Supply Chain Risk Management: Dealing with Disruption

Stephen DeAngelis

July 22, 2015

“A third (35 percent) of businesses in the manufacturing industry are extremely concerned about potential supply chain disruption according to research released by BSI, the business standards company and the Business Continuity Institute (BCI).”[1] I can only assume that the majority of manufacturers (i.e., the two-thirds of them that aren’t extremely concerned) fall into two groups: the ignorant and the prepared. Potential risks that could result in supply chain disruption abound. James Allt-Graham, a Partner at GRA Supply Chain Consultants, insists, “Business interruption … is around every corner for most global supply chains.”[2] Most manufacturers seem to understand that the more extended their supply chain becomes the greater the risk it faces. The BSI/BCI survey found, “More than three quarters of manufacturing firms (77 percent) report increasing supply chain complexity as the fastest growing risk in business continuity, with malicious attacks via the internet (68 percent) and increased regulatory scrutiny (58 percent) taking second and third place.” With so many risks confronting businesses, deciding where to start to address these risks can be daunting. Gregory L. Schlegel, Founder of the Supply Chain Risk Management Consortium and Adjunct Professor of Supply Chain Risk Management at Lehigh University, suggests starting with an assessment of the four pillars of supply chain risk management (SCRM): supply, demand, process, and environmental landscape.[3] Concerning those pillars, Schlegel writes:

Supply – The complexion of this pillar encompasses areas such as supplier continuity, strategic sourcing, supplier financial viability and capability, material pricing, assessments, fraud, corruption and counterfeiting. Inherent risks are disruptions caused by poor delivery, quality issues, financial failure, non-compliance and communication failure. This pillar has the highest maturity level to date and the largest solutions activity.

• Demand – This pillar covers new customers, market trends, sentiment analysis, demand management, distribution, product integrity, service and scenario planning. Inherent risks are disruptions caused by distribution issues, competitor actions, product reputation, brand management, social media and outbound logistics. This pillar is the second-highest in maturity and maintains the second-largest level of activity.

• Process – This pillar includes IT systems, mergers, marketing strategy, organizational structure, governance frameworks and metrics, supply chain strategy and execution, manufacturing and quality, organizational risk assessments, heat maps and risk war rooms. Inherent risks are disruptions caused by quality issues, inventory shortages, late deliveries, capacity issues, equipment breakdowns, IT outages and misaligned strategies. This pillar is third in maturity level and also third in activity.

• Environmental Landscape – By far the largest in scope, this pillar encompasses government regulations, taxes, economic volatility, currency exchange, natural disasters and compliance. Inherent risks are geopolitical and energy risks, port security, logistics, war, pandemics and civil disobedience. This pillar is by far the lowest in terms of maturity level and activity level.

Schlegel’s list of risks is fairly comprehensive and, as a result, it could be used as a template if you had to begin creating a supply chain risk management process from scratch. Every company has some idea about how they intend to deal with supply chain disruption; but, Schlegel reports that his research indicates that much more needs to done. He found “that about 10 percent of companies are early adopters actually exercising good SCRM practices. About 20 percent more are talking about and developing good SCRM practices and the bulk of the company population or 70 percent are reacting to supply chain risks as an ad-hoc, event-driven approach.” As the old saying goes, “Talk is cheap.” And ad hoc approaches simply aren’t going to cut it when disaster strikes. The definition of “ad hoc” — formed, arranged, or done for a particular purpose only — makes it clear why such responses are impracticable. A good SCRM process must be adaptable; a response that is spontaneously developed for a particular purpose is the antithesis of adaptability. Suhas Sreedhar, Manager of Supply Chain & Technology Thought Leadership at GT Nexus, notes, “Disruptions come in all shapes and sizes — strikes, political unrest, capital risks, sudden market changes and natural disasters. Their effects on supply chains are often unpredictable and nonlinear because of all the complexity involved. That means to prepare for a disruption you can’t just get ready for a specific event like a flood or a protest. Instead, you need to get ready for uncertainty and unpredictability as a whole. The idea is that survival doesn’t require being omniscient, it requires being adaptable.”[4] He elaborates:

“Being prepared requires being agile. Agile supply chains can routinely engage in functions like rerouting inventory at will, drawing from multiple suppliers, rapidly enabling transactions, and finding optimum routes that maximize profits while minimizing the total cost to serve. These functions are useful in regular, day-to-day transactions, but the agile infrastructure on which they rest really mitigates risk when disruptions occur. What does it take to make a supply chain agile? The foundation of making adjustments on demand is knowing what has happened, what is happening, and what’s going to happen throughout your supply chain. It requires being able to see into the past, present, and to a certain extent, the future. ‘Supply chain visibility’ is a common term for this concept, but it’s one that’s often tossed around loosely without a general consensus on its definition. Some people think of visibility as a binary switch — you either have it or you don’t. But it’s not. Visibility is more like Google Earth, where drilling down to different levels gives you different kinds and granularities of information. They’re all useful if used properly. Big data, in particular, will offer insights on the past, present and future based on the respective descriptive, predictive and prescriptive analytics. Think of all these tools as the joints and ligaments of your supply chain arm — they enable flexibility and movement.”

Although a lot vendors can help provide past and present visibility, only vendors that can offer predictive analytics can help with future visibility. Predictive analytics involve techniques like data mining and machine learning to predict future trends from current data. Predictive analytics are another tool in the kit that decision makers can use to help improve the choices they have to make. Cognitive computing platforms, like the Enterra® Enterprise Cognitive System™ (ECS), are able to apply the latest analytic tools to help increase supply chain visibility and predict perturbations resulting from disruptions or delays. A growing number of pundits believe that predictive analytics are going play a significant role in SCRM programs in the future. Ben Dipietro (@BenDiPietro1) reports, “Threat analysis and predictive analytics — using data to help find indicators of possible risks or potential violations — are allowing companies to identify threats and assess their plans and policies for how well they are meeting the risk, compliance and reputation challenges that come with protecting their businesses.”[5] He continues:

“Companies, regardless of the industry they work in, can face pandemics such as the Ebola outbreak, volatile political situations such as coups, terrorism or violent protests — and each scenario requires looking at substantial amounts of data to best prepare a response plan. … Without the ability to analyze risk data, all threats look to be of equal probability, and no company has the resources to address every potential risk with the same level of scrutiny.”

As Sreedhar noted above, there is no on/off switch for visibility. Visibility comes from careful planning and increased collaboration with supply chain stakeholders. Sreedhar explains:

According to Gartner, the journey toward more robust visibility is a multistage process. In it, organizations move from having visibility within their organization, to visibility between and across trading partners, then to their entire network of networks. That journey is both a structural one as well as a technological one. Businesses who want to mitigate their losses against disruption need to reprioritize their normal, non-disruption operations in order to gain better visibility and agility. That’s really the only way to skirt around trouble when it crops up. The West Coast port problem was prominent and taxing for shippers, and its long duration also made it particularly painful to endure. It might not ever be possible to predict or completely eliminate such events, but as more supply chains evolve toward becoming more agile, the effect of those disruptions can certainly diminish. And perhaps that’s the greatest lesson of all — the universal truth about crises — they expose us to our endemic problems, so we can make adjustments and improve processes, even when the building’s not on fire.”

In a world filled with risks, the companies that will survive and thrive will be those that use every available tool in their kit to help them understand the world in which they operate.

[1] “Supply Chain Disruption Tops Manufacturers’ Concerns, BSI Finds,” Apparel, 16 March 2015.
[2] James Allt-Graham, “Understanding Risk in your Supply Chain,” Global Logistics Media, 28 May 2015.
[3] Gregory L. Schlegel, “The Four Pillars of Supply Chain Risk,” SupplyChainBrain, 12 March2015.
[4] Suhas Sreedhar, “Hard Lessons in Disruption: What the West Coast Port Slowdown Really Taught Us,” SupplyChainBrain, 9 March2015.
[5] Ben Dipietro, “How Companies Are Mining Data to Mitigate Risks,” The Wall Street Journal, 30 April 2015.