Supply Chain Risk 2009

Supply Chain Risk The dark side of supply chain mangement Guest lecture, LOG 711, 18.11.2009 Jan Husdal

Jan Husdal Has been a researcher with the transport economics research group at Møreforsking Molde since 2005. Has been working with issues related to risk assessment , community planning and crisis management since 1989, working for several regional government agencies. Holds an MSc in GIS from the University of Leicester, UK, focusing on least cost paths and network analysis. Current research is centered on supply chain risk management transport network reliability and vulnerability cost-benefit analysis of infrastructure projects

Outline What is (supply chain) risk ? What are typical supply chain risks ? How to manage supply chain risks? Source: www.cargolaw.com The lecture is meant to highlight some of the current literature on supply chain risk and to suggest further reading materials. You will not know everything there is to know about supply chain risk after the lecture, but you will know where to find it.

Supply chain risk? Loss of goods Insurance? Loss of vehicle Replacement? Delayed delivery Brand reputation? Injured personell Hiring and training? Weather conditions Detour?

Supply Chain Trends > Consequences The trend towards just-in-time and lean practices >>> efficiency rather than effectiveness . The trend towards reducing costs >>> globalization of supply chains, more complex and vulnerable . The trend towards economies of scale >>> centralized distribution and manufacturing >>> lower costs but at the same time less flexibility . The trend towards outsourcing non-core business activities >>> loss of control of the supply chain when it is most needed . The trend towards consolidation of suppliers (intentional and incidental mergers and acquisitions) >>> increased potential for supply failure . Christopher, M. (2005) Managing risk in the supply chain . In: Christopher, M. (Ed.) Logistics and Supply Chain Management. 3rd ed., Prentice Hall, pp. 231-258.

Supply Chain Risk - Piracy http://www.icc-ccs.org/

Supply Chain Risk – an example http://news.bbc.co.uk/2/hi/africa/7692408.stm

Why is supply chain risk important? Even a relatively small supply chain disruption caused by a localized event may have consequences across the global economic system . Globalization, offshoring and outsourcing leads to >> “no” control over causes to events in the supply chain. >> “only” control over consequences of events in the supply chain. World Economic Forum (2008) Hyper-optimization and supply chain vulnerability: an invisible global risk? In: Global Risks 2008 – A Global Risk Network Report, REF: 090108, World Economic Forum, Switzerland. http://www.weforum.org/pdf/globalrisk/report2008.pdf

Local event – Global consequences (1) www.autonews.com

An ill-handled supply chain disruption >>> business dis-continuity A well-handled supply chain disruption >>> business continuity Norrman and Janson (2004) Ericsson’s proactive supply chain risk management after a serious sub-supplier accident . International Journal of Physical Distribution and Logistics Management, Vol 34, No 5, pp. 434-456 Local event – Global consequences (2)

The Ericsson/Nokia fire Mukherjee, A. (2009). The Fire That Changed an Industry. In The Spider's Strategy: Creating Networks to Avert Crisis, Create Change, and Really Get Ahead (pp. 3-15). Upper Sadle River: FT Press. Eglin, R. (2003). Can suppliers bring down you firm ? Times Online, November 23, 2003. http://www.ftpress.com/articles/article.aspx?p=1244469 http://business.timesonline.co.uk/tol/business/career_and_jobs/senior_executive/article1022636.ece

Why Supply Chain Risk? Supply chain risk research has grown in importance in the last 10 years and has resulted in many frameworks and concepts of risk categories and risk mitigation measures, but there is yet to be a consensus on which framework that best captures different types of supply chain risks. Oke, A., & Gopalakrishnan, M. (2009). Managing disruptions in supply chains: A case study of a retail supply chain . International Journal of Production Economics, 118 (1), 168-174 .

The risk concept Risk is an ambiguous concept . There are many definitions of risk, depending on their specific application and on their situational context . Risk denotes the precise probability of specific eventualities . Technically, risk has no value, so these eventualities can be beneficial or adverse (i.e. financial risk). RISK = f (Probability,Consequences)

What is risk (1)? Risk : - exposure to the chance of injury or loss - hazard or dangerous chance - chance of loss - degree of probability of such a loss Aven, T. (2002) Foundations of Risk Analysis : A Knowledge and Decision-Oriented Perspective, John Wiley & Sons.

