James Steidl - Fotolia

Manage Learn to apply best practices and optimize your operations.

Prepare for the worst with supply chain risk management

In this expert response, learn how to build a disaster-proof supply chain risk management plan.

My company is working to develop a supply chain risk management plan. What are some "must-dos" that should be on our list? Where does software come into play for supply chain risk management?

My team has written supply chain risk articles and done frameworks and assessments for companies from high-tech to food. Supply chain risk planning is cross-functional and should take into account legal, as well as compliance, finance, brand management, product and sourcing, IT and, of course, the supply chain.

A supply chain risk management plan should consider these elements:

Trading partners

Partners include suppliers, carriers, service providers, building maintenance, technology services and services that might have access to your confidential information. Supplier issues include the supplier's location, the safety and maintenance of their facilities and their employees, as well as understanding the financial stability, insurance and safety of the plants and the carrier. Our research shows that most companies have only glimmers of their multi-tier chain issues and don't understand their vulnerabilities. There are various methods to assess the risk of the issues you uncover.

Quantifying risk

Risk models that dwell too much on the probabilities of events miss the main point. There are many reasons for failure, but they are hard to predict. Understanding the impact is key. What will it cost you if you don't receive the material? The reasons may vary from port delays to bad weather or supplier failure. Understanding causals is important. It helps you later in the efforts to reduce the risk. Understanding the impact helps you prioritize which areas to work on. The reasons may be different, but the cost to you is the same. Your resiliency or continuity plan should focus on the impact more than the cause.

Supply assurance/continuity

Once you understand your vulnerability and the potential impacts, you will want to put in place methods for reducing risk. Depending on your product, these can include changes to your sourcing strategy, supplier audits, inspections and information systems to automate data collection in order to maintain up-to-date information. Reassessing inventory and transportation strategies may be in order to assure the right buffer stocks and more reliable shipments. This needs to be flexible, as conditions change.


Companies have a responsibility to assure that they and their trading partners are in compliance. International businesses must comply with the Foreign Corrupt Practices, Lacey Act, Frank Dodd/Conflict Minerals, and so on. I find that many companies seem to think regulations apply to only others. No doubt, it can be complicated to understand the latest regulations, but without this, your business may find itself shunned from doing business with larger customers -- or worse. Software and services can be helpful here.

Ethical framework

Companies also have responsibility to their customers, employees and the communities in which they operate. One of the best ways to improve product quality while reducing counterfeiting and employee theft is to give the worker a stake in, and understanding of, the big picture.

Company value statements have little worth unless they are backed up with safe working conditions, health insurance and other benefits. This is particularly true in the emerging economics where much of our products are sourced from. Many of our customers have put in place programs like day care or pay fees for the employees' children to attend school; as a result, quality and productivity have gone up.

Many consumers today actually care about the fair trade practices of the manufacturers they buy from. So, not only can it protect your supply chain, but transparency can offer another reason for the market to trade with you.

Software can also help. Systems for managing supply chain risk are growing and will evolve over time. There are systems that automate the audit process. Often, they also have third-party partners to conduct physical inspections. Many software vendors have content, guidance and workflow built into the software to help with compliance and legal assurance from product design, sourcing and global trade management.

Supply chain visibility software may also be worth pursuing. Look for a system that has context, environmental awareness and alerting, so that you are not relying merely on the suppliers to provide information. Sadly, in some cases, the supplier actually has attempted to hide information from the market. In large environmental disasters, suppliers are not generally prepared to give a reasonable answer as to when they will be online and shipping again.

A software system helps risk and continuity plans not become outdated shelf-ware, as was the case with the lack of risk procedures in British Petroleum's Gulf crisis. Ring binders containing out-of-date phone numbers and procedures can lead to BP -- Big Problems!

Follow SearchManufacturingERP on Twitter @ManufacturingTT.

Next Steps

Learn why more manufacturers are focusing on supply chain risk management

Discover how to build a supplier risk management strategy

Read tips for selecting supplier management software

Dig Deeper on Supply chain planning and execution