Download to read offline
Risk Mgt in Today's World
- 1. Risky Business Using RiskManagement in Today’s Uncertain World What Skydiving Taught me about Risk Copyright 2014 by Babineaux Educational Services and Training, Inc.
- 2. Who am I? MikeBabineaux, CPSM, C.P.M., A.P.P. Experience 40 years Supply Management Experience 30 year FedEx Veteran 20 year Skydiving Career 2000+ jumps & 24 hrs freefall time SCM Educator and Trainer Babineaux Education, Services and Training, Inc. www.BESTraining.com 901.413.8893
- 3. Risky Business Using RiskManagement in Today’s Uncertain World What Skydiving Taught me about Risk Copyright 2014 by Babineaux Educational Services and Training, Inc.
- 4. "Unfortunately, the skyis a demanding mistress, and totally unforgiving of any lapse in vigilance, attention, concentration, or focus." Pat Works (fellow skydiver & good friend) Risky Business (What Skydiving Taught me about Risk)
- 5. Risky Business (Using RiskManagement in Today’s Uncertain World) How many of your companies have a formal Supply Risk Management Policy and Procedure? Earlier than Friday, March 11, 2011?
- 6. Risky Business (Using RiskManagement in Today’s Uncertain World) Earlier than Friday, 11 March 2011? Fukushima Daiichi nuclear disaster
- 7. Upside to FukushimaDaiichi Nuclear Disaster By Patrick Burnson, Executive Editor November 24, 2011 - SCMR Editorial • A “White-Hot” Topic • Companies more aware • The need is significant
- 8. Objective Understand a riskmanagement profile and strategy
- 9. Agenda & Direction Definitions Supply Chain Risk Risk Analysis Risk Management
- 10. Agenda & Direction Definitions Risk Stakeholders Assessment Mitigation Monitoring Tolerance
- 11. 1. exposure tothe chance of injury or loss 2. the amount that the insurance company may lose Definition - Risk
- 12. Definition - Stakeholder InSkydiving the stakeholders are the airport operators, the aircraft owners and operators, the equipment operators and ultimately – the skydiver themselves. In general they’re any person (s) with a vested interest in something; those who will be affected by and/ or can influence a decision-making process. Applied to an organization's supply management structure, this definition would include all persons and organizations that have something that would be at risk in the event of a supply disruption.
- 13. The ISM Glossary- “Identifying and quantifying the risk of a supply disruption using a framework that describes: • the attributes of suppliers, • their relationships and interactions with the assessment organization” A formal policy and Procedure that’s SOP Definition - Risk Assessment
- 14. Risk mitigation entailsspecific steps undertaken by supply management professionals to reduce the impact of factors that might lead to injury, loss, damage or failure and thus reduce the liability of the organization in its relations with various stakeholder groups, including employees, suppliers and customers Definition - Risk Mitigation
- 15. The identification ofwhich factors must be monitored in order for prompt detection and reaction to occur Definition - Risk Monitoring
- 16. Global Event Monitoring Becomingmore important Disasters often are only reported locally and take organizations by surprise Definition - Risk Monitoring
- 17. Japan Europe UnitedStates Global Event Monitoring Becoming more important A second-tier supplier to one of the organization's first-tier suppliers can be hit by weather, political issues, import restrictions, etc. which will impact the entire chain. Definition - Risk Monitoring 2nd Tier Supplier Prime Supplier You
- 18. Global Event Monitoring Becomingmore important Definition - Risk Monitoring “I didn't know we had a supplier there!"
- 19. Definition - RiskTolerance The risk of not having enough of the “rights” – Quantity – Time – Place and the organization's tolerance around this type of risk
- 20. Definition - RiskTolerance The risk of not having enough of the “rights” – Quantity – How few? – Time – How late? – Place – How close?
- 21. Not having theright stuff to the right place at the right time leads to . . . Lost Sales Idle Equipment Idle Labor Economic Issue
- 22. Agenda & Direction Definitions Risk Stakeholders Assessment Mitigation Monitoring Tolerance
- 23. Definitions SupplyChain Risk Risk Analysis Risk Management Agenda & Direction
- 24. Supply Chain Risk Supplier Management Supplier Management SupplyChain Stability Supply Chain Stability Recovery/ Continuance Time Recovery/ Continuance Time The way a customer manages its suppliers is a strong predictor of supply chain stability and of its ability to continue or recover in the event of a disruption.
- 25. Prime 1st Tier 2nd Tier Responsible for ensuring the performanceof their suppliers and their suppliers' suppliers Supply Chain Responsibilities and Relationships
- 26. Prime 2nd Tier+ 1st Tier Must examine their relationship to thesecond and third tier suppliers as well as the risk management capabilities of the primary contractor Supply Chain Responsibilities and Relationships
- 27. Prime 1st Tier 2nd Tier The relationship and interactions they have with theprimary supplier often determine the level of risk (or disruption potential) of a supply chain. Supply Chain Responsibilities and Relationships
- 28. Beyond Tier ConsiderationsBeyondTier Considerations A supply chain is only as strong as its weakest link The identification (and mitigation) of potential weaknesses is a critical aspect of risk management Risk management must go beyond the tier suppliers and their relationships
- 29. Beyond Tier ConsiderationsBeyondTier Considerations Third-party service providers such as transportation and warehousing organizations must not be overlooked.
- 30. Beyond Tier ConsiderationsBeyondTier Considerations Their operations may contain greater potential supply risk than the primary or secondary suppliers or contractors.
- 31. Definitions SupplyChain Risk Risk Analysis Risk Management Agenda & Direction
- 32. Agenda & Direction Definitions Supply Chain Risk Risk Analysis Category Identification Probability Estimation
- 33. Risk Analysis -Major Categories • Financial • Operational • Reputation/Brand • Legal • Environmental • Technical
- 34. Risk Analysis -Financial Risk • Bankruptcy • Mergers & Acquisitions • Currency Exchange Fluctuations • Commodity Price Volatility
- 35. Risk Analysis –Operational Risk Inadequate or failed internal processes, people and systems (e.g. fraud or theft)
- 36. Risk Analysis –Reputation/Brand The degradation of a firm’s reputation by negative interactions with the market place
- 37. Uncertainty in the applicabilityor interpretation of contracts, laws or regulations Risk Analysis – Legal Risk
- 38. Risk Analysis –Environmental Risk Losses from environmental events Liability losses from environmental impacts
- 39. Risk Analysis –Technical Risk Technology will not perform as planned Technology will become obsolete
- 40. Agenda & Direction Definitions Supply Chain Risk Risk Analysis Category Identification Probability Estimation
- 41. Risk Analysis –Probability Estimation Identification of major categories of risk and The relative probability of a disruption with associated impact of disruption.
