September 2007.
Ellram, L.M. and Krause, D.R. (1994) Supplier partnerships in manufacturing versus
non manufacturing firms. The International Journal of Logistics Management 5(1):
43–53.
Faisal, M.N., Banwet, D.K. and Shankar, R. (2006) Supply chain risk mitigation: modeling
the enablers. Business Process Management Journal 12(4): 535–552.
Graves, R. (2000) Qualitative risk assessment. PM Network, October.
Hallikas, J., Karvonen, I., Pulkkinen, U., Virolainen, V. and Tuominen, M. (2004) Risk
management processes in supplier networks. International Journal of Production
Economics 90(1): 47–58.
Handfield, R.B. and Nichols, E.L. (2002) Supply Chain Redesign: Transforming
Supply Chains into Integrated Value systems. London, UK: Financial Times
Prentice-Hall.
Hillson, D. (2000) Project risks: Identifying causes, risks and effects. PM Network,
September.
Hillson, D. (2002) The Risk Breakdown Structure as an Aid to Effective Risk Management.
Proceedings of the PMI Conference Europe. Cannes, France.
Hillson, D., Grimaldi, S. and Rafele, C. (2006) Managing project risks using a cross risk
breakdown matrix. Risk Management 8(1): 61–76.
Jones, T.C. and Riley, D.W. (1985) Using inventory for competitive advantage through
supply chain management. International Journal of Physical Distribution and Materials
Management 15(5): 16–26.
Jüttner, U. (2005) Supply chain risk management. Understanding the business require-
ments from a practitioner perspective. The International Journal of Logistics
Management 16(1): 120–141.
Kini, D.U. (1999) Materials management: The key to successful project management.
Journal of Management in Engineering 15(1): 30–34.
Kraljic, P. (1983) Purchasing must become supply management. Harvard Business
Review 61(5): 109–117.
Metz, P.J. (1998) Demystifying supply chain management. Supply Chain Management
Review 1(4): 46–55.
Norrman, A. and Jansson, U. (2004) Ericsson’s proactive supply chain risk manage-
ment approach after a serious sub-supplier accident. International Journal of Physical
Distribution & Logistics Management 34(5): 434–456.
Oliver, R.K. and Webber, M.D. (1982) Supply-chain management: Logistics catches
up with strategy. In: M. Christopher (ed.) Outlook, Booz, Allen and Hamilton
Inc., reprinted in Logistics: The Strategic Issues, (1992). London: Chapman Hall,
pp. 63–75.
Peck, H. (2006) Reconciling supply chain vulnerability, risk and supply chain man-
agement. International Journal of Logistics: Research and Applications 9(2):
127–142.
Project Management Institute (PMI). (2004) A Guide to the Project Management Body
of Knowledge (PMBOK Guide). Pennsylvania, USA: Project Management Institute
(PMI).
Spekman, R.E., Kamauff, J.W.J. and Myhr, N. (1998) An empirical investigation into
supply chain management: A perspective on partnerships. Supply Chain Management:
An International Journal 3(2): 53–67.
Tang, C.S. (2006) Perspectives in supply chain risk management. International Journal of
Production Economics 103(2): 451–488.
Ward, S.C. (1999) Assessing and managing important risks. International Journal of
Project Management 17(6): 331–336.
Cagno and Micheli
Ward, S.C. and Chapman, C.B. (2003) Transforming project risk management into
project uncertainty management. International Journal of Project Management 21(2):
97–105.
Yeo, K.T. and Ning, J.H. (2002) Integrating supply chain and critical chain concepts
in engineer-procure-construct (EPC) projects. International Journal of Project
Management 20(4): 253–262.
Zsidisin, G.A. (2003a) A grounded definition of supply risk. Journal of Purchasing and
Supply Management 9(5–6): 217–224.
Zsidisin, G.A. (2003b) Managerial perception of supply risk. The Journal of Supply
Chain Management 39(1): 14–26.
Zsidisin, G.A. and Ellram, L.M. (2003) An agency theory investigation of supply risk
management. The Journal of Supply Chain Management 39(3): 15–27.
Zsidisin, G.A., Panelli, A. and Upton, R. (2000) Purchasing organization involvement
in risk assessments, contingency plans, and risk management: An exploratory study.
Supply Chain Management: An International Journal 5(4): 187–198.
Zsidisin, G.A. and Smith, M.E. (2005) Managing supply risk with early supplier
involvement: A case study and research propositions. The Journal of Supply Chain
Management 41(4): 44–57.
View publication stats

Enhancing EPC Supply Chain Competitiveness Through Procurement Risk Management

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Enhancing EPC Supply Chain Competitiveness Through Procurement Risk Management

Uploaded by

Copyright:

Available Formats

See discussions, stats, and author profiles for this publication at: https://www.researchgate.

Enhancing EPC supply chain competitiveness through procurement risk

Article in Risk Management · July 2011

Enrico Cagno Guido J.L. Micheli

SEE PROFILE SEE PROFILE

Circular management of water resources View project

project risk analysis and management View project

The user has requested enhancement of the downloaded file.

Enrico Cagno and Guido J.L. Micheli*

Abstract This article is intended to provide a risk-based procurement management

Keywords: procurement management; risk; EPC sector

Relevance of Procurement Management in the EPC SC

relevance (in both positive and negative sense) of procurement management is

• procurement is a connecting function between engineering and

Shifting From Procurement Management Towards Procurement Risk

Table 1: Sources of supply risk

Category Source of supply risk Reference

Product-related Product design changes Zsidisin et al, 2000; Zsidisin, 2003a, b

of vertical cooperation in which a company involves suppliers at an early stage

insight into case-specific procurement-related risks is necessary, as well as into

Risk Analysis in Project Management

This article is intended to provide a risk-based procurement management

model originates a systematic approach in the identification of the case-specific

The Risk Cube (Cagno et al, 2007)

Figure 1: The Risk Cube.

it possible to overcome the limitation to the number of dimensions of the model

Resp 1 E11 E1n

Resp 2 E21 E2…

Resp n En1 Enm

Risk profile &

• qualitative values, for example low, medium, high;

It should be noted that it is possible to take into account possible dependencies

• as an expected value just summing up the corresponding expected exposure

It is worth noticing that the summarization of risk exposures, based on expected

• use of a single point value equal to expected exposure;

Figure 3: The multi-level framework of the model.

• it can be adapted to different risk metrics and distributions without any

Work breakdown structure

• Plant: object of the supply activities;

Steam Cracking Plant

Production Area Other Areas…

Cracking furnaces Process gas Piping Hot zone Gas compression …

Connections Pumps Expansion Valves Tubes

Definition of the Planning of strategic Selection of Suppliers Definition of needs

Choice of standard Choice of number Drawing-up of Calculation of

Decision on re-use of Mode of supplier Use of existing

Formalisation of Choice of Buyer- Use of ordered

• Definition of specifications: by iterations between commercial and technical

• Preparation and publication of bid calls: the contractor contacts the

Order Material Payments

Identify Modifications Dispatch and Installation

Figure 5: Example ABS for the execution macro-phase.

Organization breakdown structure

• Competitors: the other, competing actors present in the market have an

• HSE Manager: responsible for safety and the environment;

• Procurement manager: the two main figures are:

Risk breakdown structure

• Managerial: all risks attributable to the interaction and coordination of

Risk sources–Strategic planning

Managerial Technical Competitive Financial

Time Environ- Work

Figure 6: Example RiBS of the strategic planning phase.

• Technical: essentially concerning two macro areas: