Security, Compliance & Loss Prevention Part 9.pptx

Welcome to class. We will
begin shortly

Security,
Compliance
& Loss
Prevention

Important Dates
▶ Midterm 3/7/2024
▶ Assignment 3/13/2024
▶ Final 3/18/2024
This Photo by Unknown Author is licensed under CC BY-SA-NC

Terminal Learning
Objectives
▶ Supply Chain Risk Management –
Developments, Issues and
Challenges
▶ Assessing the Vulnerability of
Supply Chains
▶ Risk Management in Value
Networks
▶ Assessing Risks in Projects and
Processes
▶ Risk Management System – A
Conceptual Model
▶ Using Simulation to Investigate
Supply Chain Disruptions

Supply Chain Risk
Management –
Developments, Issues
and Challenges
▶ Developments:
• Digitalization and Technology Integration:
Supply chain risk management has
increasingly integrated advanced
technologies such as IoT, blockchain, and
AI to enhance visibility, traceability, and
predictive analytics.
• Supplier Collaboration: Organizations
have been focusing on building stronger
relationships with suppliers to ensure
better communication, visibility, and
collaboration to mitigate risks collectively.
• Data Analytics and Predictive Modeling:
Advanced data analytics and predictive
modeling have enabled companies to
identify potential risks earlier, allowing for
more proactive risk mitigation strategies.
This Photo by Unknown Author is licensed under CC BY-ND

Supply Chain Risk
Management –
and Challenges
▶ Issues:
• Global Disruptions: The COVID-19
pandemic highlighted the vulnerability of
global supply chains to unforeseen
disruptions, emphasizing the need for
more resilient and flexible supply chain
models.
• Regulatory Changes: Changes in trade
policies, sanctions, and regulations can
have a significant impact on supply
chains, requiring companies to
continuously monitor and adapt.
• Cybersecurity Threats: As supply chains
become more digitized, the risk of
cyberattacks on critical supply chain
systems and data has increased,
necessitating robust cybersecurity
measures.
This Photo by Unknown Author is licensed under CC BY

Supply Chain Risk
Management –
and Challenges
▶ Challenges:
• Complexity: Modern supply chains are
complex and involve numerous
interconnected components, making it
challenging to identify and assess all
potential risks comprehensively.
• Lack of Visibility: Limited visibility into
lower tiers of the supply chain can
hinder the ability to identify risks in
advance and develop effective
mitigation strategies.
• Resilience vs. Efficiency: Balancing
the need for supply chain efficiency
with the imperative for resilience
against disruptions remains a
challenge, as building resilience often
involves additional costs.

Supply Chain Risk
Management –
and Challenges
▶ Challenges:
• Skill Shortages: Effective supply
chain risk management requires
skilled professionals who can
analyze data, identify risks, and
develop strategies. There's a
shortage of such skilled
individuals in the field.
• Sustainability and ESG Factors:
Incorporating environmental,
social, and governance (ESG)
factors into supply chain risk
management has gained
importance, as stakeholders
demand more sustainable and
responsible practices.

7 Challenges Driving
Increased Interest in
Managed Service
▶ Disruption has been the name of
the game for more than a year
as supply chain leaders have
been dealing with changing
buyer behaviors, inventory
management challenges, labor
shortages, weather and
pandemic-related uncertainty,
cyber security threats and
capacity constraints that
continue to create significant
supply chain volatility. With peak
shipping season approaching,
companies continue to face
supply chain risk as the
pressure increases to meet
customer and delivery
expectations without adding
cost.

Managed Service
▶ According to a recent survey
fielded by Edelman Intelligence,
94% of supply chain leaders say
partnerships with supply chain
logistics companies are
necessary to get through peak
season successfully. The survey
also found that 9 in 10 supply
chain leaders are seeking 3PLs
with a consulting offering that
provides guidance in setting up
their company’s supply chain.
These are the top challenges
that are driving increased
interest in and demand for
consulting and managed
services.

Managed Service
▶ Market Volatility Continues to
Undermine Supply Chain Risk
Management
Perhaps the one constant in today’s
supply chain resiliency is market
volatility. Market volatility describes a
stage at which volume and capacity
availability are misaligned. That can
mean ample capacity and not enough
shipments or far too many shipments
and not enough equipment or drivers.
Capacity is also a slightly complex
topic, reflecting changes within
available capacity and individual
markets, individual modes, and with
differing logistics partnerships. The
continuous change between
shipments tendered and accepted or
rejected is making it challenging for
shippers to stay strategic.

Managed Service
▶ Limited Granularity of Data
Leads to a Lack of
Actionability
The solution to overcoming the
problem of market volatility is
understanding what is happening
and in real time with supply chain
risk management. When a
shipper cannot understand the
various factors playing into
market volatility, this is known as
limited granularity of data. Poor
granularity means shippers do
not know where to prioritize their
fulfillment strategies, and that
may be more likely to
disproportionately distribute
inventory.

Managed Service
▶ Traditional Inventory Replenishment
Strategies No Longer Work
A traditional inventory replenishment
strategy, such as ordering based on historic
patterns, is no longer effective in today’s
world. Traditional inventory management
strategies were designed with all supply
chains being linear, reflecting a manufacturer
to retailer to end-user process in accordance
with reverse logistics. Advancements in
technology and the proliferation of e-
commerce have created a somewhat cyclic
supply chain that can route orders from
anywhere.
The evolving supply chain and buying
options for consumers is an advantage in the
modern world, but without visibility on all
inventory throughout a company’s network, it
grows more difficult to track. As a result,
carrying costs spiral out of control, and
stockouts become more likely which means
an easier conversation about supply chain
risk management.

Managed Service
▶ Increased Throughput Generates a Need to
Manage by Exception
The increased strain on available resources and
the growth of e-commerce creates a greater
need to manage by exception. Rather than trying
to manage each shipment manually, today
shippers can leverage technology to enable true
management by exception. For instance, the
capacity that is needed per shipment like the
2021 produce season transportation capacity
outlook. Exceptions are the one-off issues that
arise that may require human intervention to
resolve.
There was a time when management by
exception and manual management were almost
identical. But automation and sequential
tendering processes within an advanced
transportation management system (TMS) have
given rise to the ability to manage by exception.
As a result, shippers can prioritize in-house
processes and only intervene on shipments
where human intervention is necessary.
Therefore, it is easier to increase the volume of
freight moving across both inbound and
outbound channels.

Managed Service
▶ Cybersecurity Concerns Remain
In recent months, cybersecurity
breaches have led to the complete
collapse of whole portions of the
supply chain. Without proper
firewalls and adequate penetration
testing, any shipper is at risk for a
breach. Fortunately, shippers that
take a proactive approach by
properly segmenting systems and
conducting regular scans to identify
unusual user behaviors can help to
mitigate this supply chain risk. A
managed transportation service
provider can enable accurate,
complete supply chain risk
management for all things involving
strict security measures for
cybersecurity.

Managed Service
▶ There’s Limited Visibility Within
Your Network, Which Impacts
Collaboration Too
Other areas of focus for supply
chain risk management include
intermodal freight, particularly ocean
freight, and its long-standing history
and reputation for poor visibility.
Poor visibility within ocean freight
may lead to massive delays at the
time of arrival, problems scheduling
drayage, and other issues with
knowing when to reorder. Which is
why shippers and carriers must build
supply chain resiliency. Limited
visibility within the network will
adversely impact collaboration,
making it challenging to work with
entities beyond the four walls of your
enterprise.