- 42. Probability Estimation Procedure Steps 1.Define network/category of concern Estimating the probability of a supply chain disruption event is difficult and dependent upon the environment built by the suppliers and customers within a trading network.
- 43. Probability Estimation Procedure Steps 2.Examine history of disruptions Once the network is defined, the general history of disruption potential of this environment can be examined by gathering historical data or by polling experts within the network. The experts can describe the "typical" disruptions for this network and can provide some rough probabilities, e.g., once per year this happens or once every three years one of the suppliers goes out of business.
- 44. Probability Estimation Procedure Steps 3.Define typical disruptions Some typical disruptions are: • Misalignment of interests (e.g., a supplier is no longer interested in the organization's account due to market dynamics or legal issues) • Disasters (weather, war, earthquake, etc.) • Union work stoppage • Regulatory shutdown, • Transportation snafu’s
- 45. Probability Estimation Procedure Steps 4.Match specific suppliers with specific events Once the base probability estimate is complete for network disruption events, specific suppliers can be assigned the likelihood of specific events occurring with specific suppliers, using the results of a supplier-by- supplier risk assessment.
- 46.
- 47. Agenda & Direction Definitions Supply Chain Risk Risk Analysis Risk Management
- 48. Risk Management RiskPlanning Risk Assessment Risk Mitigation Risk Monitoring
- 49. Risk Management -Planning Steps 1. Confirm scope and current state 2. Conduct impact assessment 3. Define alternatives 4. Develop plans 5. Implement readiness
- 50. Risk Management -Planning 1. Confirm scope and current state •Interview stakeholders •Catalog assets & systems •Identify critical functions •Review disaster recovery plans •Identify constraints
- 51. Risk Management -Planning 2. Conduct impact assessment Identify: major threats, vulnerabilities and key risks • Financial and asset impacts? • Supply chain and stakeholder impacts? • How can the network absorb these impacts and respond to them?
- 52. Risk Management -Planning 3. Define alternatives Select risk mitigation alternatives and supply chain and network contingencies • What is the organization's risk tolerance? • What can be insured against? • What can be done to manage the rest? • Who can be called upon to step up production? • How can capacity be shifted?
- 53. Risk Management -Planning 4. Develop Plans • Select the appropriate mitigation recommendations and develop action plans to implement them. • Define business continuity supply, demand management, contingency and mitigation plans. • Tightly define business
- 54. Risk Management -Planning 5. Implement Readiness •Establish maintenance and detection processes •Validate business continuity plans •Implement threat detection measures •Execute risk mitigation and maintenance measures Plans should be continuously examined for effectiveness, including sharing plans with appropriate supply chain partners
- 55. Risk Management RiskPlanning Risk Assessment Risk Mitigation Risk Monitoring
- 56. A risk assessmentidentifies and quantifies the risk of a supply disruption Risk Profile •Single supplier, group or network •Risk Identification •Numerical score (e.g. 1 – 5) •Higher score = lower disruption potential Risk Management - Assessment
- 57. Labor Unrest RiskProfile Matrix Example Supplier B Supplier A Supplier C Risk ProfileRisk Profile MatrixMatrix
- 58. Risk Management RiskPlanning Risk Assessment Risk Mitigation Risk Monitoring
- 59. Specific steps to: •Reducethe impact of factors that might lead to injury, loss, damage or failure •Reduce the liability Risk Management - Mitigation
- 60. The Mitigation Effort Simplemonitoring and/or acceptance to Full-blown contingency plan calling for complete redundancy Risk Management - Mitigation
- 61. Risk Management RiskPlanning Risk Assessment Risk Mitigation Risk Monitoring
- 62. Risk Management -Monitoring Most important part of a Risk Management Program Timing: • Some areas should only be monitored yearly (e.g. physical locations do not change that often) • Other areas should be monitored weekly (e.g. delivery and quality performance)
- 63. Risk Management -Monitoring Another most important part of a Risk Management Program WHO monitors WHAT: Critical decisions to make BEFORE a disruption, NOT AFTER
- 64. Agenda & DirectionSummary Definitions Supply Chain Risk Risk Analysis Risk Management
- 65. Agenda & Direction Definitions Risk Stakeholders Assessment Mitigation Monitoring Tolerance
- 66. Definitions SupplyChain Risk Warehousing Transportation Agenda & Direction
- 67. Agenda & Direction Definitions Supply Chain Risk Risk Analysis Category Identification Probability Estimation
- 68. Agenda & Direction Definitions Supply Chain Risk Risk Analysis Risk Management Planning Assessment Mitigation Monitoring
- 69.
- 70. Thanks for Your Timeand Attention
- 71. Risky Business Using RiskManagement in Today’s Uncertain World What Skydiving Taught me about Risk Copyright 2014 by Babineaux Educational Services and Training, Inc.
Editor's Notes
- #6 Life cycle of purchased products and services used in the manufacture of products for sale or provision of services to customers involve risk. Managing risk throughout the product life cycle is a critical element for supply management to master. This approach is considered a "best practice:' in that while it is considered a critical supply management element, relatively few organizations have effectively mastered this approach and deployed it on a regular basis in their sourcing decisions.
- #7 Life cycle of purchased products and services used in the manufacture of products for sale or provision of services to customers involve risk. Managing risk throughout the product life cycle is a critical element for supply management to master. This approach is considered a "best practice:' in that while it is considered a critical supply management element, relatively few organizations have effectively mastered this approach and deployed it on a regular basis in their sourcing decisions.
- #8 Risk management in procurement remains “a white-hot topic,” say researchers at Accenture. In a recent “point of view” paper, analysts add that the global recession made companies significantly more aware of the need for advanced risk management practices. It is Accenture’s position that the need for a structured risk-management capability within (as well as beyond) the procurement organization is significant. Procurement Risk Management Research Study To validate its view that risk management in procurement requires efforts beyond what most companies are doing—and to identify leading practices, metrics and solutions—Accenture partnered with Professor David Simchi-Levi of the Massachusett Institute of Technology (MIT) in Boston on a “Is it possible that the recent economic downturn actually spawned some good news?” researchers asked. “In procurement risk management, that might be the case.” According to survey results, the global recession made companies significantly more aware of the need for such advanced practices. Accenture’s survey, which was conducted last year, noted that 85 percent of respondents believe that volatility will remain high in the near future, thus implying that formal and sustained risk management efforts should be enacted to countermand that trend.
- #12 The ISM Glossary defines stakeholders as person (s) with a vested interest in something; those who will be affected by and/ or can influence a decision-making process. At the corporate level, stakeholders include management, employees, stockholders, customers, suppliers and so on who may gain or lose by a specific decision. Applied to an organization's supply management structure, this definition would include all persons and organizations that have something that would be at risk in the event of a supply disruption.
