Supply Risk Management

What Are Some Types of Risk an Organization May Face?

Many organizations lack a defined process in identifying the events of potential supply risk disruptions, as well as, the systems and processes to plan, measure and mitigate risk. The lack of planning is the direct cause of unforeseen supply risks that negatively impact the profitability of an organization. To unearth potential supplyrelated problems, the entire organization needs to be involved from procurement through IT, legal, marketing, operations, and sales. The risk plan must be created with defined measurements that are able to predict with relative certainty the financial impact that a supply disruption can cause. The defined risk strategies are created to help mitigate the effects of any disruption of supplies with costs and benefits associated.

A practical outcome focused process framework created with cross-functional input can help ensure an organization has a risk management plan that's the right fit for their company.

Develop an Overall Process Framework Tied to Outcomes

Identify the Risks and Potential Outcomes

Ultimately, the organization must create a strategy that focuses on achieving various quantifiable outcomes. An organization should develop a quantified picture of current total product or service related risk. For example, procurement should identify the probable internal and external risks in strategic, critical or commoditized products or services supplied. They should also place a level of severity of that impact/outcome. The collectiveness of all the risk factors identified that intersect and impact the organization is the "total supply management risk.” By assessing the total supply management risk, managers can analyze their situations and assign resources to improve their risk mitigation efforts. To arrive at that total risk, however, they must undertake a risk management process to identify the vulnerabilities in each of the risk areas, the circumstances that create the vulnerability, the probability of occurrence, and a process to mitigate the risk. Employing a process methodology for risk management will help businesses stay ahead of any market changes and plan for cause/effect risk contingencies.

Profile the Suppliers

Start with prioritization of key suppliers based on risk profile and develop the appropriate risk management strategies for each individual supplier. To identify potential risks, start by making sure you have a thorough understanding of all the steps within the supply or service provided. Identify each product material, service related process step and contractual performance agreements. Begin by building a process chart of all related labor, materials and associated overheads. Examine each component to understand and capture the processes used by each supply source. Your supply assessment should include potential as well as existing suppliers to gain an assessment of competition and backup sources. Identify value-added steps in the supply management process to assess the possibility of working with new or existing suppliers closer to your organization to improve competitiveness as well as reduce potential supply risks. Unless your management team is monitoring and measuring the complete supply process from beginning to end of your supplier's actual product or service, a disruption could cause issues to your product or service way before you become aware of it.

Define the Total Outcome Plan for Implementing Risk Management Strategies

Take into account all the identified risks and prioritize them. Developing and utilizing an organizational-tailored risk template, rank the risks in order by assigning a risk score. This template can be a risk spreadsheet “simulation” or based on internal system scenario planning. You can establish a risk score by estimating the likely time of the disruption and costs you will need to recover. Include a "worst possible scenario" to assess the effects of a long period of supply disruption. Then evaluate if other options will provide a measure of protection and what the cost would be for that protection. It is critical that your team gets management sign off for any implement plan. Once you have data analyzed and developed, the next best step would be to develop a cost/benefit business case presentation to executive management. The head of procurement or even supply chain should help to lead this effort. Specify the risk impacts and make sure you are clear on the action steps and commitments needed. Also, schedule time-phased progress reviews with executive management. It is very important to have executive management support when developing and implementing a risk management strategy to the organization. They provide support and needed commitment towards your goals. Management can build support from different departments and these departments will provide commercial insights and technical expertise to the risk plan. Once the strategy and plan have been approved, stay the course and hold periodic team reviews to ensure the strategy remains effective and sound. When circumstances demand changes, be ready to recommend and implement those changes to the plan with executive management.

Communicate, Communicate, and Communicate!

An agreed communication schedule helps a corporate culture embrace a company goal for effective risk management. Continually ask these questions in the process:

• Are all needed people chosen in identifying risk factors?
• Have we mapped out all those who should participate?
• Have internal stakeholders been communicated to regarding the issues?
• What risks are we planning to discuss with external stakeholders?
• Have we developed a touch point strategy in the event that a risk event occurs?
• Is there clear roles, responsibility and accountability for insuring the right people get information and take action if required?
• Any contingency plans created, evaluated and put into a run-through?

Example Steps To Implement a Mitigation Strategy for Identified Risks

First, choose resources that have strong organizational and functional strength.

• Identify functional expertise required
  • Recruit functional experts
  • Assemble cross-functional project team
  • Possible team composition:
    • Procurement
    • IT/Systems
    • Product research & development
    • Engineering
    • Regulatory
    • QA
    • Supply chain
• Identify procurement areas in scope
  • All approved and currently marketed products
  • All products that have passed stage 3 approval but not yet fully approved
• Identify suppliers involved in risk areas (sole source, single source, multiple source, no perceived risk)
• Agree on supplier ranking and develop a supplier qualification criteria
  • Develop supplier qualification through RFI assessments with weighted questioning, risk mapping, utilize a baseline functional risk ranking to develop a total risk profile
  • Develop a modeling process to develop time, cost, and resource requirements for developing alternative sources
• Assess current risk weaknesses
  • Identify unmitigated revenue disruption risk by total company, product/service line and supplier
• Create a risk based financial model
  • Collect qualitative and quantitative data; RFI & internal
  • Map qualitative into quantitative
  • Develop a decision model to understand financial risk and evaluate mitigation investment options
• Identify risk mitigation options
  • Identify potential risk mitigation options including cost, time and resources to implement; Options could include backlogging stock products or forward buying needed services, fully qualify alternative source, partially qualify alternative source and build risk inventory. Also identify present value towards investing in potential options via previously developed financial risk model
• Team options get evaluated
  • Recommendations developed by evaluating current revenue loss exposure (via financial model) Whole company–consider all end products/services by product line and supplier
  • Identifying best options and related cost, time and resources to implement by raw material, by supplier, by end product (supplier qualification models and risk mitigation options generation)
• Choose a summary of options to management

Summary

Supply chain risks represent a major threat to businesses and a process must be developed to identify potential impacts to the organization and a method to quantify risks. Incorporating a wellplanned, cross-business and cross-functional team approach is essential for success and helps in the process of gaining top management endorsement. An organization also needs to be aware of areas of risk, probability, impact and timeline to correct issues that arise. By utilizing a financial risk model that will channel present value towards investing in potential options, organizations will be able to mitigate risk and avoid potentially painful monetary loss.