Supply Chain Risk

Management
What is Risk Management?
• Business Continuity Management (BCM), defined by the Business Continuity
Institute as “a holistic management process that identifies potential impacts
that threaten an organization and provides a framework for building resilience
and the capability for an effective response that safeguards the interests of its
key stakeholders, reputation, brand and value creating activities” (BCI, 2005).

• Enterprise Risk Management (ERM) as a set of coordinated actions

about protecting and enhancing share value to satisfy the primary
business objective of shareholder wealth maximization (Chapman,
2006).

• Resilient enterprise meaning the ability of the company to recover

quickly from a disruption (Sheffi, 2005).
What is Risk?
Risk refers to an exposure to a chance of loss or damage.

e.g. “We risked losing a lot of money in this venture”; “Why risk your
life?”

The interpretation of risk as an undesirable possible consequence of

uncertainty suggests that risk is a combination of two factors:

1. The probability that an adverse event or hazard will occur.

2. The consequences of the adverse event.
 Supply Chain Risk Management Defined
 Supply chain risk management is the systematic identification,
assessment, and quantification of potential supply chain disruptions
with the objective to control exposure to risk or reduce its negative
impact on supply chain performance.

 Potential disruptions can either occur within the supply chain (e.g.
insufficient quality, unreliable suppliers, machine break-down, uncertain
demand etc.) or outside the supply chain (e.g. flooding, terrorism, labor
strikes, natural disasters, large variability in demand etc.). 

 Management of risk includes the development of continuous

strategies designed to control, mitigate, reduce, or eliminate risk.

4
 Why is the topic of supply chain risk so
important today?
• Mattel had massive recall due to lead content in paint.
• United States experienced significant disruptions from Long Beach longshoreman
strike.
• United States experienced significant disruptions when borders and air transportation
shut down after 9/11.
• Fuel distribution in the United Stated was disrupted after hurricane Katrina damaged
pipelines.
• Nokia production shut down due to supplier plant fire.
• Kobe earthquake resulted in computer memory shortage, impacting multiple
companies
• UPS strike severely impacted ability to ship small packages in the U.S.
• Others…
 Why are today’s supply chains so vulnerable?

● Widespread adoption of ‘lean’ practices

● The move to off-shore manufacturing and sourcing

● Out-sourcing and reduction in the supplier base

● Global consolidation of suppliers

● Centralised production and distribution

All of which combine to make supply chains vulnerable to disruption

 Supply chain risk is systemic

• The biggest risk to business continuity may lie outside the company in the wider
supply chain

• The complexity of modern supply chains increases their vulnerability to disruption

• Environmental risks are outside our control, but systemic risk is created through our
own decisions
 The five sources of risk

 Supply risk

 Demand risk

 Process risk

 Control risk

 Environmental risk
 The five sources of supply chain risk

The five sources of risk

Demand Risk Supply Risk Process Risk
• Loss of major accounts • Dependency on key suppliers
• Volatility of demand • Manufacturing yield variability
• Consolidation in supply markets • Lengthy set-up times and
• Concentration of customer • Quality and management issues
base inflexible processes
arising from off-shore sourcing • Equipment reliability
• Short life cycles • Potential disruption at 2nd tier level
• Innovative competitors • Limited capacity/bottlenecks
• Length and variability of • Outsourcing key business
replenishment lead-times processes

Network/Control Risk Environment Risk

• Asymmetric power relationships • Natural disasters

• Poor visibility along the pipeline • Terrorism and war
• Inappropriate rules that distort demand • Regulatory changes
• Lack of collaborative planning and forecasts • Tax, duties and quotas
• Bullwhip effects due to multiple echelons • Strikes

Page 9
 CATEGORIZING RISK
Strategic Risk: Strategic risks are those risks that are most consequential to an organization’s ability
to carry out its business strategy, achieve its corporate objectives, and protect asset and brand value.

Hazard Risk. This category of risk pertains to random disruptions, some of which involve acts of God.

Financial Risk. Financial risks relates to the internal and external financial difficulties of the participants within
an integrated supply chain.

Operational Risk. Operational risk arises from daily operations. By far a disproportionate set of supply chain risks
will be categorized as operational since this category includes internal and external quality problems, late deliveries
anywhere in the supply chain, service failures due to poorly managed inventory, problems related to poor
forecasting, and a thousand other events related to operational performance failures.
 GENERIC RISK MANAGEMENT APPROACHES
Risk Mitigation the term risk mitigation to describe almost everything that is
undertaken in the name of risk management, including preventive actions.

Risk Avoidance
Avoidance involves exiting those activities that give rise to a risk. A company
may decide (and many have) that sourcing a material from a certain supplier is
too risky, so it avoids that supplier. Or, a certain line of products is not earning
enough profit, so a company decides to stop making those items (or sell the
brand to another company).

Risk Prevention
Prevention involves taking action to ensure that a risk does not become a risk event
or, if it does become an event, that it will have an inconsequential effect. This
approach to managing risk is often preferable when dealing with known risks.
 GENERIC RISK MANAGEMENT APPROACHES
Risk Acceptance
Acceptance means to take on and assume a risk. SCRM may not be a priority at a
company, so therefore no specific risk management action is taken.

