Data Access, Analysis and Action for Procurement Organizations

Editor’s note: This is the fifth article in a series, “Data Disasters Versus Data Dynasties,” authored by data consultants and engineers from IBM’s Procurement Analytics as a Service team. The series covers common downfalls that procurement organizations make with data, as well as how organizations develop a winning data strategy. 

Others in the series: “Data Disasters: Is Your Supplier Data Hindering Procurement Performance?,” “Data Dynasties and Data Governance,” “Data Disasters: Hidden Risks Cost More Than You Think” and “Overcoming Supplier Data Challenges to Build a Data Dynasty.”

***

You may be familiar with a common meme showing Microsoft Excel holding up the entire global financial system.

While this might feel exaggerated, given the assumption that companies today have more advanced data foundations, studies show that executives still report low data infrastructure maturity in finance and procurement. A 2024 McKinsey & Company survey of procurement leaders found that 21 percent “say their data infrastructure maturity is low, with less than 70 percent of spend data stored in one place.” 

Beyond infrastructure challenges, data access practices create a clear divide between high-performing procurement organizations and those struggling with fragmented information and cumbersome access processes. These are the differences between what we call “data dynasties” and “data disasters.” 

Access Revolution 

Traditionally, procurement data access has been limited to foundational information: invoice spend, occasionally supplemented with PO or supplier data.

Procurement teams today, however, are looking to integrate a wide host of additional data points for more advanced reporting and optimized decision-making. This could range from internal information, such as operational or contract data, to external information like risk and compliance metrics, supplier diversity, sanctions and regulatory monitoring, environmental, social and governance (ESG) performance and real-time market intelligence.  

When formulating a data access plan — given the vast array of data being captured today — it is important to consider which procurement roles or personas need access to which data. For instance, procurement executives often need a different view on data than other actors in the domain.

While CPOs might want a quick, high-level view of the most important procurement KPIs from their tablets between meetings, category teams seek detailed supplier views along with third-party market intelligence details, and procurement buyers want detailed reports of open purchase requisitions pending their action. Meanwhile, procurement analysts may look for the root cause of a declining trend in preferred supplier usage. 

Even within small teams, each member may require different access to procurement data. Without a robust data foundation and role-based access control, it is challenging to ensure all these unique needs are met.  

Getting Access ‘Just Right’ 

Making sure that members of the procurement organization have proper access to necessary data can be complex. The process requires efforts upfront as well as regular monitoring and maintenance. Many companies fail to recognize the importance of a well-designed process, leading to data disasters. 

Without such processes in place, companies may grant mass access to data that can easily lead to breaches of confidential information, failure to comply with the European Union’s General Data Protection Regulation (GDPR) and other regulations, and uncontrolled data proliferation. According to IBM and Ponemon Institute, the average cost globally of a data breach is US$4.44 million, while the U.S. average is more than double at $10.22 million.

On the other hand, if meaningful data is available only to a handful of employees, other team members may struggle to find relevant information. This may lead users to avoid preferred channels and instead pursue workarounds to access data, which could result in duplicated efforts or inconsistent reporting. Overcomplicated access request processes are typically explored as a solution but often they create unnecessary friction, reduce productivity and frustrate users. 

The key is (1) implementing role-based access control (RBAC) aligned with job functions, following the principle of least privilege, and (2) maintaining dynamic access management systems that adapt to organizational changes. 

Data dynasties go beyond simply establishing RBAC. They recognize the risk of storing certain data types. Personal information, cardholder data and other regulated or confidential information must be properly flagged and maintained in compliance with legislative requirements and sensitive data best practices. Access management becomes even more difficult to control when data is siloed. 

Breaking Down Silos 

When category managers and procurement professionals strive to make informed decisions, they often find that procurement data is scattered across multiple sources.

Perhaps direct categories live in SAP while indirect categories reside in Ariba, transportation costs sit in a transportation management system (TMS) platform, and risk or diversity data exists in separate systems. This separation slows down stakeholders and forces procurement employees to make decisions with incomplete data.

PricewaterhouseCoopers’s (PWC) 2025 Digital Trends in Operations Survey found that 92 percent of supply chain leaders gave at least one reason as to why they are experiencing a lack of return on tech investment. The second most common issue, cited by 44 percent of respondents, was data issues. 

Data dynasty companies solve this issue by implementing a single-source-of-truth data set. This may be achieved via a data lake or regular refreshes of core procurement data into a single repository. This unified architecture gives detailed access to highly customizable reports for technical users, while providing access to simple reporting and dashboarding features for all users. 

Regardless of which business intelligence platform you choose, creating a single location where all users can access the same information in a templated and organized format enhances every employee’s ability to access relevant procurement data. Combining access with available training materials enables business users to tailor analytics views to their needs. 

Dashboard Democracy 

Effective data access management extends beyond data storage and includes governance within visualization platforms.  

Data access management efforts could go to waste if visualizations built on top of the data are displaying sensitive information, or if dashboards are available for users, but charts have been emptied due to user error. 

Access governance needs to be harmonized between both data warehouses and visualization and reporting platforms to guarantee access controls at all levels while maintaining visibility, user creativity and accuracy. 

When managing data and visualizations for external clients, IBM Procurement Analytics emphasizes access separation at a platform level. For example, serving as a partner for a global FMCG company, IBM performs procurement analysis for its largest subsidiaries within a shared data visualization platform.

Due to efficient access governance — using functional IDs for data server connections, organizing dashboards within a clear folder structure, creating user groups with appropriate content permissions and separating general from privileged dashboards — the entire organization can rely on one source-of-truth dataset when making procurement decisions across business units. 

Additionally, continuous user activity and dashboard usage monitoring allows IBM to spot outdated content and support its clients to unlock new opportunities through updated insights. 

Within IBM’s own central data structure, users can monitor the permission levels of their personal accounts, helping them to navigate between confidential and general content.

Simplified Procurement Data Flow

(Courtesy of Adam Loudon and Szabina Oláh)

Building Your Data Dynasty 

To build your own data dynasty, first assess the current state of your data. Where is data stored? When users need to access data, where do they go? Are they using extracts straight from your ERP, a data lake, or established reports and dashboards?

Identify your users and carefully define user personas. Work closely with your IT and data teams to ensure compliance with all security requirements for data storage and access.  

Once dashboards and common data locations are prepared, encourage team adoption through proper training and feedback sessions. Dashboards don’t help anyone if they go unused. Track the total unique users and usage for each view. If utilization is low, identify why. Do the dashboards fail to address stakeholder needs? Do team members lack necessary training to gain value from them? Dashboard implementation is not a one-time exercise. Return regularly to ensure they continue to meet your organization’s needs. 

From Access to Advantage 

As the adoption of AI technologies continues, there is more data available to organizations but not necessarily the confidence to make sense of it. This makes access to the right data at the right time critical. Without it, procurement organizations risk losing valuable time and savings opportunities. For many, this means rethinking how data access, governance and empowerment are approached. 

Speed and intelligence don’t come from tools alone — they depend on the strength of your data foundation. Advanced analytics, machine learning and large language models can only deliver meaningful value when supported by proper storage, access controls and governance frameworks. 

Your procurement team’s ability to access, analyze and act on data will determine whether you respond effectively to changing environments and risks.

(Image credit: Getty Images/KontekBrothers)