Introduction
Industrial procurement teams need a single source of truth for supplier certificates—both ISO (9001/14001/45001/50001) and COIs (Certificates of Insurance). Parakeet Risk centralizes collection, validation, reminders, and evidence so SRM/S2P owners can keep sourcing and AP moving while staying audit-ready. See related capabilities: COI automation, ISO certification automation, and platform features.
What this tracker covers
-
ISO certificates: 9001, 14001, 45001, 50001 with scope, sites, and certification bodies. Backed by templates and workflows in Certification Automation.
-
Certificates of Insurance: GL/Auto/WC/Umbrella limits, additional insured, waiver of subrogation, effective/expiration dates. Automated review aligns with COI Verification and optional insurance-data ingestion via Canopy Connect integration.
-
Supplier master alignment: owner, region, category, criticality, and contractual requirements.
-
Evidence and audit trail: immutable timeline, reviewer notes, and attachments managed via Parakeet Features.
How it works (end‑to‑end)
1) Intake and normalization
-
Sources: supplier portal uploads, email collection, bulk CSV import, or insurance-policy sync through Canopy Connect integration.
-
Normalization: auto-extract dates, issuers, coverage, and ISO scope; flag unreadable or incomplete items for manual review.
2) Policy rules and matching
-
Map your minimum insurance limits and ISO requirements by supplier segment, category, region, or contract tier.
-
Engine evaluates each document against requirements and sets status: Compliant, Expiring, Expired, or Gaps.
3) 90/60/30 reminders and escalation
-
90 days before expiry: Notify supplier contact and internal owner with renewal instructions.
-
60 days: Escalate to procurement lead and category manager; include requirement deltas and any coverage gaps.
-
30 days: Mark supplier as “At Risk”; trigger workflow for conditional holds until a valid certificate is verified.
-
Delivery channels: email plus real-time alerts through Slack or Microsoft Teams. Optional remediation tasks pushed to Trello.
4) Calendar synchronization
- Key expiration and audit dates sync automatically to user calendars using Google Calendar integration. Events update as data changes, ensuring no deadlines are missed.
5) Audit mode
- One-click export of scoped supplier lists, certificates, reviewer notes, and evidence hashes. CSV schema below standardizes audits across ISO and insurance.
SRM/S2P integration patterns (Ariba, Coupa, JAGGAER)
Parakeet is system-of-evidence for certificates while SRM/S2P stays system-of-record for supplier master and transactions. Typical patterns:
-
File/API sync: scheduled CSV/JSON exchanges or middleware to push certificate status back to SRM/S2P.
-
Master-data keys: Supplier ID, site/location codes, and category ensure deterministic joins.
-
Status feedback: write-back flags such as “certificate_status,” “days_to_expiry,” or “hold_reason,” enabling downstream review holds or workflow routing in SRM/S2P.
Examples (common configurations)
-
Ariba: store Parakeet status in supplier master custom fields or qualification questionnaire responses; use approval rules to route expiring suppliers for review before sourcing events or PO issuance.
-
Coupa: reflect “Compliant/Expiring/Expired” in supplier record; surface next-expiry date and requirement profile; use internal controls to require valid status before enabling/renewing.
-
JAGGAER: populate supplier attributes for certificate status and expiration; use category-specific requirement profiles to drive review tasks.
Note: These are typical field-mapping patterns; exact configuration depends on your SRM/S2P edition and governance model.
Auditor export CSV schema
Use this schema to produce a single, auditor-friendly extract covering ISO and COI. Types use common CSV conventions; enums are illustrative and can be extended.
| Column | Type | Required | Description | Example |
|---|---|---|---|---|
| supplier_id | string | yes | Unique supplier key matching SRM/S2P | SUP-001234 |
| supplier_name | string | yes | Legal supplier name | Acme Industrial LLC |
| region | string | no | Supplier region/country | US |
| category | string | no | Spend/category code | MRO |
| certificate_type | enum | yes | COI, ISO_9001, ISO_14001, ISO_45001, ISO_50001 | COI |
| certificate_id | string | no | Identifier/number from issuer | POL-998877 |
| issuer_name | string | no | Insurer or certification body | Veritas Certifications |
| issue_date | date (YYYY-MM-DD) | no | Certificate issue date | 2025-02-01 |
| expiration_date | date (YYYY-MM-DD) | yes | Certificate expiration date | 2026-02-01 |
| days_to_expiry | integer | yes | Days from extract date to expiry (negative if expired) | 84 |
| requirement_profile | string | no | Internal rule profile applied | NA-Construction-Std |
| compliance_status | enum | yes | Compliant, Expiring, Expired, Gaps | Expiring |
| gap_details | string | no | Human-readable gaps vs. policy | GL limit < $2M |
| additional_insured | boolean | no | COI term present | true |
| waiver_of_subrogation | boolean | no | COI term present | false |
| coverage_gl_limit_usd | number | no | General liability limit (COI) | 2000000 |
| coverage_auto_limit_usd | number | no | Auto liability limit (COI) | 1000000 |
| coverage_wc_limit_usd | number | no | Workers’ comp limit (COI) | 500000 |
| iso_scope | string | no | Scope statement (ISO) | Assembly at Detroit site |
| iso_site_covered | string | no | Sites included (ISO) | DET-PLT-01 |
| attachment_ref | string | no | Evidence file reference/path in Parakeet | files/COI_SUP-001234_2025.pdf |
| last_validated_at | datetime (UTC) | yes | Most recent verification timestamp | 2025-10-01T18:30:00Z |
| validated_by | string | yes | “Rosella AI” or analyst name | Rosella AI |
Why Parakeet for certificate tracking
-
COI automation and gap detection: purpose-built ingestion, verification, and synchronization via COI automation and Canopy Connect integration.
-
ISO lifecycle acceleration: templates, evidence collection, and renewal workflows through Certification Automation.
-
Embedded collaboration: instant alerts and tasking with Slack, Microsoft Teams, and Trello.
-
Never miss a deadline: automatic scheduling with Google Calendar integration.
-
Spreadsheet synergy: keep existing Excel/CSV flows while adding audit trails and automation, as outlined in our approach to augment—not replace—spreadsheets (read more).
-
Unified integrations: connect finance/HR/ops systems via Integrations for a complete compliance picture.
-
AI assistance: research, gap summaries, and audit pack generation through Rosella AI.
Implementation checklist
-
Define requirement profiles by supplier category and region (insurance limits, ISO scope).
-
Import supplier master and historical certificates (CSV or connector) and align IDs.
-
Configure 90/60/30 reminder policy, recipients, and escalation owners.
-
Enable Slack or Microsoft Teams alerts; push remediation tasks to Trello.
-
Turn on Google Calendar sync for audit and expiration dates.
-
Validate the auditor CSV export against your governance pack; add fields if your assessor requires them.
Related Parakeet use cases
-
Contractor onboarding with document collection and status tracking: Onboarding
-
Manufacturing and supply chain compliance monitoring: Manufacturing
-
Continuous compliance and crisis-readiness: Continuous Compliance