Managed Service
▶ The Threat of the Ever-Lasting
Disruption Permeates All
Processes
Risk management would be
relatively simple in an ideal world,
but the current obsolete supply
chain is anything but simple.
Disruptions abound in the form of
weather, tariffs, changes to
political landscapes, natural
disasters, ships running aground
in major freight thoroughfares,
and much more. For any shipper
to maintain a strategic position, it
must recognize that anything can
and may go wrong. And they must
plan accordingly.

Enhance Supply Chain
Risk Management by
Choosing the Right
Managed Services
Partner
▶ The modern world of freight
management is growing more
complex, and finding success
depends on around-the-clock
scalability, insight into specific
market granularities, clear data
and visibility, and understanding
how to stay strategic. It’s
increasingly difficult for companies
to plan, source, manage and
navigate supply chain
complexities while still focusing on
what they do best: serving their
customers and growing their
businesses.

What is a Supply
Chain Vulnerability
Assessment?
▶ Global supply chain management
has grown exceedingly difficult
within the last decade and has
been amplified by the effects of the
Pandemic. The Institute for Supply
Management reports that the
manufacturing industry’s Backlog of
Orders Index hit a record high of
71% in May 2021. This is largely
due to increased lead times and
product shortages. Not only that,
but the costs to resolve these
backorders reached highs of $15 to
$20 USD per backorder fulfillment.
There are tools, such as the Supply
Chain Vulnerability Assessment,
that help to prevent your supply
chain from experiencing these
situations.

What’s Supply Chain
Vulnerability?
▶ Businesses experience
vulnerability in their supply chain
when exposed to the blind risks
of both internal and external
supply chain disruptions. The
more responsive the critical
components of a business’s
supply chain are to risks, the
more vulnerable the business is.
Ultimately, your business’s
ability to meet your end
customer’s demands suffers the
most when supply chain
vulnerability is prevalent.

Examples of Supply
Chain Vulnerabilities
▶ There are numerous types of
internal and external events
that make supply chains
vulnerable to disruptions.
Natural disasters, fuel prices,
political crises, cyber-attacks,
workplace safety incidences,
supplier product problems,
failed technology, and
unexpected quality issues
are a few examples of supply
chain vulnerabilities.

Examples of Supply
▶ Supply Chain Structure
Supply chains with more options,
businesses, and supplier dependencies
can make coordination more difficult and
lead to more mistakes.
Frequent inspections of your supply chain
are a useful supply chain vulnerability
mitigation strategy. Doing so can produce
unforeseen improvements to your supply
chain design and is a preventative action
to reduce your supply chain vulnerability.
Many businesses struggle to begin their
supply chain inspections and internal
audits due to cost and time requirements.
However, online supplier checklist
solutions such as the ESG Checklist are
available. These online checklists help
you collect supplier data using mobile
devices and generate reports in real-time
so you can make decisions quickly and
effectively.

Examples of Supply
▶ Organizational Complexity
As businesses create more complex
products and processes, supply
chain risk management becomes
more important. Your management’s
decision-making must continuously
adapt the company’s supply chain
structure as internal development
becomes more complex.
Information Management
Complex supply chains involve
many levels of information sharing
between providers and end-users.
Communication between a starting
point in a supply chain and its
intended endpoint can become
skewed as messages are filtered
through the many tiers of a supply
chain system.

What’s the Purpose of
a Supply Chain
Vulnerability
Assessment?
▶ A Supply Chain Vulnerability
Assessment is a specific risk
assessment tool to find
potential weaknesses that
can eventually impact your
company’s supply chain.
Through performing a Supply
Chain Vulnerability
Assessment, a business’s
supply chain resilience is
increased through risk
mitigation strategies that the
assessment helps uncover.

4 Steps to Perform a
Supply Chain
Vulnerability
Assessment for
Manufacturing Industry
1. Document Current System
It’s important to collect the data
and define your current supply
chain structure and outsourcing
processes. Doing so will give
your team the essential
comparable data when
performing your vulnerability
assessment. Other items you
may want to include to help
define your current supply chain
system include goals,
objectives, criteria, logistics
management documents, and
any other relevant information.

4 Steps to Perform a
Supply Chain
Vulnerability
Assessment for
Manufacturing Industry
2. Identify Hazards
Your assessment team will want to
investigate your supply chain’s most
important risks. This may include
risks with the largest financial impact.
After identifying the risks, you’ll want
to try quantifying the risk impact.
Because actually quantifying the risk
impact can be difficult, consider
building your Supply Chain
Vulnerability Assessment team with a
staff of high supply chain knowledge
and experience. This way your best
assumptions on consequences and
occurrence timeframe can be made.

a Supply Chain
Vulnerability
Assessment?
3. Mitigation Measures
After identifying potential
risks to your supply chain
and ranking them by
importance, you’ll need to
develop strategies to
mitigate or reduce their
impact. I recommend
including a cost-benefit
analysis at this stage of
your vulnerability analysis.

a Supply Chain
Vulnerability
Assessment?
4. Develop
Strategies/Recommendations
After collecting information and
developing mitigation concepts,
you’ll need to choose which
mitigation measures are most
important and effective, based on
a cost-benefit analysis.

Assessing the
Vulnerability of Supply
Chains
▶ Here's a structured approach to assessing
supply chain vulnerability:
• Identify Critical Elements:
Identify the key components, processes,
suppliers, and logistics networks within your
supply chain. This includes understanding your
suppliers' suppliers (tier-n analysis) to uncover
hidden vulnerabilities.
• Risk Mapping:
Create a comprehensive map of potential risks
that could affect your supply chain. These risks
could include natural disasters, geopolitical
events, economic fluctuations, regulatory
changes, cyber threats, and more.
• Risk Assessment:
Assess the impact and likelihood of each
identified risk. This involves evaluating the
potential consequences of a disruption on your
supply chain's operations, financials, reputation,
and customer satisfaction.