- #13 The ISM Glossary defines stakeholders as person (s) with a vested interest in something; those who will be affected by and/ or can influence a decision-making process. At the corporate level, stakeholders include management, employees, stockholders, customers, suppliers and so on who may gain or lose by a specific decision. Applied to an organization's supply management structure, this definition would include all persons and organizations that have something that would be at risk in the event of a supply disruption.
- #14 Risk assessment -The ISM Glossary defines risk analysis as the process of identifying elements or factors, and their probability of occurrence, which could lead to injury, damage, loss or failure. A risk assessment identifies and quantifies the risk of a supply disruption using a framework that describes the attributes of suppliers, their relationships and their interactions with the organization performing the assessment. Risk mitigation - As defined in the ISM Glossary, risk mitigation entails specific steps undertaken by supply management professionals to reduce the impact of factors that might lead to injury, loss, damage or failure and thus reduce the liability of the organization in its relations with various stakeholder groups, including employees and customers.
- #15 Risk mitigation - As defined in the ISM Glossary, risk mitigation entails specific steps undertaken by supply management professionals to reduce the impact of factors that might lead to injury, loss, damage or failure and thus reduce the liability of the organization in its relations with various stakeholder groups, including employees and customers.
- #16 Risk monitoring -The monitoring of risk is an important part of a risk management program. Some areas should only be monitored yearly since physical locations do not change that often; other areas (delivery and quality performance) should be monitored weekly. The key is the efficient use of resources, both the organization's and suppliers'. Global event monitoring is becoming more important. Disasters often are only reported locally and take organizations by surprise. A second-tier supplier to one of the organization's first-tier suppliers can be hit by weather or political issues (such as import restrictions), which will impact the entire chain. Unfortunately, the response to this situation is often "I didn't know we had a supplier there!" The key to risk monitoring is that once the assessment of the supply chain network has been set up, the organization must identify which factors must be monitored in order for prompt detection and reaction to occur. Who monitors what in the plan are critical decisions to make in advance of a disruption, not after the disruption occurs.
- #17 Risk monitoring -The monitoring of risk is an important part of a risk management program. Some areas should only be monitored yearly since physical locations do not change that often; other areas (delivery and quality performance) should be monitored weekly. The key is the efficient use of resources, both the organization's and suppliers'. Global event monitoring is becoming more important. Disasters often are only reported locally and take organizations by surprise. A second-tier supplier to one of the organization's first-tier suppliers can be hit by weather or political issues (such as import restrictions), which will impact the entire chain. Unfortunately, the response to this situation is often "I didn't know we had a supplier there!" The key to risk monitoring is that once the assessment of the supply chain network has been set up, the organization must identify which factors must be monitored in order for prompt detection and reaction to occur. Who monitors what in the plan are critical decisions to make in advance of a disruption, not after the disruption occurs.
- #18 Risk monitoring -The monitoring of risk is an important part of a risk management program. Some areas should only be monitored yearly since physical locations do not change that often; other areas (delivery and quality performance) should be monitored weekly. The key is the efficient use of resources, both the organization's and suppliers'. Global event monitoring is becoming more important. Disasters often are only reported locally and take organizations by surprise. A second-tier supplier to one of the organization's first-tier suppliers can be hit by weather or political issues (such as import restrictions), which will impact the entire chain. Unfortunately, the response to this situation is often "I didn't know we had a supplier there!" The key to risk monitoring is that once the assessment of the supply chain network has been set up, the organization must identify which factors must be monitored in order for prompt detection and reaction to occur. Who monitors what in the plan are critical decisions to make in advance of a disruption, not after the disruption occurs.
- #19 Risk monitoring -The monitoring of risk is an important part of a risk management program. Some areas should only be monitored yearly since physical locations do not change that often; other areas (delivery and quality performance) should be monitored weekly. The key is the efficient use of resources, both the organization's and suppliers'. Global event monitoring is becoming more important. Disasters often are only reported locally and take organizations by surprise. A second-tier supplier to one of the organization's first-tier suppliers can be hit by weather or political issues (such as import restrictions), which will impact the entire chain. Unfortunately, the response to this situation is often "I didn't know we had a supplier there!" The key to risk monitoring is that once the assessment of the supply chain network has been set up, the organization must identify which factors must be monitored in order for prompt detection and reaction to occur. Who monitors what in the plan are critical decisions to make in advance of a disruption, not after the disruption occurs.
- #20 Risk tolerance means how much risk the organization is willing to accept in its various operations. Risk in the context of supply management refers to the risk of not having enough of the right products or services in the right place at the right time and the organization's tolerance around this type of risk. Organizations must analyze the costs and benefits of varying levels of supply risks for the various materials and services they require. They may be willing to assume more risk for particular items than for others. The benefits of assuming more risk have in recent years caused more organizations to have a higher supply risk tolerance.
- #21 Risk tolerance means how much risk the organization is willing to accept in its various operations. Risk in the context of supply management refers to the risk of not having enough of the right products or services in the right place at the right time and the organization's tolerance around this type of risk. Organizations must analyze the costs and benefits of varying levels of supply risks for the various materials and services they require. They may be willing to assume more risk for particular items than for others. The benefits of assuming more risk have in recent years caused more organizations to have a higher supply risk tolerance.
- #25 Most supply chains are comprised of tiers (Levels of suppliers adding value in the supply chain). These tiers often are both suppliers and customers of each other. They have built a web of relationships, within and between chains, which are difficult to understand and analyze. This creates special challenges during a risk assessment. Prime contract -The first-tier suppliers are often the primary contracting entity. This places on them the legal responsibility of ensuring the performance of their suppliers and their suppliers' suppliers. A risk assessment of the first tier must examine their relationship to the second and third-tier suppliers as well as the risk management capabilities of the first tier primary contractor. The way a primary supplier manages its suppliers (negative or positive power use) is a strong predictor of supply chain stability and of its ability to continue or recover in the event of a disruption. Subcontract -The second tier, sometimes called the subcontractor level, should be examined through the lens of the primary contractor's relationship as well as within their own business and geographic environment. The relationship and interactions they have with the primary supplier often determine the level of risk (or disruption potential) of a supply chain. General - A supply chain is only as strong as its weakest link. Therefore, risk management must go beyond the first tier suppliers and their relationships. The identification (and mitigation) of potential weaknesses is a critical aspect of risk management. Third-party service providers such as transportation and logistics organizations must not be overlooked. Their operations may contain greater potential supply risk than the primary or secondary suppliers or contractors.