What is risk (2)? One commonly used risk definitions is the one found in Kaplan and Garrick (1981, 1997), later in Paulsson (2007). This definition splits the concept of risk into three different elements , together called a triplet . Each triplet identifies a risk scenario , involving a source , a likelihood and an impact . What can happen and what is the cause? How likely is it that it will happen? If it does happen , what are the consequences? Kaplan, S., Garrick, B.J. (1981). On the quantitative definition of risk . Risk Analysis, 1 (1), 11-27. Kaplan, S. (1997). The words of risk analysis . Risk Analysis, 17 (4), 407-417. Paulsson, U. (2007). On Managing Disruption Risks in the Supply Chain – the DRISC Model . Unpublished PhD, Lund University, Lund.

Risk analysis A commonly used method for risk analysis is by plotting unforeseen or unwanted events in a risk matrix . This can be done qualitatively , where probabilities and impacts are subjective values (e.g. low/high and minor/major),or quantitatively , where probablities and impacts are objective values (e.g. frequency and cost in $$$). Norman, A. and Lindroth, R. (2004) Categorization of Supply Chain Risk and Risk Management . In: Brindley, C. (Ed.) Supply Chain Risk. Ashgate, pp. 14-27.

Risk categorization schemes Risk categorization varies in the literature, but broadly falls into three categories: High-impact Low-likelihood - Low-impact High-likelihood e.g. Knemeyer, A., Zinn, W., & Eroglu, C. (2009). Proactive planning for catastrophic events in supply chains . Journal of Operations Management, 27 (2), 141-153 Supply – Demand – Operational – External(Environmental) e.g. Christopher, M. (2005). Managing risk in the supply chain . In Logistics and Supply Chain Management (3rd ed., pp. 231-258). Harlow: Prentice Hall. Organization – Network – Environment e.g. Jüttner, U., Peck, H., & Christopher, M. (2003). Supply chain risk management: outlining an agenda for future research . International Journal of Logistics, 6 (4), 197-210

High-Impact Low Likelihood HI-LL-events are rare, sudden and often totally unpredicted and unprecedented, and are also called “ Black Swan ” Events. Difficult to predict (proactive) but possible to prepare for (reactive)? A common problem with quantified risk management: We overestimate our abilities and underestimate what can go wrong. Taleb, N M, Goldstein D G & Spitznagel, M W (2009) The Six Mistakes Executives Make in Risk Management. Harvard Business Review 87(10), 78-81 Cohen, Morris A, & Kunreuther, Howard (2007). Operations Risk Management: Overview of Paul Kleindorfer’s Contributions Production and Operations Management, 16(5), 525-541

Supply-Demand-Operational-External Internal to the focal firm External to the focal firm Internal to the supply chain External to the supply chain Peck, H. (2003) Supply Chain Resilience . UK Department of Transport/ Cranfield University, Cranfield, UK. Risks can be seen as internal or external to the focal firm , and be seen as internal or external to the supply chain : Process risk Control risk Supply risk Demand risk Environment al risk

Organization-Network-Environment Sources of risk can be broadly categorized along three different levels: Organization al risk Network risk Environment al risk Jütner, U., Peck, H. and Christopher, M. (2003) Supply Chain Risk Management: Outlining an Agenda for Future Research . International Journal of Logistics: Research and Applications, Vol. 6 , No. 4, pp. 197-210.

Extending Organization-Network-Environment Supply chain risk can be regarded as a multi-dimensional construct, working on many levels . All organizations depend upon others to enable the delivery of their products and services to customers and clients. Supply chains serve a purpose that extends far beyond the functional concerns and stated aims of SCM. SC R M must, too. Peck, H. (2005). Drivers of supply chain vulnerability : an integrated framework. International Journal of Physical Distribution & Logistics Management, 35(3/4), 210-229. Peck, H. (2006). Reconciling supply chain vulnerability, risk and supply chain management . International Journal of Logistics: Research and Applications, 9(2), 127-142.

