Supplier Classification & Settings
The supplier classification system provides a structured, risk-based approach to evaluating and categorizing suppliers. Each supplier is assessed across multiple dimensions to produce a risk category that determines the level of oversight, audit frequency, and documentation requirements.
Risk Assessment Dimensions
Section titled “Risk Assessment Dimensions”When classifying a supplier, you evaluate five dimensions. Each dimension is rated as High, Medium, or Low.
| Dimension | What It Measures |
|---|---|
| Impact on Product Quality | How directly the supplier affects the quality of the final product |
| Impact on Patient Safety | Whether a supplier failure could impact patient safety |
| Regulatory Impact | The regulatory consequences if the supplier fails to meet requirements |
| Process Criticality | How critical the supplier is to manufacturing or business processes |
| Data Integrity Risk | Whether the supplier handles data that impacts GxP compliance or data integrity |
How Classification Scoring Works
Section titled “How Classification Scoring Works”Each rating maps to a numeric score:
- High = 3 points
- Medium = 2 points
- Low = 1 point
The total score across all five dimensions determines the risk category:
| Total Score | Risk Category |
|---|---|
| 12 — 15 | Critical |
| 8 — 11 | Major |
| 4 — 7 | Minor |
| 1 — 3 | Non-Critical |
Classifying a Supplier
Section titled “Classifying a Supplier”- Navigate to Suppliers from the sidebar.
- Select the supplier you want to classify.
- Click Classify or navigate to the classification page from the supplier detail view.
- For each of the five risk dimensions, select High, Medium, or Low by clicking the corresponding option.
- Review the Classification Preview card, which shows the estimated risk category and total score.
- Enter a Justification explaining the reasoning behind your classification. This field is required.
- Click Submit Classification.
Supplier Information Management
Section titled “Supplier Information Management”When editing a supplier, you can configure the following details:
Basic Information
Section titled “Basic Information”- Supplier name and trade name
- Country of origin
- Supplier types (selectable from configured options)
Contacts
Section titled “Contacts”Each supplier supports four contact categories:
- Quality Contact — Primary contact for quality-related matters
- Regulatory Contact — Contact for regulatory affairs
- Commercial Contact — Business and procurement contact
- Emergency Contact — For urgent supplier issues
Each contact record includes name, email, and phone number.
Regulatory Configuration
Section titled “Regulatory Configuration”- Regulatory Regions — Select applicable regions (EU, US, CH, UK, JP, CN, AU, CA)
- Data Integrity Relevant — Flag whether the supplier handles GxP data
- Uses Computerized Systems — Flag whether the supplier uses systems subject to validation
Address
Section titled “Address”Full registered address including street, city, state/province, postal code, and country.
Risk Category Implications
Section titled “Risk Category Implications”The assigned risk category affects how the supplier is managed across the system:
- Critical suppliers typically require the most frequent audits, detailed qualification documentation, and ongoing monitoring.
- Major suppliers require regular audits and qualification activities.
- Minor suppliers may be managed with periodic assessments.
- Non-Critical suppliers require minimal oversight.
Permissions
Section titled “Permissions”Supplier classification requires appropriate permissions. Typically, users with the suppliers.read permission can view supplier details, while classification and editing require elevated access. Contact your administrator if you cannot access the classification page.