- #26 Most supply chains are comprised of tiers (Levels of suppliers adding value in the supply chain). These tiers often are both suppliers and customers of each other. They have built a web of relationships, within and between chains, which are difficult to understand and analyze. This creates special challenges during a risk assessment. Prime contract -The first-tier suppliers are often the primary contracting entity. This places on them the legal responsibility of ensuring the performance of their suppliers and their suppliers' suppliers. A risk assessment of the first tier must examine their relationship to the second and third-tier suppliers as well as the risk management capabilities of the first tier primary contractor. The way a primary supplier manages its suppliers (negative or positive power use) is a strong predictor of supply chain stability and of its ability to continue or recover in the event of a disruption. Subcontract -The second tier, sometimes called the subcontractor level, should be examined through the lens of the primary contractor's relationship as well as within their own business and geographic environment. The relationship and interactions they have with the primary supplier often determine the level of risk (or disruption potential) of a supply chain. General - A supply chain is only as strong as its weakest link. Therefore, risk management must go beyond the first tier suppliers and their relationships. The identification (and mitigation) of potential weaknesses is a critical aspect of risk management. Third-party service providers such as transportation and logistics organizations must not be overlooked. Their operations may contain greater potential supply risk than the primary or secondary suppliers or contractors.
- #27 Most supply chains are comprised of tiers (Levels of suppliers adding value in the supply chain). These tiers often are both suppliers and customers of each other. They have built a web of relationships, within and between chains, which are difficult to understand and analyze. This creates special challenges during a risk assessment. Prime contract -The first-tier suppliers are often the primary contracting entity. This places on them the legal responsibility of ensuring the performance of their suppliers and their suppliers' suppliers. A risk assessment of the first tier must examine their relationship to the second and third-tier suppliers as well as the risk management capabilities of the first tier primary contractor. The way a primary supplier manages its suppliers (negative or positive power use) is a strong predictor of supply chain stability and of its ability to continue or recover in the event of a disruption. Subcontract -The second tier, sometimes called the subcontractor level, should be examined through the lens of the primary contractor's relationship as well as within their own business and geographic environment. The relationship and interactions they have with the primary supplier often determine the level of risk (or disruption potential) of a supply chain. General - A supply chain is only as strong as its weakest link. Therefore, risk management must go beyond the first tier suppliers and their relationships. The identification (and mitigation) of potential weaknesses is a critical aspect of risk management. Third-party service providers such as transportation and logistics organizations must not be overlooked. Their operations may contain greater potential supply risk than the primary or secondary suppliers or contractors.
- #28 Most supply chains are comprised of tiers (Levels of suppliers adding value in the supply chain). These tiers often are both suppliers and customers of each other. They have built a web of relationships, within and between chains, which are difficult to understand and analyze. This creates special challenges during a risk assessment. Prime contract -The first-tier suppliers are often the primary contracting entity. This places on them the legal responsibility of ensuring the performance of their suppliers and their suppliers' suppliers. A risk assessment of the first tier must examine their relationship to the second and third-tier suppliers as well as the risk management capabilities of the first tier primary contractor. The way a primary supplier manages its suppliers (negative or positive power use) is a strong predictor of supply chain stability and of its ability to continue or recover in the event of a disruption. Subcontract -The second tier, sometimes called the subcontractor level, should be examined through the lens of the primary contractor's relationship as well as within their own business and geographic environment. The relationship and interactions they have with the primary supplier often determine the level of risk (or disruption potential) of a supply chain. General - A supply chain is only as strong as its weakest link. Therefore, risk management must go beyond the first tier suppliers and their relationships. The identification (and mitigation) of potential weaknesses is a critical aspect of risk management. Third-party service providers such as transportation and logistics organizations must not be overlooked. Their operations may contain greater potential supply risk than the primary or secondary suppliers or contractors.
- #29 Most supply chains are comprised of tiers (Levels of suppliers adding value in the supply chain). These tiers often are both suppliers and customers of each other. They have built a web of relationships, within and between chains, which are difficult to understand and analyze. This creates special challenges during a risk assessment. Prime contract -The first-tier suppliers are often the primary contracting entity. This places on them the legal responsibility of ensuring the performance of their suppliers and their suppliers' suppliers. A risk assessment of the first tier must examine their relationship to the second and third-tier suppliers as well as the risk management capabilities of the first tier primary contractor. The way a primary supplier manages its suppliers (negative or positive power use) is a strong predictor of supply chain stability and of its ability to continue or recover in the event of a disruption. Subcontract -The second tier, sometimes called the subcontractor level, should be examined through the lens of the primary contractor's relationship as well as within their own business and geographic environment. The relationship and interactions they have with the primary supplier often determine the level of risk (or disruption potential) of a supply chain. General - A supply chain is only as strong as its weakest link. Therefore, risk management must go beyond the first tier suppliers and their relationships. The identification (and mitigation) of potential weaknesses is a critical aspect of risk management. Third-party service providers such as transportation and logistics organizations must not be overlooked. Their operations may contain greater potential supply risk than the primary or secondary suppliers or contractors.
- #30 Most supply chains are comprised of tiers (Levels of suppliers adding value in the supply chain). These tiers often are both suppliers and customers of each other. They have built a web of relationships, within and between chains, which are difficult to understand and analyze. This creates special challenges during a risk assessment. Prime contract -The first-tier suppliers are often the primary contracting entity. This places on them the legal responsibility of ensuring the performance of their suppliers and their suppliers' suppliers. A risk assessment of the first tier must examine their relationship to the second and third-tier suppliers as well as the risk management capabilities of the first tier primary contractor. The way a primary supplier manages its suppliers (negative or positive power use) is a strong predictor of supply chain stability and of its ability to continue or recover in the event of a disruption. Subcontract -The second tier, sometimes called the subcontractor level, should be examined through the lens of the primary contractor's relationship as well as within their own business and geographic environment. The relationship and interactions they have with the primary supplier often determine the level of risk (or disruption potential) of a supply chain. General - A supply chain is only as strong as its weakest link. Therefore, risk management must go beyond the first tier suppliers and their relationships. The identification (and mitigation) of potential weaknesses is a critical aspect of risk management. Third-party service providers such as transportation and logistics organizations must not be overlooked. Their operations may contain greater potential supply risk than the primary or secondary suppliers or contractors.
