Strategic Supply Chain Management-2022

Prof. Dr.
Rainer Lasch
Strategic Supply Chain

Management
1
Prof. Dr. Rainer Lasch
Table of Contents
0 Supply Chain
1 Risk and Risk Management
2 Supply Chain Disruption Risks
3 Supply Chain Risk Management Process

3.1 Risk Strategy
3.2 Risk Identification
3.3 Risk Assessment
3.4 Risk Mitigation
3.5 Risk Monitoring and Documentation
4. Supplier Risk Assessment Methodology for Measuring, Tracking and Analyzing Suppliers
4.1 Risk Categories
4.2 Data Requirements
4.3 Risk Assessment Calculations for Parts
4.4 Risk Assessment Calculations for Suppliers
4.5 Predictive Risk Analysis
4.6 Operational Issues
2
5 Procurement 8.5 Technology

5.1 Strategic tasks 8.6 Procurement Area
5.2 Operational tasks 8.7 Service Provision
8.8 Level of Centralization
6 Outsourcing (outside resource using)
6.1 Opportunities and Risks of Outsourcing Exercises
6.2 Cost Accounting Approaches
6.3 Transaction Costs Approach
6.4 Market Oriented Approach
6.5 Resource Based Approach
6.6 Principal-Agent-Approach
7 Supplier Management
7.1 Supplier Analysis and Assessment
7.1.1 Quantitative Methods
7.1.2 Qualitative Methods
7.2 Supplier Controlling
7.3 Control of Supplier Relations
8 Sourcing-Strategies
8.1 Number of Suppliers
8.2 Procurement Object
8.3 Procurement Time
8.4 Procurement Subject
3
0. Supply Chain Risk Management
A supply chain is a system of organizations, people, activities, information, and resources

involved in moving a product or service from supplier to customer.
Reasons for supply networks:

• Cost
• Quality
• Time
• Flexibility
4
Supply and Demand Network

5
1. Risk and Risk Management
• Cause-related definition: incomplete information of a decision maker about future

developments or events
decision under safety (complete information), under risk (subjective or objective
probabilities exist), under uncertainty (no probabilities exist)
• Effect-related definition: danger of an adverse event
• Cause- and effect-related risk definition: danger of a wrong decision leading to failures to
meet the targets
• Extended risk definition: risk according to damage and missed opportunities
• Risk = probability of occurrence of a negative event * amount of damage
• SCRM: concept of SCM, which contains all strategies and measures, all knowledge, all
institutions, all processes and all technologies, which can be used on a technical, personal
and organizational level to reduce supply chain risk.
6
Classification of Risks
Criterion Risk Category Explanation

Pure risks Target deviations only possible in
(asymmetrical) one direction
Difference
Speculative
in Results Positive as well as negative target
risks
deviations
(symmetrical)
Contain a danger to the business as
Levels of Strategic risks a whole and hinder the realisation of
decision- long-term, global goals
making Tactical and Referred to medium and short term
operative risks decisions
Permanent risks
Risks are closely related to the goals
Temporal vs risks which
set, related to a specific time or
context are limited in
period
time
Single risks Risks caused by a single decision
Extent of
Risks resulting out of the totality of
decision Overall risks
all decisions
7
Classification of Risks
Goods-related
Flow Target deviations can arise in
economical,
objects, the connection with the operational flow
financial,
risks refer of goods, money, information and
informational
to legal aspects.
and legal risks
Independent Individual risks do not influence
risks each other
Relations If there is dependency between the
between the
risks, a distinction must be made
individual Dependent
between an intensifying effect of the
risks risks
individual risks and a compensatory
effect
Causes for the risks are
Endogenous
predominantly within the company
risks
Origin of or the supply chain
risks Causes for the risks are
Exogenous
predominantly in the corporate or
risks
supply chain environment
Risks associated with the
Performance- performance Process of a company,
Company related risks procurement of production factors
domain, in
and / or sales of the products
which risks
exist Result from the financial sphere of a
Fiscal risks company, which support the current
performance processes
8
Particularities of SCRM:
• Cross-company perspective ! extended framework

• SC risks are different from the sum of risks of SC partners
• Different legal regulations for risk managment in different countries
• SC partners show different risk tolerances and different risk-bearing capacities
• Companies are partners in several SCs ! adaption to special guidelines seems difficult
• Information asymmetries complicate collaboration regarding SC risks
! SCRM is more complex, the more risk tolerances, risk-bearing capacities and risk
management systems differ
9
Supply Chain Risks
Supply Chain Risks
Delivery bottlenecks, capacity fluctuations on

Supply risks procurement markets, dependencies on single
suppliers
Process and control risks Disruptions within production processes,

management failures
Demand risks Loss of sales volumes
Lack of availability of transportation or

Logistics risks warehouse capacity, poor delivery quality,
damages in transit
Environmental risks Natural disaster, terroristic attacks, socio-

political or macroeconomic or technical changes
10
The biggest risk to the supply chain in the next 5 years in %

(526 respondents from 64 countries in the world)
Source: Alcantara, P.;Riglietti, G. (2016) Supply Chain Resilience Report, Business Continuity Institute.
11
Management of SC risks dependent on the level of cooperation:
Risk
Management Common Risk
Approach Holistic
Analysis within
with Supply Supply Chain
the
Characteristic Chain Risk Management
Supply Chain
Orientation
Focus of Own Company Own Company Supply Chain
risk management
Cooperations With individual
- partner With all partner
regarding risk
companies
management companies
Exchange of risk - Irregular, Regular, formal
information informal
Information asymme- High Medium Low

tries in regard to
supply chain risks
Type of relation Transaction Fair Fair
between companies oriented
Phase of Relationship Intensification of Established
networking building relations relations
Common goals With individual
- With many partner
and planning partner
companies
processes companies
Intensity of trust Low Medium High
between companies
12
2. Supply Chain Disruption Risks
Categories:
• Natural disasters: earthquake, hurricanes
• Intentional attacks: terrorism, sabotage, cyber attack, labor issues
• Accidents: fire, equipment failures
Characteristics:
• Low probability of occurrence and high damage
• Existential influence on SC performance
• Lack of historical data ! traditional methods for risk identification and risk assessment
not practicable
Reasons for vulnerability to various risks:

• Globalization
• Concentration on core competences
• Centralized distribution
• Reduction of supply base
• Lean Management concepts
13
2011-2017 1.055.316.191
2001-2010 1.012.758.447
1991-2000 701.891.016
1981-1990 206.825.431
1971-1980 83.723.831
1961-1970 20.418.285
1951-1960 7.339.801
1941-1950 3.172.700
1931-1940 3.350.000
1921-1930 1.139.230
1911-1920 622.500
1901-1910 1.276.750
-0 200.000
200.000.000 400.000
400.000.000 600.000
600.000.000 800.000
800.000.000 1.000.000
1.000.000.000 1.200.000
1.200.000.000
Natural desaster total costs (´000 $)

ource: EM-DAT: The Emergency Events Database - Universite catholique de Louvain (UCL) – CRED,
D. Guha-Sapir - www.emdat.be, Brussels, Belgium: 23.09.2017
Examples:
2016: two earthquakes in Japan ! 30 billion Euros
2016: hurricane ‚Matthew’ in Haiti, US east coast ! 10 billion Euros
2016: flood in China ! 20 billion Euros
14
Consequences of supply chain disruption in %
15
SC resilience to manage SC disruptions:

Ability of a supply chain to both resist disruptions and recover operational capability after
disruptions occur:
• Resistance capacity: ability of a system to minimize the impact of a disruption by evading

it entirely (avoidance) or by minimizing the time between disruption onset and the start of
recovery from that disruption (containment).
• Recovery capacity: ability of a system to return to functionality once a disruption has

occurred. Brief stabilization phase after which a return to a steady state of performance
can be pursued.
16
Strategies for improving resilience:

a. Supply chain agility: Ability of the firm and its supply chain to sense and respond to
changes in supply and demand, all in a timely and flexible manner.
Measures:
• Early demand planning ! higher availability of materials

• Supplier integration in new product development ! short-term adaption possible
• Active personal and competence management ! fast process handling in case of need
for adaptation
• Internal communication and exchange of knowledge with partners ! optimization of
cross-company processes
Example Dell:
Earthquake in Taiwan 1999 destroyed supplier plants ! Dell increased prices for critical
components and reduced prices for available components
17
b. Redundancy: Additional resources ! higher flexibility

• Safety stocks
• Additional warehouse locations
• Multiple sourcing
• Different means of transportation
c. Flexibility:
• Reactive flexibility: no systematic orientation on potential future changes (e.g. search
for alternative suppliers after risk has happened)
• Future-oriented flexibility: planned actions for different environmental situations
(proactive selection of alternative suppliers)
18
Top 10 SC Resilience Index
19
3. Supply Chain Risk Management Process
Risk
n
tio
ica
Risk
tif
en
Id
Ass
sk
Risk Monitoring
essm
Ri
and
ent
Documentation
Risk Control
Strategy
Supply Chain Risk Management Process
20
Organization of Risk management:
• Centralized: risk management in line with company strategy; staff organization

responsible for identification and assessment of risks; operational levels not included
• Decentralized: risk management organized in departments; early consideration of

operational risks and their characteristics; higher employee motivation; no alignment
with superordinate strategy and no comprehensive risk management
• Hybrid: centralized alignment of risk management; decentralized implementation in

departments
21
3.1 Risk Strategy
• Consideration of individual business environment for every partner

