• Editorial Board +
• For Contributors +
• Journal Search +
Journal Search Engine
ISSN : 1598-7248 (Print)
ISSN : 2234-6473 (Online)
Industrial Engineering & Management Systems Vol.17 No.4 pp.730-744
DOI : https://doi.org/10.7232/iems.2018.17.4.730

# An Empirical Procurement Risk Management Framework in Supply Chain Networks:A Hybrid Approach

Shara Aghajanian
Department of Economics and Management, Islamic Azad University, Science & Research Branch, Tehran, Iran
* Corresponding Author, E-mail: shara.aghajanian@yahoo.com
May 17, 2018 November 20, 2018 December 3, 2018

## ABSTRACT

The review of the related literature pointed to a significant gap in procurement risk management area, and this paper tried to identify and fill this gap in order to develop a new risk model, and improve the literature review. A hybrid procurement risk management model based on four main stages namely pre-identification, identification, assessment and mitigation is proposed. For pre-identification stage, the literature was deeply reviewed to categorize it into supplyside, buyer-supplier side and demand-side risks as well as to collect and categorize the identified risks in procurement literature. Delphi method and a comprehensive literature review were employed for the identification stage. The explanatory and confirmatory factor analyses were used to build and rank the risk factors and its multi-dimensional consequences for the assessment stage. Delphi and ANP-fuzzy TOPSIS method were used to gather and prioritize the sets of solutions for the mitigation strategy. An effective model for the procurement risks in supply chain was developed in order to help gathering more comprehensive risks as well, to better understand and analyze the cause and consequences of the procurement risks to drive better mitigation solutions. This paper has proposed a supply chain network context as a holistic view for the procurement risk management. Therefore, a hybrid procurement risk management model was proposed. By the comprehensive literature review a pre-identification step was proposed to improve risk identification stage and a multi-dimensional risk assessment model, considering risk intricacies, circumstances of the case and causes and consequences of the risks.

## 1. INTRODUCTION

Some studies have attempted to formulate a framework for managing demand-side risk. Mandal (2012) in a study contributed the literature by identifying factors like customer dependence, supplier dependence, sourcing strategies, trust towards supplier, trust towards customers, relationship quality with suppliers, relationship quality with customers and information sharing with suppliers as important predictors of demand-side risk.

Although SCRM topic has been worked by many researchers in the past years in academia, there is still a lack of work and a research gap on this subject matter. Empirical research works in the area of SCRM, identifying and considering the main supply chain risks and developing instruments for an effective SCRM are still required to enhance the efficiency of current models.

## 2. LITERATURE REVIEW

### 2.1 Supply Chain Risk Management Methods

Modelling approaches for SCRM can be categorized into: (1) qualitative models, (2) quantitative models, and (3) hybrid models which include both qualitative and quantitativetechniques. Due to the uncertainty and the lack of risk data, hybrid modelling techniques can be regarded as effective to be used for risk analysis, assessment, and the development of proper mitigation strategies. Questionnaires, Delphi method and analytic hierarchy process (AHP) (Schoenherr et al., 2008); fuzzy logic (Mure and Demichela, 2009;Buchmeister et al., 2006); fuzzy- AHP (Wang et al., 2012), decision tree analysis (DTA) (Jacinto and Silva, 2010), and cluster analysis (Pavlou and Manthou, 2008) have been the most common tools utilized for the hybrid modelling of risks in supply chains. Smallman (1996) declared that modern risk management should incorporate scenario planning and the use of expert panels and Delphi studies, along with the prediction through statistically based forecasting methods. This research method has revealed the advantages of a CFA over an exploratory Principal Component Analysis (PCA) in the context of risk management in supply chains (Alexandru, 2014). Identifying stage is explanatory and assessment stage is confirmatory. Hence, Delphi method and Structural Equation Modelling (SEM) are empirically well method for risk management. Also, SEM methods could summarize the large amount of data that derives from risk identification stage by Delphi method. In addition, every risk has its specific causes and consequences that are the key elements to assess and mitigate the risks. SEM is a well practical model to take account of all this dependency and factors. It can be properly fitted to both operational and strategical risks. Operational research models can perform well at the strategic level, and simulation models like petrinet are performing well at the operational level risks (Tuncel and Alpan, 2010). However, these models have shed lights on many decision making variables and have enabled the researchers to derive lot of information by simulating the real worlds, they have demonstrated some weaknesses in dependent factors of risk, including the circumstances of the case, calculating and ranking the causes and consequences by using the expert judgments. Risk assessment and prioritization in literature have been mostly done by FMEA and MCDM methods. Although SEM models in addition to ranking the risks by their consequences, can improve DM process by ranking the consequences or their related causes, considering the interconnections between the risks and circumstances of the industry.

### 2.2. Risk Divisions of Supply Chain Network

Having considered a Supply Chain Network (SCN) with four main nodes (supplier, manufacturer, wholesaler and retailer), the procurement could happen between every two consecutive nodes of this SCN. The SCRM literature was divided into three types: supply-side risks, buyer-supplier risks and demand-side risks that procurement risk should be naturally happen at the demand-side. In order to describe the demand-side risks’ causes just for procuring activities, it will be possible to consider these two concepts as the same. Although, the demand-side activities could also cause other kinds of risks that can potentially have effects on the procurement activities. Therefore, it will be better to consider the procurement risk as a subset of demand-side risks (Figure 1). Figure 1 shows the interaction between SCN nodes, the circumstances of the case and how these concepts of literature have been related to each other. Studying the procurement risks considering these relations will help the practitioners to better identify procurement risks, and also, they can provide better solutions to mitigate the risks. The literature has been divided regarding these concepts and finally, by the comprehensive literature review a pre-identification stage has been proposed. And, more holistic procurement risks have been identified through this process.