Assessing the
Chains
• Vulnerability Analysis: Determine
which elements of your supply chain
are most vulnerable to the identified
risks. This could include locations prone
to natural disasters, single-source
suppliers, high lead times, or lack of
backup plans.
• Quantitative and Qualitative
Analysis: Use both quantitative data
(e.g., historical disruption data, financial
impact estimates) and qualitative
insights (e.g., expert opinions, market
trends) to assess vulnerability.
Quantitative data can be used to
calculate risk scores, while qualitative
insights provide context.
• Dependency Assessment:
Understand the dependencies between
different elements in your supply chain.
This includes evaluating how

Assessing the
Chains
• Mitigation Strategies:
Develop a range of mitigation strategies for
each identified vulnerability. These
strategies could include diversifying
suppliers, implementing redundancy plans,
investing in technology, building stronger
relationships with suppliers, and improving
inventory management.
• Resilience Testing:
Conduct scenario-based testing to simulate
different disruption scenarios. This helps in
understanding how well your supply chain
can respond to unexpected events and
adjust your strategies accordingly.
• Continuous Monitoring:
Supply chain vulnerabilities can change
over time due to factors like market
dynamics and geopolitical events.
Regularly monitor and update your risk
assessments to stay ahead of emerging
This Photo by Unknown Author is licensed under CC BY-NC

Assessing the
Chains
• Collaboration and
Communication:
Collaborate closely with suppliers,
partners, and stakeholders. Open
lines of communication can help in
sharing information, best practices,
and potential risks that might be
overlooked.
• Technology Utilization:
Leverage technologies such as
predictive analytics, AI, and IoT to
enhance visibility into your supply
chain and gain insights that can help
in identifying vulnerabilities early.
• Sustainable Practices:
Consider environmental, social, and
governance factors in your
vulnerability assessment. Sustainable

Risk Management in
Value Network
▶ Risk management in the value
chain involves identifying,
assessing, and mitigating
potential risks that can impact
the various stages and
components of the value chain.
The value chain encompasses
all the activities and processes
that a company undertakes to
create, produce, and deliver its
products or services to
customers. Effective risk
management in the value chain
helps organizations minimize
disruptions, enhance efficiency,
and maintain customer
satisfaction.
This Photo by Unknown Author is licensed under CC BY-SA

Risk Management in
Value Network
▶ Here's how risk management can be applied
to different stages of the value chain:
• Supplier Risks:
Identify risks associated with suppliers, including
financial instability, quality issues, geopolitical
factors, and supply chain disruptions. Mitigate
these risks by diversifying suppliers, establishing
strong relationships, conducting regular audits,
and developing contingency plans.
• Production Risks:
Assess risks related to manufacturing processes,
technology failures, equipment breakdowns, and
workforce availability. Implement risk reduction
strategies like predictive maintenance,
technology upgrades, cross-training employees,
and maintaining safety protocols.
• Logistics and Transportation Risks:
Address risks in the transportation of raw
materials, components, and finished goods. This
includes potential delays, disruptions, and
regulatory issues. Develop alternate
transportation routes, utilize tracking
technologies, and work with reliable logistics
partners.

Risk Management in
Value Network
• Inventory Risks: Manage risks
associated with inventory management,
such as overstocking, stockouts, and
obsolescence. Employ demand
forecasting, just-in-time inventory
practices, and dynamic inventory
adjustments to minimize these risks.
• Distribution and Fulfillment Risks:
Evaluate risks in the distribution and
fulfillment process, such as inaccurate
order processing, delivery delays, and
returns management. Implement robust
order management systems, optimize
distribution networks, and enhance
communication with customers.
• Market Risks: Address risks related to
changes in customer demand,
competition, market trends, and
economic fluctuations. Stay updated on
market dynamics, conduct market
research, and diversify your product or
service offerings to mitigate these risks.

Risk Management in
Value Network
• Regulatory and Compliance Risks:
Monitor and comply with relevant
regulations and standards that impact
your value chain activities. Failure to do
so can result in legal issues, fines, and
reputational damage. Establish a
compliance framework, stay informed
about regulatory changes, and ensure
proper documentation.
• Cybersecurity and Data Privacy
Risks: Recognize the potential for data
breaches, cyberattacks, and privacy
violations across the value chain.
Implement robust cybersecurity
measures, conduct regular audits, and
educate employees about best
practices to protect sensitive
information.
• Environmental and Sustainability
Risks: Consider risks related to
environmental impact, resource
scarcity, and sustainability practices.

Risk Management in
Value Network
• Human Capital Risks: Assess risks
associated with workforce availability,
skill gaps, employee turnover, and
labor disruptions. Invest in employee
development, succession planning,
and employee engagement to mitigate
these risks.
• Financial Risks: Evaluate financial
risks such as fluctuating costs,
currency exchange rates, and credit
risks. Implement financial risk
management strategies, including
hedging, financial forecasting, and
maintaining strong relationships with
financial partners.
• Scenario Planning and Resilience
Testing: Regularly conduct scenario
planning and resilience testing to
simulate various risk scenarios and
their potential impact on your value
chain. This helps in identifying

Risk Management in
Value Network
▶ Effective risk
management in the value
chain requires a holistic
and cross-functional
approach. Collaboration
between different
departments, robust data
collection and analysis,
proactive planning, and
continuous monitoring are
essential components of a
successful value chain risk
management strategy. This Photo by Unknown Author is licensed under CC BY-SA

Risk Management in
Value Network
▶ Predicting and managing supply
chain risks involves a combination
of proactive strategies, data-driven
insights, and contingency planning
to minimize the impact of potential
disruptions.
Predicting and managing supply
chain risks is an ongoing process
that requires a combination of
strategic planning, technology
integration, and collaborative
efforts. By proactively identifying
risks and implementing effective
mitigation strategies, organizations
can minimize the impact of
disruptions and ensure the
continuity of their supply chain
operations.

Risk Management in
Value Network
▶ Here's a step-by-step guide on how to predict
and manage supply chain risks effectively:
1. Risk Identification:
Identify potential risks across all stages of your
supply chain, including suppliers,
manufacturing, transportation, distribution, and
market factors. These risks can include natural
disasters, geopolitical events, demand
fluctuations, supplier disruptions, quality issues,
and more.
2. Data Collection and Analysis:
Gather relevant data from internal and external
sources. This includes historical data, market
trends, supplier performance metrics, weather
forecasts, and geopolitical insights. Use
advanced analytics and data modeling to
identify patterns and correlations that could
indicate potential risks.
3. Predictive Analytics:
Utilize predictive analytics to forecast potential
supply chain risks. Machine learning algorithms
can analyze historical data to identify early
warning signs of disruptions and provide
insights into future risks. These models can help
in predicting demand fluctuations, supplier

Risk Management in
Value Network
4. Supply Chain Visibility: Enhance
supply chain visibility by implementing
technologies like IoT sensors, RFID
tracking, and blockchain. These
technologies provide real-time data on
the movement of goods, allowing you
to monitor and respond to disruptions
promptly.
5. Supplier Risk Assessment: Assess
the risk profile of your suppliers.
Evaluate factors such as financial
stability, geographical location, single-
source dependency, and regulatory
compliance. Maintain a diverse
supplier base to reduce vulnerability.
6. Scenario Planning: Develop different
risk scenarios based on your predictive
insights. Consider factors such as the
impact of a supplier's bankruptcy,
sudden demand spikes, transportation
disruptions, or regulatory changes.
Develop strategies for each scenario.
This Photo by Unknown Author is licensed under CC BY-NC-ND

Risk Management in
Value Network
7. Contingency Planning: Create
detailed contingency plans for
various risk scenarios. These plans
should outline steps to take when a
disruption occurs, including
alternative suppliers, backup
manufacturing sites, expedited
transportation options, and
communication protocols.
8. Collaboration and
Communication: Establish clear
lines of communication with
suppliers, partners, and
stakeholders. Build strong
relationships to facilitate timely
information sharing and joint
problem-solving when disruptions
occur.
9. Resilience Testing: Conduct
simulation exercises and tabletop
drills to test your contingency plans.