• Common understanding of risks between all partners
• Clear defined and communicated risk strategy
• Different risk attitudes:
o Risk-averse: risks have greater importance than chances; achieve a critical supply
network performance above a set target value; fewer worst-case scenarios and
decrease of the variance of company performance; e. g. more investment in
inventory
o Risk-neutral: acceptance of a nominal deviation of network performance targets;

balanced application of risk reducing instruments
o Risk-friendly: acceptance of a higher deviation of network performance targets
22
• Visualization of supply chain to identify critical partners
• Risk-chance profile: determination of a common upper risk threshold binding for all
partners
• Specification of departments and persons responsible for identification, assessment,

control and management of risks responsibility matrix
• Risk manual:
o Structure and procedures of risk management

o Definition of risk and risk management
o Risk attitude (friendly, neutral, averse)
o Risk-related organizational structure: structures and procedures, clear
responsibilities, shift decision to higher level of responsibility
o Description of risk management software: flexible data import and export
interfaces; e. g. Risk2value (avedos), R2C (Schleupen), CRISAM (Calpana Business
Consulting)
23
3.2 Risk Identification
• Comprehensive and structured determination and recognition of potential risk types and
risk factors, and future uncertainties
• Only identified risks can be managed
• Complete identification of all supply chain risks not possible
• Collection methods: identification of existing risks; reactive risk management
• Search methods: identification of unknown risks; proactive risk management
24
Search Methods Tools with

Collection
Analytical Creativity Supply Chain
Methods
Methods Methods Character
Checklist Questionnaire Stress Test
Product Brain- Input Output

Lifecycle and storming Analyses between
SWOT Analysis
Portfolio supply chain
Analysis partners
Statistics (e.g.
Failure Mode
about Critical Path
and Effect Brainwriting
accidents, Analysis
Analysis
damages)
Qualitative and Process flow

Tools for Supply Risk Identification Interviewing of Quantitative diagrams between
Social Media
experts, staff Forecasting supply chain
Methods partners
Employee
Simulation
suggestion
Methods
system Supply Chain
Synectics
Risk Map
Document Fault Tree and
Analysis Event Analysis
Morphological
Inspection Company visits at
Methods
Delphi Method supply chain
Critical Path partners
Pareto Method
Method
Early warning,
Supplier Audits detection and
enlightenment Scenario Usage and
Technique Capacity Portfolio
Competitive Process
Analysis Analysis
25
Checklist:
• No overall scheme to establish checklists; experience and know-how necessary

• High degree of aggregation no statements to single risks or interdependencies
26
Risk Checklist 1/3
Category Sub-Category Description Description

(an indication of the type of risks covered by the category)
Reputation None Risks that impact directly on the reputation of the organisation
Government Policy & Risks resulting from proposed or existing government policy or possible
None
Regulation government action
Risks associated with the organisational strategy as set out in the
Strategy None
delivery plan
HR
Proposed or existing legislation Impact on the organisation & non-
Legislation Finance compliance with legislation unless covered in other areas
Research/Scientific
All risks associated with working in partnership with another
Partnership None
organisation, including risks to the partnership arrangements
27
Risk Checklist 2/3

(an indication of the type of risks covered by
the category)
Includes internal & external
Public Engagement Communications communications Excludes knowledge
transfer
Health & Safety Top level Health & Safety risks
Security Security of staff; buildings, Not IT security
Compliance Environment
All areas of research governance e.g. ethics,
Research Governance
compliance
All risks related to research intramural &
Research None at this time
extramural
Knowledge transfer Risk relating to loss of IP rights, failure to
Intellectual Property Translational research
& Dissemination identify opportunities Lost of IP income
Business Processes Standard Operating Risk relating to the day to day operation of
Operational procedures Business Planning Business the business not covered by one of the other
Continuity Organisational Change categories
Risk to the finance of the organisation. Risk
Finance None
to income or expenditure
28
Risk Checklist 3/3

(an indication of the type of risks covered by the category)
Risk associated with the buildings owned or occupied by the
Property none
organisation
Procurement none Risk associated with the procurement of goods or services
Recruitment &
Retention Learning &
Development
Employment Law
E.g. skill shortage, recruitment & retention, disciplinary, compliance
People with equal opportunities and other employment law
Sickness and Absence
Leadership and Development
Risks to the organisation from the project as a whole. This is not

Major Projects None individual risks for the project they would be in the project risk
register using the categories in this list
Maintaining systems reliability & integrity Security of information
Information
Technology None and systems Operation of technology including misuse Suitability of
systems to meet needs
29
SWOT Analysis:
• Structured planning method that evaluates Strenghts, Weaknesses, Opportunities,

Threats of an organization, project or business venture.
• Strengths: characteristics of the business or project that give it an advantage over others
• Weaknesses: characteristics of the business that place the business or project at a

disadvantage relative to others
• Opportunities: elements in the environment that the business or project could exploit to
its advantage
• Threats: elements in the environment that could cause trouble for the business or project
30
SWOT Analysis
Business Analysis (internal)

Strengths Weaknesses
Environment List of strengths List of weaknesses

Analysis (external)
Opportunities SO Strategies WO Strategies

List of opportunities Which of the Which actions you
company’s strengths can take to minimize
can be used to the company’s
maximize the weaknesses using the
identified identified
opportunities? opportunities?
Threats ST Strategies WT Strategies

List of risks How can you use the Minimization of own
company’s strengths weaknesses to avoid
to minimize the the identified threats.
identified threats?
31
Early warning, detection and enlightenment:
• Early warning: focus only on risks
• Early detection: focus on risks and chances, internal (fluctuation rate) and external
(interest rates, economic index) early warning indicators, operational level
• Early enlightenment: strategic level; include strategies to exploit opportunities and

measures to counter risks
Assumption: discontinuities emerge based on "weak signals" (Ansoff, 1975), early detection
of those signals which could lead to events which have the potential to
jeopardise an organization’s strategy.
32
Early warning, detection and

enlightenment
Early Enlightenment
Early detection of
latent risks and
opportunities
Early Detection as well as
Early detection assurance of

of risks and initiation of
opportunities strategies and
Early Warning measures
Early detection of risks
33
Fault Tree Analysis:
• Logic diagram based on the principle of multi-causality
• Traces all branches of events which could contribute to a risk
• An undesired state of a system is analyzed using Boolean logic to combine a series of

lower-level events
• Find out the direct cause of the risk and also deep-level mining of the potential reason for
the risk
34
Fault Tree Symbols and Example
Gate Symbol Gate Name Causal Relation
Output event occurs if all input events occur

1 AND gate
simultaneously.
Output event occurs if any one of the input events

2 OR gate
occurs.
Input produces output when conditional event

3 Inhibit gate
occurs.
35
36
Risk Failure Mode and Effect Analysis:
• Proactive tool for risk identification
• Form a diversified knowledge team to identify all risks that possible can happen
• Rate the severity of each potential risk
37
Degree of Severity Ranking

Degree Description Median Rating
When a potential failure mode affects
safe operation of the product and/or
involves non-conformance with
government regulations. May endanger
Very High 10 - 9
people or product. Assign "9" if there
will be a warning before failure, assign
"10" if there will NOT be a warning
before failure.
When a high degree of customer
dissatisfaction is caused by the failure.
Does not involve safety of people or
High product or compliance with government 8-7
regulations. May cause disruption to
subsequent processes/operations and/or
require rework.
When a moderate degree of customer
dissatisfaction is caused by the failure.
Customer is made uncomfortable or is
Moderate 6-5-4
annoyed by the failure. May cause
rework or result in damage to
equipment.
When a failure will cause only slight
Low 3-2
annoyance to the customer.
When a failure is not likely to cause any
real affect on subsequent
processes/operations or require rework.
Minor 1
Most customers are not likely to notice
any failure. Any rework that might be
required is minor.
38
• Determine the occurrence of each potential risk

Degree of Occurrence Ranking
Chance Description Probability Median Rating
Failure is almost 1 in 2 or 10 -
Very High
inevitable 1 in 3 9
Process is "similar"
to previous 1 in 8 or 8
High
processes with a 1 in 20 7
high rate of failure
to previous 1 in 80 6
Moderate processes which or 1 in 400 5
have occasional or 1 in 2000 4
failures.
to previous
Low 1 in 15000 3
processes with
isolated failures
to previous
Very low processes with 1 in 150000 2
very isolated
failures
to previous
Remote 1 in 1500000 1
processes with no
known failures
39
• Provide detectability rating to each risk by analyzing the facilities available to detect the
risk
Degree of Detection Ranking

Degree Degree in % Description Median Rating
Control method(s) cannot or will
Detection is not possible 0 not detect the existence of a 10
problem.
Control method(s) probably will not
Very Low 0 to 50 9
detect the existence of a problem.
Control method(s) has a poor
50 to 60
Low chance of detecting the existence of 8-7
60 to 70
a problem.
70 to 80 Control method(s) may detect the
Moderate 6-5
80 to 85 existence of a problem.
Control method(s) has a good
85 to 90
High chance of detecting the existence of 4-3
90 to 95
a problem.
Control method(s) will almost
Very High 95 to 100 certainly detect the existence of a 2-1
problem.
• Calculate the risk priority number (RPN = S*O*D)

• RPN = 1000 (high); RPN = 125 (medium); RPN = 1 (low); action limit: RPN > 99
• Arrange the risk in decreasing order based on RPN and plan preventive measures
40
Action results
Process Potential S Potential O D R Recomm Respon-
Potential Current
New D
New O
New S
step/ Effects of E Cause of C E P ended sibility Action
New
RPN
Failure Control
Input Failure V Failure C T N Action taken
What are the What are the
What is the In what ways What is the What causes What are the Names
8 6 5 240 actions for completed
process step/ does the key impact on the key input existing reducing actions taken
input under input go key output go wrong? controls that occurence or with the recal-
investigation wrong? variables? prevent improving culated RPN?
either the detection?
cause or the
failure?
41
Brainstorming:
• Group creativity technique
• Finding a conclusion for a specific problem by gathering a list of ideas spontaneously

contributed by its members
• Group limited to 4 – 10 members
• No criticism is allowed
• Non-judgemental collection of possible risks
• Avoidance of centration on a specific risk area
42
Synectics:
• Problem solving methodology that stimulates thought processes of which the subject may
be unaware
• Way to approach creativity and problem-solving in a rational way
• Research creative process in vivo, while it is going on
• Emotion is emphasized over intellect and the irrational over the rational
• Through understanding the emotional and irrational elements of a problem or idea, a

group can be more successful at solving a problem
43
Delphi Method:
• Structured and anonymous questioning technique
• Interactive forecasting method which relies on a panel of experts
• Experts answer questionnaires in two or more rounds
• After each round, a facilitator provides an anonymised summary of the experts' forecasts
as well as the reasons they provided for their judgments
• Experts are encouraged to revise their earlier answers in light of the replies
• Process is stopped after a predefined number of rounds, or achievement of consensus,

stability of results, and the mean or median scores of the final round determine the
results
• Time consuming technique
44
Flow Chart for Delphi Method
45
Social Media:
• Websites and applications that enable users to create and share content or to participate
in social networking (Xing, Twitter, Facebook)
• Real-time communication ! better risk identification
• Better information management, relationship management (e. g. trust), fast
communication
• Access to risk forums and early warning systems
Stress Test:
• Identification of key suppliers, key customers, storage and transportation capacities,

location of distribution centers
• Application of scenario technology (what if scenarios) to examine the effect of different
risks on the total SC
• Determination the degree of preparation to manage risks
46
Result of risk identification: risk inventory:
Criterion Risk Types

