Supplier Risk Management – Where Do You Start?

Businesses must put more effort into pre-planning for business interruption going into 2013, says a new Zurich report naming supply chain disruption as the top risk “blind spot” of the year.

But how do you do this? Where do you focus? Is it really possible for organizations with thousands of suppliers “to map out their supply chain, including first-and-second tier contracted suppliers, and quantify each link by financial stability and even geopolitical issues in the area where it is located.” as recommended by Linda Conrad, director of strategic risk for Zurich Global Corporate in North America Business?

We believe there is a better way to approach this by understanding the nature of various risks, quantifying the supply chain risk and finally by addressing these risks through supplier segmentation.

There are many types of risks and supply chain disruptions.  Risks range from the controllable execution problems or “known-unknown” to the uncontrollable natural disasters also called “unknown-unknown” or “black swans” as described in figure 5.1 from David Simchi-Levi’s book, Operations Rules.

For the controllable risks, there are standard strategies and approaches related to day-to-day operations such as maintaining inventory and backup plans. With their past experience, companies can anticipate some of these controllable risks. But for the “black swans” the perception is that they are so rare and unexpected that there is not much that can be done. We believe that both these assumptions are wrong.

While a specific unexpected event is very hard to forecast, there are still quite a few of these in a given period and with increased complexity and changes the overall number of events per year is expected to increase.

In early 2012, Dr. David Simchi-Levi of MIT on a videocast announced the Risk Exposure Index™, which for the first time provides a way to quantify the cost of “unknown unknown” supply chain risks. “True innovation in thinking in this increasingly critical area of supply chain.”

How is this done?

Through identification of each critical node in the system for a given business unit, product line, geographical region or just for the most critical products in the portfolio., Calculate the Time-To-Recovery (TTR) for each of these nodes in the network. TTR is the time it takes to recover to full functionality after a disruption.  Using the TTR information calculate the cost of lost Sales during TTR – this provides the Financial Impact (FI). Finally, calculate the Risk Exposure Index ™ by aggregating the Financial Impact (FI) across all nodes.  The aggregation of the individual measurements create the Risk Exposure Index ™ for a given value chain.

Once we have a firm measure and map of the risks, we can begin to mitigate these risks in a prioritized fashion.  A key part of the mitigation plan is developed is to focus on the underlying source components and determine the critical dependency and associated strategy for each component.  By segmenting the suppliers as in the chart below, based on figure 4.3 from Operations Rules, we can deploy different mitigation strategies that could be considered for the identified suppliers and components of a given product.

There are many strategies that can be used to reduce risk: Adding alternative suppliers, increasing production flexibility in the plants, increasing flexibility in sourcing to the plants and adding inventory. The key is to employ the right mitigation strategy for the right component or supplier in question.  Finally, every company should have thorough business continuity plans in place for each facility and encourage/require its suppliers to have the same.

Click below to watch the videocast or download our white paper.

   

Written by Edith Simchi-Levi, VP of Operations at OPS Rules