#### 2.2.1. Supply-side Risks

Many of procurement risks’ causes could be linked to supply-side risks. Supply risk in this area may result from various sources, including physical damage to the production facilities, natural disasters, strikes and labor disputes, capacity issues, inventory problems, incorrect forecasts, parts/service outsourcing, third party logistics, or random yield in production processes and delays (He, 2013;Chopra and Sodhi, 2004). Increased supply risk usually leads to the increased quantity/stocking decision. However, there exists a threshold level of supply risk above which the firm decreases the quantity/stocking amount as the supply risk increases (He, 2013). One of the procurement risks that have been originated in supplyside risks is supplier dependence. This has been conceptualized as the extent to which a firm procures raw materials or any inputs from a supplier or suppliers; the inputs are such that there exist few alternative sources in the market (Hallikas et al., 2005), which supplier holds considerable power in the market, and the concerned customer has very limited choices to switch (Bourantas, 1989). Other Effective factor could be supplier concentration, single sourcing, global sourcing, trust towards suppliers, relationship quality with suppliers, and information sharing with suppliers. A model has been developed for the upstream supply chain risk management linking risk identification, risk assessment and risk mitigation to risk performance and validate the model empirically (Kern et al., 2012). Generally, understanding the supply risks can enable purchasing organizations to take effective action in response to those risks. Therefore, supply-side risk identification and assessment could improve the demand-side risk management (Zsidisin et al., 2000).

The risk of communication between buyer and supplier has been mostly investigated and it is one of concerns in PRM. In addition, the SEM method is frequently used at this part.Researchers considered buyer-supplier interactions, tested the impact of supply management on the suppliers’ operational performance and buyers’ competitive priorities (Shin et al., 2000). Some of the factors on the buyersupplier partnership like the effect of supplier trusts have been examined; the operational model was designed by using the partial least square (PLS) algorithm’s path analytic capabilities to test the conceptual model’s overall pattern. Johnston et al. (2004) have examined whether certain buyer behavior could be linked to the supplier’s level of trust. Considering the effect of the cultural dimension of individualism, face-to-face communication, and the impact of relational norms like supplier involvement and trust on the market performance of a buyer firms by employing a variance- based technique for SEM based on the technique of nonlinear PLS regression model has been represented (Ketkar et al., 2012). Some others examined the sets of hypothesis for testing differences and similarities of buyers and suppliers’ perceptions by Confirmatory Factor Analysis (CFA) (Oosterhuis et al., 2013). (Srinivasan et al., 2011) declared that since the supply-demand coordination is crucial for efficient SCM, the importance of supply-side risk and demand-side risk has been underscored (Srinivasan et al., 2011). A model captures supply-side risk as well as demand-side risk, along with the exchange rate risk and social risk. This model also relates the individual attitudes to the disruption risk among the manufacturers and retailers, with the demand for random product associated with the retailers (Cruz, 2013). Furthermore, it has been declared that the relationship between the partnership quality and Supply Chain Performance (SCP) may not be identical in all conditions. Some researchers have stated that the relationship between different partnership dimensions of the exchange partners and subsequent performance may depend on the other factors (Krishnan et al., 2006), and an environment fraught with higher levels of uncertainty will weaken the quality of partnership and SCP relationship.

SEM has been mostly used in buyer-supplier risk with the concept of buyer-supplier partnership, interactions, behavior and so on. However, considering the comprehensive literature review, it has been regarded for conceptualizing a risk assessment model for the first time.

#### 2.2.3. Demand-Side Risks

Though, studies have been instrumental in defining and conceptualizing demand-side risk (Wagner and Bode, 2008), some researchers attempted to formulate a framework for managing demand-side risk through theoretical underpinnings from the resource based view and relational capital theory (Mandal, 2012). Johnson (2001) has defined demand-side risk as any risk that is attached to the outbound logistics flows and product demand which can be caused either by the disruptions in in-bound logistic operations or due to several other contributing factors like seasonality, volatility of fads, new product adoptions or short product life cycles. Since the importance of demand- side risk management could not be undermined in the sense that unless there issome demand; the entire supply chain operations would cease to exist. Therefore, demand-side risk management can be regarded as the core of the SCM (Jüttner et al., 2003;Wagner and Bode, 2006). Recently, there has been an increase in market competition and improved technology leading to innovative products in every category. All this has led to the high dynamism in the tastes and preferences of the consumers. Therefore, forecasting the exact demand has been extremely hard to come by. Demand volatility in the supplier’s network has a vital role in affecting the forecast quality along with the demand-side disruptions. The phenomenon of amplifying demand related information along the supply chain has been known as the bullwhip effect (Lee et al., 2004). This made arising problems from poor coordination across the entire supply chain. All these have had their own costs in terms of shortages, obsolescence and inefficient capacity utilization (Wagner and Bode, 2008).

#### 2.2.4. Procurement Risks

Procurement is very often performed within uncertain supply environments, which can include, among others, uncertain customer demand, fluctuation of input material price, unavailability of supply and uncertain lead time (Shi et al., 2011). Supply Chain Risk Management (SCRM) especially for PRM, as a section of demand-side risk management, has been one of the most crucial issues in SCM. If a risk that is usually multi-dimensional, by the concept of having multiple consequences occur at the primitive node between buyer and supplier it would be proliferated and amplified throughout the entire SCN and therefore, it would reveal the phenomenon of the “snowball effect” (Świerczek, 2014). Risks are often interconnected, which results in the exacerbation of some risks when the mitigation strategies of other risks are performed. Traditional risk management plans may fail because of not considering the relationships between risks and also not being thorough (Aqlan and Lam, 2015). In the context of PRM, a decision support systemhas been presented to model procurement risk that has been just a trade-off between risk and profit (Hong and Lee, 2013). A mathematical model and even software has been developed and implemented to measure and manage the procurement risks at HP Company. They also depicted that over the past six years, HP has realized more than \$425 million in cumulative cost savings using the PRM approach (Nagali et al., 2008). Some of the integrated procurement approach are long-term contracts, option contracts and spot procurement (Shi et al., 2011;Lee et al., 2013). The current investigation attempted to propose a pre-identification approach, a multi-dimensional risk assessment model and a mitigation strategy by considering a comprehensive literature review. With this background, the present study embarked on a journey of conceptualizing a framework model for the PRM. This framework would help in developing more practical conceptual models by the advantages of the interconnections in the related risks, prioritizing the risk factors and its Multidimensional cause and consequences, considering the circumstances of the industry and the power of SEM to make better solutions to mitigate the severity of the risks at the risk management process.