Point of origin of Resource risks, process and control risks,
the source of risk demand risks, environmental risks
Handling of risks Business risks, event risks, process risks
Occupational risks, personnel risks,
Resource
equipment risks, material risks, capital risks
Planning risks, procurement risks,
Process type manufacturing risks, delivery risks, disposal
risks, enabling risks
Procurement risks, production risks, sales
Functional area
risks, process risks, control risks
Logistical Order processing risks, storage risks,
performance packaging risks, transportation risks
Material flow risks, financial flow risks,
Flow risks
information flow risks
47
Result of risk identification: risk inventory:
Criterion Risk Types

Insurability Insurable risks, uninsurable risks
Decision-making Normative risks, strategic risks, tactical
level risks, operational risks
Direction of
possible target Pure risks, speculative risks
deviation
Type of risk
Cumulative risks, additive risks, unique risks
impact
Extent of Minor risks, small risks, medium risks, large
consequences risks, disastrous risks
Measurability Measurable risks, non measurable risks
48
SCOR Model:
Six basic management processes: plan, source, make, deliver, return and enable
49
PLAN is at the core and provides the guidelines for the business. The PLAN
process balances total demand and supply with information from external and
internal operations to optimize the allocation of SC resources, as shown in Figure

2. The PLAN process in level 3 is shown in the following Figure 4-5.

Risk identification Plan:
Figure 4-5 PLAN Process in Level 3 (SCC)
In practice, the risk identification techniques mentioned above can be used to
locate the risks at each node in a more comprehensive way by following the
framework given by SCC and combining it with actual company's SC (Table 4-1
Example).
Table 4-1 Example - Risks in PLAN 50
4.2.1.2 Risk Identification in SOURCE

resources from the market to meet the production activities of the enterprise.
SOURCE includes the purchase of goods and services to meet the plan, and its
main process is shown in Figure 4-6.

Risk identification Source:
Figure 4-6 SOURCE Process in Level 3 (SCC)
The possible risks of each of these nodes in SOURCE, for example (Table 4-2):
57
Table 4-2 Example - Risks in SOURCE 51

materials, but also needs to contact the downstream, according to the specified
time to produce the goods, MAKE is the most critical link in the SC, and its main
process is shown in Figure 4-7.
Risk identification Make:
Figure 4-7 MAKE Process in Level 3 (SCC)
The possible risks of each of these nodes in MAKE, for example (Table 4-3):
Table 4-3 Example - Risks in MAKE

52
Risk identification Deliver:
Figure 4-8 DELIVER Process in Level 3 (SCC)
The possible risks of each of these nodes in DELIVER, for example (Table 4-4):
Figure 4-8 DELIVER Process in Level 3 (SCC)
The possible risks of each of these nodes in DELIVER, for example (Table 4-4):
53
Table 4-4 Example - Risks in DELIVER

andLasch
Prof. Dr. Rainer unqualified products returned by the customer, the process is shown in
Risk identification
Figure 4-9: Return:
Figure 4-9 RETURN Process in Level 3 (SCC)

Possible risks:
• too many products being returned causing inventory problems

The possible risks of each of these nodes in RETURN, for example include too
• unreasonable return process
many products being returned causing inventory problems, production planning
• inappropriate handling of customer complaints
problems, unreasonable return process and inappropriate handling of customer
54
complaints etc.
3.3 Risk Assessment
• Critical process to help top management for making corrective decisions and imple-
menting mitigation strategies at both company and supply network level
• Requirements: high actuality, efficiency, objectivity, interpretability

reasonable cost-benefit-ratio
• assessment and rating of two aspects of each identified risk category: 1) the likelihood
((probability) or frequency of occurrence; and 2) the impacts or associated consequences
• Likelihood: typically a qualitative and subjective decision in supplier risk management

process which requires organized guessing
• Probability: based on historical data and statistical modeling
55
Probability Assessment Scale
Subjective
Rank Description
estimate
1 Very unlikely Very rare event

2 Improbable There is indirect evidence of event
3 Moderate There is direct evidence of event
4 Probable There is strong direct evidence of event
5 Very probable Event recurs frequently
• Impact: direct and/or indirect effect of a risk occurring; e. g. loss of revenue, margin,
cash flow, asset, brand image, strategic value, inability to comply, loss of life, and etc.
56
Impact Assessment Scale
Subjective
Rank Description
estimate
Insignificant in terms of the whole

1 No impact company
2 Minor impact Single small losses
3 Medium impact Causes short-term difficulties
4 Serious impact Causes long-term difficulties
Catastrophic
5 Discontinue business
impact
• Estimation of probability and possible damage/impact of risks using experts

• Distinction between singular risks (limited to local company), additive risks (alone without
impact, impact only in combination) and cumulative risks (amplifying in SC regarding the
damage)
• Analysis of cause-impact-relationships of different risks increases transparency
• Considerations of correlations between risks assessment of total risk
57
Methods for Risk Assessment
Semi-Quantitative Quantitative
Qualitative Methods
Methods Methods
Risk estimations Failure Mode and
Expert Surveys Effect Analysis
Value at Risk
Delphi Method Fault Tree Analysis
Classification Event Tree Analysis

Risk Simulation
Decision Tree
Risk Map
Analysis
Scenario Analysis Scoring Models
Analytic Hierarchy Sensitivity Analysis
Ishikawa Diagram
Process
58
• Prioritization of risks (A-, B-, C-risks, dependent on risk-bearing capacity of the company)
using risk map:
… A - Risk
… B - Risk
very … C - Risk
high
… assessed Risk
Probability of Occurence in %
high
medi
um
low
very
low
meaningless low medium serious life-threating

Extent of Damage in €
Company Risk Map
59
• Risk assessment with Supply Chain Orientation: risk assessment only for each company
including company-wide risks
• Common risk assessment within the Supply Chain: common limits of materiality defined
for risks, reduction of information asymmetries between partners
• Holistic Supply Chain risk assessment: common selection, assessment and aggregation of
SC risks including interdependencies; open information and data exchange
• Different risk-bearing capacities lead to different limits of materiality defined for risks
new risk map for SC including cumulative risks but no consideration of

interdependencies
60
Influence on Network Partners
… High Relevance
high
(A- Risks) … Medium Relevance
medium
… Low Relevance
(B- Risks) … Risks of Network
Partners
low
(C- Risks)
C-Risks B-Risks A-Risks

Business Risks
Supply Chain Risk Map
61
Analytic Hierarchy Process (AHP)
• Effective method to do quantitative analysis for non-quantitative events
• Application in group decision making
• Decomposition of complex problems into constituent factors, then grouping these factors
to form an orderly hierarchical structure
• Determination of each risk factor in the comprehensive evaluation of supply chain risk
• Ranking the importance of supply chain risk factors based on the weight of risk factors
62
Value at Risk (VaR)

• Estimates how much a set of investments might lose, given normal market conditions, in
a set time period (e.g. day)
• Given portfolio, time horizon, and probability p: VaR is the the maximum possible loss
during the time if we exclude worse outcomes whose probability is less than p
• Example: a portfolio of stocks has a one-day 5% VaR of $1 million there is a 5%

probability that the portfolio will fall in value by more than $1 million over a one-day
period if there is no trading or a loss of $1 million or more on this portfolio is expected on
1 day out of 20 days (because of 5% probability)
Monte Carlo Simulation

• Rely on repeated random sampling to obtain numerical results
• Idea: using randomness to solve problems that might be deterministic in principle
• By the law of large numbers, the expected value of some random variable can be
approximated by taking the empirical mean of independent samples of the variable
63
3.4 Risk Mitigation
• Differentiation between cause-related and effect-related strategies:
Avoidance
Reduction PoO
Reduction AoD
Diversification
Transfer
Acceptance
Residual
Risk
Cause-related:
Reduction of the Effect-related:
Probability of Reduction of the Amount of Damage (AoD)
Occurrence (PoO)
Risk Mitigation Strategies