- #31 Most supply chains are comprised of tiers (Levels of suppliers adding value in the supply chain). These tiers often are both suppliers and customers of each other. They have built a web of relationships, within and between chains, which are difficult to understand and analyze. This creates special challenges during a risk assessment. Prime contract -The first-tier suppliers are often the primary contracting entity. This places on them the legal responsibility of ensuring the performance of their suppliers and their suppliers' suppliers. A risk assessment of the first tier must examine their relationship to the second and third-tier suppliers as well as the risk management capabilities of the first tier primary contractor. The way a primary supplier manages its suppliers (negative or positive power use) is a strong predictor of supply chain stability and of its ability to continue or recover in the event of a disruption. Subcontract -The second tier, sometimes called the subcontractor level, should be examined through the lens of the primary contractor's relationship as well as within their own business and geographic environment. The relationship and interactions they have with the primary supplier often determine the level of risk (or disruption potential) of a supply chain. General - A supply chain is only as strong as its weakest link. Therefore, risk management must go beyond the first tier suppliers and their relationships. The identification (and mitigation) of potential weaknesses is a critical aspect of risk management. Third-party service providers such as transportation and logistics organizations must not be overlooked. Their operations may contain greater potential supply risk than the primary or secondary suppliers or contractors.
- #34 Market intelligence is the process and the result of gathering and analyzing information about the aggregate forces (including economics) at work in trade and commerce in a specific service or commodity. The fact that few organizations have this function today is not a good reason to avoid proceeding. In practice, organizations find it far more difficult than do individuals to take advantage of all this knowledge. An individual's knowledge is self-contained and always available. But organizations are discovering that it is increasingly difficult to exploit the valuable knowledge possessed by a few hundred employees, particularly if they are scattered in different locations. Some of the key tools employed in structuring this information in a useful format involve developing presentation slides and reports using the following: Supplier analysis - scorecard of performance, financial structure, profitability, growth, market-share pie charts, etc. SWOT (Strength, Weakness, Opportunity, Threat) - a quick overview of the supply market and the relative position of the buyer in negotiations with key suppliers. Value chain - a graphical depiction of the key value-added processes that occur from raw materials through to end customer use. May also include key cost drivers and total cost models associated with pricing of the materials and services. Risk analysis - identification of major categories of risk associated with key suppliers, and the relative probability of a disruption with associated costs of disruption. Porter's Five Forces - a summary of key competitive forces in the industry, including bargaining power of buyers, bargaining power of suppliers, threat of new entrants, rivalry among existing competitors and threat of substitutes.
- #35 Financial risk can be determined by identifying the events that are possible, estimating the probability of these events occurring within the specific industry and estimating the impact.
- #37 Market intelligence is the process and the result of gathering and analyzing information about the aggregate forces (including economics) at work in trade and commerce in a specific service or commodity. The fact that few organizations have this function today is not a good reason to avoid proceeding. In practice, organizations find it far more difficult than do individuals to take advantage of all this knowledge. An individual's knowledge is self-contained and always available. But organizations are discovering that it is increasingly difficult to exploit the valuable knowledge possessed by a few hundred employees, particularly if they are scattered in different locations. Some of the key tools employed in structuring this information in a useful format involve developing presentation slides and reports using the following: Supplier analysis - scorecard of performance, financial structure, profitability, growth, market-share pie charts, etc. SWOT (Strength, Weakness, Opportunity, Threat) - a quick overview of the supply market and the relative position of the buyer in negotiations with key suppliers. Value chain - a graphical depiction of the key value-added processes that occur from raw materials through to end customer use. May also include key cost drivers and total cost models associated with pricing of the materials and services. Risk analysis - identification of major categories of risk associated with key suppliers, and the relative probability of a disruption with associated costs of disruption. Porter's Five Forces - a summary of key competitive forces in the industry, including bargaining power of buyers, bargaining power of suppliers, threat of new entrants, rivalry among existing competitors and threat of substitutes.
- #38 Market intelligence is the process and the result of gathering and analyzing information about the aggregate forces (including economics) at work in trade and commerce in a specific service or commodity. The fact that few organizations have this function today is not a good reason to avoid proceeding. In practice, organizations find it far more difficult than do individuals to take advantage of all this knowledge. An individual's knowledge is self-contained and always available. But organizations are discovering that it is increasingly difficult to exploit the valuable knowledge possessed by a few hundred employees, particularly if they are scattered in different locations. Some of the key tools employed in structuring this information in a useful format involve developing presentation slides and reports using the following: Supplier analysis - scorecard of performance, financial structure, profitability, growth, market-share pie charts, etc. SWOT (Strength, Weakness, Opportunity, Threat) - a quick overview of the supply market and the relative position of the buyer in negotiations with key suppliers. Value chain - a graphical depiction of the key value-added processes that occur from raw materials through to end customer use. May also include key cost drivers and total cost models associated with pricing of the materials and services. Risk analysis - identification of major categories of risk associated with key suppliers, and the relative probability of a disruption with associated costs of disruption. Porter's Five Forces - a summary of key competitive forces in the industry, including bargaining power of buyers, bargaining power of suppliers, threat of new entrants, rivalry among existing competitors and threat of substitutes.
- #39 Market intelligence is the process and the result of gathering and analyzing information about the aggregate forces (including economics) at work in trade and commerce in a specific service or commodity. The fact that few organizations have this function today is not a good reason to avoid proceeding. In practice, organizations find it far more difficult than do individuals to take advantage of all this knowledge. An individual's knowledge is self-contained and always available. But organizations are discovering that it is increasingly difficult to exploit the valuable knowledge possessed by a few hundred employees, particularly if they are scattered in different locations. Some of the key tools employed in structuring this information in a useful format involve developing presentation slides and reports using the following: Supplier analysis - scorecard of performance, financial structure, profitability, growth, market-share pie charts, etc. SWOT (Strength, Weakness, Opportunity, Threat) - a quick overview of the supply market and the relative position of the buyer in negotiations with key suppliers. Value chain - a graphical depiction of the key value-added processes that occur from raw materials through to end customer use. May also include key cost drivers and total cost models associated with pricing of the materials and services. Risk analysis - identification of major categories of risk associated with key suppliers, and the relative probability of a disruption with associated costs of disruption. Porter's Five Forces - a summary of key competitive forces in the industry, including bargaining power of buyers, bargaining power of suppliers, threat of new entrants, rivalry among existing competitors and threat of substitutes.
- #40 Market intelligence is the process and the result of gathering and analyzing information about the aggregate forces (including economics) at work in trade and commerce in a specific service or commodity. The fact that few organizations have this function today is not a good reason to avoid proceeding. In practice, organizations find it far more difficult than do individuals to take advantage of all this knowledge. An individual's knowledge is self-contained and always available. But organizations are discovering that it is increasingly difficult to exploit the valuable knowledge possessed by a few hundred employees, particularly if they are scattered in different locations. Some of the key tools employed in structuring this information in a useful format involve developing presentation slides and reports using the following: Supplier analysis - scorecard of performance, financial structure, profitability, growth, market-share pie charts, etc. SWOT (Strength, Weakness, Opportunity, Threat) - a quick overview of the supply market and the relative position of the buyer in negotiations with key suppliers. Value chain - a graphical depiction of the key value-added processes that occur from raw materials through to end customer use. May also include key cost drivers and total cost models associated with pricing of the materials and services. Risk analysis - identification of major categories of risk associated with key suppliers, and the relative probability of a disruption with associated costs of disruption. Porter's Five Forces - a summary of key competitive forces in the industry, including bargaining power of buyers, bargaining power of suppliers, threat of new entrants, rivalry among existing competitors and threat of substitutes.