### 2.3. Procurement Risk Factors and Drivers

The initial procurement risk factors that have been derived from the literature were about the communication limits, and evaluation of the potential partners (Olson and Wu, 2011;Spekman and Davis, 2004), technological changes (Ojala and Hallikas, 2006;Nagurney et al., 2005), information technology (IT) (Ellram and Zsidisin, 2002;Carr and Smeltzer, 2002;Trkman and McCormack, 2010), international transportation and transportation risk (Yang et al., 2005; McKinnon, 2006), cultural differences (Sodhi and Lee, 2007), contextual supply risks including political instability, volatile labor markets, disruptive changes and inadequate performance of the supply chain (Zsidisin et al., 2004) and regulatory and distribution restrictiveness (Conway et al., 2006;Dihel and Shepherd, 2007).

In demand-side risks as well as procurement risk, many factors have been bringing uncertainty, potentially damages and variations to the goals of SCN. The procurement risk factors would be affected under some circumstances like supplier dependence, customer dependence, supplier concentration, single sourcing, global sourcing, trust towards customers, trust towards suppliers, relationship quality with suppliers, relationship quality with the customers, and information sharing with suppliers (Mandal, 2012). The circumstances of every case must be included in risk identification stage (Mandal, 2012). The gap of studying still exists to identify the procurement risks comprehensively. There is a lack of studying in the literature about the integrated and systematic risk management approach (Fung et al., 2010), starting from identifying the procurement risk of an organization to set strategies to mitigate them (Hallikas et al., 2004). In this paper, a hybrid PRM framework by a modified Delphi approach at identification stage and an SEM model with nine procurement risk factors and 33 finalized consequences for assessment stage has been proposed. The severity of risks would be measured by rating the multi-dimensional consequences. This framework model has been a struggle to let the DMs perceive the severity of the procurement risks to improve the PRM. Furthermore, by using the advantages of the prioritized risk consequences and circumstances of the case a set of treatment solutions have been ranked to mitigate the severity of the procurement risks.

## 3. PROPOSED METHOD

A typical risk management process of an enterprise may be presented by the following four sequential steps.

• Risk identification,

• Risk assessment,

• Decision and implementation of risk management actions,

• Risk monitoring.

In this study, the risk management stages except the risk monitoring stage have been used in order to explain the framework of the paper. Figure 2 shows the proposed approach framework of PRM that has been used in this paper. This approach has been classified into risk management stages that can be used in representing the method and revealing the results of the paper.

### 3.1. Risk Identification

A pre-risk identification has been proposed in this paper in order to improve the procurement risk identification stage (Table 1 and Figure 1). This stage would help the practitioners to review, analyze and categorize all the potential procurement risks in the literature, and match them with the circumstances of their case. In this study, all these potential problems have been gathered by considering a deep literature review. It was found to be more practical to think about the procurement risks by dividing them to three concepts as discussed in the literature (supply-side, demand-side and buyer-supplier relationship). As Figure 1 shows, by considering the interaction between the risks and circumstances of the case, more clear understanding of the risk causes and consequences can be provided. Therefore, at pre-risk identification, first, potential procurement problems should be investigated. Second, these potential problems should be categorized as shown in Figure 1. By emphasizing on this stage, better identification, assessment and treatment solutions have been provided.Risk identification is a fundamental phase of the risk management practice. In order to recognize the risks, a decision-maker or a group of decision-makers should be aware of the events or phenomena that result in uncertainty. The goal of risk identification is identifying future uncertainties to manage these scenarios proactively (Hallikas et al., 2004). According to the comprehensive literature review in PRM, a structural pre-identification stage (Table 1 and Figure 1) has been proposed to improve the risk identification process. Table 1 was used to drive potential risks, and Figure 1 was used to categorize the risks. At last,a Delphi method was applied on the identification step to gather initial risk factors andtheir related consequences according to the circumstances of the case. The Delphi method has been proven to be an efficient survey method when only a limited amount of data on a topic is available (Rowe et al., 1991;Linstone and Turoff, 2011).

### 3.2. Risk assessment

Risk assessment has been used to recognize the potential losses, determine the extent of losses, estimate the likelihood of the potential losses, assess the significance of the potential losses, and appraise the overall risk (Nakandala et al., 2017). The assessment and prioritization of risks are necessary to select suitable management actions for the already recognized risk factors in the project; the assessment method is related to the identification method. In this paper, a multi-dimensional risk assessment model using risks and its consequences has been proposed that will schematically enrich DM’s with the advantages of prioritized risk and consequences to manage risk and make more practical solutions.

According to the estimation, there were 135 qualified staff available and of the 116 samples were investigated, 94 samples were considered acceptable; this meant 86% of the eligible were covered, and 81% of samples were accepted.

By the 39 variables that are derived from the Delphi method, EFA was proposed to construct the conceptual model theoretically.

Cronbach alpha was used to verify the reliability of the questionnaire and finally, it yielded 0.896 that was above the minimum desirable level of 0.70,and before getting the EFA results, the Skewness, the multi-collinearity, the measure of sampling adequacy (MSA) and PCA and also varimax rotation using SPSS 20 were tested to derive the independent factors. Skewness wasn’t a problem and according to the nature of the consequences, it was expected to have some multi-collinearity in the data analysis. As a result, four variables were omitted in this analysis, and two variables were omitted in MSA process. The result of this section showed that the output of the EFA was much similar to what was derived from Delphi method.After these steps, nine risk factors and 33 variables still remained (Figure 3).

