6 • Supply Chain Risk Management: An Emerging Discipline
ocer is also the company’s general auditor. At other companies the chief
risk ocer may be the chief nancial ocer (CFO). And at some compa-
nies the chief risk ocer may be part of the insurance group.
Defining Supply Chain Risk Management
Now that we have a working knowledge of ERM, what is supply chain
risk management (SCRM)? e denition partly reects someone’s
professional discipline or where they reside in the supply chain. In the
information technology space, the National Institute for Standards and
Technology denes supply chain risk management as a “multidisciplinary
practice with a number of interconnected enterprise processes that, when
performed correctly, will help departments and agencies manage the risk
of using information technology products and services.
7
MITRE, a pri-
vate, not- for- prot corporation that provides engineering and technical
services to the federal government, denes SCRM as “a discipline that
addresses the threats and vulnerabilities of commercially acquired infor-
mation and communications technologies within and used by government
information and weapon systems. rough SCRM, systems engineers can
minimize the risk to systems and their components obtained from sources
that are not trusted or identiable as well as those that provide inferior
material or parts.
8
A third perspective, and the one that most closely aligns
with our philosophy, says that supply chain risk management (SCRM) is
“the implementation of strategies to manage everyday and exceptional
TABLE1. 1 (continued)
Apple Enterprise Risk Factors: 10-K Report
e company’s business is subject to a variety of U.S. and international laws, rules,
policies, and other obligations regarding data protection.
e company expects its quarterly revenue and operating results to uctuate.
e company’s stock price is subject to volatility.
e company’s business is subject to the risks of international operations.
e company is exposed to credit risk and uctuations in the market values of its
investment portfolio.
✓ e company is exposed to credit risk on its trade accounts receivable, vendor
nontrade receivables, and prepayments related to long- term supply agreements, and
this risk is heightened during periods when economic conditions worsen.
e company could be impacted by unfavorable results of legal proceedings.
e company could be subject to changes in its tax rates, the adoption of new U.S. or
international tax legislation, or exposure to additional tax liabilities.
Supply Chain Risk Management: Setting the Stage • 7
risks along the supply chain through continuous risk assessment with the
objective of reducing vulnerability and ensuring continuity.
9
One way to view supply chain risk management is to think of it as the
intersection of supply chain management and risk management. One
thing we know about SCRM is that no standard denition exists. is is
one indicator that SCRM is still an evolving discipline. Risk is embedded
within so many business disciplines that it should come as no surprise that
dierent groups perceive this concept dierently.
WHY FOCUS ON SUPPLY CHAIN RISK MANAGEMENT?
Anecdotal accounts of why supply chain risk management must become a
corporate concern are not hard to come by. In fact, we will present dozens
of examples that reveal the downside of risk. While natural disasters like
hurricanes and oods grab the headlines, the reality is that supply chains
face a whole range of risks that most observers believe only to be increasing.
A survey by American Productivity and Quality Center (APQC) revealed
that 75% of responding companies indicated they were hit by a major supply
chain disruption during the two- year period prior to the date of the survey.
A classic example of supply chain risk involves a re that destroyed an
electronics supplier in New Mexico that supplied Nokia and Ericsson with
critical components for their phone businesses. e response to this risk
event shows the strategic implications of eective (or ineective) risk man-
agement. Nokia’s ability to quickly secure components from other sources,
compared with Ericsson’s lack of preparation for responding to this event,
resulted in a dramatic industry shi. Ericssons supply disruption not only
cost the company several hundred million dollars in lost sales, but it essen-
tially ended the company’s position as a player in the growing wireless
phone business. Chapter9 will investigate this example in greater detail.
Consider some other supply chain risk events:
A U.S. producer of power tools was surprised to nd that the Asian
supplier it contracted with to produce its lower- end products began
selling those products under its own label in Asia. e U.S. company
was further surprised to nd that the supplier shared its product
designs with other Asian companies. e U.S. producer eventually
found itself competing in North America with its own products.
8 • Supply Chain Risk Management: An Emerging Discipline
Some German thieves developed a creative way to steal freight on
highways. e thieves position a car in front of a truck to slow it down
while another car is positioned next to the truck to prevent it from
passing the car in front. en, a third vehicle pulls up behind the
truck and at that point one of the gang members opens the back of
the truck to remove cargo. ieves have used this method to steal
cargo more than 50 times.
10
Nylon-12 is a critical resin for producing fuel lines and other automo-
tive components. Unfortunately, the resin supply for the entire world
is essentially produced in a single facility in Germany. What is even
more unfortunate is the explosion that ripped through that plant,
taking out half of the worlds output in the blink of an eye. Within
hours automotive original equipment manufacturers (OEMs) had
established crisis management teams to scour the globe for new sup-
ply sources.
Eight heavily armed thieves dressed as police and driving two police
vans with ashing lights drove through a hole in the perimeter fence
of the Brussels, Belgium, airport and onto a runway. In less than
ve minutes the thieves opened a plane’s cargo door and unloaded
120 packages holding $50 million worth of polished and uncut
diamonds. e thieves escaped with the diamonds and are forever
embedded in criminal folklore.
We could go on, but you get the idea. Moving beyond anecdotal accounts,
an emphasis on supply chain risk management is necessary today because
supply chains face many factors that result in higher risk, more so than at
any time in modern history. Some of these risk factors are self- inicted;
others are not. IBM researchers have identied a solid set of factors that
lead us to a clear conclusion—supply chains are becoming more, rather
than less, risky. Table1.2 summarizes this important set of factors.
Other factors inadvertently expose a company to heightened supply
chain risk through unintended consequences. is includes just- in- time
delivery and lean systems that result in little to no buer inventory; a trend
toward centralized decision making that may reduce response times and
exibility at local levels; continuous cost reductions that may aect a com-
pany’s ability to plan and respond to risk events; greater use of single sourc-
ing, which oen leaves a company with few supply options and higher
supplier switching costs; and widespread outsourcing, potentially leading
to a loss of supply chain control. Sometimes we are our own worst enemy.
Supply Chain Risk Management: Setting the Stage • 9
A study by the Aberdeen Group identied some good reasons why a
company should make SCRM an embedded part of its corporate culture.
First, a need to protect an organizations brand and competitive advantage
is a strategic necessity. Risk events have a nasty way of aecting brand
value quickly. Simply think about how stories, whether they are true or
not, can impact the value of a brand. Next, the increasing volatility of
the global economic environment and markets is resulting in greater risk
exposure. ird, corporate mandates to institute and/ or improve risk
management and governance programs are only going to increase. And, a
growing need to comply with new or changing regulatory requirements is
forcing a greater emphasis on risk management. Finally, constant pressure
to improve shareholder and customer condence while trying to reduce
costs may result in actions that result in greater risk exposure, such as
searching for suppliers in untested emerging supply markets.
A range of surveys and studies conclude that supply chain risk is grow-
ing. To disregard what has become obvious is short- sighted and danger-
ous. We can easily cite source aer source that concludes essentially the
same thing—supply chain risk and its impact on corporate performance
continues to grow. It would be challenging to argue that supply chains are,
on average, becoming less risky.
TABLE1. 2
Factors at Make Supply Chains Riskier
Increased globalization through outsourcing, which stretches end- to- end supply chains
Additional regulatory compliance imposed by government entities, further
complicating international trade (such as C- TPAT and SEC conict mineral
reporting requirements)
Increased levels of economic uncertainty and market volatility, which create
additional variability in demand and supply and make it more dicult to
accomplish demand–supply planning
Shorter product life cycles and rapid rates of technology change, which increase the
risk of inventory obsolescence
Demanding customers that create additional time- to- market pressures by requiring
better on- time delivery, higher order ll rates, and improved service level eciencies
Supply side capacity constraints, making it more dicult to meet demand
requirements
Natural disasters and external environmental events, which aect global supply
chains
Complex networks of suppliers and third- party service providers, as well as large
interdependencies among multiple rms, which increase the need to coordinate risk
10 • Supply Chain Risk Management: An Emerging Discipline
Some SCRM Observations
Extensive experience and research enables us to make some observations
about the state of risk management. (Chapter2 will provide a more in-
depth presentation of the “as is” state). Perhaps most importantly, most
observers have concluded that the potential impact of risk has increased
over the last 15 or 20years. In one survey, almost 75% of risk managers say
that supply chain risk levels are higher than in 2005. More than 70% say
the nancial impact of supply chain disruptions has also increased.
11
And,
there is no question that supply markets have become more volatile. e
size of uctuations in commodity prices has more than tripled since 2005
compared with the period of 19802005, based on International Monetary
Fund data. If you really think about this hard enough, you might just
get depressed.
We can also conclude that too many rms are not prepared to handle
the supply chain risks that may come their way, even though most manag-
ers understand that supply chain risk is a growing concern. While ERM
has been at the forefront for many companies, SCRM has been more of
an aerthought. A recent study revealed that for rms with less than
$500 million in annual revenue (which is the vast majority of companies),
only 25% take a proactive approach to risk management.
12
Another observation is that while many risk categorizations and topol-
ogies exist, a convergence appears to be happening around the key cat-
egories of supply chain risk—a convergence this book uses. Finally, as it
relates to mitigating or lessening the impact of risk events, we tend to see
the same set of standard approaches that fail to reect bold or innova-
tive thinking. While “blocking and tackling” will always be important,
it is time to see a bit more creativity and sophistication within the SCRM
arena. Later chapters will look at some more advanced SCRM approaches.
Why Aren’t We Prepared for SCRM?
e reasons why so many rms are not prepared to manage supply chain
risk eectively are varied. We cannot ignore what is perhaps the most
likely reason of all—risk management has simply not been a part of the
supply chain domain. Why would we focus on something that is not con-
sidered all that relevant? It is easy to view the eorts put forth toward risk
planning as a big exercise in busy work. is may not be the kind of work
that gains personal recognition and promotions.
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.223.107.32