- #42 Market intelligence is the process and the result of gathering and analyzing information about the aggregate forces (including economics) at work in trade and commerce in a specific service or commodity. The fact that few organizations have this function today is not a good reason to avoid proceeding. In practice, organizations find it far more difficult than do individuals to take advantage of all this knowledge. An individual's knowledge is self-contained and always available. But organizations are discovering that it is increasingly difficult to exploit the valuable knowledge possessed by a few hundred employees, particularly if they are scattered in different locations. Some of the key tools employed in structuring this information in a useful format involve developing presentation slides and reports using the following: Supplier analysis - scorecard of performance, financial structure, profitability, growth, market-share pie charts, etc. SWOT (Strength, Weakness, Opportunity, Threat) - a quick overview of the supply market and the relative position of the buyer in negotiations with key suppliers. Value chain - a graphical depiction of the key value-added processes that occur from raw materials through to end customer use. May also include key cost drivers and total cost models associated with pricing of the materials and services. Risk analysis - identification of major categories of risk associated with key suppliers, and the relative probability of a disruption with associated costs of disruption. Porter's Five Forces - a summary of key competitive forces in the industry, including bargaining power of buyers, bargaining power of suppliers, threat of new entrants, rivalry among existing competitors and threat of substitutes.
- #43 Estimating the probability of a supply chain disruption event is difficult and dependent upon the environment built by the suppliers and customers within a trading network. The first step in this assessment is to define the "network" under analysis. This is usually a commodity category such as "plastics" or "IT services." Once the network is defined, the general history of disruption potential of this environment can be examined by gathering historical data or by polling experts within the network. These experts are usually commodity managers who have managed this network of suppliers and are aware of the disruptions that have occurred. The experts can describe the "typical" disruptions for this network and can provide some rough probabilities, e.g., once per year this happens or once every three years one of the suppliers goes out of business. Some typical disruptions are: Misalignment of interests (e.g., a supplier is no longer interested in the organization's account due to market dynamics or legal issues) Disasters (weather, war, earthquake, etc.) Union work stoppage Regulatory shutdown, Transportation and sale of organization. Once the base probability estimate is complete for network disruption events, specific suppliers can be assigned the likelihood of specific events occurring with specific suppliers, using the results of a supplier-by-supplier risk assessment.
- #44 Estimating the probability of a supply chain disruption event is difficult and dependent upon the environment built by the suppliers and customers within a trading network. Supplier collaboration (also known as supplier relationship management, or SRM) means learning to develop and exercise a new kind of power, one not grounded in the ability to force compliance with procurement procedures and contracting processes. Instead supply management professionals need to learn to build what could be called "relationship capital" that inspires trust and commitment from stakeholders and suppliers. Relationship capital is a function of the supply management professional's ability to translate supply market data into compelling insights that solve business problems and to enable organizational connections and networking that accelerate business success. The first step in this assessment is to define the "network" under analysis. This is usually a commodity category such as "plastics" or "IT services." Once the network is defined, the general history of disruption potential of this environment can be examined by gathering historical data or by polling experts within the network. These experts are usually commodity managers who have managed this network of suppliers and are aware of the disruptions that have occurred. The experts can describe the "typical" disruptions for this network and can provide some rough probabilities, e.g., once per year this happens or once every three years one of the suppliers goes out of business. Some typical disruptions are: Misalignment of interests (e.g., a supplier is no longer interested in the organization's account due to market dynamics or legal issues) Disasters (weather, war, earthquake, etc.) Union work stoppage Regulatory shutdown, Transportation and sale of organization. Once the base probability estimate is complete for network disruption events, specific suppliers can be assigned the likelihood of specific events occurring with specific suppliers, using the results of a supplier-by-supplier risk assessment.
- #45 Estimating the probability of a supply chain disruption event is difficult and dependent upon the environment built by the suppliers and customers within a trading network. The first step in this assessment is to define the "network" under analysis. This is usually a commodity category such as "plastics" or "IT services." Once the network is defined, the general history of disruption potential of this environment can be examined by gathering historical data or by polling experts within the network. These experts are usually commodity managers who have managed this network of suppliers and are aware of the disruptions that have occurred. The experts can describe the "typical" disruptions for this network and can provide some rough probabilities, e.g., once per year this happens or once every three years one of the suppliers goes out of business. Some typical disruptions are: Misalignment of interests (e.g., a supplier is no longer interested in the organization's account due to market dynamics or legal issues) Disasters (weather, war, earthquake, etc.) Union work stoppage Regulatory shutdown, Transportation and sale of organization. Once the base probability estimate is complete for network disruption events, specific suppliers can be assigned the likelihood of specific events occurring with specific suppliers, using the results of a supplier-by-supplier risk assessment.
- #46 Estimating the probability of a supply chain disruption event is difficult and dependent upon the environment built by the suppliers and customers within a trading network. The first step in this assessment is to define the "network" under analysis. This is usually a commodity category such as "plastics" or "IT services." Once the network is defined, the general history of disruption potential of this environment can be examined by gathering historical data or by polling experts within the network. These experts are usually commodity managers who have managed this network of suppliers and are aware of the disruptions that have occurred. The experts can describe the "typical" disruptions for this network and can provide some rough probabilities, e.g., once per year this happens or once every three years one of the suppliers goes out of business. Some typical disruptions are: Misalignment of interests (e.g., a supplier is no longer interested in the organization's account due to market dynamics or legal issues) Disasters (weather, war, earthquake, etc.) Union work stoppage Regulatory shutdown, Transportation and sale of organization. Once the base probability estimate is complete for network disruption events, specific suppliers can be assigned the likelihood of specific events occurring with specific suppliers, using the results of a supplier-by-supplier risk assessment.
- #47 Estimating the probability of a supply chain disruption event is difficult and dependent upon the environment built by the suppliers and customers within a trading network. The first step in this assessment is to define the "network" under analysis. This is usually a commodity category such as "plastics" or "IT services." Once the network is defined, the general history of disruption potential of this environment can be examined by gathering historical data or by polling experts within the network. These experts are usually commodity managers who have managed this network of suppliers and are aware of the disruptions that have occurred. The experts can describe the "typical" disruptions for this network and can provide some rough probabilities, e.g., once per year this happens or once every three years one of the suppliers goes out of business. Some typical disruptions are: Misalignment of interests (e.g., a supplier is no longer interested in the organization's account due to market dynamics or legal issues) Disasters (weather, war, earthquake, etc.) Union work stoppage Regulatory shutdown, Transportation and sale of organization. Once the base probability estimate is complete for network disruption events, specific suppliers can be assigned the likelihood of specific events occurring with specific suppliers, using the results of a supplier-by-supplier risk assessment.