#### 3.2.1. Risk Assessment Model’s Questions

After purifying the data by EFA, a CFA that uses Amos Graphic 22 was proposed in order to test the hypothesis that if every variable (consequence of risks) is significantly important for the related factor (risk) or not?

For implementing a SEM, three questions were answered as listed below:

• 1. Are the constructs of every risk factor and its multi- dimensional consequences are significantly important?

• 2. Of the constructs listed in question 1, which are the most significant indicators of risk factors and risk consequences?

• 3. Are there extra covering relationships between the constructs not already identified that would suggest areas for additional research?

The risk assessment process resulted in risk ranking and also ranking of the related consequences (Figure 3) presents a typical SEM output for loadings and also the standardized regression coefficient of the hypothesized relationships.

### 3.3. Mitigation Strategy

Risk reduction or mitigation strategy has been one of the risk management steps that have been commonly used. Since most of the risks are naturally unavoidable or sometimes risk taking or risk reduction is making less cost than eliminating or transferring them. In this paper, considering the circumstances of the case to implement the mitigation strategy, 20 sets of solutions were derived from Delphi method as alternatives to the research by five relevant experts (Table 4), and also five criteria including cost, time, risk mitigation, network quality and customer satisfaction were extracted. There have been many methods to attain the weight of each criterion; the main challenge has been how the criteria are affecting each other. Analytical Network Process using (ANP) pairwise comparisons and the Super Decision 2.2.6 software, has been a method that would fit to both dependent and independent criteria as well (Saaty, 1996).

(Chu, 2002) stated that the TOPSIS is an approach based on the idea that the chosen alternative should be the nearest to the positive ideal solution (PIS) and have the farthest distance from the negative ideal solution (NIS) for solving MCDM problems ($d i −$).

Is the distance between every alternative and its fuzzy negative ideal solution (FNIS), ($d i +$) is the distance between every alternative and its fuzzy positive ideal solution (FPIS), and a closeness coefficient (CCi) is defined to determine the ranking order of all the alternatives, once ($d i −$) and ($d i +$) of each alternative are calculated. The closeness coefficient of each alternative was calculated as below(1)

$C C i = d i − d i − + d i + , i = 1 , 2 , 3 , ... , 20$
(1)

Obviously, an alternative Ai is closer to the FPIS, and farther from FNIS; as CCi approaches to 1.

### 3.4. Monitoring Strategy

The company and its environment is not static, and thus the risk status changes. The recognized risk factors can be monitored to identify the potential increasing trends in their probability or consequences. In addition, new significant risk factors may appear. To identify these, it is necessary to monitor the changes in the network, customer needs, technology, partner strategies and competitors, and update the risk assessment correspondingly (Hallikas et al., 2004). Risk monitoring could be considered as a feedback for the identification stage. Therefore, beside the pre-identification that has been proposed in this paper, risk monitoring could bring lots of benefits to the implementation of risk management. In this paper, monitoring stage has been excluded from the research and it could be a topic for the future research.

## 4. RESULT AND DISCUSSION

### 4.1. Pre-Risk Identification

According to the comprehensive literature review, a pre-risk identification stage was proposed. Table 1 contributes to the pre-identification stage in PRM. Supplier dependence, environmental uncertainties, a highly competitive situation, trust towards customers, high dynamism in technological changes and relatively stable demands were the circumstances of the current research that could be existed in many real cases. After this step, risks were identified through investigating the procurement risk factors in the literature, and also a Delphi method was implemented in a telecommunication industry. Supplyside, demand-side and buyer-supplier concept were also used to categorize the risks, and it was believed to be practically helpful to better analyze and assess the risks (Figure 1). Figure 3 shows the final nine risk factors.

### 4.2. Initial Risk Factor Analysis

After deriving the primary risk factors through preidentification and identification stages, EFA and CFA were applied to finalize the list of procurement risks and their consequences.

Issues related to skewness and kurtosis of the sample data were not felt to be problematic, with values ranging from (-0.974 to -0.295) for skewness and from (-0.901 to 0.904) for kurtosis, also multi-collinearity was needed to be assessed by the time that Cronbach’s Alpha was firstly calculated.

The Cronbach’s alpha was 0.91 at first, so there was a probability of having multi-collinearity. The Cronbach’s alpha yielded 0.896, by eliminating four variables (#13, #28, #31, and #12). Multi-collinearity was not felt to be an issue. Goodness of model fit indicators was used to analyze the results including chi-square divided by the degrees of freedom (CMIN/DF) as a measure of the minimum sample discrepancy. This value took into account chi-square’s sensitivity to large sample sizes. As such, any value less than five has been an indicator of an adequate fitting model, although a value less than three would be preferable (Kline, 2011).

The Comparative Fit Index (CFI) was used as a comparison to a baseline model, a CFI above 0.9 was recommended (Kline, 2011). In addition, the Root Mean Square Error of Approximation (RMSEA) was utilized in the full causal model as a population discrepancy function; it was also particularly well-suited for the models with many parameters such as the hypothesized model (Table 2) represents the preliminary analysis of every independent risk factor along with the finalized regression weights in SEM; the results showed that all nine factors were statistically significant at p < 0.001. Furthermore, to compare the initial and finalized weight of each variable and also to adapt the (Table 2) and (Figure 3), the finalized regression weights of each variable were presented in the last column of (Table 2).

### 4.3. Analysis of the Initial Causal Model for Risk Assessment

In the context of SCRM, it has been necessary to employ a CFA to grasp the intricacies among different types of risks in SCN (Alexandru, 2014), also SEM gave the researchers the ability to provide a comprehensive risk assessment framework model by the advantage of risk and consequences prioritization, supporting interconnected risks and any kind of minor and major relation that could influence the procurement model to support the DMs in supply risks context.

