Canopy uses a standardised rating system for determining risk. The rating system is designed to be simple to understand, so that you can build an immediate picture of the risk a supplier may pose your business.
In this article you will learn:
Risk rating system used on Canopy
Risk rating system used on Canopy
Canopy uses a simple 4-level system for grading risk.
The risk levels are:
High Risk - The supplier is deemed to pose the highest level of risk to the business. Buyers should proceed with caution and ensure appropriate mitigation has been taken.
Medium Risk - The assessment has identified a degree of risk that the business needs to be aware of. Buyers should ensure appropriate mitigation has been taken.
Low Risk - The supplier does not pose any risk to the business, or the level of risk is sufficiently small.
Unknown - The supplier’s risk has not yet been determined, or the assessment is awaiting further information.
Click here for descriptions of the individual risk icons.
How risk is assigned
Canopy assigns a risk level for each risk type. This means a supplier may exhibit as High Risk in one risk area, but Low Risk in another risk area.
Canopy does not aggregate all risk types into one overall risk rating for the supplier. The reason for this is, an overall rating is not useful unless you have some understanding of where the risk is coming from. For example, a supplier that is High Risk for Health & Safety should not be treated the same as a supplier who is High Risk for Conflict Of Interest.