Risk Management in
Value Network
10. Technology Integration: Leverage
technology solutions such as supply
chain risk management software that
offer real-time alerts, risk assessment
tools, and scenario simulation
capabilities.
11. Continuous Monitoring: Supply chain
risks are dynamic. Regularly monitor
data, assess changing market
conditions, and update your risk
models to stay ahead of emerging
risks.
12. Sustainability and Ethical
Considerations: Include
environmental, social, and governance
(ESG) factors in your risk assessment.
A sustainable supply chain is often
more resilient in the face of disruptions.
13. Adaptive Strategy: Supply chain risks
can evolve rapidly. Develop an
adaptive risk management strategy
that can be adjusted based on new

What Is a Project Risk
Assessment?
▶ A project risk assessment is a formal
effort to identify and analyze risks that a
project faces. First, teams identify all
possible project risks. Next, they
determine the likelihood and potential
impact of each risk.
During a project risk assessment, teams
analyze both positive and negative risks.
Negative risks are events that can derail
a project or significantly hurt its chances
of success. Negative risks become more
dangerous when teams haven’t
identified them or created a plan to deal
with them.
A project risk assessment also looks at
positive risks. Also called opportunities,
positive risks are events that stand to
benefit the project or organization. Your
project team should assess those risks
so they can seize on opportunities when
they arise.

What Is a Project Risk
Assessment?
▶ Your team will want to perform a
project risk assessment before the
project begins. They should also
continually monitor for risks and update
the assessment throughout the life of
the project.
Some experts use the term project risk
analysis to describe a project risk
assessment. However, a risk analysis
typically refers to the more detailed
analysis of a single risk within your
broader risk assessment. For expert
tips and information, see this
comprehensive guide to performing a
project risk analysis.
Project risk assessments are an
important part of project risk
management. Learn more from
experts.

Assessing Risks in
Projects and
Processes
▶ Assessing risks in projects
and processes is essential for
effective project management
and maintaining operational
efficiency. A systematic
approach helps identify potential
pitfalls and develop strategies to
mitigate or manage these risks.

Assessing Risks in
Projects and
Processes
▶ Here's a comprehensive guide to assessing
risks in projects and processes:
1. Risk Identification: Identify potential
risks specific to the project or process.
This involves brainstorming with your
team, reviewing historical data, and
considering external factors that could
impact the project or process.
2. Risk Categorization: Categorize risks
into different types such as technical,
operational, financial, market, legal, and
environmental. This classification helps
in better understanding the nature of
risks and tailoring mitigation strategies
accordingly.
3. Risk Assessment: Assess the impact
and likelihood of each identified risk.
This can be done using qualitative
scales (low, medium, high) or
quantitative methods such as risk
matrices or numerical probability-impact

Assessing Risks in
Projects and
Processes
4. Risk Prioritization:
Prioritize risks based on their potential
impact and likelihood. Focus on high-
priority risks that could have
significant consequences on the
project or process.
5. Root Cause Analysis:
Dig deeper to understand the
underlying causes of each identified
risk. This helps in developing targeted
strategies to address the root causes
and prevent similar risks in the future.
6. Risk Ownership:
Assign ownership of each risk to
specific team members. This ensures
accountability for monitoring,
mitigating, and managing the risks
throughout the project or process.

Assessing Risks in
Projects and
Processes
7. Mitigation Strategies: Develop
strategies to mitigate or manage
identified risks. These strategies can
include preventive actions,
contingency plans, risk transfer
(such as insurance), and fallback
plans.
8. Monitoring and Triggers: Set up
monitoring mechanisms to track the
status of identified risks. Define
triggers or indicators that signal
when a risk is materializing, so that
appropriate actions can be taken
promptly.
9. Contingency Plans: Create
contingency plans for high-impact
risks that are difficult to mitigate
completely. These plans outline
steps to take if a risk materializes,
This Photo by Unknown Author is licensed under CC BY-NC-ND

Assessing Risks in
Projects and
Processes
10. Communication and Reporting:
Maintain open communication with
stakeholders about identified risks
and mitigation efforts. Regularly
update stakeholders on the status of
risks and any changes to the risk
profile.
11. Documentation: Document all risk
assessment activities, including
identified risks, assessments,
mitigation strategies, and outcomes.
This documentation provides a
reference for future projects and
helps in knowledge transfer.
12. Risk Reviews: Periodically review
and reassess risks throughout the
project or process lifecycle. As
circumstances change, new risks
may emerge, and existing risks may

Assessing Risks in
Projects and
Processes
13. Lessons Learned: After completing
the project or process, conduct a
comprehensive review of the risk
assessment and mitigation efforts.
Identify lessons learned and areas
for improvement to enhance future
risk management strategies.
14. Continuous Improvement:
Incorporate feedback and insights
gained from risk assessments into
your organization's risk management
framework. Continuously refine your
approach based on past
experiences and emerging best
practices.
15. Technology Utilization: Leverage
risk management software, data
analytics, and modeling tools to
enhance the accuracy of risk

Project Risk
Assessment Tools
▶ Project leaders can use various tools and
methodologies to help measure risks. One option
is a failure mode and effects analysis. Other
options include a finite element analysis or a
factor analysis and information risk.
These are some common risk assessment tools:
• Failure Mode and Effects Analysis (FMEA):
This analytical method helps project leaders
evaluate a process and identify where the
process might fail. The method helps teams
identify the failures that could cause the
largest impact. By performing this analysis,
teams can determine parts of the process that
need adjustment.
When using the FMEA framework for risk
assessment, identify each of the following
components:
• Process Steps: Identify all steps in a
process.
• Potential Problems: Identify what could go
wrong with each step.
• Problem Sources: Identify the causes of the
problem.
• Potential Consequences: Identify the
consequences of the problem or failure.

Project Risk
Assessment Tools
▶ Project leaders can use various tools and
methodologies to help measure risks. One
option is a failure mode and effects analysis.
Other options include a finite element analysis
or a factor analysis and information risk.
These are some common risk assessment
tools:
• Finite Element Analysis (FEA): This is a
computerized method for simulating and
analyzing the forces on a structure and the
ways that a structure could break. The
method can account for many, sometimes
thousands, of elements. Computer
analysis then determines how each of
those elements works and how often the
elements won’t work. The analysis for
each element is then added together to
determine all possible failures and the rate
of failure for the entire product.
• Factor Analysis of Information Risk
(FAIR): This framework helps teams
analyze risks to information data or
cybersecurity risk.

Assessing Risks in
Projects and
Processes
▶ By following these steps and
tailoring them to the specific
context of your projects and
processes, you can effectively
assess, manage, and mitigate
risks, thereby increasing the
likelihood of successful project
outcomes and maintaining
operational excellence.

Risk Management
System – A
Conceptual Model
▶ A risk management system is
a structured framework and
process that organizations use
to identify, assess, mitigate, and
monitor risks throughout their
operations. It's a comprehensive
approach to managing
uncertainties that could affect
the achievement of
organizational objectives. We
will examine conceptual model
of a risk management systems.

Risk Management
System – A
Conceptual Model
▶ Context Establishment:
• Define the organizational
context, including objectives,
stakeholders, industry
regulations, and strategic
priorities.
• Establish the scope of the
risk management system,
considering the different
areas and processes it will
cover.

Risk Management
System – A
Conceptual Model
▶ Risk Identification:
• Identify and document
potential risks that could
impact the organization's
objectives.
• Encourage input from various
stakeholders, departments,
and experts to ensure
comprehensive risk
identification.

Risk Management
System – A
Conceptual Model
▶ Risk Assessment:
• Evaluate each identified
risk's potential impact and
likelihood.
• Prioritize risks based on their
significance to the
organization's objectives.
• Consider both qualitative and
quantitative methods to
assess risks.

Risk Management
System – A
Conceptual Model
▶ Risk Analysis:
• Perform in-depth analysis of
high-priority risks to
understand their root causes,
potential consequences, and
possible triggers.
• Use techniques such as
scenario analysis, fault tree
analysis, and Monte Carlo
simulations for a more
comprehensive
understanding.

Risk Management
System – A
Conceptual Model
▶ Risk Mitigation Strategies:
• Develop specific strategies
for managing or mitigating
high-priority risks.
• Determine preventive
actions, contingency plans,
and fallback options.
• Allocate responsibilities and
resources for executing
these strategies.

Risk Management
System – A
Conceptual Model
▶ Risk Monitoring and
Control:
• Implement a monitoring
process to track the status of
identified risks.
• Set up triggers or key risk
indicators (KRIs) that signal
when a risk is escalating.
• Regularly review risk metrics
and make adjustments to
mitigation plans as
necessary.

Risk Management
System – A
Conceptual Model
▶ Communication and
Reporting:
• Establish clear
communication channels to
share risk information across
the organization.
• Provide regular updates to
senior management and
relevant stakeholders about
risk profiles, mitigation
efforts, and changes in risk
landscape.

Risk Management
System – A
Conceptual Model
▶ Integration into Decision-
Making:
• Integrate risk considerations
into the organization's
decision-making processes,
including strategic planning,
project management, and
resource allocation.
• Ensure that risk analysis
informs the choices made by
the organization.

Risk Management
System – A
Conceptual Model
▶ Documentation and
Knowledge Management:
• Maintain comprehensive
records of risk assessments,
mitigation plans, and
outcomes.
• Create a repository of risk-
related knowledge, lessons
learned, and best practices.

Risk Management
System – A
Conceptual Model
▶ Continuous Improvement:
• Regularly review and refine
the risk management system
based on feedback, changing
circumstances, and emerging
industry trends.
• Encourage a culture of
learning from risk events and
using those insights to
improve future risk
management strategies.

Risk Management
System – A
Conceptual Model
▶ Training and Awareness:
• Provide training to
employees at all levels to
increase their awareness of
risk management concepts,
tools, and techniques.
• Foster a culture where risk
awareness and proactive risk
management are ingrained.

Risk Management
System – A
Conceptual Model
▶ Technological Integration:
• Leverage risk management
software and technology to
streamline data collection,
analysis, and reporting.
• Utilize data analytics and
modeling tools for better risk
prediction and scenario
planning.

Risk Management
System – A
Conceptual Model
▶ A well-designed risk
management system operates
as an integral part of an
organization's governance
structure. It aligns risk
management activities with the
organization's strategic
objectives and ensures that
risks are proactively identified
and managed to minimize their
potential impact. The model
described above can be
adapted to fit the specific needs
and complexity of different
organizations and industries.

Simulation to
Investigate Supply
Chain Disruptions
▶ Using simulation to
investigate supply chain
disruptions is a powerful
approach that allows
organizations to model and
analyze the impact of various
disruptions on their supply chain
operations. Simulation provides
a controlled environment to test
different scenarios, understand
vulnerabilities, and devise
strategies for mitigating
disruptions.

Simulation to
Investigate Supply
Chain Disruptions
▶ Here's how to use simulation for investigating
supply chain disruptions:
1. Identify Key Variables: Identify the critical
variables that affect your supply chain, such
as demand fluctuations, lead times,
transportation delays, and supplier reliability.
2. Select a Simulation Tool: Choose a
simulation tool or software that suits your
needs. There are various commercial and
open-source simulation software available.
Examples include AnyLogic, Simio, Arena,
and MATLAB Simulink.
3. Model Creation: Develop a detailed
simulation model that replicates your supply
chain network, including suppliers,
manufacturing facilities, transportation
routes, warehouses, and customers.
4. Scenario Design: Create different disruption
scenarios to test the resilience of your supply
chain. These scenarios could include
supplier bankruptcies, natural disasters,
labor strikes, transportation breakdowns, and
demand shocks.

Simulation to
Investigate Supply
Chain Disruptions
5. Input Data: Input relevant data for
your simulation, such as historical
demand patterns, supplier
performance metrics, transportation
lead times, and inventory levels.
6. Run Simulations: Run the
simulation using different disruption
scenarios. The simulation will
provide insights into how disruptions
impact different aspects of your
supply chain, including production
schedules, inventory levels, order
fulfillment, and customer
satisfaction.
7. Collect Results: Collect data and
metrics from the simulation runs.
This data will help you analyze the
effects of disruptions on key
performance indicators (KPIs) and
make informed decisions.

Simulation to
Investigate Supply
Chain Disruptions
8. Analyze Results: Analyze the
simulation results to understand how
disruptions propagate through your
supply chain. Identify bottlenecks,
vulnerabilities, and areas where the
disruption has the most significant
impact.
9. Develop Mitigation Strategies:
Based on the insights gained from the
simulation, develop strategies to
mitigate the impact of disruptions.
These strategies could include safety
stock policies, dual-sourcing,
alternate transportation routes, and
flexible production plans.
10. Scenario Comparison: Compare the
outcomes of different disruption
scenarios to prioritize which risks
should be addressed first and to
identify the most effective mitigation

Simulation to
Investigate Supply
Chain Disruptions
11. Sensitivity Analysis: Conduct
sensitivity analysis by adjusting input
variables to understand their
influence on the supply chain's
response to disruptions. This helps
in identifying critical factors and fine-
tuning your strategies.
12. Validation and Refinement:
Validate the simulation model
against historical data or real-world
events to ensure its accuracy.
Refine the model based on
validation results and feedback.
13. Communication and Decision-
Making: Communicate the
simulation findings and
recommended mitigation strategies
to stakeholders. Use the insights
gained to make informed decisions

Simulation to
Investigate Supply
Chain Disruptions
▶ Using simulation for
investigating supply chain
disruptions provides a safe and
controlled environment to
experiment with different
scenarios without risking real-
world disruptions. It enables
organizations to proactively
prepare for potential risks,
enhance resilience, and
optimize their supply chain
operations.

Effects of Disruption
and Why Global
Supply Chains May
Never Be the Same
▶ Every day, millions of sailors,
truck drivers, longshoremen,
warehouse workers and delivery
drivers keep mountains of
goods moving into stores and
homes to meet consumers’
increasing expectations of
convenience. But this complex
movement of goods
underpinning the global
economy is far more vulnerable
than many imagined.

Failure Management
Concept
▶ A further concept focusing on risk-
and uncertainty factors can be seen in
Failure Management. Failure
management, also known as failure
analysis or incident management, is
the process of identifying, analyzing,
and responding to failures or incidents
within a system or organization. This
process is crucial for maintaining the
reliability, safety, and efficiency of
systems across various domains such
as technology, engineering,
manufacturing, healthcare, and more.
Effective failure management is
essential for organizations to
minimize downtime, reduce costs,
ensure safety, and maintain customer
satisfaction. It requires a proactive
approach, strong communication,
collaboration across teams, and a

Access and Theft
Prevention in Cross-
Dock Warehouses
▶ Access and Theft Prevention in
Cross-Dock Warehouses: These
measures are twofold: to protect
against theft and unauthorized access
to packages, and to improve process-
security through quickly finding
erroneous shipments and detecting
insufficiently packed goods
Preventing access and theft in cross-
dock warehouses is crucial for
maintaining the security and integrity
of inventory and ensuring smooth
operations. By implementing a
combination of these measures,
cross-dock warehouses can enhance
security, deter theft, and minimize the
risk of unauthorized access, thereby
safeguarding valuable inventory and
maintaining operational efficiency.

Accessibility
▶ Accessibility is the protection of
information from unauthorized,
unanticipated or unintentional
modification. In the context of cross-
dock warehouses, accessibility
refers to the ease with which goods
can be received, processed, and
dispatched within the facility.
Accessibility is crucial for ensuring
efficient operations and timely
delivery of products to customers.
Overall, optimizing accessibility in
cross-dock warehouses involves
careful planning, efficient layout
design, proper utilization of
technology, and adherence to
safety and regulatory requirements.
By prioritizing accessibility,
warehouses can improve
operational efficiency, reduce lead
times, and enhance customer

AEO: Authorized Even
Operator
▶ The term "AEO" stands for
"Authorized Economic Operator." It's a
designation given to businesses
involved in the international supply
chain that have demonstrated a
commitment to complying with customs
regulations and security standards. The
concept of AEO is part of a global effort
to enhance security and facilitate trade
by recognizing trustworthy operators
within the supply chain.
Overall, AEO status is a valuable
designation for businesses involved in
international trade, as it can lead to
smoother customs processes, reduced
delays, and improved supply chain
efficiency. However, obtaining and
maintaining AEO status requires a
commitment to security, compliance,
and continuous improvement in supply
chain practices.

BASC
▶ BASC stands for Business
Alliance for Secure Commerce. It is
an international business coalition
created to promote secure trade
practices and combat the risks of
terrorism, smuggling, and other illicit
activities within the global supply
chain. BASC certification is
recognized by customs authorities
and facilitates trade by providing
assurance of security and
compliance with international
standards.
Overall, BASC plays a significant
role in promoting supply chain
security and facilitating international
trade by establishing common
standards, fostering collaboration,
and providing assurance to
stakeholders regarding the integrity

Cargo Theft
▶ Theft in air transportation refers
to the unlawful taking or removal
of property or goods from aircraft,
airports, or associated facilities. It
poses significant security and
safety risks to passengers, cargo,
airlines, airports, and other
stakeholders in the aviation
industry.
Overall, theft in air transportation
poses challenges to the security
and integrity of the aviation
industry, requiring a
comprehensive approach
involving proactive security
measures, regulatory compliance,
collaboration, and enforcement
efforts to safeguard passengers,
cargo, and assets.

Theoretical Approach
▶ By taking this feature into account,
theoretical approach can be captured
that help explaining, respectively
designing (specific facets of) a concept
for the management of risk and
uncertainty factors. A theoretical
approach to understanding theft in air
transportation could involve applying
various theoretical frameworks from
criminology, sociology, and
organizational studies to analyze the
phenomenon.
By applying these theoretical
perspectives, researchers can gain
insights into the underlying causes,
mechanisms, and contexts of theft in
air transportation, which can inform the
development of preventive strategies,
security measures, and organizational
interventions to mitigate the risk of theft
and promote the safety and security of
air transportation operations.

Concept of Adaptability
▶ The concept of adaptability refers
to the capacity of individuals,
organizations, or systems to adjust,
respond, and thrive in the face of
changing circumstances, challenges,
or environments. Adaptability is
essential for survival and success in
dynamic and unpredictable situations,
allowing entities to effectively cope
with uncertainty, innovation, and
adversity.
Overall, adaptability is a critical
capability for individuals,
organizations, and systems seeking
to thrive in today's rapidly changing
and uncertain world. By fostering
adaptability, entities can better
navigate complexity, embrace
change, and capitalize on
opportunities for growth and
innovation. Contaminated foodstuffs
or goods with production faults can

CSI: Container
Services International
▶ Container Services International
(CSI) is a term that can refer to
various companies or organizations
providing services related to
shipping containers and
containerized cargo. These services
may include container leasing,
sales, repair, transportation,
storage, and logistics management.
Overall, Container Services
International companies play a vital
role in facilitating global trade by
providing essential services and
infrastructure for the efficient and
secure transportation of
containerized cargo. They help
shippers, carriers, and logistics
providers optimize supply chain
operations, reduce costs, and

Digital Security
Measures
▶ Digital security measures refer to
techniques, practices, and technologies
employed to protect digital assets,
information, and systems from
unauthorized access, data breaches,
cyberattacks, and other security threats. In
today's digital age, where businesses and
individuals rely heavily on digital
technologies and data, implementing
robust digital security measures is crucial
to safeguarding sensitive information and
ensuring the integrity, confidentiality, and
availability of digital resources.
By implementing a combination of these
digital security measures and adopting a
holistic approach to cybersecurity,
organizations can enhance their resilience
to cyber threats, protect sensitive data, and
maintain the trust and confidence of their
customers, partners, and stakeholders in
an increasingly digital world. Digital
Security Measures: These are measures,
which serve to protect the information and
information systems used in the running of

Globalization of
Markets
▶ The globalization of markets refers to
the process by which businesses and
economies around the world become
increasingly interconnected and
interdependent through the exchange of
goods, services, capital, technology, and
information across national borders. This
phenomenon is driven by various factors,
including advancements in technology,
transportation, communication, and trade
liberalization policies.
Overall, the globalization of markets has
profound implications for businesses,
economies, and societies worldwide,
shaping patterns of trade, investment,
innovation, and cultural exchange on a
global scale. Embracing globalization can
enable businesses to capitalize on new
opportunities, drive economic growth, and
contribute to a more interconnected and
prosperous world. Due to the globalization
of markets and a surge in globe-spanning
supply chain operations, local catastrophes
have increasingly indirect global

Theft Distribution
Centers
▶ Distribution centers face various
risks of theft due to the large
volumes of inventory they handle
and their strategic importance in the
supply chain.
By implementing a combination of
physical security measures,
cybersecurity protocols, employee
training, supply chain risk
management practices, and
emergency preparedness
strategies, distribution centers can
mitigate the risk of theft and
safeguard their assets, operations,
and reputation. Regular monitoring,
assessment, and adaptation of
security measures are essential to
stay ahead of evolving threats and
vulnerabilities. Facilities like
distribution centers are at high risk

Organizational security
measures
▶ Organizational security measures
encompass a range of strategies,
policies, and practices implemented by
businesses to protect their assets,
information, operations, and personnel
from security threats. These measures
are designed to safeguard against
various risks, including theft, fraud,
cyberattacks, vandalism, terrorism, and
other security breaches.
By implementing a comprehensive set of
organizational security measures,
businesses can enhance their resilience
to security threats, protect their assets
and operations, and maintain the trust
and confidence of customers, partners,
and stakeholders. Regular risk
assessments, security audits, and
continuous improvement efforts are
essential to stay ahead of evolving
security risks and challenges.
Organizational security measures

Physical Security
Measures
▶ Physical security measures are
strategies and mechanisms put in place to
protect physical assets, facilities, and
personnel from unauthorized access, theft,
vandalism, or harm. These measures are
essential for maintaining the safety and
security of physical spaces and ensuring
the integrity of operations.
By implementing a combination of these
physical security measures and integrating
them into a comprehensive security
strategy, organizations can enhance the
protection of their assets, facilities, and
personnel, and mitigate the risk of security
breaches or incidents. Regular monitoring,
evaluation, and adaptation of physical
security measures are essential to address
emerging threats and maintain a safe and
secure environment. Physical Security
Measures: These measures cover the
physical protection of the fixed
infrastructure (e.g. buildings, warehouses)
and the mobile infrastructure (transport
vessels, e.g. containers) and should

Policy changes
▶ Policy changes in the supply chain refer
to modifications, adjustments, or updates
made to the rules, regulations, guidelines,
or procedures governing various aspects of
the supply chain operations. These policy
changes can be initiated by governments,
regulatory bodies, industry associations, or
individual organizations in response to
evolving market dynamics, technological
advancements, regulatory requirements, or
strategic priorities.
Policy changes in the supply chain can
have significant implications for
businesses, requiring them to adapt their
strategies, operations, and relationships
with supply chain partners to remain
compliant, competitive, and resilient in a
dynamic regulatory environment. Proactive
monitoring of policy developments,
stakeholder engagement, and strategic
planning are essential to navigate policy
changes effectively and seize opportunities
for innovation and growth in the supply
chain. Policy changes that might occur
over night in democratic political

Unsystematic Supply
Chain Risk
▶ Unsystematic supply chain risk,
also known as idiosyncratic risk,
refers to risks that are specific to
individual components, nodes, or
entities within a supply chain rather
than being systematic or systemic
across the entire supply chain. These
risks are often unique to suppliers,
customers, facilities, or geographic
regions and may arise from internal
factors, external events, or
operational inefficiencies.
By proactively identifying, assessing,
and managing unsystematic supply
chain risks, organizations can
enhance their resilience, mitigate
potential disruptions, and maintain
supply chain performance and
competitiveness. Risks external to the
supply chain that cannot be
influenced correspond to

Secure parking areas
▶ Secure parking areas, also
known as secure truck parking
facilities or truck stops, are
designated locations where
commercial vehicles, such as
trucks, trailers, and buses, can
park safely and securely for rest
breaks, overnight stays, or
temporary stops during long-
haul journeys. These facilities
are essential for ensuring the
safety and security of drivers,
protecting cargo, and preventing
theft, vandalism, or
unauthorized access to vehicles
and their contents. Secure
parking areas have a higher
number of security features in
place than non-secured parking
areas.

Security Cargo
Packaging
▶ Security cargo packaging refers to the
use of specialized materials, containers,
and techniques to protect cargo from
theft, tampering, damage, or
contamination during transportation and
storage. Security packaging is
particularly important for high-value or
sensitive goods, such as electronics,
pharmaceuticals, jewelry, and
confidential documents, as well as for
international shipments subject to
customs inspections and security
screenings.
By implementing effective security cargo
packaging solutions, businesses can
mitigate the risk of theft, tampering, and
damage to their valuable cargo, ensure
compliance with regulatory
requirements, and maintain the integrity
and security of supply chain operations.
Security can be increased by
appropriate cargo packaging or well

Crisis Management
▶ Crisis management is the process
of preparing for, responding to,
recovering from, and learning from
unexpected events or situations that
threaten to disrupt or harm an
organization's operations, reputation,
stakeholders, or assets. Crises can
take various forms, including natural
disasters, cybersecurity breaches,
product recalls, financial
emergencies, public relations crises,
or geopolitical events. Effective crisis
management involves proactive
planning, coordination,
communication, and decision-making
to minimize the impact of crises and
facilitate a swift and effective
response.
Some of the factors of Crisis
Management (CM) are: Ensuring
solvency, realizing minimum, and

Supply chain risk
management (SCRM)
▶ Supply chain risk management
(SCRM) is the process of
identifying, assessing, mitigating,
and monitoring risks throughout the
supply chain to ensure continuity,
resilience, and efficiency in
operations. SCRM involves
proactively managing risks
associated with suppliers, logistics,
operations, demand fluctuations,
regulatory compliance, geopolitical
events, natural disasters, and other
factors that could disrupt or impact
the supply chain.
Supply Chain Risk Management
(SCRM) is the most frequently
represented concept in the SCM-
literature. SCRM results from the
intersection of the Supply Chain

The Transported Asset
Protection Association
(TAPA)
▶ The Transported Asset Protection
Association (TAPA) is an industry
association focused on enhancing
security standards and practices within
the global supply chain and logistics
industry. Founded in 1997, TAPA is a
non-profit organization that collaborates
with businesses, law enforcement
agencies, government bodies, and other
stakeholders to address security
challenges and mitigate risks associated
with the transportation and storage of
goods.
Overall, the Transported Asset Protection
Association plays a vital role in promoting
supply chain security, protecting assets,
and safeguarding the integrity and
resilience of global supply chains.
Through its initiatives, standards, and
collaborative efforts, TAPA contributes to
reducing supply chain risks, enhancing

Sovereign duties
▶ Sovereign duties refer to the
responsibilities and obligations
that a sovereign state has
towards its citizens, territory, and
international community. These
duties are typically derived from
the state's sovereignty, which
grants it exclusive authority and
control over its territory,
government, and population.
Sovereign duties encompass a
wide range of functions and
activities that governments are
expected to perform to fulfill their
role as sovereign entities. In
modern democracies, sovereign
power rests with the people and is
exercised through representative
bodies such as Congress or
Parliament.

Sovereign duties
▶ Overall, sovereign duties
represent the core functions and
responsibilities of government in
ensuring the security, welfare,
and prosperity of the state and
its citizens. While the specific
duties and priorities of
governments may vary
depending on factors such as
political ideology, culture, and
historical context, the fulfillment
of sovereign duties is essential
for maintaining the legitimacy
and effectiveness of governance
in the modern world. The
business sector does not
support public security by
assuming originally sovereign
duties

Costs Of Theft
▶ The costs of theft can vary
widely depending on factors
such as the type of theft, the
value of stolen goods or
assets, the impact on
operations, and the
measures required for
recovery and prevention. The
costs of theft do not merely
consist of the value of the
stolen products. The costs
include much more like
investigation costs,
administrative costs, product
replacement, high insurance
premium, contractual penalty
payments, lost sales, lost
reputation, and lost

Terms and Conditions
▶ "Terms and conditions" refer to
the contractual provisions, rules,
policies, and guidelines that govern
the relationship between parties
entering into a transaction or
agreement. These terms and
conditions outline the rights,
responsibilities, obligations, and
limitations of each party and help
ensure clarity, transparency, and
mutual understanding of the terms
of the agreement. Terms and
conditions are commonly found in
various types of contracts,
agreements, terms of service, and
purchase agreements, both in
business-to-business (B2B) and
business-to-consumer (B2C)
transactions. The extent to which
an insurance company covers the
risk of theft depends on the terms