The analysis of the initially hypothesized model indicated that it was not optimally specified, and that some improvements were needed. The review of the regression weights indicated that some of them weren’t significantly different from zero at the 0.001 level (two-tailed). Despite the improvement that the model needed, the overall model appeared to have a good fit with the data. The CFI was 0.727 and the chi-square/df ratio was 1.726 (acceptable < 5; ideal < 3). The RMSEA was 0.088 (ideal < 0.05). Perhaps one of the interesting observations was the squared multiple correlations (SMC) for identifying factors that explained 70 percent of the variance. This suggested that the identified constructs did indeed play a significant role in predicting the overall system of the procurement risk. In addition, there has not been any comparable model until this study. However, according to the SMC, it could be inferred that pre-identification and identification stages were successful, and what remained to be discovered was the nature of these relationships.

### 4.4. Analysis of the Final Causal Model for Risk Assessment

As such, one would expect that modification would need to occur in any given situation. Respecification guidelines, as outlined by Kline were used to modify the model. The ultimate causal model (Figure 3) illustrated the result of the respecification process outlined above. For the final model, all nine risk factors were fitted well; there were not significant changes between the conceptual and final model.

In order to evaluate the significance of every factor, the CFA was applied here to the hypothesized relationships. Figure 3 presents a typical output of such analysis. The numbers that came in the first row of the arrows between nine risk factors and variables were their relevant loadings that were derived from the EFA; the numbers that came in the second row of the arrows between nine risk factors and variables were the standardized regression coefficient that was derived from the CFA, and also the numbers that came between the nine risk factors and the procurement risk in (Figure 3) were the standardized regression coefficient that has been derived from CFA. The numbers that were derived from CFA process were used to rank the risk and its consequences. After EFA, there were nine risk factors (dependent variables) and 33 risk consequences (independent variables) that have been shown in (Figure 3).

In the final model, the Goodness of Fit summary indicated the CFI was 1.00, RMSEA was 0.00, and the ECVI was 8.02; all indicating the goodness of fit. While the chi-square was 377.909 with 410 df (p < 0.001), most likely significant, the CMIN/DF ratio was 0.922 indicating a reasonable fit. GFI or AGFI was not calculated due to the maximum likelihood estimation, AMOS method was used to compensate the missing variables. The ultimate casual model explained the following variances in the dependent variables identified in the model.

Table 3 summarizes the statistical test for the final casual model, and the entire factors loadings hypothesis were significant at the (p < 0.001).

After all, the SEM indicators were investigated, according to the standardized regression coefficient (Table 3) risk factors which were prioritized. Hence, Xi6-Risk of IT, Xi4-Risk of delivery mistakes and Xi5-Risk of international trade barriers were chosen as the three most important procurement risks also, failed to get benefit from the value added services and customer dissatisfaction which have been the most important consequences of IT risk, inability to compete was the most important consequence of delivery mistakes risk, and raising the total cost was the most important consequence of the international trade barriers’ risk.

Risk of IT as the most important risk in the current research demonstrating the effect of technology and IT in PRM. Today IT is used to redesign the business processes; it changes the definition of process in SCM. These are IT–the capabilities offered by the computers, software applications, and telecommunications – and business processredesign – the analysis and design of workflow and processes within and between the organizations (Davenport and Short, 2003). The managers that are responsible for the business operations and IT procurement processes must take an active role in the risk management process (Stoneburner et al., 2002). DMs couldn’t obtain any benefits from IT unless they make an appropriate plan.

Filtering the important risk and its consequences in a schematically way, prioritizing the risk and its consequences are some of examples of this model’s improvements, and also it is capable of considering the intricacies between the risk factors. Therefore, it has been believed that well-organized infrastructures can be prepared for the mitigation stage. For the future research, since SEM is capable of considering the dependencies between the risks, it would be beneficial to use it for the interconnections between risks at the level of the whole SCN according to the flow of the material or information.

### 4.5. Mitigation Strategy

SEM outputs (Figure 3) have represented the prioritized risk factors and risk consequences that have a substantial effect on the decision making process. This model would facilitate the DMs to make better solutions.

In order to decrease the severity of risks, some practical solutions must be gathered (Table 4). The SEM output, the Delphi method using the circumstances of the case and the categorization of risk factors (Figure 1) were proposed to build a consensus on the aggregation of 20 treatment solutions for Xi6 and Xi5 risks.

#### 4.5.1. Weights’Estimation and Fuzzy TOPSIS Method

According to the risk assessment process for implementing the solutions and mitigating the risk consequences, the solutions must be prioritized. MCDM technique is one of the effective tools to assess the risk process. In this research, fuzzy TOPSIS was used in order to rank the alternatives. And, five criteria were set by the experts including: Cost (C1), Time (C2), Risk mitigation (C3), Network quality (C4) and Customers satisfaction (C5).

According to the five DMs, a paired comparison matrix and also a matrix showing the dependencies between each criterion were prepared. In this case, all of the DMs responses to each pair of the criterion dependencies were different from one another; therefore, ANP using super decision matrix could be a proper method.

According to (Table 5), the crisp weights of the criteria, and the normalized weighted matrix of fuzzy TOPSIS have been shown; as a result A12 and A3 were selected as the best solutions. The results revealed that surviving an appropriate relationship with neighbouring countries along with a professional R&D team to identify the customer’s needs and solving the procurement risk problems dynamically, could be considered the most effective solutions to have a proper buyer-supplier community.

