1 / 30

Supplier evaluation criteria

Supplier evaluation criteria. Information for Suppliers. Tomas Larsson. 2018-03-20. Supplier evaluation criteria. The criteria are used to evaluate Ericsson suppliers The evaluation can be done through self-assessment and on-site audit, see next page for a short description of the process

rubyr
Télécharger la présentation

Supplier evaluation criteria

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Supplier evaluation criteria Information for Suppliers Tomas Larsson 2018-03-20

  2. Supplier evaluation criteria • The criteria are used to evaluate Ericsson suppliers • The evaluation can be done through self-assessment and on-site audit, see next page for a short description of the process • The criteria are divided in two groups: • General Criteria, applicable to all suppliers • Specific Criteria, applicable depending on what type of products or services provided to Ericsson

  3. Supplier evaluation process Category & Supplier Strategies Supplier Self Assessment On-site Contract Compliance Audit Decision for Supplier Management Corrective Action Plan (CAP) Assignment Audit Planning Audit Audit closing meeting & Preliminary Report Final Report Accepted CAP and Audit Closure

  4. General criteria These criteria are applicable to all Ericsson suppliers

  5. Financial information Summary of the criteria • Financial information provides an overview of the supplier’s financial status and the trends. The Financial Model includes information regarding the income statement, the balance sheet and the cash flow for a supplier. A number of ratios is also included as well as a complementary DuPont scheme. The financial information needs to be analyzed in depth taking different factors into consideration as e.g. type of ownership, type of business it operates within, country etc. Why do we have this criteria? • To ensure that Ericsson’s suppliers are financially healthy, i.e. to secure that the supplier is stable, solvent, liquid, and profitable enough, to qualify as a supplier to Ericsson and does not impact Ericsson’s supplier-related business risk.

  6. 1. Company management Summary of the criteria • Company Management provides a overview of the supplier and the trends in key areas enabling quick assessment of the potential risks related to churn, relevance, stability, executive strength and expertise. • Staffing – Composition • Board of Directors – Composition and Governance practices • Telecom, operational and relevant industry experience • Change in management – Executive and trend +-, turnover why? • Companies time in business – Stability • Ownership structure – Public, private, transparency • Conflict of Interests Why do we have this criteria? • To ensure Ericsson and its principal suppliers comply with all obligations and responsibilities such as: • Statutory law • Standards and Regulations • Customer Requirements • Ericsson’s own internal controls

  7. 2. Trade compliance Summary of the criteria • C-TPAT or/and AEO (or similar) knowledge • Knowledgeable about US and Local Export rules • Check subcontractor and personnel if they exist on a Sanctions party list • Provide needed product data on request. • HST (Harmonized system Tariff) • CoO (Country of Origin (Made in) • Preferential origin when applicable • ECCN (Export control classification number) • Information of Encryption in product (incl. max bit-length) (both used and passive) • CCATS (commodity Classification Automated Tracking System) or ERN (Export registration Number) Why do we have this criteria? • To ensure Ericsson suppliers are aware of, and comply with all requirements specified by: • Ericsson • US Export authorities • Local export authorities. • Awareness and compliance with all requirements will benefit our suppliers and reduce Ericsson’s supplier-related business risk.

  8. 3. Intellectual property rights Summary of the criteria • The following questions should be answered in order to ensure IPR risk management in the sourcing process. • How many patents does your company hold? • How many new patents does your company apply for every year? • Does your company have any specific IPR strategy including how to best utilize your IPR? • Is your company involved in any IPR related lawsuits? • If so: how many? • How many of these were initiated by your company? • Can you ensure exploitation rights for onward distribution when products are developed by a third party including other open source software? • Do you offer products to your customer(s) where you do not include unlimited indemnification for IPR infringement claims from third parties Why do we have this criteria? • To ensure and understand Ericsson suppliers’ strengths and weaknesses regarding IPRs and any potential IPR issues.

  9. 4. Business Continuity Management Summary of the criteria • The supplier shall have a Business Continuity Management system in place and communicated to relevant stakeholders. BCP covers the entire business including: • Supply chain • Services • Production facilities • IS/IT • Customer products • Risk assessment and Business Impact analysis is continuously performed in a systematic way and risks are proactively mitigated. • There is also a formal, clearly defined and trained Crisis Management Team in place. • Plans are regularly tested continuously improved upon. • All sub-suppliers need to work with BCM. The escalation process to customers is clearly defined. Why do we have this criteria? • Business Continuity Management (BCM) assures Ericsson suppliers’ ability to meet delivery requirements in spite of crisis.

