Risks are something with which every business must deal. Entrepreneur Richard Branson observes, “The luckiest people and businesses are those that are prepared to take the greatest risks. We can all create our own luck by taking the necessary risks to open the door to change, progression and success.”[1] Conversely, when it comes to supply chain operations, smart company executives do their best to avoid risks. Unfortunately, avoiding all risks is impossible. Mackenna Moralez observes, “Every supply chain is susceptible to risk. It is crucial to have alerts in place to help mitigate risks.”[2] Moralez isn’t implying that an alerting system is a sufficient supply chain risk management solution. It’s necessary; but, it’s not sufficient. Supply chain risk management requires a full-time effort. In an interview with Moralez, riskmethods’ general manager Bill DeMartino, stated, “Today, enterprises must move quicker to sense and respond to their customers and market conditions. If your risk management operates based upon information collected periodically, the enterprise is making decisions based upon dated information. Without technology enabled by artificial intelligence, you are left with a job that is insurmountable. You simply can’t read every news source in the world, every day, to make sure there aren’t any looming events that are going to disrupt your supply chain. Therefore, organizations that rely solely on manpower to identify risk are not staying on top of it all.” A good risk management program has plans in place to avoid risks, to respond to risks, and to mitigate adverse effects of unexpected events. During his interview, DeMartino stressed, “Organizations must have a complete risk management strategy in place.”
Identifying and monitoring risks
Adam Courtenay (@AdamCourtenay), asserts, “In the great global pantheon of corporate risks, business interruption in all its many forms still ranks as the most prevalent and feared.”[3] He cites results from Allianz’s 2018 Risk Barometer report which found, “While general business interrupters (including supply chain failures, natural disasters and factory fires) remain the top risks for companies worldwide (42 per cent of respondents), cyber risk (number two, with 40 per cent of respondents) is the most feared. Five years ago, it ranked just 15th.” Those findings reaffirm supply chain risk managers must constantly reassess risks as the world changes. This year’s top ten risks were identified as:
1. Business interruption
2. Cyber incidents
3. Natural catastrophes
4. Market developments
5. Changes in legislation and regulation
6. Fire, explosion
7. New technologies
8. Loss of reputation or brand value
9. Political risks and violence
10. Climate change/increasing volatility of weather
Although that list is a good starting point for considering what risks your company is facing, it’s certainly not exhaustive and may not include risks unique to your business. Earlier this year, Adrian Gonzalez (@talkinlogistics) surveyed a group of supply chain professionals and they listed supplier/customer bankruptcy as their number one risk concern, followed by labor shortage, transportation infrastructure gridlock, business model disruption, natural disasters, cyber attack, product recall, tariff wars, and labor disputes.[4] Lists of risks are a good starting point for considering what risks could adversely affect your business; but, a list should only be a starting point. Only individuals involved in your business have sufficient knowledge to know what risks matter most. I recommend conducting an occasional “what if” exercise to help identify potential risks.
In the digital age, however, one risk needs to be on everyone’s radar: cyber attacks. The staff at Material Handling & Logistics (MH&L) magazine observe, “With 50% increase in attacks from 2018, the supply chain is very vulnerable to cyber-attacks.”[5] The staff adds, “Keeping the supply chain safe has increasingly become more difficult. Threat actors continue to develop new toolsets and techniques, targeting corporate assets stored on cloud infrastructure, individuals’ mobile devices, trusted third-party supplier applications and even popular mail platforms.”
Time to get crazy
As noted above, I believe “what if” exercises (sometimes called scenario planning exercises) are an effective way to think about the future. The Economist notes, “Speculating about the future can make it easier to respond to unexpected events.”[6] The magazine adds, “Predicting the future is hard. But preparing for its uncertainties … can at least be entertaining. It can also broaden the mind and subtly change your understanding of the present. … Speculating about the future, even if it is far-fetched, can help people and institutions cope with what comes next.” The magazine suggests exploring three avenues when considering the future.
1. Scenario Planning. “This originated in the armed forces during the second world war and was pioneered in industry by Royal Dutch Shell, enabling it to react more quickly and effectively than rival oil firms to the oil shock of 1973. The central idea was to avoid betting everything on a single forecast and instead to test future projects and plans against a set of plausible scenarios. Mapping out several futures, deciding how to respond to them and identifying the early signs that they might be coming about has been widely adopted by multinational firms, particularly after the terrorist attacks of September 11th 2001.”
2. Science Fiction. “It is wrong to see sci-fi as chiefly predictive, however. Its contemplation of the future is often a commentary on the present: many sci-fi authors take current concerns, from robots to climate chaos to gender politics, to the logical extremes and consider their implications. As a result, sci-fi can play a useful role as a forward-scanning radar for technological, social and political trends. But sci-fi does directly shape the future in one concrete way: the tech industry is full of people trying to make it come true.”
3. Corporate Anthropology and Trendspotting. “Many large companies employ roving anthropologists to seek out ‘edge cases’: examples of emerging technologies and behavior that have yet to become widely adopted, but have the potential to go global.”
The point being made is that thinking about alternative futures helps expand your thinking and makes responding to unexpected events less traumatic.
Concluding thoughts
During his interview, DeMartino concluded, “It’s important for organizations to recognize the value of making risk-aware decisions. Not all risks should be viewed as threats, but rather opportunities to drive competitive advantage. With the right data and by leveraging risk impact scores, organizations can consider both the upsides and downsides of a potential risk, driving better decision making. Although it’s impossible to completely eliminate supply chain threats, there are definitely steps that companies can take to be more proactive about them. With the right combination of AI-powered technology and risk mitigation action plans, it’s possible to get predictive insights that indicate a risk event might occur, and then make moves to avoid that risk before it does.”
Footnotes
[1] Richard Branson, “My top 10 quotes on risk,” Virgin.com.
[2] Mackenna Moralez, “Leveraging Risks Make for a Safer Supply Chain,” Supply & Demand Chain Executive, 31 July 2019.
[3] Adam Courtenay, “Top 10 global business interruption risks,” INTHEBLACK, 1 June 2018.
[4] Adrian Gonzalez, “Plan Effectively For These Supply Chain Risks,” Talking Logistics, 29 July 2019.
[5] Staff, “Supply Chain Facing Increased Cyber Attacks,” Material Handling & Logistics, 26 July 2019.
[6] Staff, “Why it’s worth reading crazy-sounding scenarios about the future,” The Economist, 6 July 2019.