Nowadays, enterprise management, especially in developing countries by using PRM can gain a lot of benefits from establishing appropriate relationships and implementing Foreign Direct Investments (FDI). In addition to reduce the procurement and supply costs including transportation, tariff barriers, and import restrictions, FDI has identified a number of less apparent factors, like the motivations of managers to go abroad, the meshing of technological levels, ethnic ties, and the desire to protect proprietary processes and competitive advantages (Wells, 1983).

## 5. CONCLUSION

This paper sought to proposea hybrid PRM framework model focusing on identification and assessment stages by considering the PRM and its effects on SCN to make this study holistic. The comprehensive literature review revealed a significant gap in the identification stage. Therefore, a pre-identification stage has been proposed to help the practitioner to better identify the procurement risks. Also, nine risk factors and 33 related consequences were derived to develop a practical risk assessment study. The prioritized risks and consequences gave the sight to analyze the risk behavior, estimate the severity of risk more realistically, and more rational solutions were consequently derived.

Considering the literature, it was the first time that SEM was used directly for modelling multi-dimensional risks. SEM models could improve the risk assessment process by screening the most important risk factors, considering the consequences, causes and any kind of minor and major factors, the intricacies and relations among different types of risk factors and prioritizing the risk factors, consequences and any further relations to enrich the DM’s making better decisions and solutions. According to the standardized regression coefficient risk of IT, the risk of delivery mistakes and international trade barriers risk failed to get value added services. Inability to compete and raise the total cost was the most important factor, and their related variables while all the other constructs played a significant role in predicting overall system satisfaction, since none of them had a regression coefficient less than 0.538.

According to the sample data, there was a significant correlation between every factor and its corresponding variables. Hence, it may not be concluded that unmeasured latent variable did not exist in the assessment model, but at least, it could be shown that this research has covered the most effective factors for the assessment model of the procurement risks and its multi-dimensional consequences according to its specific circumstances.

And, finally, for mitigating the severity of risks, considering the circumstances of the case, twenty sets of the treatment solutions were derived from the prioritized risks using prioritized consequences. The alternative, establishing agencies in the neighboring countries in order to have a direct contact with the owners of the technology, having a proper communication as necessary to have a professional R&D team, were selected as the proper solutions.

Due to the lack of studies in the literature on demandside and procurement risk assessment, a PRM framework was proposed, and this framework was tested in other industries to make it more holistic.PRM studies would require more attention as they can have a snowball effect. Hence, they can have more disruptive effects comparing with the risks that happen in the subsequent nodes. Some researches would be needed to make the risk and its multidimensional consequences model more comprehensive and reliable by considering the interconnected risks and the causes of them. It has been believed that implementing a risk monitoring system can be used to test this framework model and also for root-cause analysis to put the procurement risks in the organizational strategies to solve them in top-down way. The way the procurement risks were divided to supply, demand and buyer-supplier relationship could be helpful for PRM. Since, it has the advantage to look at the potential problems at different dimensions and aggregating them in a comprehensive way. Also, SEM models outputs could be used in FMEA models in order to rank the risk by considering the probability and deductibility of the risks. As research limitations the following aspects could be pointed. This paper analyzed the communication sector exclusively. Further research works can be done to transfer the current ideas to the other industries such as food, healthcare, electronics or machinery in order to examine the general validity of the results. Furthermore, a global study will give valuable insights related to the degree of the implementation in other countries or could recognize the cultural differences in providing chain risk management. Procurement management, supply chain management and generally production research would remarkably benefit from the studies that have analyzed the procurement risk management topics.

## Figure

The interaction between the risk of first and second nodes, and the circumstances of the case.

Proposed framework for PRM and flow of the paper.

## Table

Categorized pre-investigating for potential problems in procurement risk management

The initial analysis of every independent risk factor along with finalized regression weights of the model

