Supplier risk has always been a factor in managing a supply chain. But supplier risk management has historically taken a back seat to more pressing concerns around cost and efficiency when evaluating suppliers.
Today, however, supplier risk has become a central issue in the supply chain narrative. This is in part due to the rise of global outsourcing and the current worldwide economic crisis, but also because leaner supply chains leave little margin for error when it comes to disruptions, delays or even natural disasters.
Despite the increased uncertainty and risk, most companies are still largely unprepared to deal with elevated supply chain exposure, including such incidents as logistics delays and product recalls due to quality and safety issues.
In a study of 110 North American risk managers by insurance broker and risk advisor Marsh Inc., performed in conjunction with Risk & Insurance magazine, nearly three quarters (73%) of the respondent companies said their supply chain risk has risen since 2005.
Nearly the same number of respondents, 71%, said that the financial impact of disruptions to their supply chain had also escalated. Risks and delays with suppliers ranked among the top concerns of half the respondents. Logistics delays and disruptions as well as natural disasters were issues for 40% of respondents.
Manufacturers lack supply chain risk management strategy
While participants in the Marsh study were clearly aware of the acceleration of supply chain risks, the overwhelming majority said they lacked effective supply chain risk management strategies. In fact, not one risk manager in the study considered their company to be "highly effective" at supply chain risk management, while only 35% scored their firms as "moderately effective." Of the respondents, 65% characterized their supply chain risk programs as having "low" or "unknown" effectiveness or said they had no formal initiative in place.
"Companies are not doing a very good job at managing supply chain risk," said Noha Tohamy, vice president of research at AMR Research. "They're still very much focused on cost and efficiency and risk is an afterthought." According to Tohamy, few companies understand how to think about supply chain risk and even fewer have created processes and an organization that measures and manages supply chain risk on an ongoing basis.
While most companies have an inherent understanding of the risks they face, for instance, quality issues that could result from dealing with component suppliers in China, few have a standardized process for methodically quantifying the dangers and keeping track of the impact. To do so, companies need to establish an organization specifically charged with tracking supply chain risk and the organization has to span all the functional areas involved in the supply chain, from procurement through manufacturing and logistics.
Software options for managing supply chain risk
Outsourcing relationships impose another wrinkle to gaining end-to-end visibility of the supply chain, creating even more silos of data regarding supply chain activity. "Best-of-breed companies are able to connect the dots, to go from an event that seems fairly trivial to a full-scale analysis of the consequences to the organization," said Trevor Miles, director of product marketing for Kinaxis, which sells a supply chain management software suite, called RapidResponse. The suite includes a risk management component that allows supply chain managers to simulate the impact of any supply chain risk, analyze it and come up with possible courses of action.
Business intelligence tools, modeling programs, even spreadsheets can be tapped as part of a supply chain risk management initiative. Extensions to SCM platforms along with best-of-breed programs like RapidResponse and Aravo Risk, which enables companies to measure, monitor and mitigate supplier risk in real-time, can help establish the business rules, data validation and business analytics that manufacturers need to generate supplier scorecards and gain the visibility necessary for taking preemptive, corrective action.
"If you just have a clipboard, you're doing everything by the seat of your pants," said Tim Albinson, CEO of Aravo. "With a system in place, you can do all kinds of things that can help with comparisons and figure out who's risky or not."
While most supply chain risk management software is relatively nascent, there is much a manufacturer can do to get a supply chain risk management program off the ground. In addition to establishing a cross-functional organization, companies need to define which risks they are (and are not) willing to take based on expectations from a variety of stakeholders, including top management, business partners and customers.
From there, they need to map out the risks and the impact they might have on their most valued assets and focus the supply chain risk management program on that core group, at least initially, then build out from there. Standardizing business processes around supplier tracking and measurement is also essential to making risk management a repeatable initiative.
More than anything, supply chain risk management needs to be dealt with as a holistic, continuous process -- not a one-off response to any specific problem or natural disaster. "People tasked with the responsibility are tired of having to constantly reassess the supply chain for different risk issues or a new set of threats that constantly change," said Gary Lunch, global leader for Marsh's Supply Chain Risk Management Practice. "Issues that used to be addressed as a one-off are now starting to be looked at on an aggregate level."
About the author: Beth Stackpole is a freelance writer who specializes in covering IT technology for manufacturers.