64
• One measure can reduce several risks: supplier selection and assessment for
strategical/tactical level; applicable for avoidance and reduction
strategical tactical operational
Avoidance Supplier selection and Permanent information

assessment exchange
Supplier development
Reduction
Alternative supplier
Safety stock
Contractual penalty
Transfer
Accept- Contingency plans
ance
• Selection of an efficient combination of measures is difficult

successive control of risk (application of mitigation strategies one by one;
mitigation of remaining risk on next level)
65
a. Avoidance:
• Complete elimination of probability of occurrence
• Only for single risks reasonable dispense with all chances!!
• E. g.: avoidance of activities in political unstable markets, transportation risks using in-
house production, storage risks applying JiT/JiS
• Avoidance of risks results often in transfer of risks (JiT higher storage risks for supplier)
b. Reduction:
• Reduction of probability of occurrence and risk outcome down to a sustainable level
• Cause-related measures: regular quality inspection of deliveries, inspection of production
facilities, postponement, careful supplier selection, selection of means of transportation
and warehouses based on safety terms, RFID (higher transparency), ECR, CPFR
• Effect related measures: creating redundancies using inventories or buffer times,
installation of sprinkler system
66
c. Diversification:
• Using diversification effects by separating business activities in several sub processes
reduction of damage and increase of probability of occurrence
• Expansion of activities to several business areas, products, storage locations, suppliers,
etc.
• Ongoing relationships with other suppliers alternative sources of supply
d. Transfer:
• Transfer of risk to insurance companies (only for pure risks e. g. fire, storm, not for
speculative risks) or to partners
• Power of different partners is important
• Transfer under consideration of risk-bearing capacity and risk attitude of partners
• Captives: self-insurance in which a parent group or groups create a licensed insurance
company to provide coverage for itself; purpose is to avoid using traditional commercial
insurance companies, which have volatile pricing, and may not meet the specific needs of
the company; the SC can reduce costs, insure difficult and extreme risks, have direct
access to reinsurance markets, and increase cash
67
e. Acceptance
• Control of risks with other strategies not possible or too expensive
• Risk damage < risk-bearing capacity
• Redundancy and flexibility to reduce possible damages: material easy to substitute,
flexible production concepts, adaptable order and inventory processes, training of
employees, increase of equity, creation of financial provisions and hidden reserves
68
Case Study Ericsson
- 1876 founded Swedish enterprise, world-wide largest supplier for mobile telephone systems
- employs approx. 61,000 coworkers in over 140 countries
- 40 per cent of the calls transacted world-wide take place over the systems of Ericsson
- many business units outsourced, many contracting parties and suppliers existing
- increasing risk threat
- most momentous disturbance: 18th of March 2000 fire at the currently unique chip manufacturer of
Ericsson, the Philips semiconductor plant in Albuquerque, New Mexico (the USA)
- consequence: 3 weeks production downtime of the mobile telephone production
! damage over 400 Million Dollar ! Exit from the mobile telephone market
- the Wall Street Journal concludes that Ericsson did not react quickly and consistently enough and failed
to recognize the consequences of the fire
- single sourcing with serious consequences instead of dual or multiple sourcing
Ericsson consequently recognized the need to monitor risks in the company and to identify
them along the SC in order to avoid further incidents or to manage them more quickly if they
occurred.
- individually adapted risk management concept anchored in the Ericsson Group Management System
- today's corporate philosophy "everyone is a risk manager".
Fig. 1: Risk management process of Ericsson

Ericsson’s Risk Strategy

- no risk strategy defined as a process step, but contractual regulations
- strategic framework with guidelines for suppliers to avoid disruptions in SC and to provide a
supply guarantee for their own company:
• suppliers are obligated to prepare supply plans and have crisis management with
contingency plans in case of emergency
• responsibles for each risk-critical area
- "Core Unit" in Ericsson Group has fundamental responsibility for all risk activities and
provides a risk manager who is assigned to implement and develop SCRM in close
cooperation with SC managers
- SC manager has to guarantee SC reliability and deliverability
! Distribution of responsibilities among different managers

! Responsibility matrix with main responsible persons
! Guaranteed possibility to obtain all necessary goods from the supplier or, if necessary,
from alternative suppliers at any time
Ericsson’ s Risk Identification

- On the supply side, suppliers are screened on the basis of various criteria and then classified as risky or
harmless.
- For this purpose, Ericsson divides the suppliers into four classes according to their respective sourcing strategy:
(1) Goods sourced by multiple sourcing from two or more manufacturers,
(2) Goods sourced by single sourcing, comparable manufacturers available,
(3) Goods sourced by single sourcing, lower quality manufacturers available,
(4) Goods procurement by sole sourcing.
- Next, Ericsson's susceptibility to breakdowns of specific suppliers is determined based on the "Business
Recovery Time", the time required to restore normalcy after a disruption has occurred, even to the point of
changing suppliers if necessary:
(1) Duration of less than three months,
(2) Duration of between three and eight months,
(3) Duration of between nine and twelve months with minor product changes,
(4) Duration of longer than twelve months with very complex product changes.
Based on the above factors, particularly risk-critical suppliers are identified according to their
importance and analyzed in more detail below.
Ericsson’s Risk Analysis
- combination of the in-house developed tool "Ericsson Risk Management Evaluation

Tool" (ERMET) with a modification of a risk map
- ERMET is used for the continuous analysis of direct and indirect suppliers of critical
goods or services and evaluates in great detail e.g. financial issues, environmental
risks, behavior in case of failures
- ERMET is a complex and know-how-intensive tool
! Application requires cooperation of internal and external SC risk managers
- risks of each business unit are quantified according to probability of occurrence and
extent of damage and the overall risk of the supplier is entered in a spider-web diagram
- is used for operational risk prevention, other tools are used for strategic risks at
Ericsson
-SC risk manager conducts workshops with technical staff and business specialists !
Discussion of risk potential issues ! Documentation of results in "Templates for Risk
Assessment & Treatment" (comparable to a risk structure sheet)
- modified form of the risk map ! assessment of exclusively financial impacts

- instead of the extent of damage, the business interruption value (BIV) is calculated for the
respective risk by multiplying the gross profit by the business recovery time already determined
in the identification phase and adding additional vacancy and personnel costs
Business Interruption Value:
(1) Severe: BIV > ~$100 million,
(2) Significant: BIV > ~ $50-100 million,
(3) Minor: BIV > ~$10-50 million,
(4) Insignificant: BIV < ~ $10 million.
Table 1: Ericsson Risk Map

Ericsson’s Risk Control

- graduated distribution of responsibility to direct up to indirect suppliers
- SC risk manager develops "Templates for Risk Assessment & Treatment" as well as
contingency plans within the framework of crisis management
- Toolbox on Ericsson‘s intranet used for general employee education on risk
management and contingency planning for risk managers
The principle emergency plan consists of three steps:

- Response Plan: the response plan is an adequate response to an incident as necessary
actions to assess, contain and control risk activities.
- Recovery Plan: recovery from the incident should include the necessary actions that
lead to the resumption of critical but necessary operations, processes, or functions.
- Restoration Plan: This process leads to the full resumption of economic activities and a
return to normalcy.
Ericsson’s Risk Monitoring

- "Risk monitoring": further observation of very critical risks that could not be reduced by
control measures
- support through spider-web diagrams
! This can be used to assess risks according to defined criteria and record their
development. In the case of suppliers, the development of their risk management
processes is observed.
Conclusion
- awareness of risk management often only as a result of serious incidents
- SCRM matrix organization
- most important success factor for SCRM: open discussion with suppliers during risk
analysis
- potential for improvement with regard to protection against risks apart from supplier-
side risks and inclusion of opportunities in the risk management process
3.5 Risk Monitoring
• Identified risks should be monitored frequently in order to recognize the potential

increasing and decreasing trends in their probability, impacts and consequences
• Provides an early warning when risk level is rising
• Risk monitoring is very time consuming companies typically select limited risk
categories for monitoring
• Control of implementation and success of measures to mitigate risks
• Control of supply chain risk management process: risk threshold limits, responsibilities,
monitoring cycles
77
• Learning function: generation of experimental knowledge; improvement of the basis for

information and decision making for risk policy measures in the future
• Documentation of the measures taken archiving function
• Documentation of target figures which are not achieved
• Risk communication: risk reporting for responsible decision maker
• Ad hoc risk reporting in case of special urgency (e. g. risk exceed the stated threshold):
parallelized reporting structures are necessary
78
4. Supplier Risk Assessment Methodology for Measuring,

Tracking and Analyzing Suppliers
Characteristics:
• It is practical and not overly burdensome
• It is quick to implement and easy to maintain
• It has a visual reporting mechanism
• It is able to provide early warning signals for potential problems in the supply base and
capture temporal changes in risk
79
4.1 Risk Categories

Risk category Risk subcategory Description Risk attribute
• Incapability of supplier to meet expected quality. • Rejection rate of the product

Operational risk - Quality failure • Increased lead time
• Supplier cannot reach the acceptable defined quality KPI by
• Quality assessment
purchasing company.
• Remedy for quality problems
- Delivery failure • Supplier fails to deliver the full-quantity or make the

• Delivery schedule
delivery on-time.
• Late delivery
• Supplier cannot reach the acceptable defined delivery KPI
by purchasing company.
- •
Production capacity/flexibility Supplier is not able to handle volume and mix changes. • Response to changes
failure • Supplier is near or at full capacity. • Production facility and capacity
- Technology/design failure • Supplier fails in making required design changes, • Technological and R&D support
completing the production process, and validating the • Technological competitiveness
design.
• Supplier is not technologically competitive.
Financial risk - Financial health • Financial instability of supplier with respect to different • Financial health
factors like profit and loss statement.
• Supplier has poor financial health and it is possible that it
goes to bankrupt.
- Changes in price • Unexpected increase of supplied raw material and • Product price
components, or provided services prices • Freight price
• Supplier is not able to provide competitive prices and • Tariff and custom duties
company is committed to a fixed-price contract for a long • Economy
term.
- Currency exchange rate • Company has a global supply chain and supplier’s common
currency is volatile. 80
Supplier risk categories and subcategories, and their
descriptions 1/4

Geographical risk - Market strength • Supplier has huge market share, and power in the • Market thinness
marketplace. • Customized product
- Natural/Man-made disasters • Risks arising from natural disasters like earthquake that • Fire
depend on the locality of the supplier, or from man-made • Earthquake
disasters such as labor strike which are less dependent on the • Flood
supplier locality. • Terrorism
• Labor strike
- Political/legal • Supplier is unaware of legal standards, or neglects to • Political stability

consider them in its business. • Supplier commitment to the legal standards
• Changes in political situations in supplier located area result
in legal issues like violations or non-conformance with new
policies, rules and regulations on a long-term.
Environmental - Pollution production and • The amount of the pollution which supplier produces is not • End-of-pipe control
compliance with regulations and standards. • Carbon and hazardous substance management
and social risk control • Production of polluting agents
• Production of toxic products
• Production of waste
• Packaging
• Product adaptation
• Process adaptation
- Pollution prevention • Supplier does not consider Corporate Social Responsibility • Use of environmentally friendly materials
in its business.
• Supplier’s inability to adapt its products and process toward
sustainability or it does not use environmentally friendly
materials.
• Supplier does not purchase its raw material from
environmental second-tier suppliers.
• Supplier does not control resource consumption (water,
descriptions 2/4
energy, raw materials, and non-renewable resources).
81
- Environmental purchasing • Supplier does not comply with the laws of the country,
• Buying environmentally friendly materials
international human rights declarations, and other human • Buying environmentally friendly technology