The normalized weighted matrix of fuzzy TOPSIS by ranking of alternatives

Construct relationships and statistic tests for the final causal model

Risk treatment alternatives for mitigating theoretical risks

## REFERENCES

1. Alexandru, C. (2014), A confirmatory approach to measuring risks in supply chains, The Annals of the University of Oradea, 1(1), 1135-1142.
2. Aqlan, F. and Lam, S. S. (2015), A fuzzy-based integrated framework for supply chain risk assessment, International Journal of Production Economics, 161, 54-63.
3. Bourantas, D. (1989), Avoiding dependence on suppliers and distributors, Long Range Planning, 22(3), 140-149.
4. Brown, C. A. (2017), The general agreement on trade in services, Non-discrimination and Trade in Services, Springer.
5. Buchmeister, B. , Kremljak, Z. , Polajnar, A. , and Pandza, K. (2006), Fuzzy decision support system using risk analysis, Advances in Production Engineering & Management, 1, 30-39.
6. Carr, A. S. and Smeltzer, L. R. (2002), The relationship between information technology use and buyer-supplier relationships: An exploratory analysis of the buying firm’s perspective, Engineering Management, 49(3), 293-304.
7. Chopra, S. and Sodhi, M. S. (2004), Managing risk to avoid supply-chain breakdown, MIT Sloan Management Review, 46, 53-61.
8. Chu, T. C. (2002), Facility location selection using fuzzy TOPSIS under group decisions, International Journal of Uncertainty, Fuzziness and Knowledge-based Systems, 10(6), 687-701.
9. Conway, P. , De Rosa, D. , Nicoletti, G. , and Steiner, F. (2006), Regulation, competition and productivity convergence, OECD Economic Studies, 39-75, .
10. Cruz, J. M. (2013), Mitigating global supply chain risks through corporate social responsibility, International Journal of Production Research, 51(13), 3995-4010.
11. Davenport, T. H. and Short, J. E. (2003), Information technology and business process redesign, Operations management: Critical Perspectives on Business and Management, 1, 97.
12. Diabat, A. , Govindan, K. , and Panicker, V. V. (2012), Supply chain risk management and its mitigation in a food industry, International Journal of Production Research, 50(11), 3039-3050.
13. Dihel, N. and Shepherd, B. (2007), Modal estimates of services barriers, OECD Trade Policy Papers, 51, OECD Publishing.
14. Edquist, C. , Vonortas, N. S. , Zabala-Iturriagagoitia, J. M. , and Edler, J. (2015), Public Procurement for Innovation, Edward Elgar Publishing, Cheltenham Glos UK.
15. Ellis, S. C. , Henry, R. M. , and Shockley, J. (2010), Buyer perceptions of supply disruption risk: A behavioral view and empirical assessment, Journal of Operations Management, 28(1), 34-46.
16. Ellram, L. M. and Zsidisin, G. (2002), Factors that drive purchasing and supply management’s use of information technology, Engineering Management, IEEE Transactions, 49(3), 269-281.
17. Fan, H. , Li, G. , Sun, H. , and Cheng, T. (2017),An information processing perspective on supply chain risk management: Antecedents, mechanism, and consequences, International Journal of Production Economics, 185, 63-75.
18. Fung, I. W. , Tam, V. W. , Lo, T. Y. , and Lu, L. L. (2010), Developing a risk assessment model for construction safety, International Journal of Project Management, 28(6), 593-600.
19. Giannakis, M. and Papadopoulos, T. (2016), Supply chain sustainability: A risk management approach, International Journal of Production Economics, 171(4), 455-470.
20. Hallikas, J. , Karvonen, I. , Pulkkinen, U. , Virolainen, V. M. , and Tuominen, M. (2004), Risk management processes in supplier networks, International Journal of Production Economics, 90(1), 47-58.
21. Hallikas, J. , Puumalainen, K. , Vesterinen, T. , and Virolainen, V. M. (2005), Risk-based classification of supplier relationships, Journal of Purchasing and Supply Management, 11(2-3), 72-82.
22. He, Y. (2013), Sequential price and quantity decisions under supply and demand risks, International Journal of Production Economics, 141(2), 541-551.
23. Ho, W. , Zheng, T. , Yildiz, H. , and Talluri, S. (2015), Supply chain risk management: A literature review, International Journal of Production Research, 53(16), 5031-5069.
24. Hong, Z. and Lee, C. (2013), A decision support system for procurement risk management in the presence of spot market, Decision Support Systems, 55(1), 67-78.
25. Jacinto, C. and Silva, C. (2010), A semi-quantitative assessment of occupational risks using bow-tie representation, Safety Science, 48(8), 973-979.
26. Johnsen, T. E. , Johnsen, R. E. ,and Lamming, R. C. (2008), Supply relationship evaluation: The relationship assessment process (RAP) and beyond, European Management Journal, 26(4), 274-287.
27. Johnson, M. E. (2001), Learning from toys: Lessons in managing supply chain risk from the toy industry, California Management Review, 43(3), 106-124.
28. Johnston, D. A. , McCutcheon, D. M. , Stuart, F. I. , and Kerwood, H. (2004), Effects of supplier trust on performance of cooperative supplier relationships, Journal of operations Management, 22(1), 23-38.
29. Jüttner, U. , Peck, H. , and Christopher, M. (2003), Supply chain risk management: Outlining an agenda for future research, International Journal of Logistics: Research and Applications, 6(4), 197-210.
30. Kern, D. , Moser, R. , Hartmann, E. , and Moder, M. (2012), Supply risk management: Model development and empirical analysis, International Journal of Physical Distribution & Logistics Management, 42(1), 60-82.
31. Ketkar, S. , Kock, N. , Parente, R. , and Verville, J. (2012), The impact of individualism on buyer–supplier relationship norms, trust and market performance: An analysis of data from Brazil and the USA, International Business Review, 21(5), 782-793.
32. Kline, R. B. (2011), Principles and Practice of Structural Equation Modeling (3rd ed.), Guilford Press, New York, NY.
33. Krishnan, R. , Martin, X. , and Noorderhaven, N. G. (2006), When does trust matter to alliance performance?, Academy of Management Journal, 49(5), 894-917.
34. Lee, C. Y. , Li, X. , and Xie, Y. (2013), Procurement risk management using capacitated option contracts with fixed ordering costs, IIE Transactions, 45(8), 845-864.
35. Lee, H. L. , Padmanabhan, V. , and Whang, S. (2004), Information distortion in a supply chain: The bullwhip effect, Management Science, 50(12), 1875-1886.
36. Li, H. and Cui, N. (2013), Study on pricing scheme decision in dual channel supply chain under bargaining power, Application Research of Computers, 8, 21.
37. Li, X. , Wu, Q. , Holsapple, C. W. , and Goldsby, T. (2017), An empirical examination of firm financial performance along dimensions of supply chain resilience, Management Research Review, 40(3), 254-269.
38. Linstone, H. A. and Turoff, M. (2011), Delphi: A brief look backward and forward, Technological Forecasting and Social Change, 78(9), 1712-1719.
