Among the 51 full-scope EICC audits in 2015, 32 were from Production Procurement suppliers and 19 were from Services and General Procurement suppliers; in the latter group, these often were the first time suppliers were assessed to the EICC Code of Conduct. IBM is one of the pioneering companies in the extensive use of EICC audits in the so-called indirect supply chain (services and software).
In 2015 full-scope audits, five of the top 10 noncomformances were labor-oriented and four were related to health and safety. These 2015 results were notably improved, compared to audits in 2004 — 2012. Often, audits are criticized as ineffective for driving long-term change. Our experience has been the opposite: Audits are a valuable tool, and if combined with long-term supplier relationships and suppliers’ agreements to invest in improvements toward code compliance, they can help drive relative long-term improvement. For example, consider working hours. In the 2004 — 2012 time frame, combined major and minor nonconformance for working hours was 46 percent for audits conducted; in 2015 it was 26 percent. Other areas, such as health and safety, have seen improvements to a lesser degree. Many of the findings in the top 10 provisions uncovered weaknesses in the supplier’s management systems relating to health and safety, such as frequency of conducting emergency drills, planning for all manners of emergencies, egress signage, training of first-aid personnel and first-aid kit supplies. Although we require a complete post-audit CAP, suppliers typically address the health and safety findings with expediency, often during the course of the audit itself. The EICC Code (by design) is very robust in management systems relating to an organization’s structure to attain and maintain long-term compliance to the code provisions. Suppliers with nonconformance were often lacking one or more elements of a strong management system — having documented goals, objectives, metrics, periodic reviews with in-line management and tracking of closure actions. Other code provisions with nonconformance are related to the proper establishment of policies and practices, such as in freely chosen employment (having an implemented and communicated policy on human trafficking, for example). For each nonconformance found in an EICC assessment, the EICC audit report provides a description of the finding — and very importantly, a cross-reference to the specific provision of the EICC code and/or the local law or regulation. This level of detail is an important feature of an EICC audit and enables suppliers to isolate the root cause of any finding and work on lasting improvements.
IBM’s supplier assessment activity stringently follows the methodology developed by the EICC, whereby audited suppliers create and submit a CAP for all nonconformance discovered in an assessment. This requirement is a core tenet of IBM’s supplier management system and is fully supported by IBM Global Procurement and its executive team. The CAP enables the audited company to create meaningful targeted improvements — and later, test their effectiveness by means of a re-audit. During 2015, 161 supplier CAPs were reviewed and accepted within 90 days of submission, reflecting audits and re-audits that occurred in late 2014 and throughout 2015.
The effectiveness of our audit/CAP/re-audit system is depicted by comparing “before and after” results of suppliers undergoing a complete assessment cycle, as shown by the following chart. Re-audits conducted during 2015 at 77 Production and Services and General Procurement suppliers are compared with their full-scope audits (conducted over the 2013 – 2015 timeframe). For ease of reading and comparison, only major noncompliance results are depicted.