Environmental - Pollution production and • The amount of the pollution which supplier produces is not • End-of-pipe control
compliance with regulations and standards. • Carbon and hazardous substance management
and social risk control • Production of polluting agents
• Production of toxic products
• Production of waste
• Packaging
• Product adaptation
• Process adaptation
- Pollution prevention • Supplier does not consider Corporate Social Responsibility • Use of environmentally friendly materials
in its business.
• Supplier’s inability to adapt his
its products and process toward
sustainability or it does not use environmentally friendly
materials.
• Supplier does not purchase his its raw material from
environmental second-tier suppliers.
• Supplier does not control resource consumption (water,
energy, raw materials, and non-renewable resources).
- Environmental purchasing • Supplier does not comply with the laws of the country,
• Buying environmentally friendly materials
international human rights declarations, and other human • Buying environmentally friendly technology
rights and fair employment practice standards.
- Resource consumption
• Consumption of energy
• Consumption of raw materials
Supplier risk categories and subcategories, and their • Consumption of water
descriptions 3/4 • Consumption of non-renewable resources
82
- Employee practices
• Incapability of supplier to provide appropriate health and
safety conditions for its workforce. • Disciplinary and security practices
• Discrimination

Environmental
and social risk - Resource consumption • Consumption of energy
• Consumption of raw materials
• Consumption of water
• Consumption of non-renewable resources
- Employee practices
• Incapability of supplier to provide appropriate health and • Disciplinary and security practices
safety conditions for its workforce. • Discrimination
• Employment compensation
• Forced labor
• Child labor
• Working hours
- Health and safety • Freedom of association

• Health and safety practices
• Incident/accident records
• Injury related compensations

descriptions 4/4
83
4.2 Data Requirements
• The sum of all weights of different risk categories must be equal to 100 percent
• The weight of risk subcategory shows the importance of each one in comparison with
other risk subcategories of the corresponding risk category
• The risk subcategory weights for a given risk category must also sum to 100 percent
• The ratings can be part specific or plant specific
84
• Part specific risks: e g. within the operational risk category, the rating given to a
particular supplier on each risk subcategory would be part specific since quality failure,
production capacity/flexibility failure, etc. will vary from part to part
• Plant specific risks: e. g. natural/man-made disasters are improbable to vary for different
parts from the same supplier unless the parts come from different plants which belong to
the supplier
• The rating for each risk subcategory is based on a scale from 0 to 100 in which a higher
number indicates a worse supplier performance on that risk subcategory
• Include percentage of total volume of each part purchased from a given supplier
85
4.3 Risk Assessment Calculations for Parts
• Suppliers 1 and 2 each supplies 50 percent of the part A, Suppliers 2 and 3 supply 90 and
10 percent, respectively, of the part B, and Suppliers 2 and 4 supply 40 and 60 percent,
respectively, of the part C
• Since rating for some risk categories and subcategories is not dependent on part and is
related to the location of the supplier or some supplier specific criterion, rating is identical
for all parts provided by the supplier: e. g. rating of financial health subcategory is the
same for all parts provided by supplier 2
• Some ratings are dependent on both, part and supplier: e. g. ratings of quality failure are
different for three provided parts by supplier 2; parts B and C by supplier 2 have low risk
scores with respect to quality failure subcategory, but part A has medium risk score
86
• A multi-criteria scoring procedure is used to calculate all risk assessment scores:
o Multiply each supplier’s rating on that risk subcategory by the percent of purchased
products from that supplier
calculation of part A on the quality failure subcategory:
calculation of part B on the changes in price:
o Sum all suppliers’ scores on the risk subcategory to get the overall score for that part
risk subcategory
87
• Heat table concept:
o Red: A critical risk score is one that is greater than 75
o Orange: A high risk score is greater than 50 and less than or equal to 75
o Yellow: A medium risk score is greater than 25 and less than or equal to 50
o White: A low risk score is less than or equal to 25
88
Part A Part B Part C

Supplier Supplier Supplier Supplier Supplier Supplier
Risk category/ Supplier
1 2 2 3 2 4
subcategory
Percentage of
50 50 90 10 40 60
supply weight
Operational risk 50
Quality failure 35 40 50 5 15 10 30
Delivery failure 35 30 10 20 10 50 40
Production
capacity/flexibility 15 15 35 30 50 10 10
failure
Technology/design 15 20 55 5 35 25 20
failure
Total weight 100
Overall supplier
operational risk rating 29.8 34.5 14 21.5 26.3 29
for each part
89

1 2 2 3 2 4
subcategory
Percentage of
50 50 90 10 40 60
supply weight
Financial risk 30
Financial health 20 10 5 5 15 5 20
Changes in price 50 25 40 30 80 10 5
Currency exchange rate 30 30 10 10 20 10 15
Total weight 100
Overall supplier
financial risk rating for 23.5 24 19 49 9 11
each part
90

1 2 2 3 2 4
subcategory
Percentage of
50 50 90 10 40 60
supply weight
Geographical risk 20
Market strength 40 40 10 60 20 35 40
Natural/Man-made 50 60 10 10 45 10 10
disasters
Political/legal 10 5 20 10 35 60 10
Total weight 100
Overall supplier
geographical risk rating 46.5 11 30 34 25 22
for each part
Overall supplier rating 31.2 26.7 18.7 32.3 20.8 22.2
for each part
91
• Calculation of mean score within each category:

o Multiply the scores for each risk subcategory for a particular part by the weight assigned
to that risk subcategory
o Sum the resulting parts within that risk category
Calculation of operational risk mean for part A:
Geographical risk mean for part B:
Overall part A risk assessment score:

32.1×50% + 23.75×30% + 28.75×20% = 28.9
92
Category Subcategory
Category/Subcategory Part A Part B Part C
weighting weighting
Operational risk 100%
Quality failure 35% 45 6 22
Delivery failure 35% 20 19 44
50%
Production capacity/flexibility failure 15% 25 32 10
Technology/design failure 15% 37.5 8 22
Operational risk Mean 32.1 14.8 27.9
Financial risk 100%
Financial health 20% 7.5 6 14
Changes in price 30% 50% 32.5 35 7
Currency exchange rate 30% 20 11 13
Financial risk Mean 23.8 22 10.2
Geographical risk 100%
Market strength 20% 40% 25 56 38
Natural/Man-made disaster 50% 35 13.5 10
Political/legal 10% 12.5 12.5 30
Geographical risk Mean 28.8 30.4 23.2
Overall rating 28.9 20.1 21.7
93
Heat table for parts
4.4 Risk Assessment Calculations for Suppliers
• Supplier supplies a single part: risk assessment calculation is simply the supplier’s rating
on that part and risk subcategory
Risk assessment for Supplier 4 on Technology/design failure is 20
• Supplier provides multiple parts: the score is more affected by those parts for which the
supplier provides a greater percentage
• The overall score must be normalized such that the minimum score is zero and the
maximum score is 100:
o Multiply a supplier’s rating on a particular risk subcategory by the percentage of that
part provided by the supplier
o Sum over all parts supplied by that supplier
o Divide the resulting sum by the sum of all the percentages of parts supplied
Supplier 2 supplies all three parts. The Technology/design failure calculation for this
supplier is as follow:
55×50% + 5×90% + 25×40%

= 23.3
50% + 90% + 40%
94
Category Subcategory Supplier Supplier Supplier Supplier
Category/Subcategory
weighting weighting 1 2 3 4
Operational risk 100%
Quality failure 35% 40 18.6 15 30
Delivery failure 35% 30 23.9 10 40
Production 50%
15% 15 26.9 50 10
capacity/flexibility failure
Technology/design failure 15% 20 23.3 35 20
Operational risk Mean 29.8 22.4 21.5 29
Financial risk 100%
Financial health 20% 10 5 15 20
Changes in price 30% 50% 25 28.3 80 5
Currency exchange rate 30% 30 10 20 15
Financial risk Mean 23.5 18.2 49 11
Geographical risk 100%
Market strength 40% 40 40.6 20 40
Natural/Man-made
20% 50% 60 10 45 10
disaster
Political/legal 10% 5 23.9 35 10
Geographical risk Mean 46.5 23.6 34 22
Overall rating 31.2 21.4 32.3 22.2
95
Heat table for suppliers
4.5 Predictive Risk Analysis
• Risk rating and risk indices must be tracked over time and trends monitored
• Risk assessment over time (time-based data) indicates a trend towards unacceptable risk
levels then the supplier or part can be flagged
• Flagging signals:
o Trend reaches a specified allowed maximum percentage change in risk over a defined
period
o Trend shows an increase toward established control limits within which risk indices,
individual risk subcategories, etc. are allowed to fluctuate before corrective action is
taken
96
Supplier risk trend over time
• Example: A company allows a maximum change for a supplier risk score of 10 within
three time periods; Figure shows that supplier 3 risk score has increased from 25 to 40
within two time periods and it means it reaches the limit
97
Part risk trend over time
• Example: Figure indicates that part B risk score in three consecutive time periods is
between 50 and 75 which is high-risk score range
98
4.6 Operational Issues
• Risk categories and subcategories should be established by higher-level management

decision makers as they are the most familiar and involved with assessing supplier risk
and the factors that contribute to that risk
• Relative impact of each risk subcategory on the overall score of its respective risk
category will decrease with increasing the number of defined risk subcategories
• Relative weight of each risk category for the overall risk index of a supplier or part
decreases with increasing the number of defined risk categories
• Weights can be defined based on the probability of occurrence, the impacts and
consequences after occurring
• Risk subcategories such as war and terrorism, political issues, etc. are quite subjective
and ratings on these risk subcategories should be made by higher level managers
99
• Risk subcategories such as delivery failure, quality failure, etc. are more quantitative; for
such risk subcategories, ratings can be made by purchasing department, quality
inspectors, production level employees, etc. with the help of provided appropriate data
and measures such as KPIs
• Updating the methodology:
o The methodology should not be updated too frequently (job too exhausting) or too
rarely (predictive capability is limited)
o Some risk subcategories should be updated within shorter intervals (delivery failure
should be updated with each batch received) than others (earthquake or other
natural/man-made disasters would occur much less frequently) because they are
dependent on daily business
o If the company changes the weighting of a particular risk category or subcategory, it is

not necessary to re-enter the specific data values different scenarios are possible
100
5. Procurement
• Procurement is concerned with acquiring (procuring) all of the goods, services, and work
that is vital to an organization.
• Procurement deals with the sourcing activities, negotiation and strategic selection of
goods and services that are usually of importance to an organization.
• Procurement is, essentially, the overarching or umbrella term within which purchasing can
be found.
• Purchasing is the process of how goods and services are ordered. Purchasing can usually
be described as the transactional function of procurement for goods or services.
101
Strategic Procurement Operational Procurement
Initiation Agreement Processing Control
Identify Invitation Supplier Order Order Goods Invoice Vendor

needs to tender selection placement monitoring receipt approval payment
5.1 Strategic tasks:
Identify Invitation Supplier Order

needs to tender selection placement
Identy needs: Invitation to tender:

Define the business requirements Formal, structured procedure for generating
with the help of cross-functional competing offers from different potential suppliers
stakeholders. or contractors who have been previously assessed
for suitability by means of a supplier questionnaire
or pre-qualification questionnaire.
Supplier selection: Order placement:

Choosing the right supplier involves much If the requested goods/products have
more than scanning a series of price lists. characteristics such as unmanaged category buys,
Your choice will depend on a wide range of one-time unique purchases, or low-value
factors such as value for money, quality, commodities, then a spot buy can be performed.
quantity, reliability, service, sustainability. Else, purchase orders are created from approved
How you weigh up the importance of these purchase requisitions.
different factors will be based on your
business' priorities and strategy.
5.2 Operational tasks:

Order Goods Invoice Vendor
monitoring receipt approval payment
Order monitoring begins when a purchase order Once the supplier delivers the promised
is created and it is used to track dates and goods/services, the buyer inspects the delivered
events throughout the process chain, from the products or services to ensure that it complies
placing of a purchase order with an external with the contract terms. The goods receipt is
vendor to the presentation of the goods in a then approved or rejected based on the
store, or the receipt of goods in a distribution standards specified in the purchasing contract or
center. purchase order.
Once a goods receipt is approved, a match Upon receiving an approved invoice, the finance
between the purchase order, the vendor team will process payments according to the
invoice, and the goods receipt is performed. If contract terms. Any contract changes or reviews
there are no discrepancies found, the invoice is liquidated financial security will be taken into
approved and forwarded to the finance team account.
for payment disbursement. In the case of
inaccuracies, the invoice is rejected back to
the vendor with a reason for rejection.
6. Outsourcing (outside resource using)
• Long-term oriented outsourcing or exclusion of formerly self-produced services to legally

independent companies:
Source: Lasch (2017), p. 16)

105
6.1 Opportunities and Risks of Outsourcing:

Strategic Opportunities Strategic Risks
Focus on core competencies Dependency on the outsourcing
• Creation of free resources partner
• Avoidance of capacity
shortage
Complexity reduction Loss of core competencies
• Less responsibilities for the
management
• Reduced commitment of
human resources
• Reduced control effort
Flexible capacity adjustment Disclosure of trade secrets
• Access to new sales and
procurement markets
Transfer of risks Image loss
• Avoidance of risky
investments
• Outsourcing of sales price
risks or contribution margin
risks
• Outsourcing of additional
consumption or factor costs
increase risks
Source: Lasch (2017), p. 18 106
Operative Opportunities Operative Risks

Cost advantages Cost related risks
• Improved transparency of • Underestimation of transaction
costs costs
• Variabilization of fixed costs • Price increase of the
• Reduced staff costs outsourcing partner
• Decrease of capital • Insufficient transparency of

commitment costs
• Economies of Scale
Performance improvement Performance related risks
• Access to external know-how • Interface problems
and technical progress
• Quality issues
• Higher competitive pressure
• Extending the range of
services
• Quality improvement
• Shorter lead times
Exonerative effects Personnel risks
• Stabilisation of capacity • Resistance against outsourcing
decision
• Flexible capacity adjustment
• Job loss
Source: Lasch (2017), p. 20

107
6.2 Cost Accounting Approaches
a) Short-term decisions
• Underemployment
• Bottleneck situation
Costs Costs
Processing Production
in-house external
time (t) per quantity in
production procurement
unit [min] units
(k) [€] (p) [€]
Model 1617 7,50 10,00 20 200
Model 1797 10,00 12,00 15 150
Model 1812 3,50 5,00 5 450
Model 1956 1,75 2,00 2,5 1000
Model 2000 27,50 25,00 30 75
108
Bottleneck related in-

Cost advantage
house production Rank
(p-k) [€]
advantage (p-k)/t
Model 1617 2,50 0,125 3
Model 1797 2,00 0,133 2
Model 1812 1,50 0,300 1
Model 1956 0,25 0,100 4
Model 2000 -2,50
In-house used capacity remaining capacity

production per [min] [min]
unit
Model 1812 450 2.250 6.750
Model 1797 150 2.250 4.500
Model 1617 200 4.000 500
Model 1956 200 500 0
Sum 9.000
In-house External
Production quantity in
production in procurement in
units
units units
Model 1617 200 200
Model 1797 150 150
Model 1812 450 450
Model 1956 1.000 200 800
Model 2000 75 75
Sum 1.875 1.000 875
Source: Lasch (2017), p. 24-25

109
110
b) Long-term decisions
Investigations in own company

• Know-how
• Staff
• Production facilities
• Impacts of external procurement on existing capacities
• Change of calculation rates
Investigations of possible supplier regarding

• Economic situation
• Delivery time vs. production lead time
• Delivery reliability
• Quality
• Flexibility
111
112
6.3 Transaction Costs Approach
113
• Ex ante transaction costs
• Ex post transaction costs
• Specificity
• Uncertainty
• Frequency of transaction
! In-house production is reasonable with high specificity; high uncertainty and frequent
transactions
! Outsourcing is reasonable in rare and standardized services which are subject to minor
changes
114
6.4 Market Oriented Approach
115
• Focus on competition and market capability
• Five competitive forces
• Value chain analysis
! Outsourcing is reasonable, if advantages for the company and their external partners are
created based on a cost-effective win-win-situation.
116
6.5 Resource Based Approach
• Existence of company-specific, unique resources (value creating, rare, not substitutable,

not imitable)
• Tangible and intangible resources
• Competence portfolio
117
! In-house production is reasonable, if unique competitive advantage creating resources are

existing.
! Outsourcing is recommendable, if resources do not provide a competitive advantage, are

substitutable, easy to imitate or exist as deficit in the company.
118
6.6 Principal-Agent-Approach
Information asymmetries between partners
• Hidden characteristics
• Hidden action/information
• Hidden intention
119
! Outsourcing decision depends on problems of the principal-agent-approach, which should

be evaluated by means of its induced costs. 120
7. Supplier Management
• Phases of procurement process:
• Management of supplier-customer-relation
• Core of strategic procurement management 121
Siemens
Mission:
We realize what matters and set standards, as we do the world in which

we live, electrify, automate and digitize. The art of engineering drives us
and what we create, we create for you. Together we are successful.
122
7.1 Supplier Analysis and Assessment
• Source of information: Procurement market research, self-disclosure, auditing

• Objective: Selection of the best suppliers or control of actual performed supplier
performance (supplier controlling)
• Purchase situation
Known Supplier New Supplier
Known
Procurement Rebuy Supplier Change
Object
New
Product Line
Procurement Product Launch
Changes
Object
123
• Selection und Weighting of the following 9 Evaluation Criteria

Quantity Performance Service Performance
• Minimum Delivery Quantity • Object Garanty
• Volume Flexibility • Goodwill Policy
• High Order Quantities • Replacement Security
• Volume Constancy • Customer Service
Quality Performance Information Service and

• Product Quality Communication Performance
• Experience of Supplier
• Qualification Level of Staff • Willingness to Cooperate
• Technological Level • Willingsness to Communicate
• Certification (ISO 9000:2000) • Know-How-Transfer
• Service Constancy • Application Advice
• Application Flexibility • Internet-Technologies
• Advertising Value of Supplier • www-Offer
• Quality Philosophy • Data Protection
Innovation Performance
Logistics Performance • Technological Competence
• Development Potential
• Time Performance • R&D Capacity
- Short Delivery Times
- Measures to improve Payment Performance
Throughput Times
• Offer Price
- Appointment Reliability
• Arrangement of Terms
- Flexible Appointment
• Term of Payment
Organisation
• Cost Analysis
• Location Performance • Cost Reduction Activities
- Distance to Customer
- Depository Accessability Social Performance
- Transport Accessability • Occupational Safety and Health
- Delivery Location Flexibility Protection
• Supply Performance • Child Labour and Exploitation
- Supply Reliability • Fight against Corruption
- Supply Loyalty • Work Time Regulations
- Exklusive Supply • Dedication to Social Projects
- Correctly Processed Supply Source: Lasch (2017), p. 43
- Package and Transport Environmental Performance
Protection
• Environmental Sustainability
• Recycling Readiness
124
7.1.1 Quantitative Methods
a) Price Decision Analysis

• Comparison of Prices
• Analysis of Price Structure
• Price Observation
b) Cost Decision Analysis

• Cost-Ratio-Method
• Total Cost Supplier Selection Model
c) Optimisation Methods
• Linear Optimisation
• Goal-Programming-Approaches
d) Balance Sheet Analysis
125
Cost-Ratio-Method:
Supplier A: Supplier B:
Price: 5000,00€/item Price: 5200,00€/item

