Supply Chain: It’s Still ‘Risky Business’

Supply chains remain a “Risky Business” for many organizations; it's however definitely not “Mission Impossible”!

There is no doubt that for many reasons, most organizations have an increasingly fragile supply chain that is riddled with potential risk. Over the past few years, we have seen significant events around the world that have only heightened the awareness of how detrimental risk can be to the business. This has caused supply chain risk management to become a paramount focus for many organizations. But the question on the minds of executives today is still: How do we take decisions on which of the possible risks to mitigate?

Within the supply chain, there are many key decisions that could result in significant benefit to the company but could be deemed “risky,” such as outsourcing manufacturing operations for a key product, expanding into a new market, or even the introduction of a new product or technology. Companies often make those decisions based on perceived pricing or service advantages with little thought given to the increased levels of risk.

Most organizations would certainly struggle to quantify those risks to aid them in making solid, fact-based return-on-investment (ROI) decisions on the mitigation efforts to reduce the probability of risk or lessen the impact to the business should the risk be realized. Having a disaster recovery program or putting in place a high-level business continuity plan is simply not enough and seldom touches the risks stemming from risks that aren't geopolitical in nature.

How would a disaster recovery program aid in the resolution of a key supplier suffering from insufficient capital to fund an unanticipated growth in demand, for example? A robust process for calculating risk is helpful in moving the organization from simply addressing response capabilities to better assessing where in the supply chain we are most vulnerable. This process starts from a solid mapping of the current supply chain and identifying the potential risks. The application of the value-at-risk (VAR) measurement helps us assign a quantifiable number for the risk by the simple calculation: Probability x Impact = VAR.

An understanding of the VAR will drive us to consider the ROI of any mitigation effort to either reduce the probability of the risk occurring (prevention) or the impact that the risk might have to our business (recovery). This powerful combination will help to set an organization on the right path to de-risking its overall supply chain.

For a further discussion and helpful tips on the subject of supply chain risk management join your colleagues on the upcoming Webinar, Supply Chain – “It’s Risky Business”. The Webinar will focus on how companies can better define the supply chain risks facing their enterprises, offer concrete examples of how these challenges can affect a business, and discuss how to, as accurately as possible, measure and mitigate risks. This Webinar will take place on Wednesday, August 22, at 11:00 a.m. EDT. Click here to register.

15 comments on “Supply Chain: It’s Still ‘Risky Business’

  1. Barbara Jorgensen
    August 6, 2012

    I know of entire consultancies that assess risk, and on the financial side of things there's a lot of activity as well. I wonder, though, if risk management is appraoched much like insurance–users have to weigh the monthly outlay vs. the likelihood of something actually happening. There is a lot a company can do internally, but the supply chain depends on so many partnerships to work…I wonder if the risk is greater the more partners you have?

  2. Cryptoman
    August 6, 2012

    The VAR calculation sounds simple enough but I am not sure how the probability (P) and the impact (I) can be quantified accurately. There will obviously be a set of assumptions involved in the calculations but then how accurately can VAR be represented? I cannot see how the impact of an event can be quantified. What is its unit to start with?

  3. Mike Manzo
    August 6, 2012

    Great question Barbara-This is a hot topic given the events last year in Asia that disrupted so many supply chains. Many insurers are requiring this type of analytics in order to obtain contingent business interruption coverage to transfer risk against a disruption in the supply chain. Dempsey Partners is one of the leading firms doing this type of analysis. They quantify the impact of a lost supplier based upon dependency, which gives supply chain managers, and risk managers a tool to rank and insure against suppliers that would cause the greatest impact. 

     T o answer your question, yes the more suppliers you have the greater the probability and risk it poses to an organization.  D empsey Partners also works with the cat modeling companies that can calculate the probability ofa given event and its impact to an organization. 



  4. elctrnx_lyf
    August 6, 2012

    I just wonder about how the electronic components companies or oem's are getting insured. So the assessment of all the risks in supply chain could be a major requirement from the insurance companies. Insurance is everywhere.