Risk Sharing
Risk sharing involves transferring or sharing a portion of a risk to reduce or
mitigate it. Sharing product development costs with suppliers or buying
insurance is a risk-sharing method. We all practice risk sharing when we buy
home, car, or life insurance.
 Managing supply chain risk

● Map the supply chain

● Identify the critical paths
● Utilise cause and effect analysis (TQM tools)
● Implement supply chain event management
● Adopt agile practices
● Formalise supply chain risk management
 2. Identify the critical path(s)

Critical paths are characterised by:-

• long lead-times
• no short-term alternative source of supply
• bottlenecks
• high levels of identifiable risk (i.e. supply, demand,
process, control and environmental risk)
 3.1 Use cause and effect analysis

e.g.

 Pareto analysis
 asking ‘why?’ five times
 fishbone charts
 failure mode and effects analysis
 3.2 Pareto Analysis
Pareto Analysis is a technique for prioritizing problem-solving work so
that the first piece of work you do resolved the greatest number of
problems. It's based on the Pareto Principle (also known as the 80/20
Rule): The idea that 80% of value/issues may be caused by as few as
20% of activities/causes.

80% of disruptions will share 20% of the causes.

3.3 Asking “why?”five times
1. Q. Why did the machine stop?
A. There was an overload and the fuse blew.

2. Q. Why was there an overload?

A. The bearing was not sufficiently lubricated.

3. Q. Why was it not sufficiently lubricated?

A. The lubrication pump was not pumping sufficiently.

4. Q. Why was it not pumping sufficiently?

A. The shaft of the pump was worn and rattling.

5. Q. Why was the shaft worn?

A. There was no strainer and metal scrap got in.

Repeating why five times like this can help uncover the root problem and correct it. If this
procedure were not carried through, one might simply replace the fuse or the pump shaft. In
that case the problem would reoccur in a few months.

Taiichi Ohno
Toyota Production System
 3.4 Cause and effect analysis

No Stock Lead-Time
Available Too Short
Materials
Supply Problem Failure to Inflexible
Achieve Plan Systems
Forecasting
Capacity Problems
Failure to Constraint
Deliver on
Time Inadequate
Communications Poor Process
Control
Inadequate
Supplier
Poor Management
Scheduling
Carrier Quality
Performance Problems
 3.5. Failure mode and effects analysis (FMEA)
• Asks three questions:
- What could go wrong?
- What effect would this failure have?
- What are the key causes of this failure?

• Provides an assessment of risk for each possible failure:

S = severity of effect
O = likelihood of occurrence
D = likelihood of detection
3.6 Risk analysis scoring system
S = Severity 1. no direct effect on operating service level
2. minor deterioration in operating service level
3. definite reduction in operating service level
4. serious deterioration in operating service level
5. operating service level approaches zero

O = Likelihood of occurrence 1. probability of once in many years

2. probability of once in many operating months
3. probability of once in some operating weeks
4. probability of weekly occurrence
5. probability of daily occurrence

D = Likelihood of detection 1. detectability is very high

2. considerable warning of failure before occurrence
3. some warning of failure before occurrence
4. little warning of failure before occurrence
5. detectability is effectively zero
 Agility holds the key
Agile supply chains are designed to respond rapidly to
unpredictable change. They are based upon a number of
principles:-

• Very close connection to final marketplace

• Visibility of real demand
• High levels of synchronicity upstream and
downstream
• Organisational focus on processes rather than
functions
• Advanced level of collaborative planning with
supply chain partners
• Continuous search for time compression
opportunities
Zara & M&S: Design-Led Supply Chains
• Both fashion retailers have integrated design into their supply chains in recognition
that this mitigates risk and enhances supply chain agility

• Starting design procurement process as close to each selling season

• Avoid costs of storing finished products
• Make last minute changes (late customisation) as receive trend information &
utilise sales information from the current season – hence reducing time-to-market
• Design-led procurement prevents the build up inventory & enables companies to
be more responsive
• Designers are linked to the buying process and in control of design decisions
• By aligning design with the supply chain in this way, the companies have reduced
their exposure to supply chain failure & ensured that suppliers are able to produce
exactly what they require
 Achieving Agility in The SC Through Design

There are a number of critical principles underpinning design-led supply

chains

 The Supply chain “begins on the drawing board”

 Design is the start of the supply chain, not the end
 Design must be integrative rather than functional orientation (silo)
 Supplier integrated approach - (share product knowledge)
 Multi-functional teams
 Postponement & Planning
 De-Coupling
 Flexible
The importance of supply chain event management
● Supply chain visibility to enable potentially disruptive events to be
identified as they happen – or even before they happen.

● Work as a supply chain community to define the business rules

and exceptions that need to be monitored.

● Use shared information across the extended supply chain in as

close to real time as possible to create supply chain intelligence.
Resilient Supply chain

A resilient supply chain can be defined as “a supply chain

with the ability to recover quickly from unexpected events
impacting supply chain performance”
 Creating a Resilient Supply Chain:
Strategic Approaches
Supply Chain
Understanding
Supply Chain Supply Base
Design Strategy

1. Supply Chain
(re)engineering Collaborative
Visibility Planning

The Resilient 2. Supply Chain

4. Agility
Supply Chain Collaboration

Supply Chain
Velocity Intelligence
3. Supply Chain
Risk Management
Supply Chain Culture
Consider risk in
Continuity
decision making
Teams
Board level
responsibility &
leadership