39. Mandal, S. (2012), An empirical investigation in demand-side risk, Romanian Journal of Marketing, 4, 33-49.
40. Mckinnon, A. (2006), Life without trucks: The impact of a temporary disruption of road freight transport on a national economy, Journal of Business Logistics, 27(2), 227-250.
41. Murè, S. and Demichela, M. (2009), Fuzzy application procedure (FAP) for the risk assessment of occupational accidents, Journal of Loss Prevention in the Process Industries, 22(5), 593-599.
42. Nagali, V. , Hwang, J. , Sanghera, D. , Gaskins, M. , Pridgen, M. , Thurston, T. , Mackenroth, P. , Branvold, D. , Scholler, P.andShoemaker, G. (2008), Procurement risk management (PRM) at Hewlett-Packard company, Interfaces, 38(1), 51-60.
43. Nagurney, A. , Cruz, J. , Dong, J. , and Zhang, D. (2005), Supply chain networks, electronic commerce, and supply side and demand side risk, European Journal of Operational Research, 164(1), 120-142.
44. Nakandala, D. , Lau, H. , and Zhao, L. (2017), Development of a hybrid fresh food supply chain risk assessment model, International Journal of Production Research, 55(14), 4180-4195.
45. Nooraie, S. V. and Parast, M. M. (2015), A multi-objective approach to supply chain risk management: Integrating visibility with supply and demand risk, International Journal of Production Economics, 161, 192-200.
46. Ojala, M. and Hallikas, J. (2006), Investment decision-making in supplier networks: Management of risk, International Journal of Production Economics, 104(1), 201-213.
47. Olson, D. L. and Wu, D. (2011), Risk management models for supply chain: A scenario analysis of outsourcing to China, Supply Chain Management: An International Journal, 16(6), 401-408.
48. Oosterhuis, M. , Molleman, E. , and Van der Vaart, T. (2013), Differences in buyers’ and suppliers’ perceptions of supply chain attributes, International Journal of Production Economics, 142(1), 158-171.
49. Pavlou, S. and Manthou, V. (2008), Identifying and evaluating unexpected events as sources of supply chain risk, International Journal of Services and Operations Management, 4(5), 604-617.
50. Rowe, G. , Wright, G. , and Bolger, F. (1991), Delphi: A reevaluation of research and theory, Technological Forecasting and Social Change, 39, 235-251.
51. Saaty, T. L. (1996), Decision making with dependence and feedback, RWS, Publication, Pittsburgh, PA.
52. Schoenherr, T. , Tummala, V. R. , and Harrison, T. P. (2008), Assessing supply chain risks with the analytic hierarchy process: Providing decision support for the offshoring decision by a US manufacturing company, Journal of Purchasing and Supply Management, 14(2), 100-111.
53. Shi, Y. , Wu, F. , Chu, L. K. , Sculli, D. , and Xu, Y. (2011), A portfolio approach to managing procurement risk using multi-stage stochastic programming, Journal of the Operational Research Society, 62(11), 1958-1970.
54. Shin, H. , Collier, D. A. , and Wilson, D. D. (2000), Supply management orientation and supplier/buyer performance, Journal of Operations Management, 18(3), 317-333.
55. Smallman, C. (1996), Risk and organizational behaviour: A research model, Disaster Prevention and Management, 5(2), 12-26.
56. Smeltzer, L. R. and Siferd, S. P. (1998), Proactive supply management: The management of risk, InternationalJournal of Purchasing and Materials Management, 34(4), 38-45.
57. Sodhi, M. and Lee, S. (2007), An analysis of sources of risk in the consumer electronics industry, Journal of the Operational Research Society, 58(11), 1430-1439.
58. Spekman, R. E. and Davis, E. W. (2004), Risky business: Expanding the discussion on risk and the extended enterprise, International Journal of Physical Distribution & Logistics Management, 34(5), 414-433.
59. Srinivasan, M. , Mukherjee, D. , and Gaur, A. S. (2011), Buyersupplier partnership quality and supply chain performance: Moderating role of risks, and environmental uncertainty, European Management Journal, 29(4), 260-271.
60. Stoneburner, G. , Goguen, A. , and Feringa, A. (2002), Risk management guide for information technology systems,NIST Special Publication 800-30, Available from: http://csrc.nist.gov/publications/nistpubs/800-30/sp800-30.pdf.
61. Świerczek, A. (2014), The impact of supply chain integration on the “snowball effect” in the transmission of disruptions: An empirical evaluation of the model, International Journal of Production Economics, 157, 89-104.
62. Thun, J. H. and Hoenig, D. (2011), An empirical analysis of supply chain risk management in the german automotive industry, International Journal of Production Economics, 131(1), 242-249.
63. Trkman, P. and McCormack, K. (2010), Estimating the benefits and risks of implementing e-procurement, EngineeringManagement, IEEE Transactions, 57(2), 338-349.
64. Tukamuhabwa, B. R. , Stevenson, M. , Busby, J. , and Zorzini, M. (2015), Supply chain resilience: definition, review and theoretical foundations for further study, International Journal of Production Research, 53(18), 5592-5623.
65. Tummala, R. and Schoenherr, T. (2011), Assessing and managing risks using the supply chain risk management process (SCRMP), Supply Chain Management: An International Journal, 16(6), 474-483.
66. Tuncel, G. and Alpan, G. (2010), Risk assessment and management for supply chain networks: A case study, Computers in Industry, 61(3), 250-259.
67. Wagner, S. M. and Bode, C. (2006), An empirical investigation into supply chain vulnerability, Journal of Purchasingand Supply Management, 12(6), 301-312.
68. Wagner, S. M. and Bode, C. (2008), An empirical examination of supply chain performance along several dimensions of risk, Journal of Business Logistics, 29(1), 307-325.
69. Wang, X. , Chan, H. K. , Yee, R. W. , and Diaz-Rainey, I. (2012), A two-stage fuzzy-AHP model for risk assessment of implementing green initiatives in the fashion supply chain, International Journal of Production Economics, 135(2), 595-606.
70. Wells, L. T. (1983), Third World Multinationals: The Rise of Foreign Investments from Developing Countries, MITPress Books .
71. Yang, Y. L. , Shyu, W. H. , Lin, C. H. , and Hsu, S. F. (2005), Risk management of international transportation of integrated circuit products, Journal of the Eastern Asia Society for Transportation Studies, 6, 3386-3400.
72. Zsidisin, G. A. , Ellram, L. M. , Carter, J. R. , and Cavinato, J. L. (2004), An analysis of supply risk assessment techniques, International Journal of Physical Distribution & Logistics Management, 34(5), 397-413.
73. Zsidisin, G. A. , Panelli, A. , and Upton, R. (2000), Purchasing organization involvement in risk assessments, contingency plans, and risk management: An exploratory study, Supply Chain Management: An International Journal, 5(4), 187-198.