25
2
Supply Chain Risk Management
The As- Is Landscape
In this chapter we provide an overview of the growth of supply chain risk
management (SCRM) during the last few years and provide additional
insight into who is talking about SCRM, what they are saying, and the
tone of the dialogue. We will provide a summarized view of SCRM top-
ics, announcements, articles, reports, and survey results that help dene
the state of SCRM today. We will also share a perspective on SCRM
through a dierent prism: the Four Pillars of SCRM. We will then provide
a maturity level for each pillar. e chapter concludes with discussion of
SCRM adoption.
A CHRONOLOGY OF SUPPLY CHAIN
RISK MANAGEMENT
Let’s start by providing a sense of the growth of SCRM in terms of aware-
ness, discussions, articles, papers, surveys, solutions, tools, and more.
During our research for this book we compiled hundreds of reference
works in order to provide a comprehensive, end- to- end perspective of
SCRM. Using these reference works and our experience, we have com-
piled a chronology of the growth we’ve witnessed and the tone and tenor
of the dialogue.
While many risk management studies and surveys were conducted dur-
ing 2000–2010, our focus starts with the latter part of that decade. Most
supply chain executives became interested in SCRM aer the nancial
meltdown of 2008. Company aer company watched, almost helplessly, as
26 • Supply Chain Risk Management: An Emerging Discipline
customer orders were canceled, suppliers entered bankruptcy, and com-
modity markets became increasingly volatile. For many, 2008 was the
genesis of their risk management eorts.
2009
Most operations management and supply chain management profession-
als are familiar with the International Organization for Standardization
(ISO) Group and its set of standards that revolve around quality control
and process reliability, such as ISO 9000. In 2009, the ISO Group delivered
its rst set of standards directly relating to supply chain risk, which was
a major recognition of the importance of SCRM. ese standards include
ISO 73 and ISO 31000. ISO 73 proles the vocabulary and taxonomy of
risk within the supply chain, and ISO 31000 provides insight into the prin-
ciples, practices, and guidelines to eectively identify, assess, mitigate, and
manage supply chain risk.
A key report during this period was Accenture’s 2009 Managing Risk for
High Performance in Extraordinary Times.
1
is global report, which sur-
veyed 260 CFOs, chief risk ocers, and other executives across 21 coun-
tries, came right aer the 2008 nancial meltdown. is report explored
the details of what was going on around the globe relative to risk and its
impact on businesses and supply chains. It was one of the rst compre-
hensive analyses of the cause and eects of risk to global supply chains.
is report revealed that 85% of executive respondents said their com-
pany needed to overhaul its approach to risk management; 40% said their
companies already had increased or would increase their investments in
broader risk management capabilities; 41% stated their risk management
costs increased by at least 25% over a three- year period; and only 27%
said their risk management function was involved, to any great extent, in
objective setting and performance management.
Accenture concluded that steps needed to be taken to manage supply
chain risk to protect a company’s competitive advantage, reputation and
branding, and credit ratings; to maintain positive comments by ana-
lysts; and to ensure access to capital over time at a reduced cost. Overall,
Accenture reported that many companies had a long way to go before they
should feel comfortable about their company’s state of risk management.
AMR released a report on risk in U.S. manufacturing to get a sense of
how businesses feel about the future and what they saw in terms of risk. e
top three concerns of U.S. manufacturers were supplier quality failures,
Supply Chain Risk Management: e As-Is Landscape • 27
commodity price volatility, and intellectual property infringement. In
particular, supplier solvency was a key concern. Furthermore, respondents
said that doing business with Chinese suppliers was contributing the most
to overall risk, scoring the highest in 11 out of 15 risk categories evaluated.
2010
In 2010, we began a course for a master’s of business administration degree
by explicitly proling the emerging elements of supply chain risk manage-
ment. e initial courseware was made up of articles, survey outcomes,
reports from the insurance industry, and the basics of good risk manage-
ment. As the course grew in maturity, a Supply Chain Risk Assessment
Tool emerged that codied the eects of supply chain maturity as it relates
to mitigating risk. e basic premise was that as the supply chain matures,
the inherent risks faced by that supply chain diminish.
e Supply Chain Risk Assessment Tool, featured in Figure2.1, encom-
passes about 100 questions- of- discovery about a company’s supply chain
across 10 tenets of the entire supply chain. It is a perception- based tool that
captures the complexion of a company’s operating environment relative to
a maturity model and then develops an inherent risk factor for every tenet.
Risk factors are then plotted inside a spider diagram for visual presenta-
tion using a red, yellow, and green designation. ere will be more discus-
sion about this tool later in the book.