- #50 Risk assessment -The ISM Glossary defines risk analysis as the process of identifying elements or factors, and their probability of occurrence, which could lead to injury, damage, loss or failure. A risk assessment identifies and quantifies the risk of a supply disruption using a framework that describes the attributes of suppliers, their relationships and their interactions with the organization performing the assessment. Risk profile - A risk profile can include a supplier, a group of suppliers or a supplier network (multiple tiers of suppliers brought together for a purpose). This profile is usually a numerical score given as a result of applying the framework and measures. Normally, the higher the score, the higher the disruption potential of the entity being measured.
- #51 Risk planning - Since assessing risk can involve significant resources and cost, effectively targeting these efforts is important. In addition, assessing the high-impact risks first (not necessarily the highest spend) is an obvious priority. A five-step approach Confirm scope and current state - gain a thorough understanding of the current state of operations through interviews with risk management, insurance and finance, supply chain stakeholders and network personnel. Catalog assets and systems, identify critical business functions, review disaster recovery plans and identify constraints. Conduct impact assessment - identify major threats, vulnerabilities and key risks. What are the financial and asset impacts? What are the supply chain and stakeholder impacts? How can the network absorb these impacts and respond to them? Define alternatives - select risk mitigation alternatives an? supply chain and network contingencies. What is the organization's risk tolerance? What can be insured against? What can be done to manage the rest? Who can be called upon to step up production? How can capacity be shifted? Develop plans - select the appropriate mitigation recommendations and develop action plans to implement them. Define business continuity supply and demand managment plans and contingency and mitigation plans. Tightly define business continuity operations. Implement readiness - get the organization ready for the inevitable by establishing maintenance and detection processes and validating business continuity plans. Implement threat detection measures and execute risk mitigation and maintenance measures. Plans should be continuously examined for effectiveness, including sharing plans with appropriate supply chain partners.
- #52 Risk planning - Since assessing risk can involve significant resources and cost, effectively targeting these efforts is important. In addition, assessing the high-impact risks first (not necessarily the highest spend) is an obvious priority. A five-step approach Confirm scope and current state - gain a thorough understanding of the current state of operations through interviews with risk management, insurance and finance, supply chain stakeholders and network personnel. Catalog assets and systems, identify critical business functions, review disaster recovery plans and identify constraints. Conduct impact assessment - identify major threats, vulnerabilities and key risks. What are the financial and asset impacts? What are the supply chain and stakeholder impacts? How can the network absorb these impacts and respond to them? Define alternatives - select risk mitigation alternatives an? supply chain and network contingencies. What is the organization's risk tolerance? What can be insured against? What can be done to manage the rest? Who can be called upon to step up production? How can capacity be shifted? Develop plans - select the appropriate mitigation recommendations and develop action plans to implement them. Define business continuity supply and demand management plans and contingency and mitigation plans. Tightly define business continuity operations. Implement readiness - get the organization ready for the inevitable by establishing maintenance and detection processes and validating business continuity plans. Implement threat detection measures and execute risk mitigation and maintenance measures. Plans should be continuously examined for effectiveness, including sharing plans with appropriate supply chain partners.
- #53 Risk planning - Since assessing risk can involve significant resources and cost, effectively targeting these efforts is important. In addition, assessing the high-impact risks first (not necessarily the highest spend) is an obvious priority. A five-step approach Confirm scope and current state - gain a thorough understanding of the current state of operations through interviews with risk management, insurance and finance, supply chain stakeholders and network personnel. Catalog assets and systems, identify critical business functions, review disaster recovery plans and identify constraints. Conduct impact assessment - identify major threats, vulnerabilities and key risks. What are the financial and asset impacts? What are the supply chain and stakeholder impacts? How can the network absorb these impacts and respond to them? Define alternatives - select risk mitigation alternatives an? supply chain and network contingencies. What is the organization's risk tolerance? What can be insured against? What can be done to manage the rest? Who can be called upon to step up production? How can capacity be shifted? Develop plans - select the appropriate mitigation recommendations and develop action plans to implement them. Define business continuity supply and demand management plans and contingency and mitigation plans. Tightly define business continuity operations. Implement readiness - get the organization ready for the inevitable by establishing maintenance and detection processes and validating business continuity plans. Implement threat detection measures and execute risk mitigation and maintenance measures. Plans should be continuously examined for effectiveness, including sharing plans with appropriate supply chain partners.
- #54 Risk planning - Since assessing risk can involve significant resources and cost, effectively targeting these efforts is important. In addition, assessing the high-impact risks first (not necessarily the highest spend) is an obvious priority. A five-step approach Confirm scope and current state - gain a thorough understanding of the current state of operations through interviews with risk management, insurance and finance, supply chain stakeholders and network personnel. Catalog assets and systems, identify critical business functions, review disaster recovery plans and identify constraints. Conduct impact assessment - identify major threats, vulnerabilities and key risks. What are the financial and asset impacts? What are the supply chain and stakeholder impacts? How can the network absorb these impacts and respond to them? Define alternatives - select risk mitigation alternatives and supply chain and network contingencies. What is the organization's risk tolerance? What can be insured against? What can be done to manage the rest? Who can be called upon to step up production? How can capacity be shifted? Develop plans - select the appropriate mitigation recommendations and develop action plans to implement them. Define business continuity supply and demand management plans and contingency and mitigation plans. Tightly define business continuity operations. Implement readiness - get the organization ready for the inevitable by establishing maintenance and detection processes and validating business continuity plans. Implement threat detection measures and execute risk mitigation and maintenance measures. Plans should be continuously examined for effectiveness, including sharing plans with appropriate supply chain partners.
- #55 Risk planning - Since assessing risk can involve significant resources and cost, effectively targeting these efforts is important. In addition, assessing the high-impact risks first (not necessarily the highest spend) is an obvious priority. A five-step approach Confirm scope and current state - gain a thorough understanding of the current state of operations through interviews with risk management, insurance and finance, supply chain stakeholders and network personnel. Catalog assets and systems, identify critical business functions, review disaster recovery plans and identify constraints. Conduct impact assessment - identify major threats, vulnerabilities and key risks. What are the financial and asset impacts? What are the supply chain and stakeholder impacts? How can the network absorb these impacts and respond to them? Define alternatives - select risk mitigation alternatives an? supply chain and network contingencies. What is the organization's risk tolerance? What can be insured against? What can be done to manage the rest? Who can be called upon to step up production? How can capacity be shifted? Develop plans - select the appropriate mitigation recommendations and develop action plans to implement them. Define business continuity supply and demand management plans and contingency and mitigation plans. Tightly define business continuity operations. Implement readiness - get the organization ready for the inevitable by establishing maintenance and detection processes and validating business continuity plans. Implement threat detection measures and execute risk mitigation and maintenance measures. Plans should be continuously examined for effectiveness, including sharing plans with appropriate supply chain partners.
