Background
Our client, a biomedical company, manages a vast network of over 4,000 suppliers. Supplier information is stored in Coupa, a SOX-compliant procurement software, ensuring the company maintains high-security standards.
Problem
Our client needs to efficiently manage and assess their suppliers for risks and compliance issues as their supplier base expands and evolves. They recently implemented NAVEX, a compliance software solution, to help streamline their supplier review process.
Given that supplier information is regularly updated by the purchasing team in Coupa and new suppliers are continually onboarded to the system, our client required a way to ensure new and existing supplier information remains in sync between Coupa and NAVEX, with the results of their NAVEX assessment feeding back to the suppliers’ Coupa profiles for better decision-making.
The results of these assessments should update supplier records in Coupa, categorizing each supplier into “Red,” “Yellow,” or “Green” status based on their compliance assessment.
Solution Implementation
We built a two-way integration using Workato as the automation platform to link Coupa with NAVEX.
The following outlines the key elements of the integration:
Data Flow Design:
- Supplier details are sent from Coupa to NAVEX.
- NAVEX conducts automated risk and compliance reviews on these suppliers.
- NAVEX sends back the assessment results to Coupa.
Technical Approach:
- Utilize Workato’s built-in Coupa connector for a seamless integration.
- Implement a standard HTTP integration method for API connectivity with NAVEX.
- Leverage a Workato-based “listener” capability to monitor and trigger updates in NAVEX whenever supplier information in Coupa changes.
Automated Flagging
- Based on NAVEX assessments, suppliers are flagged with “Red,” “Yellow,” or “Green” statuses in Coupe. Supplier flags are automatically updated through the Workato integration
- Logic is established to automatically set “Red” flagged suppliers to “inactive” in Coupa to prevent transactions without review and remediation of the issues identified.
Validation and Synchronization
- Our client undertook a data quality review through this engagement to ensure high validation accuracy. This review reduces the risk of mis-flagging compliant suppliers.
- During the initial go-live process, Dispatch performed a one-time synchronization of supplier records to ensure each system had the most up-to-date information available.
Reporting
- Our solution auto-generates supplier compliance reports for management and the legal team, highlighting suppliers marked as “Red” or “Yellow.”
Outcome
The integration transformed the supplier compliance process from a manual, labor-intensive effort to an automated, efficient system. Key benefits included:
- Reduced Manual Effort: Legal and procurement teams no longer needed to spend hours reviewing and updating supplier statuses.
- Improved Compliance and Security: The automated system ensures continuous monitoring and immediate action on compliance issues, enhancing the company’s risk profile and security stance.
- Efficient Supplier Management: The company maintains an updated status of all suppliers, enabling swift action against non-compliant suppliers.
By working closely with the client and NAVEX, we delivered a solution that not only met but exceeded expectations in terms of efficiency and effectiveness.
Conclusion
This case study exemplifies the effective use of automation in managing supplier compliance and risk in a large biomedical company. The company significantly improved its compliance monitoring process by leveraging Workato for seamless integration between Coupa and NAVEX, ensuring a proactive approach to supplier risk management. Overall company risk was reduced, and organizational efficiency increased through this automation.
