Remember the Japanese earthquake and tsunami that crippled the electronics supply chain? Or the floods that swept through Thailand and hit the disk drive industry? Or how Hurricane Sandy brought much of the US East Coast to a standstill?
The list of natural and man-made disasters goes on and on. Each time there's a disruption, supply chain executives promise to find ways to avoid the problems that crop up in the aftermath. Risk management is often the phrase that people toss around as a means to that end.
The issue, however, is that many people don't understand the full scope of risk management. A recent webinar hosted by Supply Chain Insights highlights some of the stumbling blocks companies face when addressing risk management and offers insights about how to protect the supply chain from an upheaval.
Simply defining supply chain risk management is sometimes a big task. So let's start there.
“Supply chain risk management is the proactive identification and assessment of potential risks to the supply chain, as well as the development of strategies to avoid these risks,” said Lora Cecere, founder and CEO at Supply Chain Insights, during the webinar.
The firm ran a survey in February and March to find out where people were in their thinking about risk management. On the plus side, based on responses from 46 manufacturers, retailers, distributors, and third-party logistics providers, many said risk management was important to their companies and that there is a growing awareness about the nature of risk at their companies. Additionally, the responsibility for overseeing and executing the supply chain risk management strategies lands in the hands of an executive with a C-level title, and more frequently that person is becoming the chief or vice president of supply chain, Cecere said.
Even so, risk management in and of itself falls further down the list of priorities when compared to other supply chain activities. Demand and supply volatility, supply chain visibility, cross-functional alignment, talent acquisition/retention, and ability to use data far outweigh risk management when companies think about their business pain points, she said.
However, filtered another way, while 80% of the 46 respondents said they had experienced a disruption in 2013 that had a material impact (on average, companies had experienced at least three supply chain disruptions during the year), only a small number of them — about 20% — were actually acknowledged in the company's financial reports, she added.
“We see areas of consistent high risk,” Cecere said when looking at risk drivers five years ago, today, and five years in the future. Five years ago, supply chain visibility and product quality were the main risk drivers, and today those areas are considered a “decreasing risk.” The areas of consistent high risk fall within the categories of supplier viability and demand volatility. Meanwhile, three spots with increasing risk status include geopolitical issues, regulatory compliance, and operations complexity.
So, how are companies addressing risk? The top three risk management techniques being deployed include the development of business continuity plans, increased conversations with suppliers and customers, and inventory buffers, the survey found. While these are good starting points, more needs to be done to protect the supply chain from disruption.
“There is more emphasis in the market on reactive strategies — a little bit of visibility, some business continuity plans. But there is less emphasis on proactive strategies,” noted David Simchi-Levi, a MIT professor and founder of Ops Rules, who was also on the webinar.
“There are so many sources of risk. I don't know which one will hit your supply chain, but I know something is going to go wrong. The question is: Is there a way to change the way we think about supply chain and the way we manage the supply chain so that we design strategies to reduce the impact of disruption?” he said.
To uncover systematically where risk is hidden in the supply chain and to address risk strategically, he suggested focusing on three concepts:
- Time-to-recovery (the time it takes to recover full functionality after a disruption)
- The financial impact (lost sales during time-to-recovery)
- The Risk Exposure Index (a methodology developed by Simchi-Levi to quantify the financial impact over all nodes in the supply chain)
Risk is by definition a risk, and therefore has no easy answer about how best to manage it. What best practices are you using to mitigate risks and better handle disruptions?