- #56 Risk planning - Since assessing risk can involve significant resources and cost, effectively targeting these efforts is important. In addition, assessing the high-impact risks first (not necessarily the highest spend) is an obvious priority. A five-step approach Confirm scope and current state - gain a thorough understanding of the current state of operations through interviews with risk management, insurance and finance, supply chain stakeholders and network personnel. Catalog assets and systems, identify critical business functions, review disaster recovery plans and identify constraints. Conduct impact assessment - identify major threats, vulnerabilities and key risks. What are the financial and asset impacts? What are the supply chain and stakeholder impacts? How can the network absorb these impacts and respond to them? Define alternatives - select risk mitigation alternatives an? supply chain and network contingencies. What is the organization's risk tolerance? What can be insured against? What can be done to manage the rest? Who can be called upon to step up production? How can capacity be shifted? Develop plans - select the appropriate mitigation recommendations and develop action plans to implement them. Define business continuity supply and demand management plans and contingency and mitigation plans. Tightly define business continuity operations. Implement readiness - get the organization ready for the inevitable by establishing maintenance and detection processes and validating business continuity plans. Implement threat detection measures and execute risk mitigation and maintenance measures. Plans should be continuously examined for effectiveness, including sharing plans with appropriate supply chain partners.
- #57 Risk assessment -The ISM Glossary defines risk analysis as the process of identifying elements or factors, and their probability of occurrence, which could lead to injury, damage, loss or failure. A risk assessment identifies and quantifies the risk of a supply disruption using a framework that describes the attributes of suppliers, their relationships and their interactions with the organization performing the assessment. Risk profile - A risk profile can include a supplier, a group of suppliers or a supplier network (multiple tiers of suppliers brought together for a purpose). This profile is usually a numerical score given as a result of applying the framework and measures. Normally, the higher the score, the higher the disruption potential of the entity being measured.
- #58 Risk assessment -The ISM Glossary defines risk analysis as the process of identifying elements or factors, and their probability of occurrence, which could lead to injury, damage, loss or failure. A risk assessment identifies and quantifies the risk of a supply disruption using a framework that describes the attributes of suppliers, their relationships and their interactions with the organization performing the assessment. Risk mitigation - As defined in the ISM Glossary, risk mitigation entails specific steps undertaken by supply management professionals to reduce the impact of factors that might lead to injury, loss, damage or failure and thus reduce the liability of the organization in its relations with various stakeholder groups, including employees and customers.
- #59 One method of creating a risk profile is to incorporate all available information into an overall risk score by weighting individual measures based on probability of outcome and severity of impact. To convert country information into a measure, the supply management professional uses a grid that associates characteristics for each parameter with an overall assessment of that parameter. The grid is developed based on primary research and populated with characteristics and definitions corresponding to each assessment level. Information about a specific country is then compared to the criteria in the grid, and the country is assigned the corresponding score. Source data for each rating should be documented. This assessment uses five levels, ranging from “very unsuitable” (Score: 1) to “very suitable” (Score: 5).
- #60 Risk assessment -The ISM Glossary defines risk analysis as the process of identifying elements or factors, and their probability of occurrence, which could lead to injury, damage, loss or failure. A risk assessment identifies and quantifies the risk of a supply disruption using a framework that describes the attributes of suppliers, their relationships and their interactions with the organization performing the assessment. Risk profile - A risk profile can include a supplier, a group of suppliers or a supplier network (multiple tiers of suppliers brought together for a purpose). This profile is usually a numerical score given as a result of applying the framework and measures. Normally, the higher the score, the higher the disruption potential of the entity being measured.
- #61 Risk mitigation - As defined in the ISM Glossary, risk mitigation entails specific steps undertaken by supply management professionals to reduce the impact of factors that might lead to injury, loss, damage or failure and thus reduce the liability of the organization in its relations with various stakeholder groups, including employees and customers.
- #62 Risk mitigation - As defined in the ISM Glossary, risk mitigation entails specific steps undertaken by supply management professionals to reduce the impact of factors that might lead to injury, loss, damage or failure and thus reduce the liability of the organization in its relations with various stakeholder groups, including employees and customers.
- #63 Risk assessment -The ISM Glossary defines risk analysis as the process of identifying elements or factors, and their probability of occurrence, which could lead to injury, damage, loss or failure. A risk assessment identifies and quantifies the risk of a supply disruption using a framework that describes the attributes of suppliers, their relationships and their interactions with the organization performing the assessment. Risk profile - A risk profile can include a supplier, a group of suppliers or a supplier network (multiple tiers of suppliers brought together for a purpose). This profile is usually a numerical score given as a result of applying the framework and measures. Normally, the higher the score, the higher the disruption potential of the entity being measured.
- #64 Risk monitoring -The monitoring of risk is an important part of a risk management program. Some areas should only be monitored yearly since physical locations do not change that often; other areas (delivery and quality performance) should be monitored weekly. The key is the efficient use of resources, both the organization's and suppliers'. Global event monitoring is becoming more important. Disasters often are only reported locally and take organizations by surprise. A second-tier supplier to one of the organization's first-tier suppliers can be hit by weather or political issues (such as import restrictions), which will impact the entire chain. Unfortunately, the response to this situation is often "I didn't know we had a supplier there!" The key to risk monitoring is that once the assessment of the supply chain network has been set up, the organization must identify which factors must be monitored in order for prompt detection and reaction to occur. Who monitors what in the plan are critical decisions to make in advance of a disruption, not after the disruption occurs.
- #65 Risk monitoring -The monitoring of risk is an important part of a risk management program. Some areas should only be monitored yearly since physical locations do not change that often; other areas (delivery and quality performance) should be monitored weekly. The key is the efficient use of resources, both the organization's and suppliers'. Global event monitoring is becoming more important. Disasters often are only reported locally and take organizations by surprise. A second-tier supplier to one of the organization's first-tier suppliers can be hit by weather or political issues (such as import restrictions), which will impact the entire chain. Unfortunately, the response to this situation is often "I didn't know we had a supplier there!" The key to risk monitoring is that once the assessment of the supply chain network has been set up, the organization must identify which factors must be monitored in order for prompt detection and reaction to occur. Who monitors what in the plan are critical decisions to make in advance of a disruption, not after the disruption occurs.