Assessing suppliers’ HSE-CSR performance: simple criteria, practical tools, and pitfalls to avoid

Assessing suppliers has become second nature. But seriously evaluating their HSE-CSR performance remains difficult, especially when trying to avoid two extremes: naïveté (“they have a nice policy”) and bureaucracy (“an 80-question questionnaire that no one reads”). The right approach starts from a simple principle: you do not assess everything, you assess what truly protects the company and the people.

The first criterion to look at is control of the risks related to the service provided. A cleaning contractor does not face the same risks as a working-at-height contractor, nor as a chemical supplier. The assessment must therefore be proportionate. Most companies gain a great deal by adopting a short but targeted scorecard: regulatory compliance, prevention capability, incident reporting capability, and a culture of cooperation.

The second criterion, often underestimated, is the quality of the evidence. Many suppliers know how to produce documents. The real question is: do these documents reflect operational reality? Is there actually a prevention plan in place on site? Are authorizations and certifications up to date? Is PPE being used, and is it suitable? Are the supplier’s own subcontractors being managed, or are they effectively “invisible”? This is where “coaching-style” audits (short and focused on reality) are far more useful than lengthy questionnaires.

The third criterion is the improvement dynamic. A supplier may not be perfect, but may still excel in one essential area: it learns, it corrects, it does not hide things. Conversely, a supplier that covers things up, minimizes issues, or refuses transparency is a risk. The best indicator is often the way the supplier handles an incident: are they looking for someone to blame, or are they looking for the root cause? Do they actually change something, or do they simply “close” the issue?

The pitfalls to avoid are classic. First, confusing certification with actual control: certification can be a positive sign, but it does not replace field observation. Second, overloading the assessment: if the process takes too much time, it will be abandoned or bypassed. Finally, failing to link the assessment to decision-making: if a poor score has no consequences (an improvement plan, restrictions, support, or even termination), the assessment becomes an empty ritual.

The best approach, especially at the beginning, is to select a small panel of critical suppliers (those with the greatest weight in terms of risk or volume), apply a simple assessment grid, provide structured feedback, and then monitor a quarterly improvement plan. It is less spectacular than a large-scale program, but that is how tangible results are achieved and how the value chain is secured.