Cost ratio for quality: 2% Cost ratio for quality: 1%
Transport ratio: 3% Transport ratio: 2%
Supplier A: 5000 + (0,02 + 0,03)*5000 =5250€/item
Supplier B: 5200 + (0,01 + 0,02)*5200 =5356€/item
126
7.1.2 Qualitative Methods
a) Profile Analysis
• Radar Chart:
127
•
Polarity Profile:
2
4
6
0
8
Quantity Performance
Innovation performance
Quality Performance
Logistics Performance
Service Performance
Criteria
Feature
Information Service

Payment Performance
Environmental Performance
Social Performance
Supplier 1
Supplier 2
128
2
4
6
0
8
Quantity Performance
b) Supplier-Gap-Analysis
Innovation Performance
Quality Performance
Logistics Performance
Service Performance
Feature
Criteria
Performance Gap
Information Service
Payment Performance

Environmental Performance
Social Performance
Target Performance
Actual Performance
129
c) Grading systems
Supplier Assessment
Supplier: ... always often rare
9-7 6-4 3-1
1. provides very good quality
2. adheres to delivery times
3. is doing reasonable price policy
4. respects shipping instructions
5. answers requests quickly
6. confirms orders promptly
7. answers to payment reminders
quickly
8. deals promptly with complaints
9. assists in emergencies
10. offers helpful sales calls
130
d) Point Rating System

• Scoring model Main Criteria
Supplier 1 Supplier 2
Subcriteria Weight weighted weighted

Score Score
Score Score
1. Quantity Performance 5%
1.1 Minimum Delivery Quantity 25 % 10 11
1.2 Volume Flexibility 25 % 10 11
1.3 Volume Constancy 25 % 10 11
1.4 High Quantity 25 % 14 6
Weighted Part Point Value 11 9,75
Weighted Point Value 0,550 0,4875
2. Quality 25%
2.1 Experience of Supplier 30% 12 14
2.2 Performance Constancy 30% 14 8
2.3 Product Quality 30% 13 11
2.4 Qualification Level of Staff 10% 11 15
Weighted Part Point Value 12,8 11,4

3. Logistics Performance 20%
3.1 Supply Reliabaility 15% 13 6
3.2 Supply Loyalty 15% 14 11
3.3 Delivery Location Flexibility 20% 9 9
3.4 Appointment Reliability 20% 15 11
3.5 Short Delivery Times 5% 14 11
3.6 Distance to Customer 10% 9 5
3.7 Packaging 15% 7 13

4. Payment Performance 15%
4.1 Offer Price 40% 8 11
4.2 Arrangement of Terms 30% 14 13
4.3 Cost Analysis 15% 9 5
4.4 Cost Reduction Activities 15% 10 6
131
5. Service Performance 10%

5.1 Object Garanty 30% 14 10
5.2 Replacement Security 20% 14 7
5.3 Goodwill Policy 20% 12 8
5.4 Customer Service 30% 15 8

6. Information Service 10%
6.1 Willingness to Communicate 70% 15 11
6.2 Know-How-Transfer 30% 10 11
Weighted Part Point Value 13,5 11

7. Innovation Performance 10%
7.1 Technological Competence 50% 10 13
7.2 Development Potential 25% 13 14
7.3 R&D-Capacity 25% 12 15

8. Environmental Performance 5%
8.1 Environmental Sustainability 60% 4 15
8.2 Recycling Readiness 40% 4 14
Sum 100% 11,953 10,795

132
• Maximum Score Method:
Target Criteria max Points Supplier 1 Points Supplier 2

Quantity Performance 5 5 4 3 2 1 5 4 3 2 1
Innovation Performance 20 20 16 12 8 4 20 16 12 8 4
Quality Performance 15 15 12 9 6 3 15 12 9 6 3
Logistics Performance 15 15 12 9 6 3 15 12 9 6 3
Service Performance 10 10 8 6 4 2 10 8 6 4 2
Information Service 10 10 8 6 4 2 10 8 6 4 2
Payment Performance 10 10 8 6 4 2 10 8 6 4 2
Environmental Performance 5 5 4 3 2 1 5 4 3 2 1
Social Performance 10 10 8 6 4 2 10 8 6 4 2
Sum 100 70 74
133
7.2 Supplier Controlling
• Continious monitoring of supplier performance
• Creation of an information basis for supplier selection (purchase situations: rebuy /

expansion of the product range) and control of the supplier relationship (sanctions,
awards)
• Early detection of weaknesses regarding supplier performance
134
7.3 Control of Supplier Relations
• Supplier Care:
o establishment of a fair relationship, development of trust
o to maintain or increase performance potential
• Supplier Education:
o measures to motivate supplier to a performance above average
o at low performance: reduction of supply volume, contractual sanctions
o at high performance: increase of supply volume, integration as strategic supplier
• Supplier Development
o joint optimisation of business processes
o common identification of problems, exchange of know-how
• Supplier Change
o dissatisfaction over longer period
o high switching costs
135
Measures dependent on the results of the supplier assessment and of the buyer's
procurement-minded scope for action:
Supplier Education Supplier Education

- Contractual sanctions - Letter of appreciation
High
- Reduction of delivery ratio - Increase of delivery
quantity
Supplier Change
Procurement-minded Scope for Action

- Communication with
departments in regard to a
change of supplier
Supplier Education Supplier Education

- Contractual Sanctions Awarding of Prizes
- Increase of Delivery Ratio
Supplier Development
- Development of a
- Active development of
suppliers Partnership
- Target agreement
Supplier Change
- Communication with
departments in regard to a
Low
change of supplier
Poor Very good

Assessment Results
Measures to Control Supplier Relation

136
8. Sourcing-Strategies
Sourcing-Strategies (Lasch 2017, p. 3)

137
8.1 Number of Suppliers
• Sole: limitation to monopolistic suppliers
• Single: source material / material type exclusively from one supplier

- Characteristics: intense relationship structure between partners, mutual
dependencies with mutual advantages, coordinated organizations, coordinated
material flow and data infrastructure, joint investments and employee teams
- Advantages: reduction of procurement costs (for example price advantages based
on greater purchase quantity, decrease of transport costs and costs of quality
control as well as lower administrative effort), simple controllability of material
flows, guarantee of consistent quality, increase of transparency of procurement
processes
- Disadvantages: risk of strike, elimination of competition between suppliers, possible
neglect of the technological development at the supplier, high switching costs
138
• Parallel: source material / material type production-site or model-related in each case

from only one supplier
- Advantages: dependency of single supplier is reduced
- Disadvantages: due to the production-site or production-model-specific division,
quantity-related scale effects can only be implemented to a limited extent in
comparison to single sourcing
• Double: two suppliers; division in fixed and variable order quantities
139
• Dual: two suppliers; division of the total order quantity into three parts
- Disadvantages: partly dependency of both suppliers, reduced flexibility, know-how

transfer towards supplier
• Multiple: sourcing from several suppliers
- Advantages: greater independency of suppliers, higher security of supply, more

intense competition, greater flexibility in regard to the procurement quantity
- Disadvantages: higher administrative costs for the control and care of suppliers, high
delivery costs, smaller quantity discounts due to the lack of bundling
140
8.2 Procurement Object
• Unit: simple procurement objects
- Advantages: substitutability of individual suppliers relative independency towards

suppliers, avoidance of know-how transfer towards supplier, minimization of
coordination and integration costs, simplification of performance comparison, increase
of market transparency
- Disadvantages: high coordination effort due to the high amount of suppliers, high
amount of ordering processes and related high procurement costs, high assembly
complexity in the own company
141
• Modular: sourcing of modules
- Advantages: cost reduction through specialization effects of suppliers, reduction of

internal complexity through reduction of number of parts and standardization of final
product variants, decrease of administration and coordination costs, standardization of
procurement processes
- Disadvantages: increasing dependency of suppliers, difficult switch of suppliers, risk of

loss of core competences, loss of production know-how
142
Figure 2: Modular Sourcing
• System: procurement of several modules (= systems)
143
8.3 Procurement Time

• Stock: stock procurement, in case of strongly changing demand; consignment stock, VMI
- Advantages: high supply reliability, lower production costs through optimal production
batches, utilization of advantageous conditions (e.g. prices and rates), procurement of
greater quantities
- Disadvantages: high costs through capital lockup cost, storage costs, greater demand
of area and space as well as staff
• Demand Tailored: occasional procurement, for poorly predictable demand

- Advantage: avoidance of costs of capital lockup and storage
- Disadvantages: delayed or non-delivery, qualitative insufficient deliveries, greater
procurement costs through bad conditions
• JiT, JiS: production-synchronous procurement;

- Advantages: reduction of costs of inventory, storage and transhipment as well as lead
times
- Disadvantages: high dependency of suppliers, increasing transport costs through an
increase of number of deliveries, increased ecological impact resulting from more truck
transportations, danger of production interruption
144
8.4 Procurement Subject
• Individual: independent from other units
• Cooperative: loose co-operations or procurement company

- Advantages: cost advantages through greater purchase quantities, time advantages
through standardization
8.5 Technology
• Manual: no procurement technology
• Electronic: web-based market and exchange systems, electronic procurement
145
8.6 Procurement Area
• Local/Regional: sourcing from local or regional located suppliers; supplier parks

- Advantages: high supply reliability through small distance to supplier, low transport
costs, same legal system, same language and currency, reduction of inventory and
capital lockup costs using JiT/JiS
- Disadvantages: lack of reference to international market prices and higher purchase
prices, less intense competition
• (Inter-)National: limitation on homogeneous market

- Advantages: elimination of customs clearance, shorter transport times, consistent
legal framework
146
• Global: consideration of worldwide procurement markets

- Advantages: reduction of procurement costs through the utilization of global purchase
price differences, sourcing of goods which are not existing in the own country, increase
of market transparency and technological supply, decrease of dependency of national
supplier, fulfilment of local-content-requirements
- Disadvantages: transport risks, customs problems, high bureaucratic barriers,

exchange rate fluctuations, different understanding of quality, different legal system,
political and economic instabilities
147
8.7 Service Provision
• Internal: transfer of the value added by the supplier to the proximity of the customer
• External: place of production and demand not identical
8.8 Level of Centralisation
• Central: centralisation of strategic and operative procurement tasks