  5. Jennifer Bisceglie
    August 7, 2012

    Although the number of suppliers, as well as how many levels of supplier, can increase the level of risk an organization is exposed to, much risk can be understood and mitigated if we institute a scalable framework of business processes that extends up into our supply chain.  We need to change the dynamic to bring down the fear factor and the costs.  Insurance is always an option but does not replace good business processes and knowing who you are doing business with in the first place.

    A couple of the first steps include deciding on the criticality to the organization of the mission/program you are looking to mitigate against, and then prioritizing the areas/products that could impact that mission/program based on interdependency across the organization and/or impact of that product on that specific program.  This might sound like a big job and it can be.  But given the consequence, we each much understand and decide if the effort is worth the investment vs. just looking at this as a 'cost.' 

    Some may say we're up against a new and unprecedented hazard – we need to take steps to invest in our organizations against this new hazard just like we would with any other new hazard or threat to our businesses. 

  6. Barbara Jorgensen
    August 7, 2012

    Mike–thanks. This is interesting. It has only been a recent development that supply chain risk is being addressed from the insurance (third party) standpoint. I'm not saying it didn't exist, but most risk management was covered by contracts between suppliers, distrbutors and customers. Finance has its own type of “insurance.” Now, the supply chain has to expand beyond contracts into third-parties.

  7. Barbara Jorgensen
    August 7, 2012

    Jennifer–good points. The key word is scalable, and it does seem to me that companies have to prioritize which “nodes” of the supply chain are most critical, or which products.

  8. Douglas Kent
    August 7, 2012

    @Barbara – you are exactly correct.  The VAR measure was in fact “borrowed” from the financial community and leveraged for use in SC Risk Management and the decisions of whether or not to mitigate must be ROI based. An organization simply cannot mitigate all risks or we will go broke!  😉

  9. Douglas Kent
    August 7, 2012

    @elctrnx_lyf   Insurance has most certainly found its way into Supply Chain.  It becomes increasingly necessary particularly with the financial fragility of some suppliers and customers from AP/AR perspective!

  10. Douglas Kent
    August 7, 2012

    These are real challegnes and the VAR measure is not easy.  However the SCC council and its members have done a great deal to move this forward.  Often probabilities and impacts are considered/calculated using a myriad of external information in addition to an organization's own data.  This is NOT an easy measure that is for sure – but ignoring the need to do it is also not acceptable  😉

  11. Ariella
    August 7, 2012

    @cryptoman I was wondering the same thing. I imagine that it takes quite a bit of data and number crunching just to come up with a fairly accurate probability. 

  12. Cryptoman
    August 8, 2012

    @Ariella I agree. The key point here is how accurate can it all be calculated? This depends on how P and I are calculated and more importantly the assumptions made in their calculations.

    In physics, for example, one of the most popular assumption statement goes like: “Let's assume that we are in a vacuum…” The truth is we are not living in a vacuum and therefore the results are often irrelevant in the real world although the analysis may be impressive and clever.

    As Albert Einstein said:”Everything should be as simple as possible but not simpler”. What I mean is VAR = P x I looks simple enough but is it too simple?

  13. Ariella
    August 8, 2012

    @Cryptoman You explain the point very well. The setup in physics reminds me of the setup in teaching the forces of economics. It starts on the assumption of ceteris paribus– that everything else remains the same — a situation that is never possible in the real worlds. 

  14. bolaji ojo
    August 10, 2012

    Jennifer, Well stated. The risks highlighted in the article and the ones you pointed to are in the normal course of doing business but how companies approach these issues is even more important than the problems themselves. As you noted, fear can paralyze. Rather than worry about how “problematic” the challenges posed by outsourcing can be, ofr instance, it would seem to make more sense to figure out how to mitigate them and prioritize the response. I also believe that all players in a company's supply chain and the extended partnerships should be involved in these activities.

  15. bolaji ojo
    August 10, 2012

    And, of course, there are those risks that no insurance would be able to mitigate. Insurance can help reduce total loss, it cannot recoup all losses. Goodwill is one of those intangible elements that a supply chain disaster insurance policy would likely not cover and this often has tangible financial implications if it results, for example, in business lost because a vendor or customer declines to continue the relationship.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.