Supply Chain Risk Jütner, U., Peck, H. and Christopher, M. (2003) Supply Chain Risk Management: Outlining an Agenda for Future Research . International Journal of Logistics: Research and Applications, Vol. 6 , No. 4, pp. 197-210. Supply Chain Risk can be viewed as a 4-fold construct: Risk sources . Consequences (impacts) of the risk sources. Risk drivers that turn risks into consequences. Strategies to address the risks.

Proactive versus Reactive Asbjørnslett, B E and Rausand, M (1997) Assess the vulnerability of your production system . Report NTNU 97018. Norwegian University of Science and Technology NTNU, Department of Production and Quality Engineering, Trondheim, Norway. Tomlin, B. (2006) On the Value of Mitigation and Contingency Strategies for Managing Supply Chain Disruption Risks . Management Science, Vol. 52, No. 5, pp. 639-657 Ritchie, B. and Brindley, C. (2004) Risk Characteristics of the Supply Chain – A Contingency Framework . In: Supply Chain Risk. Ed. Brindley, C. , Ashgate Publishing, pp. 28-42,197-202 Mitigative actions address risk sources. Contingent actions address risk consequences.

Types of supply chain risk 1/3 Organizational Risks Procedure Risks - lack of formal procedures, lack of quality control system Decision Risks - bureaucracy (red tape), lack of authority, lack of decision support Communication Risks - cultural differences, language barriers, misunderstanding Knowledge Risks - lack of formal education, lack of training, unskilled labor Manuj, I. and Mentzer, J. T. (2008) Global Supply Chain Risk Management . Journal of Business Logistics, Vol. 29 , No. 1, pp. 133-155

Types of supply chain risk 2/3 Network (Supply Chain) Risks Supply Risks - disruption of supply, inventory and schedules, incoming delays Operation al Risks (organization risk?) - failure or breakdown of operations, changes in technology Demand Risks - variations in demand, changes in customers’ likes and dislikes Security Risks - theft, counterfeiting, terrorism, piracy, infrastructure breakdown Manuj, I. and Mentzer, J. T. (2008) Global Supply Chain Risk Management . Journal of Business Logistics, Vol. 29 , No. 1, pp. 133-155

Environment Risks Macro Risks - economic shifts, recession, labour costs, exchange rates, customs Policy Risks - actions and sanctions of governments, shifts in legislation Competition Risks - uncertainty about competitors’ moves and actions Resource Risks (organization risk?) - lack of human resources, capital or technology Types of supply chain risk 3/3 Manuj, I. and Mentzer, J. T. (2008) Global Supply Chain Risk Management . Journal of Business Logistics, Vol. 29 , No. 1, pp. 133-155

Supply Chain Risk Management Supply chain risk management can be described as the intersection of supply chain management and risk management. 1 It has a collaborative and structured approach, and is included in the planning and control processes of the supply chain, to handle risks which might affect the achievement of the supply chain goals . 2 1 Paulsson, U. (2004) Supply Chain Risk Management . In : Brindley, C. (ed): Supply Chain Risk. Ashgate Publishing Limited, pp.79-99. 2 Kajüter, P. (2003) Risk Management in Supply Chains . In: Seuring, S Müller, M., Goldbach, M., Schneidewind, U. (eds.) Strategy and Organization in Supply Chains, Physica, Heidelberg, pp. 321-336.

Risk Management Strategies (1) Avoid Transfer Reduce Retain Exploit DeLoach, J (2000) Enterprise-Wide Risk Management: Strategies for Linking Risk & Opportunity. Financial Times Management/ Prentice Hall. The classic Four (Five) Exploit

Risk Management Strategies (2) Avoid Proactive action that eliminates the possibility of an event. Transfer Proactive action (often financial or legal) that shifts risks to a third party. Mitigate Proactive action that reduces the (financial) impact if an event occurs. Minimize Proactive action that reduces the probability of an event occurring. Respond Predetermined actions taken after an event occurs in order to reduce the impact. Monitor Continuous scanning of the environment triggering alternative actions or the implementation of certain measures if predefined thresholds are exceeded. Accept Decision to bear risk exposure without taking any additional actions. Khemani, K. (2007) Bringing Rigor to Risk Management. Supply Chain Management Review 11(2), 67-68.