- Advantages: explicit responsibilities, consistent and standardized procurement
processes, cross-functional bundling effects across different sites through greater
procurement quantities, less employee resources, compensation of procurement
fluctuations in the individual departments
- Disadvantages: distance between buyer and user which leads to slowed down
decisions, conflict of interests between central procurement and decentral units
148
• Decentral: decentralization of procurement decisions
- Advantages: direct communication between buyer and user, more effective solution of
problems through a better use of decentral know-how, faster decisions, more flexible
reaction to changing conditions
- Disadvantages: unclear responsibilities which lead to the danger of uncoordinated

procurement with an increase of number of suppliers, loss of economies of scale,
increase of transaction costs
• Hybrid: combines advantages of central and decentral procurement decisions
149
Examples:
Demand with high value and high complexity (Lasch 2017, p. 14)
Demand with low value and low complexity (Lasch 2017, p. 14)
150
Exercises
151
Exercise 1: Group Work

Your tasks:
1. Allocate the different risks to types / groups and explain the reason.
2. Identify which measures could be taken.
3. Select the biggest risk and explain why.
Time frame 45 minutes,

Short Presentation; joint discussion of results.
152
Risk Type Measure(s) Sym Asym Period Project

1 Estimation
mistake
2 Product Liability
3 Reputation
develops
strongly negative
4 Core
competences
endangered
5 New strong
competitor
6 Production site
burns down
7 Authorities
unclear (who is
entitled to
decide)
8 High increase in
energy cost
9 Board members
travel in the
same plane
10 Bankruptcy of an
important
supplier
153
Risk Type Measure(s) Sym Asym Period

1 Estimation mistake
2 Product Liability
Case
3 Reputation
develops strongly
negative
4 Core competences
endangered
5 New strong
competitor
6 Production site
burns down
7 Authorities unclear
(who is entitled to
decide)
8 High increase in
energy cost
9 Board members
travel in the same
plane
10 Bankruptcy of an
important supplier
154
Risk Type Measure(s) Sym Asym Period

11 High penalties
12 Key personnel no
longer available
13 Currency changes
14 Credit line not

sufficient (own)
15 Patent
infringements
16 Significant changes
in demand
17 Demographic
Development
18 Client does not pay
19 Earth quake at Site
20 Share value drops

significantly
155
Exercise 2: "Risk Management in Industrial Production"
Learning objectives:
•Understanding the need for risk management in companies

•Consideration of business activity under risk aspects
•Consideration of goals, tasks and phases of risk management
•Risk analysis in the supply chain - starting points and methods
•Risk analysis in the supply chain - risks and measures
Notes for processing the tasks
The individual subtasks mainly build on one another. They are therefore to be
worked out successively in groups of 3 to 4 students. The presentation of the
suggested solutions takes place at the end of the exercise.
Missing or incomplete information must be completed by own reasonable

assumptions.
156
Introduction
Since the foundation of the company, Auto AG has been producing all car series for
the European distribution locations in Germany. For this purpose, the company is
sometimes supplied by German suppliers with individual parts, which are assembled
in self-installation to modules. However, most of the primary products are delivered
in modules just in time from suppliers who have settled in the vicinity of Auto AG.
The selection and evaluation of the suppliers took place once prior to the contract
negotiations. Particular attention was paid to the innovative ability of suppliers.
Since no significant problems have arisen in connection with the suppliers since that
time, the supplier management is operated rather sporadically.
The supplier selection was based on the procurement strategy Dual Sourcing. Only
drive shafts are supplied solely by Wellen GmbH.
The analysis of the sales figures of recent years showed an increasing demand for
low-price models. In order to make the production more cost-effective and to pass
on cost savings to the customers, the management is thinking about a reduction of
the product range.
157
Tasks
1.Identification of risks
The basis for comprehensive risk management is the complete identification of

current and potential risks. Methods for identifying risks can be divided, inter
alia, into
•Search methods and

•Collection methods.
1.1 What are the differences between these 2 groups? Does therefore result
difficulties in the applicability of the methods?
1.2 Name and explain 2 representatives of each group!
158
2. Classification of the risks of Auto AG

2.1 First, identify current and potential risks that Auto AG is facing! Keep external as well as in-
house influencing factors in mind! Classify them according to the
following approaches:
• Classification regarding the occurrence in the simplified supply chain
Procurement ! Production ! Distribution [cf. Fig. 1]
(Identify risks typically associated with procurement, production, or distribution.)
• Classification according to the influence on risks by Auto AG
• Classification according to the probability of occurrence
Figure 1: Simplified
representation of a supply
chain
2.2 Briefly evaluate the mentioned classification approaches!

2.3 What further possibilities do you see for classifying uncertainties? What are the
advantages and disadvantages of these possibilities? 159
3. Analysis and assessment of risks and their causes

As part of the risk analysis, the effects of various risk causes are predicted
by estimating the probability of occurrence and the amount and duration of
the damage.
3.1 Assume that the supplier Wellen GmbH of the Auto AG has a delivery
disturbance. What are potential negative effects of a delivery
failure?
From the results of this analysis, the risks can be assessed according to
their importance for the company.
3.2 Enter the identified risks from task 2.1 into a risk map. Which
recommendations for action can you derive from the position of the
risks in the portfolio? How do you assess the overall risk situation of
Auto AG?
160
4. Management of risks
Once the risks have been reported to the responsible decision-makers, they
must develop and implement appropriate risk management and control
strategies and measures.
4.1 Design a strategy for Auto AG to manage the risks! For this purpose,
create a catalog of measures in which for the individual risks
measures are put together with which these risks can be
• reduced,
cause-related measures
• avoided,
• diversified or
• transferred. effect-related measures
4.2 Briefly assess the presented measures! Consider also the impact of
the decisions on other business units!
161
Exercise 3
A company has some problems with one of it's suppliers. Hence, the company would like to
change the supplier and select a new supplier. As a first step the company would like to do
an extensive supplier evaluation.
The procurement department has already submit some criteria, which should be used for
the supplier rating and the supplier selection.
criteria: image (2%) misships (10%)

delivery time (10%) flexibility (6%)
quality (40%) price (20%)
adherence to deliver dates (6%) service (6%)
After a first selection only the following three suppliers A, B and C should be assessed. The
table contains the relevant company data.
162
criteria supplier A supplier B supplier C

image high moderate moderate
delivery time 4 weeks 5 weeks 1 week
on time deliveries1 92 % 95 % 86 %
- max. 1 weeks later 95 % 99 % 92 %
- max. 2 weeks later 99 % 100 % 97 %
- max. 3 weeks later 100 % 100 % 100 %
misships 2% 2% 3%
scrap factor 3% 1% 5%
durability of the materials good good moderate
price moderate low moderate
prompt execution of
good moderate very good
correspondence
very good
special request good possibility very bad possibility
possibility
collaboration at problem-
moderate good moderate
solving
consulting good good good
after-sales service very good good good
1
on time deliveries: number of deliveries, which the company gets within the planed delivery
time (in percent) 163
a) Please discuss the submitted criteria catalogue.

b) Please determine meaningful weights for the criteria.
c) Please select the best supplier using the scoring-model.
d) Please draw a radar chart reflecting the vendors performance.
164

Strategic Supply Chain Management-2022

Uploaded by

Copyright:

Available Formats

Strategic Supply Chain Management-2022

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Strategic Supply Chain Management-2022

Uploaded by

Copyright:

Available Formats

Prof. Dr.

Strategic Supply Chain

1 Risk and Risk Management

2 Supply Chain Disruption Risks

3 Supply Chain Risk Management Process

5 Procurement 8.5 Technology

0. Supply Chain Risk Management

A supply chain is a system of organizations, people, activities, information, and resources

Reasons for supply networks:

Supply and Demand Network

1. Risk and Risk Management

• Cause-related definition: incomplete information of a decision maker about future

• Effect-related definition: danger of an adverse event

• Extended risk definition: risk according to damage and missed opportunities

• Risk = probability of occurrence of a negative event * amount of damage

Criterion Risk Category Explanation

• Cross-company perspective ! extended framework

Supply Chain Risks

Supply Chain Risks

Delivery bottlenecks, capacity fluctuations on

Process and control risks Disruptions within production processes,

Demand risks Loss of sales volumes

Lack of availability of transportation or

Environmental risks Natural disaster, terroristic attacks, socio-

The biggest risk to the supply chain in the next 5 years in %

Management of SC risks dependent on the level of cooperation:

Information asymme- High Medium Low

2. Supply Chain Disruption Risks

Reasons for vulnerability to various risks:

Natural desaster total costs (´000 $)

Consequences of supply chain disruption in %

SC resilience to manage SC disruptions:

• Resistance capacity: ability of a system to minimize the impact of a disruption by evading

• Recovery capacity: ability of a system to return to functionality once a disruption has

Strategies for improving resilience:

• Early demand planning ! higher availability of materials

b. Redundancy: Additional resources ! higher flexibility

Top 10 SC Resilience Index

3. Supply Chain Risk Management Process

Supply Chain Risk Management Process

Organization of Risk management:

• Centralized: risk management in line with company strategy; staff organization

• Decentralized: risk management organized in departments; early consideration of

• Hybrid: centralized alignment of risk management; decentralized implementation in

3.1 Risk Strategy

• Consideration of individual business environment for every partner

o Risk-neutral: acceptance of a nominal deviation of network performance targets;

o Risk-friendly: acceptance of a higher deviation of network performance targets

• Visualization of supply chain to identify critical partners

• Specification of departments and persons responsible for identification, assessment,

o Structure and procedures of risk management

3.2 Risk Identification

• Only identified risks can be managed

• Complete identification of all supply chain risks not possible

• Collection methods: identification of existing risks; reactive risk management

• Search methods: identification of unknown risks; proactive risk management

Search Methods Tools with

Checklist Questionnaire Stress Test

Product Brain- Input Output

Qualitative and Process flow

• Calculate the risk priority number (RPN = SOD)