Supply chain risk management (SCRM) software -- which involves a systemic process to identify, evaluate, monitor and respond to risk conditions that will significantly harm an individual business or product -- should be a key functional component of any enterprise risk management strategy.
Procurement, operations/supply chain and finance organizations often share responsibility for the various aspects of supply chain risk management. But one of the biggest challenges in implementing SCRM strategy lies in determining where the ultimate responsibility for supply chain risk rests within a company and within the overall value-chain network.
The scope of supply chain risk can take many forms, depending on the size of a firm, the industry, business or value-chain complexity. Risks come in many dimensions -- regulatory, political, economic, natural disaster, or operationally. Today, there is unprecedented risk from the global recession brought on by the credit crisis of 2008, more frequent occurrences of natural disasters and global terrorism, and the extension of supply chains across the globe.
Supply chain risk factors
Initially, many companies address supply chain risk in the context of operations. This often translates to supplier-related risk management activities, including monitoring of supplier financial viability, and supplier credit and related financial risk indicator scores provided by third-party ratings authorities. Activity can progress to factoring in additional information in analyses including quality, e.g. escapes, Project Portfolio Management (PPM), Service Level Agreements, (SLA), on-time performance and other related metrics.
Supplier quality and traceability are two factors that are rapidly becoming a more integral component of many supply chain risk management programs. This is especially the case in certain regulated industries (e.g. consumer packaged goods (CPG), life sciences, etc.) as well those operating in geographies with a history of recent and systemic product counterfeiting infractions, including China.
Companies often justify their investments in supply chain risk management based on the potential business impact that supplier non-compliance can have on the overall brand or business. Negative brand equity, lost sales due to recalls, lawsuits, supplier non-compliance can all represent significant risk factors.
Mitigating risk with quality suppliers
The skill set to monitor and develop suppliers in the areas of quality, operational and product-related performance is very different from that of a financial analyst looking at credit risk metrics. This is one reason why it is so important to establish a cross-functional team to oversee the comprehensive supply chain risk management program.
Another factor to ensure program success is developing an appropriate definition of risk specifically tied to your business. There is no Pareto principal (80/20 rule) when it comes to monitoring and mitigating supply risk. In fact, it is often the smaller suppliers who supply a critical part or component who pose the greatest risk to your business if they are not adequately monitored.
Still, even with dedicated resources and budgets, the only way to assure complete coverage across a supply base is to invest in business process and information technology that identifies monitors and manages suppliers and other risk-factors. To leverage the use of information technology, some companies are supplementing investments in existing procurement spend analysis or supplier management systems, or adding supply risk data as an enrichment field. Others are opting for separate information-based discovery and business intelligence tools that allow for more holistic views of both supplier and other operational related risk factors.
In the coming months and years, experts expect these aspects of supply chain risk management and mitigation to draw increased senior management attention, accountability and resource allocation. The incidents of supply chain risk have significantly risen and will continue to rise. Broader cross-functional supply chain leadership, more comprehensive risk management processes, and enhanced information technology tools will all be required to address this critical and evolving business need.
About the authors: Bob Ferrari is the Managing Director of the Ferrari Consulting and Research Group LLC, a supply chain business strategy and technology consulting firm. He is also the creator and Executive Editor of the Supply Chain Matters blog.
Obsessed with how companies manage, spend and save money, Jason Busch writes about procurement, trade and supply chain issues on his blog Spend Matters. He is also Managing Director of Azul Partners, an advisory firm.