In today‘s global economy, the response to supply chain risk has largely been “reactive”.  Unmitigated risk can cause disruptions for a company’s supply chain.  Traditional, “cost down” procurement efforts often amplify and expedite supply chain risk (e.g. moving contracts from a troubled supplier, delaying supplier payments, competitive bidding, etc.).  Procurement initiatives are often based on “Landed Costs” without considering the additional inventory and increased supply chain risk costs.  Existing supply chain risk management evaluation tools and techniques utilize “lagging” financial indicators (e.g., sales, cost trends, profit margin, sales growth, etc.).  They are also reactive because they utilize lagging indicators such as percentage of on-time deliveries or quality.  These might be useful in helping supplier development and current assessment but lacks supply chain risk assessment due to unforeseen “disasters” or happenings (i.e., coronavirus).  Supply Chain Risk Assessment is a five step process that systematically identifies potential failures in the supply chain.

  1. Identify study approach.
  2. Objective:  Define the system and problems of interest, Determine  analysis approach type, Identify the level of  Study
  3. Deliverables:  A defined methodology for the supply chain failure mode analysis
  •  Identify failure modes.
  • Objective:  Divide system into logical sub-units, Identify failure modes of the system, Determine key input variables
  • Deliverables:  A list of failure modes.  A list of all the way the inputs to a supply chain can fail
  • Evaluate failure modes.
  • Objective:  Evaluate failure modes capable of producing problems, Identify the causes and effects of each failure mode, Determine controls currently in place
  • Deliverables:  A list of effects each failure will have downstream, A list of causes each failure mode can have, A list of controls in place for each failure
  • Perform quantitative analysis.
  • Objective:  Develop  severity, occurrence and detection scales, Score severity, occurrence and detection for each Failure Mode, Cause and Control
  • Deliverables:  Severity, occurrence and detection scores across all failure modes, Initial “RPN” calculation
  • Calculate risk level.
  • Objective:  Finalize RPN calculation, Prioritize Risks, Include Risk Mitigation activities, Distribute results
  • Deliverables:  Finalized “RPN” calculations, Prioritized list of Supply Chain Failure, Modes based on Supply Chain risk

Several tools can be used to support the supply chain risk assessment process: supply chain FMEA (our focus), supply chain mapping;  supply chain audits;  boundary diagrams;  affinity diagrams;  P-diagrams, etc.  The identification and qualification of risk is essential in the migration from reactive to predictive risk management.  Supply chain risk evaluation tools should qualify risks against specific failure modes.  Risk management efforts should focus on:  1) identification of supply chain failure modes;  2) comparative likelihood of occurrence of failure;  and , 3) current measurement methods and controls.

Our group conducted research about the potential for managing risks in Supply Chain Management.  This study showed that documenting the likelihood & impact of risks was not a key part of SCM and that supply chain risk information was not readily available to key-decision makers.  Furthermore, very few firms are actually able to exploit risk to an advantage by taking calculated risks in the supply chain and even fewer were prepared to minimize the effects of disruptions.  The results were very mixed on whether a key part of supply chain management was documenting the likelihood & impact of risks.  Even more mixed was if supply chain risk information was accurate and readily available to key-decision makers.  There was some debate as to the validity and usefulness of tools to operationalize the process.  The managers did tend to prefer approaches which combine subjective and objective measures because this allows them some freedom rather than being pushed into taking decisions solely on complicated numerical analysis.  Failure Mode Effects and Analysis (FMEA) is a mainstream tool used to collect information related to risk management decisions for most companies in an engineering capacity, but not in a supply chain capacity.  There were several documented procedures to complete an FMEA, especially in automotive.  Most managers supported a modified version of the tool that could be used to help evaluate the risk of SCM decisions.

Several of the firms used financial reports and questionnaires during supplier approval to compare supply candidates to the business requirements of the buyers or project teams. When justified by a perceived level of risk, a few of the firms went one step further and had candidate comparison matrices (e.g., supplier profiling form and supply Chain PFMEA). Additionally, most had formal processes for supplier visits (e.g., Rapid Plant assessment, site verification of the supplier questionnaire, etc.).  Some firms actually used life cycle management with supplier report cards and their buyers would conduct periodic supply chain reviews.  In one firm, sourcing was assigned risk ownership and they used FMEA principles to evaluate risk impact.  For each risk, they would assess what the financial impact would be in the event of a disruption.  They then assigned a probability to each risk area and then they prioritized by multiplying the financial impact by the risk probability.  Most firms are only using existing SCM applications for managing risk with no formal risk management system in place.  In the absence of risk management applications, these firms are building risk considerations into traditional SCM applications. 

Managing supply chain risks should occur at all levels of the supply chain, and the process should support integration with supplier and customer risk management activities.  The process should be active in all stages of the acquisition life cycle, starting with technology development and continuing through acquisition, production, maintenance, repair, and disposal.  The scope of the process should include all types of risks appropriate for the supply chain.  In addition to the common causes of disruption, risk identification should consider economic, political, environmental, regulatory, manufacturing readiness, and technological obsolescence issues.  All levels of management should be actively engaged in risk management, including strategic, business, program, technical, and tactical levels.  The process should both leverage common tools for assessing risk, but also develop specific SCM mitigation tools and solutions. 

A method for analyzing supply chain risk must be a cross-functional process that involves senior management as well as key stakeholders from finance, operations, internal audit, and risk management.  However, the companies in this study have not adopted this boundary spanning process.  Instead, they have managed risks within functional areas.  However, it was acknowledged that the most effective forms of risk management demands involvement across multiple areas of the organization. 

Understanding the risks within a supply chain requires an in-depth knowledge of business operations.  To develop this understanding, the company must begin with interviews and workshops typically involving a cross-functional team of subject matter experts representing sourcing, manufacturing, and logistics.  The company must collect its financial and risk performance data (e.g., average lead times, safety stock levels, other inventory levels, etc.) and benchmark it against industry and functional comparisons.  This process enables the organization to develop a detailed picture of its supply chain, which in turn helps it identify potential risks more easily.  A few managers took the view that effective supply chain risk management does not need to be a highly formalized and structured process.  However, our approach favors a more formal, structured process for managing risk.  

For full report, see:

Also, see (click “PDF” once on the site):

Please reach out for more material. Thank you. Sime

“WMU Integrated Supply Management (ISM)…Nation’s best undergraduate SCM program (Gartner); 2nd in SCM technology (SoftwareAdvice);  2nd in top global SCM talent (SCM World)”

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *