“Supply chains are driven by data,” writes Susan Fourtané (@SusanFourtane). The right types of data provided at the right time and analyzed in near-real-time can provide supply chain visibility that fosters both improved operations and better risk management. Fourtané observes, “Responding to threats before they cause sustained or catastrophic financial consequences is of paramount importance in today’s supply chain management. … To be able to forecast what is going to happen to your supply chain, supply chain management needs the support of someone else’s data from outside the company. This could be a trading partner or a specialized supplier that is willing to assist in getting the right data and understanding the value of data that will help the supply chain in mitigating risk efficiently.” Companies are quickly learning that risks of all types (e.g., natural disasters, supplier failures, and adverse events that harm reputations) are best countered by having the right information in a timely manner. Srini Vasan (@orangedad), the CEO of eShipGlobal, adds, “Anybody who manages a supply chain understands the delicate interplay of events, and how one mishap can instantly derail your whole system. And how expensive the consequences can be.”
Use a Newsroom Approach to Monitor Risk Management
Because risks to the supply chain can be so varied, a wide variety of data must be monitored. In a previous post, I noted ten areas that deserve constant monitoring. They are: Disaster management; ecosystem; financial stability; human capital; information security; legal & regulatory; public relations & media; operational risk; strategy & culture; and supply chain & procurement. Being able to detect risks in those areas early and react quickly once they are detected can make a company more resilient. MIT Professor Yossi Sheffi (@YossiSheffi) explains, “Many risk management experts categorize potential disruptions by two dimensions: likelihood of occurrence and magnitude of impact. However, disruptions also vary on a crucial third dimension: their detection lead time. Detection lead time is defined as the lead time between knowing that a disruptive event will take place and the event’s first impact on the company; it is the amount of warning time during which a company can prepare for the disruption and mitigate its effects.”
Heiko Schwarz, Founder and Managing Director of riskmethods, writes, “Natural hazards, strikes and fires, to name a few, are endangering your supply chain permanently. Globalization makes supply chains more and more vulnerable to disruptions — with severe consequences like contractual penalties, production stoppages, sales slumps or reputation damage. A comprehensive risk management approach not only helps in securing supply relationships but also in preventing supply bottlenecks. This approach includes risk identification and monitoring, risk assessment, validation of impact as well as risk mitigation.” Although it may not be the best analogy, your risk management program is like the driver of a vehicle traversing a busy urban street. Risks are everywhere. They include vehicles in front, vehicles in back, vehicles coming from side streets, jaywalking pedestrians, bicycle couriers racing between lanes, and even black swan events, like objects falling from the sky. To avoid disruptions to his journey, a driver must be aware of everything around him or her and they must be able to react fast. The driver gains the necessary visibility using his eyes and ears — and, in the latest vehicles, sensors. A business also needs “eyes and ears” everywhere risks could lurk — much like a newsroom gathers information from around the globe. When you receive news that could disrupt your supply chain, your business needs to be as agile as the driver discussed above. Pierre Mitchell (@SupplyMatters), Chief Research Officer at Spend Matters, explains, “An agile supply chain means that you can be reliable even though an increasing number of things are going wrong. You can only do this if you can avoid those things in the first place or recover from them when they happen. Either way, this requires supply chain risk management.”
Because of the complexity of today’s supply chains, humans are simply incapable of monitoring all of the data necessary to identify emerging risks. Cognitive computing platforms can help. Jennifer McKevitt (@mckvt) explains, “Cognitive computing equips users to assess supply chains in a similar style to humans, unearthing connections at a deeper level than most current automated systems. … Cognitive computing addresses complex data through the analysis of conflicting evidence, reaching conclusions it determines best instead of correct.” Just as importantly, cognitive computer platforms can gather and analyze both structured and unstructured data. Melanie Nuce (@auntmel), Vice President of Apparel and General Merchandise at GS1 US, reports many companies don’t have sufficient supply chain visibility. She writes, “A lack of visibility causes stress for the entire retail supply chain — manufacturers, suppliers, brand owners, retailers, e-tailers — and negatively impacts the customer experience.” When disruptions do occur, Nuce asserts “companies are better able to recover if they can pinpoint where products are at all times, and can communicate more efficiently with trading partners if all procedures are uniform.”
