What is supply chain risk management?
An important part of supply chain management, supply chain risk management is the process of identifying and managing issues within a supply chain. In practice, organisations take a co‐ordinated approach to manage both daily challenges and unique risks in the supply chain, typically using a supplier management software solution.
The objective of supply chain risk management is to reduce vulnerability and disruption within supply channels. By applying continuous risk assessment businesses aim for stability throughout the entire supply chain.
Who needs to understand supply chain risk management?
Traditionally risk management was seen as a function of the finance department due to its impact on revenue and profit. However, it is important that all levels of the organisation play a part in supply chain risk management. Supply chain risk needs to be viewed holistically as it impacts on all areas of business from manufacturing, warehousing, distribution, and sales.
- Read more: 6 Factors of Considering a New Supplier
Why is risk management so important in the supply chain?
Supply chain risk management mitigates any disruptions that can have a direct effect on a business’ productivity. Supply chain risk management increases a company’s ability to maintain operational continuity, to get finished goods to market or to provide crucial services to customers.
What were the biggest supply chain risks of 2020?
Undoubtedly, the biggest supply chain risk to impact 2020 was the Covid-19 pandemic. It resulted in trade restrictions, shortages of critical medical supplies, and delays of many other goods. The pandemic highlighted vulnerabilities of lean operations and the reliance on foreign suppliers as global economies shut down.
At its onset, few companies realised the extent to which supply would be affected by this unpredictable event and were ill-prepared to adequately manage its impact.
Because many businesses operate under single-sourcing strategies they were unprepared for the shutdown of primary suppliers. This single-source approach meant they faced supply disruption, inventory stockouts and lost sales when the pandemic hit. Businesses with a diversity of suppliers were also impacted when the reality of secondary and third supply chain challenges hit — first with a majority of China-based suppliers and later, as the virus spread, in other parts of the world.
While single-sourcing strategies are often seen to be the lowest cost scenario they can also amplify supply chain risk. Unfortunately, this became more evident with the unexpected and rapid spread of Covid-19, leaving companies vulnerable to product shortages, production interruptions and supply delays.
What are the main risks facing the supply chain in 2021?
The pandemic will continue to impact supply channels well into 2021 and possibly beyond. It has exposed many vulnerabilities in the production strategies and supply channels of organisation around the world.
According to the Harvard Business Review, these developments and the subsequent trade war between China and the US have prompted calls to reduce or eliminate domestic dependence on global suppliers.
With greater political and competitive demand on businesses to increase domestic manufacturing and employment, organisations need to build more resilient supply chains while rethinking how they approach lean strategies. On the other hand, consumers still want low prices. The challenge for businesses will be to create and maintain a resilient supply chain without weakening their competitiveness. To meet the challenge of balancing consumer expectations with supply vulnerability, organisation must first understand their vulnerabilities to then manage the risks.
The Covid-19 pandemic forced businesses to strengthen their supply chains
What is the 5-step risk management process?
The five steps of the risk management processes are identification, analysis, evaluation, management and monitoring.
1. Identify the risk
Companies need to identify the risks that the business is exposed to using multiple sources. Then they need to classify risks into categories such as supply, operations, and demand. For example, operational risks may include breakdowns, inadequate processing capabilities, health and safety issues and strikes. Supply risks can be in the form of political or economic disruptions due to trade restrictions and tariffs, environmental issues, natural disasters or a pandemic.
Understanding where the risks lie enables companies to create a detailed map of their supply chains to identify vulnerabilities and weaknesses. Parameters for assessing risk will include purchasing volumes, scarcity, the effect on sales, ownership structures, geography, custom and excise requirements. This means looking beyond your suppliers — look at your supplier’s suppliers.
You need to map the entire supply chain to capture supply paths, including origin, distribution facilities and critical transport hubs to avoid unexpected disruptions that could bring the business to a standstill.
- Read more: DIFOT: A Metric of Supplier Performance
2. Analyse the risk
Risk analysis helps to guide mitigation strategies by defining scenarios of possible outcomes and assessing the level of impact. A risk scorecard is a good tool for accessing the risk profile of a supplier or asset. Scorecards provide a snapshot of a supplier’s current risk status and helps to define and classify individual risks.
Scorecards are useful for organising risk by topics, such as economic stability of the suppliers, supply disruption risk, market and cost risk, image and compliance risk or quality and performance risk.
When undertaking risk assessments, it is also important to take into consideration location risks with regards to natural disasters that have the potential to affect several suppliers at once.
Depending on the level of exposure and scale of the impact, organisations can prioritise risks for targeted attention such as diversifying supply sources, moving from a single source to a multi-source system. Alternatively, they may choose to hold safety stock of key materials and components.
3. Evaluate the risk
Evaluate and rank supply and demand uncertainty to determine actions for mitigating risk. For example, if supply uncertainty and demand are both low the focus should be on cost efficiency and single sourcing. However, when supply uncertainty is low and demand risk is high, focus on spreading the risk through multiple sourcing and risk sharing.
When both supply and demand uncertainty are high the supply chain needs to be agile and able to hedge demand and price risks through a variety of financial and contractual tools.
4. Manage the risk
Plan and prepare for unforeseen events. Have a mitigation strategy to anticipate and minimise supply chain challenges and select appropriate strategies to manage the risk. For example, pacific countries such as New Zealand and Australia could potentially source goods from Indonesia or the Philippines. Be mindful that this approach may also require different logistics and transportation strategies.
5. Monitor the risk
Active monitoring and review are crucial to managing supply chain risk. Circumstances change, and your strategy for risk identification must account for that.
How do you write a supply chain risk management plan?
A supply chain risk management plan is a tool to help businesses identify, evaluate, and plan for potential risks, estimate the probability and impact of the events, and then outline responses to them.
Here are seven steps to writing a good supply chain risk management plan:
1. Conduct a risk analysis
Identify, document and prioritise potential risks. Think about the types of risks that could affect your business. Most risks will fall under categories such as:
- External risks. This stems from customers, suppliers, political and economic conditions, and the market in general
- Internal risks. This includes budgets, logistics and resources such as a skilled and knowledgeable workforce
- Management risks. This includes effective leadership and communication or any risks caused by business planning, production scheduling or demand forecasting
- Technical risks. This is in the form of any technology in use, compatibility and integration of systems, their performance, and quality
2. Design a risk-management framework
Define possible outcome scenarios and assess their impact level based on the impact on the organisation, the likelihood of the risk occurring, and the organisation’s readiness to deal with that specific risk. Brainstorm with team members to determine its probability, impact, and consequence. Answer question such as:
- How likely is it that this issue will occur?
- What effect will it have on the business if this situation arises?
- How bad will the resulting impact be?
- How much forward planning is necessary and what resources are needed?
3. Assign roles and responsibilities to functional areas or teams
Select the person responsible for prioritising and managing each risk. Someone who understands the warning signs or triggers and can estimate the resources needed to handle the crisis if it does occur.
Although a single person should be assigned to manage potential risk, all employees should be aware of what to watch for and who to contact if they become aware of one of the triggers.
4. Determine a preventative strategy for each risk
This plan provides a clear path towards solving potential issues when they happen. For each of the identified risks, the assigned team member should provide an appropriate response. These may include:
- Avoiding the risk where possible by removing the cause of the threat completely
- Insuring against negative impacts by transferring some or all of the risk
- Taking a direct approach to mitigating the impact of the risk by reviewing operational processes and supply chains to seek improvements or look for different possibilities
- Accept the risk is likely to occur and allocate a portion of the budget to deal with it
5. Develop a contingency plan for high priority and high impact risks with no obvious solution
Create a plan of action to deal with the issue by mapping out the workflow and resources that can be used in an emergency. A contingency plan is a form of crisis management and should align with the organisation’s communication plan to ensure an effective flow of information.
6. Map out the supply chain
Approach risk identification by mapping out and assessing every area of the supply chain in detail. Measure your risk threshold and work with supply partners for all products to determine the level of risk these suppliers are willing to take on.
7. Collaborate with stakeholders
Risk management planning should involve as many people as possible. The best outcomes can be achieved by consulting with employees, stakeholders, and even outside experts.
A supply chain risk management plan should be treated as a living document because it deals with unknowns and because risk management is cyclical it needs to be continuously monitored.
3 supply chain risk management strategies
Now that you understand the risk management process and how to write a supply chain risk management plan here are three strategies that can help to mitigate supply chain risk:
1. Employee risk management training
Management should have final responsibility on determining risk management strategies. However, it is important that employees are trained to anticipate, identify, and prepare for risks. Training should include common external supply chain risks, best practice risk management and best practices software security.
2. Cyber security risk management
Technology has had a huge impact on streamlining and optimising supply chains and inventory control. At the same time, cyver crime has also increased. Businesses need to implement robust cybersecurity by:
- Providing training to all employees with regards to cybersecurity protocols
- Restricting access of classified information to authorised users only
- Performing a risk assessment on all suppliers before finalising contracts
- Standardisation of compliance for all external suppliers and distributors
- Using software that continuously monitors all supply chain processes and alerts you to any unusual activity
- Regularly updating security, firewall, anti-virus, and anti-spyware processes
- Use SaaS providers who help to manage, mitigate and share the risk
3. Environmental risk management
The effects of Covid-19 pandemic have highlighted the need for companies to know how to manage environmental risks. Supply chain disruptions caused by the pandemic have left businesses struggling to maintain inventory control, fulfil orders and keep operations functioning.
To manage the risk many businesses switched from single sourcing to multi-sourcing, while others modified their business models to adapt to new customer demands. For example, in response to the global shortage of hand sanitiser, many small breweries switched over tanks and started producing hand sanitiser to help meet the demand.
Develop a response plan to prepare for different environmental risk scenarios. Use technology and analytics to enable a better understanding of your supply chain’s strengths and weaknesses.
Supply chain risk management for SMEs
Technology and digitalisation of supply channels are crucial to help improve supply chain risk management for SMEs. Technology has helped SMEs through the pandemic by leveraging customer data to provide personalised experiences and to seamlessly communicate promotions or to provide business updates to clients.
Where previously small business owners lacked the time, the budget, or the resources to use technology, many now understand that technology is crucial for their survival.
Covid-19 and supply chain risk management
Covid-19 has brought with it unique and unprecedented supply chain challenges that will impact the predictability of supply, for the foreseeable future.
The Covid-19 pandemic has highlighted the importance for companies to identify supply chain capability and vulnerabilities. The need for the implementation of technology has been highlighted as a way for businesses to access the flow of data through the supply chain system.