Risk Gradient
Low Risk 1 to 4
Medium Risk5 to 7
High Risk 8 to 10
Heat Map Color Key
Leadership
10.00
8.00
6.00
4.00
2.00
0.00
1.00
3.00
5.00
7.00
9.00
Balanced
Scorecard
S&OP
Processe
s
Information
Systems
Integrated
Supply Chain
Customer
Demand
SCRM Risk “Heat Map” Assessment
Industry
Manufacturing
Supply
Logistics
FIGURE 2.1
Tools: supply chain risk assessment.
28 • Supply Chain Risk Management: An Emerging Discipline
During 2010, the Massachusetts Institute of Technology (MIT) Center
for Transportation and Logistics produced its preliminary ndings from
the Global Supply Chain Risk Management research project. e survey
collected 1,400 usable responses from companies in 70 countries. e
project’s primary goal was to understand if regional and cultural dier-
ences aect how people think about and manage supply chain risks. is
survey was a seminal point in the birth of SCRM. e nal report covers
dierences in attitudes about risk, dierences in risk frequencies (internal
and external events) and priorities, and dierences in practices across
countries and industries.
2
It is one of the few reports that approached risk
from a cross- cultural perspective.
e MIT report concluded that respondents showed a marked prefer-
ence for risk prevention as opposed to planning and response, but that
was inuenced by national culture. Furthermore, most respondents indi-
cated that risk planning and prevention should be carried out centrally
in an organization, while actual responses to most risk events should be
managed locally. Respondents were also asked to rank the top supply
chain disruptions for which their company should prepare. A breakdown
in supply quality, supplier nancial failures, and internal process failures
topped the list.
Aberdeen Group also produced a comprehensive report on SCRM.
eir ndings further supported the notion that SCRM is evolving as
a concept.
3
One of the key ndings from this study was an analysis of
the reasons behind pursuing an aggressive risk management agenda. e
top reasons include protecting the organization and its brand, safeguard-
ing against an unpredictable global economic environment, a corporate
mandate to institutionalize/ improve risk management, complying with
new and changing regulations, and maintaining and improving share-
holder value.
And what did the Chief Procurement Ocers (CPOs) plan to do to
manage risk according to Aberdeen? e CPOs expected to develop
clearly dened metrics for supply performance and risk, develop con-
tingency plans for supply disruptions, use external information services
to monitor and assess supply risk, and dene ownership of risk within
the organization.
is groundbreaking report was one of the rst times a research orga-
nization put together a comprehensive prole in an eort to codify the
elements of a good SCRM journey. Figure2.2 illustrates the actions items,
capabilities, tools, and techniques that will help ensure success within the
Supply Chain Risk Management: e As-Is Landscape • 29
risk management arena. e bulk of Aberdeen’s ndings about and jour-
ney toward good SCRM hold true today.
Also in 2010 PRTM (now part of PricewaterhouseCoopers) released its
Global Supply Chain Trends Report.
4
A few of the novel themes emanat-
ing from this study were that almost 75% of all the respondents believed
that demand and supply volatility will become the biggest roadblock to
capturing prots in the economic upturn, and more than 80% expected
complexity in their supply chains to increase dramatically, partly due to
an increase in product proliferation. e PRTM study produced several
important takeaways:
• Demand and supply volatility is here to stay.
• Supply chain complexity will be with us for many years.
• End- to- end supply chain cost optimization will be critical mov-
ing forward.
• Risk and opportunity management should span the entire supply
chain, including with key partners.
is research concluded, and this has certainly been borne out by
subsequent experience, that supply chains will become more volatile
Pressures Actions
– Protect the organization
and its brand/
competitive advantage
– Unpredictable global
economic environment
Aberdeen Group CPO Survey Report & SCRM Report 2010
– Implement processes
aligning risk
management with
compliance/governance
– Develop supply risk
mitigation strategies
– Build risk aware
culture throughout
the organization
– Standard risk
management
policies and procedures
across the enterprise
– Management
accountability
for risk management
activities within overall
governance framework
– Transparency in
communication of risk
information (i.e., policies
including escalation
criteria, procedures,
practices & thresholds)
– Risk information
integrated into core
decision-making (i.e.,
strategic planning
capital allocation and
performance
management)
– Enterprise Risk
Management (ERM)
platform/software
– Enterprise governance,
risk, and compliance
(GRC)
platform/Software
– Event management
(triggers/alerts)
– Query & reporting tools
– Enterprise BI platforms
– Heat
maps/dashboards/
balanced scorecard tools
reecting risk
– Predictive
analytics/process
modeling tools for
measuring and
monitoring risk
Capabilities Enablers
FIGURE 2.2
Best- in- class SCRM framework.
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.