  10. 5. Code of Conduct Summary of the criteria • Ericsson’s Code of Conduct includes requirements related to: • Human rights • Freedom of association • Forced labour avoidance • Fair employment conditions • Working hours • Corporal and financial punishment • Child labour avoidance • Elimination of discrimination • Fair working conditions • Information and training • Environment and anti-corruption. Why do we have this criteria? • To ensure Ericsson suppliers are aware of, and comply with all requirements specified in Ericsson’s Code of Conduct. Supplier awareness and compliance of the requirements benefit our suppliers’ employees, the environment and society at large, and reduces Ericsson’s supplier-related business risk.

  11. 6. Occupational Health and Safety Summary of the criteria • Ericsson’s OHS requirements include: • OHS governance • Incident reporting and investigation • Safety planning • Sub-contractor management • Training and competence • 11 operational standards: • Chemical handling • Climbing and working at heights • Construction and civil work management • Driver and vehicle safety • Noise • Exposure to radio frequency electromagnetic fields • Fire prevention • Lone working • Manual handling, personal protective equipment and Working with electricity. Why do we have this criteria? • To ensure Ericsson suppliers are aware of, and comply with all applicable Occupational Health & Safety (OHS) requirements specified in Ericsson’s General and Specific OHS requirements, and in all applicable requirements in the 11 Operational OHS Standards. Supplier awareness and compliance of the requirements benefit our suppliers’ employees, and reduces Ericsson’s supplier-related business risk.

  12. 7. Environmental Summary of the criteria • Ericsson’s Supplier Environmental Requirements include: • Environmental management involving policy, objectives, action plans, law lists, competence and training • Design for environment & manufacturing • Product information • Transport • Compliance with the lists of Banned and Restricted Substances Why do we have this criteria? • To ensure Ericsson suppliers are aware of, and comply with all requirements specified in Ericsson’s Supplier Environmental Requirements. Supplier awareness and compliance of the requirements benefit our suppliers’ employees, the environment and society at large, and reduces Ericsson’s supplier-related business risk.

  13. 8. Quality Management System Summary of the criteria • The supplier must demonstrate that their Quality Management System is in good condition, providing evidence of effective implementation. Why do we have this criteria? • A well-defined and implemented Quality Management System is vital for a company’s ability to meet customer, owner as well as statutory and regulatory requirements. Ericsson requires its suppliers to have a Quality Management System. Preferably certified according to ISO 9001:2015 or similar.

  14. 9. Sourcing Summary of the criteria • Sourcing provides an overview of the supplier and the trends in key areas enabling a quick assessment of the potential risks related to the ability of the supplier to effectively manage and control their supply chain. • It enables obtaining new material and services, or replacing a current supplier. • Ericsson suppliers have a well defined and fully implemented process for supplier evaluation and supplier selection – with clear roles and responsibilities, and appropriate measurements fully implemented. • The supplier of Ericsson has a well-defined and fully implemented process with appropriate measurements of supplier performance. Why do we have this criteria? • To ensure Ericsson and its principal suppliers comply, manage and control their supply chain.

  15. 10. Security Summary of the criteria • All suppliers should be evaluated from an information security perspective and their ability to handle Ericsson assets in a trustworthy way. • This criteria evaluates the existence of a structured security framework. Why do we have this criteria? • To ensure a well-defined and fully implemented Security Management with clearly defined roles and responsibilities for the supplier.

  16. 11. Claims Summary of the criteria • Supplier should comply with all areas of the Claim Handling process, including efficient implementation of the claim process in terms of: • Customer communication • Determining the requirements for products and services • Review the requirements for the claim process Why do we have this criteria? • To ensure a well-defined and fully implemented Claim Handling process with clearly highlighted roles and responsibilities, including managing claims from our end customers.

  17. Specific criteria These criteria are applicable depending on what service or product the supplier provides to Ericsson

  18. A. Product – Ericsson Product Criteria Summary of the criteria • The document handling procedure covers accessing and controlling the product criteria related document. • The Ericsson product documentation system is well understood. Why do we have this criteria? • To know how Ericsson product related criteria are managed since it is key inputs to the production.

