Manual of Risk Management for the Procurement Process
Colombia Compra Eficiente presents this Risk Management Manual for
the Contract Process aimed at the participants of the procurement and public procurement system. Article 4 of Law 1150 of 2007 establishes that the State Entity must "include the estimation, classification and assignment of the foreseeable risks involved in contracting" in the specifications or their equivalent. Decree Law 4170 of 2011 establishes, within the objective of Colombia Compra Eficiente, to optimize public resources in the system of procurement and public procurement for which the management of risk in the system and not only the risk of the economic equilibrium of the contract is indispensable. This was understood by the National Government when assigning in the functions of the Business Branch of Colombia Compra Eficiente the "design and propose policies and tools for the adequate identification of risks of public cooperation and its coverage ", without limiting this function to risk derived from the economic equilibrium of the contracts, a risk that is limited to the execution thereof . Decree 1082 of 2015 defines Risk as an event that can generate adverse effects of varying magnitude in the achievement of the objectives of the Procurement Process or in the execution of a contract. Also, Decree 1082 establishes that the State Entity must evaluate the Risk that the Procurement Process represents for the fulfillment of its goals and objectives, in accordance with the manuals and guides issued by Colombia Purchase Efficient. Risk in the Hiring Process The State Entities to reduce the exposure of the Hiring Process to the different Risks that may arise, must structure a Risk management system taking into account, among others, the following aspects: (a) the events that prevent the awarding and signing of the contract as a result of the Procurement Process; (b) events that alter the execution of the contract; (c) the economic equilibrium of the contract; (d) the effectiveness of the Procurement Process, that is, that the State Entity can satisfy the need that motivated the Procurement Process; and (e) the reputation and legitimacy of the State Entity responsible for providing the good or service. An adequate management of the Risk allows the State Entities: (i) to provide a higher level of certainty and knowledge for the decision making related to the Contracting Process; (ii) improve the contingency planning of the Contracting Process; (iii) increase the degree of trust between the parties to the Procurement Process; and (iv) reduce the possibility of litigation; among others. Structure of Risk Management Risk management is the set of processes aimed at protecting the State Entity from the events in the Procurement Process. Risk management allows reducing the probability of occurrence of the event and its impact on the Procurement Process . Colombia Compra Eficiente proposes to manage the Risks of the Procurement Process following the steps listed below: 1. Establish the context in which the Procurement Process is carried out. 2. Identify and classify the Risks of the Contracting Process. 3. Evaluate and qualify the Risks. 4. Assign and deal with the Risks. 5. Monitor and review the management of the risks. Colombia Compra Eficiente recommends that the State Entities prepare the matrix in Table 1 that includes all the Risks identified in the Hiring Process, establishing their classification, the estimated probability of occurrence, their impact, the part that the Risk must assume, the treatments that can be made and the characteristics of the most appropriate monitoring to manage it, as shown below:
The following is a step-by-step description of the methodology that Colombia Compra
Eficiente presents to the State Entities in compliance with the provisions of article 2.2.1.2.5.2 of Decree 1082 of 2015. Set the context The starting point is to identify the context in which the State Entity interacts to know the social, economic and political environment, and identify (i) its own Risks; (ii) the Risks common to their Contracting Processes; and (iii) the Risks of the Procurement Process in particular. In this step, the State Entity must identify the aspects mentioned below and the possible adverse effects that these may generate. The object of the Contracting Process. Participants in the Procurement Process. The citizens who benefit from the Procurement Process. The sufficiency of the official budget of the Procurement Process. The geographical and access conditions of the place in which the purpose of the Procurement Process must be met. The capacity of the State Entity understood as the availability of resources and knowledge for the Contracting Process. The socio- environmental environment. The political conditions. The environmental factors. The sector of the object of the Procurement Process and its market. The regulations applicable to the purpose of the Procurement Process. Own experience and of other State Entities in Contracting Processes of the same type. Identify and classify Risks Once the context is established, the State Entity must identify and include in the proposed matrix the Risks of the Procurement Process. This identification of the risks can also start from sources such as strategic plans, action plans, performance reports, budgets, risks identified by other state entities, brainstorming, panels of experts when the complexity of the contracting process demands it , SWOT analysis (Weaknesses, Opportunities, Strengths and Threats), surveys and questionnaires. In this step, the State Entity must have the personnel responsible for the Contracting Process, and the personnel with the appropriate knowledge for the administration of the Risk. Once the Risks of the Hiring Process have been identified, the State Entity must classify them according to their class, their source, the stage of the Hiring Process in which the Risk is found, and its Type . Evaluate and qualify the Risks Once the steps referred to in numerals 1 and 2 above have been met, the State Entity must evaluate each of the identified Risks, establishing the impact of these against the achievement of the objectives of the Procurement Process and its probability of occurrence. . The purpose of this evaluation is to assign each Risk a rating in terms of impact and probability, which allows establishing the assessment of the identified Risks and the actions that must be carried out. To estimate the impact and probability of occurrence of an event that negatively affects the Contracting Process, it is suggested to consider sources of information such as: Previous records of the occurrence of the event in the Procurement Process themselves and of other State Entities. Relevant own experience and of other State Entities. Practices and experience of the industry or sector in the management of the identified risk. Publications or news about the occurrence of identified Risk. Opinions and judgments of specialists and experts. Technical studies.
Assignment and treatment of Risks
Once the assessment and qualification of each of the Risks associated with the Procurement Process has been carried out , the State Entity must establish a set of priorities to decide. The State Entity must select the appropriate option taking into account the cost and benefit of any of the actions identified for the treatment of the Risk . In most cases a combination of options allows the best result . Generally, the measures to deal with the Risks are actions or specific activities to respond to the events, for which it is suggested to prepare a treatment plan to document how each of the Risks is faced, including actions, schedules, resources (personnel, information) and budget, responsibilities, reporting and reporting needs and monitoring . The most important task of risk management is the implementation of the treatment plan, which requires attention, ensuring the resources it requires and timely compliance with the tasks envisaged in this plan. The matrix must contain the basic information on the treatment of the risks. Monitor Risks The State Entity must perform a constant monitoring of the Risks of the Contracting Process as the circumstances change rapidly and the Risks are not static. The matrix and the treatment plan must be constantly reviewed and reviewed if it is necessary to make adjustments to the treatment plan according to the circumstances. This monitoring must: (a) Ensure that controls are effective and efficient in design and operation. (b) Obtain additional information to improve the risk assessment. (c) Analyze and learn lessons from events, changes, trends, successes and failures. (d) Detect changes in the external and internal context that may require review of the treatments of the Risk and establish an order of priorities of actions for the treatment of the Risk. (e) Identify new Risks that may arise Finally, the State Entity must monitor the Risks and review the effectiveness and performance of the tools implemented for its management. For which, it must: (i) assign responsible persons; (ii) set start and end dates of the required activities; (iii) indicate the form of follow-up (surveys, quality random sampling, or others); (iv) define the review periodicity; and (v) document monitoring activities. CYBERGRAFIA https://www.colombiacompra.gov.co/sites/cce_public/files/cce_documents/manual_cobertu ra_riesgo_r.pdf