Robust supply chain strategies Tang, C. (2006) Robust strategies for mitigating supply chain disruptions . International Journal of Logistics: Research and Applications, 9 (1), 33-45 Postponement Strategic stock Flexible supply base Make and buy Economic supply incentives Flexible transportation Dynamic pricing and promotion Assortment planning Silent product rollover http://www.youtube.com/watch?v=K6XxcBTanZw

Different supply chain characteristics will result in different ways a supply chain disruption is handled. A resilient supply chain is impacted, but it is able to come back to a stable state, although not necessarily to where it was before the disruption. In business setting the ability to survive (resilience) is more important than regaining stability (robustness). The difference between Robustness , Flexibility , Agility and Resilience (1) Frequently used terms (1) Figure in: Husdal, J. (2010) A Conceptual Framework for Risk and Vulnerability in Virtual Enterprise Networks . In: S. Ponis (Ed.) Managing Risk in Virtual Enterprise Networks. Hershey: IGI. In Press.

Flexibility is scheduled or planned adaption to unforeseen yet expected external circumstances. Goranson (2002) Agility is unplanned and unscheduled adaption to unforeseen and unexpected external circumstances. Goranson (2002) Robustness is the ability to endure changes in the environment without adapting . Asbjørnslett (2008) Resilience is the ability to survive despite withstanding a severe and enduring impact . Asbjørnslett (2008) The difference between Robustness , Flexibility , Agility and Resilience (2) Frequently used terms (2) Goranson, T. (1999). The Agile Virtual Enterprise . Westport, CT: Quorum Books. Asbjørnslett, B. (2008). Assessing the Vulnerability of Supply Chains . In G. A. Zsidisin & B. Ritchie (Eds.), Supply Chain Risk: A Handbook of Assessment, Management and Performance . New York: Springer.

High Impact events – ”Wildcards” Changes can come quickly There are many wildcards in any business The only possible strategy is to be prepared to change strategy when changes occur. http://www.youtube.com/watch?v=Zqo4MidIK28

Quantitative and Qualitative Risk The probability of catastrophic (HILL) events is inherently uncertain (risk assessment). When uncertainty is high, managers tend to underestimate the importance of an issue (risk perception). Managers often overemphasize the low probability and umderemphasize the probable consequences (loss aversion strategy). A catastrophic riskmanagement strategy is needed. Knemeyer, A., Zinn, W., & Eroglu, C. (2009). Proactive planning for catastrophic events in supply chains . Journal of Operations Management, 27 (2), 141-153

Proactive planning for catastrophic events Identify Key Supply Chain Locations and threats Estimate Probabilities and Potential Loss for each Key Supply Chain Location Evaluate alternative Countermeasures for each Key Supply Chain Location Select Countermeasures for each Key Supply Chain Location The Potential Loss: PL k =P k * L k where Pk is the probability estimate of a catastrophic event impacting key location k, and Lk is the estimated loss that is incurred if an catastrophic event occurs at key location k. Knemeyer, A., Zinn, W., & Eroglu, C. (2009). Proactive planning for catastrophic events in supply chains . Journal of Operations Management, 27 (2), 141-153

Loss estimation The ‘loss’ is much more than the physical assets: It is a cross-functional analysis of the catastrophic risk environment faced by each key location in the supply chain. Human resources : death, injury, illness, kidnapping, etc. Inventory : theft, damage, contamination, stockouts, etc. Physical assets : plants, warehouses, equipment, vehicles, etc. Public infrastructure : utilities, ports, roads, railways, etc. Information : loss of data, access, processing capabilities, etc. Financial : lost sales, theft, counterfeiting, stock prices, etc. Knemeyer, A., Zinn, W., & Eroglu, C. (2009). Proactive planning for catastrophic events in supply chains . Journal of Operations Management, 27 (2), 141-153

Loss Mitigation vs. Risk Mitigation Note the difference: Loss mitigation vs. Risk mitgation Knemeyer, A., Zinn, W., & Eroglu, C. (2009). Proactive planning for catastrophic events in supply chains . Journal of Operations Management, 27 (2), 141-153

The cost-benefit of risk mitigation Should every risk be mitigated? In some cases, the costs of mitigation will be greater than the cost of the catastrophic event. A = the cost (loss) of a supply chain disruption without mitigation. C = the cost (loss) of a supply chain disruption without mitigation. B = the cost of mitigation when the cost of disruption is almost zero Neither B nor C are optimal, although C is better than B. The optimum is reached where the cost of disruption intersects with the cost of mitigation. Figure in: Husdal, J. (2005) The vulnerability of road networks in a cost-benefit perspective . Paper presented at TRB2005, the Transportation Research Board Annual Meeting 2005, Washington DC, USA, 9-13 January 2005.

