“Over the past 5 years, supply chain risk management has moved onto the radar of the C-level,” write analysts from Legacy Supply Chain Services, “especially in industry segments like retail, cpg & technology where supply chain execution is now a primary enabler (or disabler) of profitable sales growth.” They go on to note, “Deloitte did a comprehensive supply chain risk study back in 2012, and though a few years old, this study sheds light on the issues business face with respect to risk management. It also lends credence to the notion that risk management should be elevated toward the top of the list of strategic issues companies must confront.” They also insist, and I agree, that companies need to move beyond risk management towards corporate resiliency. Resiliency requires a proactive approach to risk management and operations. Too often, risk management is viewed only as a reaction to disruption. Borrowing from Stephen Covey, I believe there are seven habits a highly effective supply chain risk manager should embrace.
Habit 1: Strategize Risk Management
R.V. Raghu, International Director of ISACA, asserts, “The first step [towards a better risk management program] is to put in place a well-defined and articulated strategy which not only becomes a guidepost which can be revisited time and again, but which also can be the buoy you cling to when the time comes. A clear, well-articulated strategy can go a long way in ensuring successful risk assessments and driving outcomes.” Too many managers want to get to tactics without having a clear vision of the end goal. That’s the beauty of a having a strategy. A strategy is a plan of action or policy designed to achieve a major objective. Once the goal is delineated, it’s much easier to devise tactics to reach that goal.
Habit 2: Perform “What If” Analysis
A strategic plan should not be set in stone. Once an objective is set, test that objective with a little “what if” thinking (aka scenario analysis). Boston Consulting Group (BCG) analysts Luc de Brabandere and Alan Iny assert, “The ‘what if?’ school of thinking clearly has a place in the business world.” They note the benefits of scenario analysis include “enhanced strategic creativity, greater preparedness, and superior risk awareness.” Analysts from River Logic agree that scenario planning is a powerful tool that needs to be used more. “In order to keep their company ahead of the competition and weather any economic storms,” they write, “executives must constantly ask themselves hypothetical questions. They might ask, ‘What should we do if the price of energy begins to skyrocket?’; ‘What should we do if legislation decides to pass a regulation that will make production more difficult?’; or ‘What if we run a promotional program?’”
Habit 3: Understand the Risk
Scenario analysis can help risk managers think through a number of scenarios covering contingencies from disruptions caused by natural disasters to loss of a supplier or shipper for financial reasons. Scenario analysis needs to be complemented by other types of risk assessment. When I started Enterra Solutions®, resiliency was a primary focus and we helped organizations implement Enterprise Resilience Management℠ solutions (focusing on Enterra’s patented Enterprise Resilience Management Methodology®). That methodology helps companies understand what their most critical resources, processes, and operations really are. Once a company has a true understanding of where it is most vulnerable, it can take steps to reduce those vulnerabilities.
Habit 4: Identify and Analyze the Data
We are at the dawn of the digital age. Data that has been hard to obtain in the past is becoming more readily available as companies transform into digital enterprises. Identifying the right data needed to analyze supply chain risk is critical. The more complex a supply chain becomes the more important it is to identify and analyze the right data. Because supply chains are becoming more complex, manual risk analysis is no longer feasible. I believe cognitive computing systems will be found at the heart of most good risk management systems in the years ahead. A cognitive computing system can deal with many more variables than older computing systems and can provide insights, warnings, and recommendations to decision makers. In some cases, cognitive computing systems can respond autonomously to an emerging crisis. The bottom line is the combination of man-made and natural risks — coupled with growing complexity — creates a supply chain risk management conundrum that can only be addressed using advanced technologies like cognitive computing.
Habit 5: Stay Informed
Today’s business environment is 24/7. There is no downtime. Disruptive events happen all the time and the more geographically dispersed a supply chain becomes the more critical it is to monitor events around-the-clock. No company can make itself immune to risks and supply chain disruptions. There are simply too many confounding variables outside of a company’s control. Carrie Mantey observes, “While those bad things aren’t necessarily or directly an organization’s fault (geopolitical turmoil, natural disaster, etc.), they can be due to risk factors that perhaps were never considered or could be minimized. Companies are saying that so many problems happened over the last few years that they’re ‘outside the bounds of that notion of where their risks are,’ so now they are getting into the habit of keeping tabs on all of their third parties — vendors, suppliers, affiliates, resellers, distributors, outsourcers, and the list goes on.” When considering what kinds of activities need to be monitored, don’t forget about weather, social media, news, and so forth. Think broadly.
Habit 6: Be Prepared
Too many risk management plans (or business continuity plans) are developed and then placed on a shelf. These should be living documents that are reviewed, exercised, and, when necessary, revised. Cognitive computing can also help in this regard. One of the challenges faced by risk managers is trying to figure out the perturbative effects of disruptions. Since it’s impossible to prepare for every contingency, having in place a supply chain risk management process that includes a cognitive computing system capable of helping calculate perturbative effects would be ideal. Exercising risk management plans are likely to expose deficiencies, like missing communication channels or single-points of failure. Another benefit of exercising risk management plans is that employees exposed to such exercises are much better prepared to deal with a crisis when it emerges — even if it is significantly different than the one exercised.
Habit 7: Be Adaptive
Val Jonas writes, “Inevitably, things will go wrong. However, it’s how you respond to hitches in your supply chain that will keep it evolving — and flowing. Capture any lessons learned on the risks that occurred and how you responded to them, to create that database of best practice. You can then apply these learnings to feed into your wider supply chain management strategy, driving chances of future success. If risk is at the centre of your supply chain, then collaboration is the most effective way to safeguard against it. Understand where your Achilles heel is, map out a joint response, work in partnership and drive that resilience through mutual understanding and shared goals.” Darwin’s theory of evolution, which concluded the most adaptable species are those that survive, is just as applicable to the business world as it to the biological environment.
Highly effective supply chain risk management professionals are proactive. They sleep better at night knowing a system is in place that monitors ongoing events, processes, and operations around-the-clock. They know their plans have been exercised and their people trained to respond. They leverage new technologies and data in order to keep abreast of global events that could disrupt their operations. Analysts from Legacy Supply Chain Services conclude, “Companies we’ve seen lead the way have made risk management a continual, strategic focus by allocating dollars, committing people, and investing in partnerships.”
 Staff, “Move from Supply Chain Risk to Supply Chain Resiliency,” Legacy Supply Chain Services, October 2016.
 R.V. Raghu, “Six Ways to Deliver Better Risk Assessment,” Information Management, August 2016.
 Luc de Brabandere and Alan Iny, “Rethinking Scenarios,” bcg.perspectives, 12 October 2010.
 Staff, “Scenario Analysis: A Powerful Analytics Force,” River Logic, 8 April 2016.
 Carrie Mantey, “Minimizing the Bad Things that Can Happen to a Good Company,” Supply & Demand Chain Executive, 20 March 2015.
 Val Jonas, “Five steps to building supply chain resilience,” Supply Chain Digital, 11 October 2016.