Supplier Quality, Development & Audits calculator
Supplier Risk Score Calculator
The Supplier Risk Score is an RPN-style (Risk Priority Number) metric that ranks how dangerous a given supplier or supplier failure mode is by multiplying three 1-10 ratings: how bad the failure would be (Severity), how often it happens (Occurrence), and how likely you are to catch it before it hits your line (Detection). Supplier quality engineers and SQAs use it to decide where to spend limited audit days, containment resources, and development effort. On a real supply base of 200+ part numbers you cannot audit everyone every year, so a repeatable numeric score is how you defend your prioritization to purchasing and to the plant manager. A supplier who ships a safety-critical part with a poor detection process is a very different risk than one shipping a cosmetic bracket, and this score forces that distinction to be explicit.
What this calculator does
- Estimate supplier risk for supplier quality, development and audits using production-ready inputs so teams can rank risks and decide which issue needs containment, controls, or escalation first.
- Use it when supplier risk in supplier quality, development and audits needs a defensible ranking against other supplier quality, development and audits risks for the next review.
- It multiplies severity, occurrence, and detection ratings on a common 1-10 scale to produce a single comparable supplier risk priority number.
Formula used
- Supplier risk score = supplier risk severity score × supplier risk occurrence score × supplier risk detection score
- Use the same scoring scale across comparable supplier risk risks.
Inputs explained
- Severity of supplier failure (impact on your line/customer):
- Likelihood the supplier defect occurs (frequency):
- Detectability at incoming inspection (before it reaches your line):
How to use the result
- Use it during annual supply-base risk ranking, before awarding new business, and after a supplier PPAP or escape to re-tier where audit and development attention should go.
- The score is only as consistent as your rating anchors; without a documented 1-10 scale definition, two engineers will score the same supplier differently and the ranking becomes meaningless.
Current U.S. benchmarks
- U.S. manufacturing runs at 75.6% of capacity (Federal Reserve, May 2026). New factory orders are up 2.3% year over year (Census).
Common questions
- How do you calculate a supplier risk score? Multiply the three ratings together: Severity x Occurrence x Detection. With Severity 6, Occurrence 4, and Detection 3 on a 1-10 scale, the tool returns a supplier risk score of 4.55 on the normalized index used here, which you then rank against your other suppliers.
- What is a good supplier risk score? Lower is better because it means low impact, rare occurrence, and strong detection. There is no universal pass threshold; instead you set an internal action line (for example, escalate the top 10 percent of scores) and treat any high-severity supplier as high priority regardless of the total.
- Why does severity matter more than occurrence? A high-severity failure (a part that stops the line or reaches a customer as a safety issue) warrants attention even if it rarely happens, so many teams flag any supplier with severity of 9 or 10 for action even when the multiplied score looks moderate.
- Supplier risk score vs supplier scorecard: what is the difference? A scorecard is a rear-view performance grade (PPM, on-time delivery, response time), while the risk score is forward-looking and estimates the potential for future harm; use the scorecard to feed your Occurrence and Detection ratings.
- How often should I re-score suppliers? Re-score at least annually and immediately after any quality escape, PPAP, engineering change, or capacity move, since each of those events changes occurrence or detection.
Last reviewed 2026-05-12.