BG Bukhatir GroupProcurement Portal
🛡️ Risk & Controls · P-POL-016

Risk Management in Procurement

Procurement risk assessment, mitigation and residual-risk sign-off as an input to supplier and award decisions.

⬇ Download .docx ← All policies 🔄 P2P Flow

Group Policy & Procedure

Document No.

P-POL-016

Group Supply Chain

Ver. No. | Rev Date

0.4 | 08 APR 2026

Title: Risk Management in Procurement

Effective Date

08 April 2026

BUKHATIR GROUP

Strength through Diversity

Group Policy and Procedure

Group Supply Chain (GSC)

Risk Management in Procurement

Assessment, Mitigation & Register

Document No: P-POL-016

Copyright © 2026 Bukhatir Group

Revision Control

This document is issued under the authority of Bukhatir Group and applies when carrying out the activities described. Revisions may be issued as necessary under the authority of the Group Head of Procurement. Revision history is recorded below with every revised policy.

Revision History

Ver. No.

Effective Date

Description

02

September 2016

Original Procurement Policy

0.3

March 2026

Procurement Policy – Risk Management in Procurement

0.4

08 April 2026

Redesign, content modernization & flowcharts – Risk Management in Procurement

Revision Sign-Off

Approving Committee

Name

Signature

Endorsed by — Group Head of Supply Chain

Mohamad Koussa

Reviewed by — BIIL CEO

Mr. Ayman Ismail

Reviewed by — Group Chief Financial Officer

Mohamad Adnaan Sait

Approved by — Group Vice Chairman & Group CEO

Mr. Salah Bukhatir

Distribution List

#

Departments

1

Business Unit Procurement Departments

2

Group Supply Chain (GSC)

3

Finance, Legal, Compliance, Internal Audit

4

Business Unit Management

1. Purpose

This policy establishes a structured approach to identifying, assessing, treating and monitoring risk across procurement and supply chain activities.

2. Scope

Applies to all sourcing events, supplier relationships, contracts and supply chain operations across the Group.

3. Risk Categories

Category

Examples

Supply

Single-source dependency, supplier insolvency, capacity shortfall

Demand

Forecast volatility, project cancellations

Price

Commodity volatility, FX exposure, inflation

Quality

Defects, recalls, non-conformance

Compliance

Sanctions, anti-bribery, labour law, data protection

Geopolitical

Border closures, sanctions, trade restrictions

Cyber

Supplier breach, ransomware affecting ERP integrations

ESG

Climate, human rights, environmental incidents

4. Risk Assessment

A documented risk assessment is required for all orders and contracts above AED 500,000. The assessment rates likelihood (1–5) and impact (1–5). The resulting risk score drives mitigation requirements. BU Procurement shall share signed risk assessment forms with GSC in a timely manner.

5. Mitigation Strategies

  • Dual-sourcing or multi-sourcing for critical categories.
  • Safety stock and buffer inventory for high-risk items.
  • Long-term framework agreements with price escalation clauses.
  • Performance bonds, parent company guarantees, advance payment guarantees.
  • Business continuity clauses and supplier BCM plans for Tier 1.
  • Cyber due diligence for all suppliers handling Group data.

6. Risk Register

GSC maintains a Procurement Risk Register, reviewed monthly and escalated to the GSC–BU Steering Committee quarterly.

7. Reference Form

Form F-RSK-01 — Procurement Risk Assessment Form.

8. Definitions & Acronyms

Acronym / Term

Definition

AED

United Arab Emirates Dirham

BU

Business Unit

DOA

Delegation of Authority

GSC

Group Supply Chain

KPI

Key Performance Indicator

Oracle

Enterprise Resource Planning System

TCO

Total Cost of Ownership