Contingency Plans and Continuity of Operations
Prevention is always better than cure. Sheffi explains, “A company can reduce the likelihood of disruptions by being compliant with regulations and responsive to social concerns, maintaining good labor relations, and trying to avoid situations particularly prone to disruptions (for example, suppliers located in flood plains or unstable countries). A company may also implement safety, quality, and security measures, including cybersecurity. Yet such preventative measures cannot entirely eliminate risks — and tend to target only the most foreseeable causes of business disruption.” Swiftly and effectively reacting to adverse situations when they do occur requires some pre-planning (i.e., contingency or continuity of operations plans). Sheffi observes that plans, by themselves, are not enough. They need to be exercised so that deficiencies and vulnerabilities can be uncovered. He writes:
“Companies can reduce the impact of a disruption by being prepared to deploy a timely and effective response. Optional assets such as spare inventory, spare capacity, and alternative suppliers provide materials and resources that can be used to minimize impacts and accelerate recovery times. Companies can create emergency operations centers, business continuity plans, and predefined escalation procedures that help coordinate a response. Emergency operations drills and training can improve the response and uncover hidden gaps or vulnerability in systems. Flexible processes can help a company respond quickly and efficiently. Increasing flexibility and adding ‘just-in-case’ assets can increase overall resilience. Yet such preparatory measures won’t be effective unless deployed in a timely manner.”
Vasan suggests eight steps you can take to bolster your company’s risk management process. They are: Map out your supply chain; stay aware; stock up on essentials; assess your risks; include your suppliers; plan for alternate transportation; audit your suppliers; and, clean house. Sheffi identifies nine data sources companies use to detect potential disruptions. They are:
1. Monitor the weather
2. Track the news
3. Use sensor data
4. Monitor the supply base
5. Visit suppliers
6. Be on the alert for deception
7. Develop traceability capabilities
8. Monitor social media
9. Track regulatory developments
Being proactive is absolutely essential to being aware of what happening within the supply chain and being able to act fast when something adverse does happen.
Professor Sheffi concludes, “Detection is a broader and deeper strategy than watching CNN, monitoring social media, or installing smoke detectors. Detection means vigilance on both specific near-term events and potential future events that might disrupt the company. It depends on creating visibility into the supply chain and understanding how the global moving parts connect to each other and impact each other. At its heart, detection is the conversion of the relevant unknowns into salient knowns in a timely fashion. Using insights gained from detecting potential disruptions early, companies can respond to such threats effectively — and exhibit the power of resilience.” Randy Nornes (@rlnornes), Executive Vice President at Aon Risk Solutions, sums up the discussion of risk management pretty well. He suggests organizations should have four key elements in place. They are:
- Visibility. “Having the technology to see what’s actually going on in a supply chain: Companies that use multiple systems that don’t connect suppliers may not have visibility. ‘If you can’t see it, it’s pretty hard to manage it,’ Mr. Nornes said.”
- Flexibility. Flexibility means “having a system that can adjust when a disruption occurs.”
- Collaboration. Collaboration is required “to get everyone to work together and share information with clearly defined responsible parties to handle various aspects of a business disruption.”
- Control. Control can only happen if organizations are “monitoring events. ‘If any one of these is not in place, then you are leaving a lot to chance,’ Mr. Nornes said.”
Mitchell concludes, “If you can align your supply intelligence capabilities with the intersection of supplier management (with sourcing tied in), supply chain management (whether at a network level or at a lower-level category/segment level), and risk management, then you’ll be a supply chain superhero.”
 Susan Fourtané, “The Road to Data Maturity for Supply Chain Resilience,” EBN, 24 August 2014.
 Srini Vasan, “Contingency Planning for the Supply Chain.” TriplePundit, 15 December 2014.
 Stephen DeAngelis, “Resiliency and Supply Chain Risk Management,” Enterra Insights, 27 January 2016.
 Yossi Sheffi, “Preparing for Disruptions Through Early Detection,” MIT Sloan Management Review, 15 September 2015.
 Heiko Schwarz, “Supply Chain Risk Management – Part 1: Identifying Risks,” riskmethods, 27 October 2015.
 Pierre Mitchell, “Are We Solving the Right Problem with Supplier Risk Management?” Spend Matters, 10 October 2016.
 Jennifer McKevitt, “Cognitive computing helps identify supplier risk in the chain,” Supply Chain Dive, 30 March 2017.
 Melanie Nuce, “Black Swan Events: Planning for Supply Chain Resiliency,” Inbound Logistics, August 2016.
 Donna Mahoney, “Preparing for the worst,” Business Insurance, 20 September 2015.