  19. A. Product – Design Summary of the criteria • Ericsson suppliers need to have the following design competence: • Proven methodology, including well-defined milestones • Prior track record proving required experience and competence Why do we have this criteria? • Suppliers need to have a systematic and documented design process to avoid delays in projects and deliveries

  20. A. Product – Development accuracy Summary of the criteria • The Development Accuracy Time corresponds to the Key Criteria for Lead-Time and Delivery Precision applicable for products comprised by our agreements. • The Development Accuracy Time is secured through different activities and prerequisites. Some of these prerequisites are part of other criteria, such as Quality Management System, Product Quality Assurance. Why do we have this criteria? • To assure that Ericsson’s product target “Time To Market” could be accomplished, as this is one of the most important key success factors for Ericsson and to verify the supplier’s ability to meet the design organizations demands, mainly in terms of time plan and technical specifications.

  21. A. Product – Time to Technology position Summary of the criteria • The supplier must be able to show when they will have new technology available • Proven track record of technology development time predictability. Are prerequisites for successful, on-time, technology development secured? E.g. competence acquired & necessary investments made. Why do we have this criteria? • To verify that supplier’s technology roadmap planning is corresponding to Ericsson development plans

  22. A. Product – Support and maintenance Summary of the criteria • Ability to provide support and maintenance on designed products for the planned lifetime of the product, i.e. beyond LTB and including support during analysis of problems in field. Why do we have this criteria? • Ericsson needs to maintain high quality product throughout Ericsson’s product lifetime, incl. beyond Last Time Buy (LTB).

  23. A. Product – Quality Summary of the criteria • The purpose of Product Quality Assurance is to ensure that suppliers take a systematic approach in order to identify potential problems before they occur, taking actions to reduce risks to a minimum. • Suppliers must understand the process and increase yield and lower cost. • Suppliers must ensure that no non-conforming products are shipped to Ericsson. • A PQA process (SQAP or equivalent) shall be applied under NPI, TTC and TPI phase. • Product Area documentation (HWDP). Why do we have this criteria? • To know how suppliers approach product quality

  24. A. Product – Marking Summary of the criteria • The marking process shall be defined, documented, understood and implemented to fulfil the requirements for being able to mark products according to, when manufacturing and delivering Ericsson products. Product and packing marking can be read both manually and by machine with high quality. Why do we have this criteria? • To understand how the marking process is corresponding to Ericsson requirements

  25. A. Product – Traceability Summary of the criteria • The traceability process is defined, documented, understood and implemented to fulfil the requirements for a traceability system, when manufacturing and delivering Ericsson products. Traceability data is sent in time (i.e. at latest at time of delivery). Why do we have this criteria? • Traceability of processes and products is an important aspect of production.

  26. B. Production Summary of the criteria • The following elements should be in place in order to ensure smooth production: • Production process • Measurement and traceability • Calibration and maintenance • Product/production conditions • Certification of operators • Production plant management Why do we have this criteria? • To ensure production processes are well defined, documented, understood and implemented to fulfil product criteria. • Suppliers should be in control of the production process and should have a continuous improvement program and use comprehensive analysis methods

  27. C. Supply Summary of the criteria • The following elements should be in place in order to ensure smooth and effective production: • Forecasting and planning, phase in, phase out and after sales support • Order management • Material planning – call off • Production planning – delivery performance • Warehouse condition – product quality • Warehousing – material handling • After sales support Why do we have this criteria? • To ensure Ericsson suppliers provide a capability in the supply chain that meets Ericsson’s requirements

  28. D. Software Summary of the criteria • To secure Ericsson need and rights of licensing and sub-licensing the purchased SW, including internal handling. • To secure effective handling of SW locks from supplier, since dual locks will generate a massive work-load for SW Supply. • To secure that we do not make any license violations due unknown embedded SW from 3rd party into the suppliers SW Why do we have this criteria? • To minimize Ericsson risk exposes when licensing third party commercial SW (embedded, stand alone and internal use). Re-work in progress

  29. F. Information Security and Privacy Summary of the criteria • High-level evaluation of suppliers readiness to comply to Baseline Information Security and Privacy Requirements, BISPRS: • Information security policy • Organization of information security • Human resource security • Asset management • Access control • Cryptography • Physical and environmental security • Operations security • Communication security • System accusation, development and maintenance • Supplier relationship • Information security incident management • Information security aspects of Business Continuity Management • Compliance • Privacy Why do we have this criteria? • To ensure effective Information Security Risk Management when entrusting Ericsson owned information, or information owned by our customers, to a supplier.

More Related