Supply Chain Disruptions (1) Sheffi, Y. (2005) The Resilient Enterprise - Overcoming Vulnerability for Competitive Advantage , Cambridge: MIT Press Warning? What happens to supply chain performance during an unforeseen event?

Supply Chain Disruptions (2) Resilient organisations Resilient supply chains Mc Manus, S. et al (2007) Resilience Management – A Framework for Assessing and Improving the Resilience of Organisations . Research Report 2007/01, Resilient Organisations, New Zealand. www.resorgs.org.nz Resilient organizations

Supply Chain Design A supply chain is more likely to be severely impacted if there is supply chain density supply chain complexity node criticality Supply Chain Mitigation Capability A supply chain is less likely to be severely impacted if there is adaptive capacity (recovery capability) information sharing/ visibility (warning capability) Supply Chain Design vis-a-vis supply chain disruptions Craighead, C. W., Blackhurst, J., Rungtusanatham, M. J. & Handfield, R. B. (2007) The Severity of Supply Chain Disruptions: Design Characteristics and Mitigation Capabilities . Decision Sciences, Vol. 38, No. 1, pp. 131-156. Factors (risk drivers) that can aggravate or lessen supply chain disruptions:

Supply Chain Vulnerability 1/2 Which parts of the supply chain are most important? (”Criticality”) What can we do if something happens? (”Preparedness”) Not being prepared is the biggest risk (”Passive Acceptance”). Mc Manus, S. et al (2007) Resilience Management – A Framework for Assessing and Improving the Resilience of Organisations . Research Report 2007/01, Resilient Organisations, New Zealand. www.resorgs.org.nz

Supply Chain Vulnerability 2/2 Six steps for mapping the risk profile and developing strategies: Prioritize earnings drivers Identify critical infrastructure that affect the earnings drivers Locate vulnerabilities in the critical infrastructure Model scenarios for the vulnerabilities Develop responses to the scenarios Monitor, detect and respond to potential disruptions as soon as possible Preparing for Evil , Harvard Business Review, April 2003, pp. 109-115 Christopher, M. (2005) Managing risk in the supply chain . In: Christopher, M. (Ed.) Logistics and Supply Chain Management. 3rd ed., Prentice Hall, pp. 231-258.

Manage supply chain risk 1/2 Understand the supply chain view it from end to end, from supplier to end customer. Improve the supply chain can you simplify and reduce complexity and variability? Identify critical paths what are the bottlenecks and key nodes/links? Manage the critical paths make contingency plans. Christopher, M. (2005) Managing risk in the supply chain . In: Christopher, M. (Ed.) Logistics and Supply Chain Management. 3rd ed., Prentice Hall, pp. 231-258.

Manage supply chain risk 2/2 Allow network visibility don't be afraid to share information. Establish a supply chain continuity team make it cross-functional Work with suppliers and customers are your suppliers and customers aware of their own vulnerabilities? are your suppliers and customers aware of your own vulnerabilities? Christopher, M. (2005) Managing risk in the supply chain . In: Christopher, M. (Ed.) Logistics and Supply Chain Management. 3rd ed., Prentice Hall, pp. 231-258.

Summary Supply Chains are exposed to a variety of risks that are unique to each supply chain. These risks are related to actions and events that are inside and outside of the supply chain. Supply Chain Risk Analysis seeks to identify these risks, their sources and driver s, and their impact on the supply chain. Supply Chain Risk Management seeks to establish mitigative and contingent strategies for how to deal with the identified risks and their potential impact on the supply chain.

Supply Chain Risk 2009

More Related Content

Supply Chain Risk 2009