“Supply chains,” writes Abe Eshkenazi (@), CEO of APICS, “are like the central nervous system in humans — they are complex, integral systems that are constantly interacting with their environment.” Central nervous systems involve sensing, connecting, and analyzing data. That’s why the World Wide Web was a boon for supply chain professionals and why the Internet of Things (IoT) is going to be the spinal column for advanced supply chains. Eshkenazi explains, “While the human body is programmed to automatically respond (and fight infection, for example), supply chain overrides are largely dependent on the experience and skill of supply chain leaders and managers. Because supply chain problems can have cataclysmic ramifications for a business, supply chain managers have a lot on their minds.” Fortunately, cutting edge technologies, like cognitive computing, will eventually help supply chain risk management professionals program automatic responses to emerging challenges just like the body. Hein Koen, co-founder and director of Flickswitch, notes, “An increasingly digital world is resulting in companies across all industries reassessing how they approach risk management. Thanks to the connectedness of devices brought about by the Internet of Things (IoT), executives have much more information at their disposal for assessing risk than before.”
As Koen implies, connectivity and data collection are only enablers for the most important activity — obtaining actionable insights. Without advanced analytics working at computer speed, companies may not be able to respond quickly enough to mitigate or prevent serious consequences. “By equipping a company with more sensors and devices linked to the internet,” Koen asserts, “organizations are able to gather significantly more real-time data to drive business value. This also has a big impact on managing risks.” Analysts at Source One add, “Many organizations face difficulties when it comes to implementing effective risk management strategies. Some focus on the wrong threats while others are still relying on outdated protocols. The problem is that, oftentimes, businesses don’t dedicate the necessary time, attention and resources to threat mitigation and emergency response planning until after a disaster has already occurred. And, by this point, it’s a little too late.”
A “wait and see” approach to supply chain risk management has never been a good idea and, as supply chains get extended, it’s an increasingly poor strategy. “In today’s day and age, in which outsourcing can be the norm, and not only major global corporations stretch across the globe, but also potentially mid-market and mom-and-pop suppliers,” writes Carrie Mantey, “supply chains are no longer insulated from risky external or environmental events.” It’s no longer a case of waiting to see “IF” a disruption will occur but “WHEN” it will occur. Even with the latest technologies, supply chain risk management will continue to be difficult to master. Analysts at Ikanow note, “Today’s global supply chains face a tremendous amount of risk. From unreliable transportation, volatile costs in supplies, manufacturing/quality failures, to unpredictable events like natural disasters, it’s incredibly difficult to gain the insights needed to reduce your risk.” Ikanow analysts continue:
“Even with access to the appropriate data how do you determine; risky investments; unsafe working conditions; job dissatisfaction; counterfeit products; or a catastrophic weather phenomena? These are all risks that can have a ripple effect and can impact resiliency, sustainability, and performance of vendors throughout the world. However, it is becoming increasingly difficult to determine which vendors have these risks, and which vendors are more proactive in managing their global supply chains. As the supply chain becomes more complicated and less visible, we have to ask, how do I, as a procurement officer, analyst, or decision maker, determine the riskiest vendors?”
Charles Dominick (@), president and CPO at Next Level Purchasing Association, told Mantey, “Every organization should have a contingency plan covering every tier of the supply chain that answers the question: If this company drops off the face of the Earth tomorrow, who can step in? Of course, any good supply chain contingency plan goes much deeper than just answering that question. It addresses the lower tiers as well.” Michael Lamoureux agrees with that assessment and reports that supply chain risk management is rising on many business executives’ priority lists. “Supply chain risk management (SCRM),” he writes, “is becoming a top priority in procurement as organizations are losing millions from cost volatility, supply disruption, non-compliance fines and incidents that cause damage to the organizational brand and reputation.” He insists that there are steps that can be taken to reduce risks associated with suppliers. “Good risk management is a combination of risk prevention and risk mitigation when a risk is detected,” he writes. “Risk prevention involves selecting suppliers, products and services that are low risk and risk mitigation involves taking action as soon as an indicator is detected.”
Although we will never be able to predict with 100% accuracy when natural or manmade disasters will occur, big data analytics can help identify other risks including those associated with suppliers at different tiers. “Comprehensive supplier management combined with supply chain risk management,” Lamoureux asserts, “helps secure supplier relationships, prevent supply disruption and ensure your company is operating both legally and ethically.” Failing to know all you can about your suppliers is what Mantey calls an “ignorance bomb.” And she insists that the fuse on the ignorance bomb is always lit and burning. She writes, “An organization can’t prevent or avoid a risk if it doesn’t know whom its suppliers are, where they are located, and therefore, what its risks are. … Diane Palmquist, vice president of manufacturing industry solutions at GT Nexus, warns that if you don’t know your supply chain, you’re not only unprepared for the big disruptions, but also the tiniest disruptions, which can quickly escalate into a major bottleneck.” Mantey continues:
“Palmquist suggests organizations map out their supply chain networks to determine their Tier 1, 2, 3 and more suppliers, but acknowledges that it’s not easy. One reason is that an organization’s supply chain network can change in the blink of an eye. However, even with rapid pace of the changing supply chain, most companies know where they generally source components and material from Tier 1 suppliers. From there, Palmquist advises collaborating with those Tier 1 suppliers to obtain a list of their suppliers, and so on and so forth.”
Establishing connectivity with suppliers, or, at the very least, generating data about suppliers and their circumstances (e.g., weather warnings, social media posts, political climate, transportation news, etc.) can help you assess risk and may even tip you off to an emerging challenge. Cognitive computing systems can gather and analyze these types of data and analyze them to generate actionable insights for decision makers. Ikanow analysts conclude, “The demand for vendor risk characterization will continue to grow.” The demand will be generated by stockholders, governments, and even consumers.
 Abe Eshkenazi, “What’s Keeping Supply Chain Managers Awake at Night?” EBN, 5 April 2016.
 Hein Koen, “How the Internet of Things Benefits Risk Management,” Risk Management Monitor, 2 May 2016.
 Source One, “Sensing risk in the supply chain,” The Strategic Sourcerer, 19 April 2016.
 Carrie Mantey, “Your Suppliers’ Risk Is Your Risk,” Supply & Demand Chain Executive, 26 May 2016.
 “Using Big Data Analytics to Minimize Your Supply Chain Risk,” Ikanow, 21 April 2014/
 Michael Lamoureux, “Why Supply Chain Risk Management is Key to Supplier Management,” Spend Matters, 6 June 2016.