Problem Management
▶ Problem management is a
systematic approach to identifying,
analyzing, and resolving underlying
issues or recurring problems within
an organization's IT infrastructure,
systems, processes, or services.
The goal of problem management
is to minimize the impact of
incidents, prevent their recurrence,
and improve overall service quality
and reliability. Problem
management is an essential
component of IT service
management (ITSM) and is closely
aligned with incident management,
change management, and other
ITIL (IT Infrastructure Library)
processes. The focus of Problem
Management (PM) is on the type
of disruption called problems which
can be considered to be the

Infrastructure Risk
▶ Infrastructure risk refers to the
potential threats and vulnerabilities
that can impact the physical,
technological, and operational
components of critical
infrastructure systems, facilities,
and networks. These risks can
arise from a variety of sources,
including natural disasters,
technological failures,
cyberattacks, physical security
breaches, and human error.
Infrastructure risk management
involves identifying, assessing, and
mitigating these risks to ensure the
resilience, reliability, and continuity
of essential infrastructure services.
The infrastructure risk source
includes potential disruptions that
evolve from the infrastructure that
a firm maintains for its supply chain

Information Leakage
▶ Information leakage, also
known as data leakage or data
exfiltration, refers to the
unauthorized disclosure or
exposure of sensitive or
confidential information to
unauthorized individuals,
entities, or systems.
Information leakage can occur
through various channels and
methods, including human
error, technical vulnerabilities,
malicious attacks, or insider
threats. It poses significant
risks to organizations,
including financial losses,
reputational damage,
regulatory non-compliance,
and loss of intellectual
property. The issue of

The Logistics Sector
▶ The logistics sector
encompasses the planning,
implementation, and
management of the flow of
goods, services, and
information from point of origin
to point of consumption. It plays
a critical role in the global
economy by facilitating trade,
commerce, and supply chain
operations across various
industries and sectors. The
logistics sector encompasses a
wide range of activities,
services, and functions,
including transportation,
warehousing, inventory
management, distribution,
packaging, and logistics
technology. The logistics sector
is globally active and flexible

Traceability Concept
▶ Traceability is a concept that refers
to the ability to track and trace the
movement of products, components,
or ingredients throughout the supply
chain, from their origin to their final
destination. It involves capturing and
recording relevant information about
the production, processing,
distribution, and handling of goods at
each stage of the supply chain, and
making this information accessible for
verification, transparency, and
accountability purposes. Traceability
enables organizations to identify and
trace the flow of products or
materials, monitor quality and safety
standards, comply with regulatory
requirements, and respond effectively
to issues such as recalls,
contamination, or counterfeit
products. The objective of the
traceability concept is to facilitate the
identification and selection of
damaged goods within the supply
chain, and so to enable their

Vehicle-to-vehicle
(V2V) and vehicle-to-
infrastructure (V2I)
communications
▶ Vehicle-to-vehicle (V2V) and
vehicle-to-infrastructure (V2I)
communications are two key
components of connected vehicle
technology that enable vehicles to
communicate with each other and
with infrastructure elements such
as traffic signals, road signs, and
roadside units. These
communication systems use
wireless technologies to exchange
information in real-time, enhancing
safety, efficiency, and mobility in
transportation systems. Vehicle-to-
vehicle (V2V) and vehicle-to-
infrastructure (V2I) communications
are other scenarios of a wide
deployment of wireless
communication technologies that

WCO: World Carriers
Organization
▶ The term "WCO" typically refers to the
World Customs Organization, not the
World Carriers Organization. The World
Customs Organization is an
intergovernmental organization
headquartered in Brussels, Belgium, with a
mission to enhance customs cooperation
and facilitate international trade by
developing and promoting customs
standards, practices, and policies.
The World Customs Organization (WCO)
serves as a forum for customs
administrations from around the world to
exchange information, share best
practices, and collaborate on initiatives
aimed at streamlining customs procedures,
combating illicit trade, and promoting trade
facilitation and security. The organization
develops international customs standards
and guidelines, such as the Harmonized
System (HS) for the classification of
goods, the Revised Kyoto Convention for
the simplification and harmonization of
customs procedures, and the SAFE
Framework of Standards to secure and

Agency theory
▶ Agency theory is a principle
in economics and management
that explores the relationship
between principals (such as
shareholders or owners) and
agents (such as managers or
employees) who act on behalf
of the principals. The theory
addresses the potential conflicts
of interest that may arise
between principals and agents
when the interests of the two
parties diverge.
Agency Theory deals with
relationships between principals
and agents (i.e., actors who have
individual motivations) which also
exist in supply chains, and which
may cause (supply chain) risks.

Preventive Measures
▶ Preventive measures are
actions, strategies, or
interventions implemented to
reduce the likelihood or impact
of potential risks, threats, or
undesirable events. These
measures are designed to
identify, address, and mitigate
risks proactively before they
escalate into problems or
crises. Preventive measures are
essential in various contexts,
including business, healthcare,
cybersecurity, public safety, and
disaster management.
Preventive measures aim at
eliminating the source of risk and
are therefore addressed to the
probability of occurrence of a risk
factor.

Incident Management
(IM)
▶ Incident Management (IM) is a
systematic approach to identifying,
responding to, and resolving incidents
that disrupt or threaten to disrupt
normal operations within an
organization. Incidents can
encompass a wide range of events,
including technical malfunctions,
security breaches, natural disasters,
accidents, or any other unexpected
occurrences that impact business
processes, services, or assets. The
primary goal of incident management
is to minimize the impact of incidents
on the organization's operations,
customers, and stakeholders and
restore normal service levels as
quickly as possible. Incident
Management (IM) aims at rapidly
restoring normal operations, at
minimizing negative effects resulting
from incidents and at achieving the
agreed service levels.

Business Continuity
Management (BCM)
▶ Business Continuity
Management (BCM) is a holistic
approach to identifying potential
threats and risks to an
organization's operations and
developing strategies and plans to
ensure the continuity of essential
business functions and services in
the event of disruptions or
emergencies. BCM aims to
enhance organizational resilience,
minimize the impact of disruptions,
and facilitate timely recovery to
normal operations.
Business Continuity Management
(BCM) deals with the management
of risk and uncertainty factors and
which is less discussed from a
scientist’s perspective and more
from a practitioner’s perspective at

Uncertainty
Management (UM)
▶ Uncertainty Management (UM)
is a strategic approach used by
organizations to identify,
understand, and effectively
respond to uncertainty and
ambiguity in their operating
environments. It involves
developing proactive strategies,
processes, and capabilities to
navigate uncertainty, mitigate
risks, and seize opportunities
amidst changing conditions. UM
is particularly relevant in dynamic
and unpredictable business
environments where uncertainty
is inherent and impacts decision-
making, planning, and execution.
Uncertainty Management (UM)
focuses on the type of disruption
called uncertainty.

Reactive Measure
▶ Reactive measures are
actions or responses taken after
an event has occurred, often in
response to a problem, incident,
or crisis. Unlike preventive
measures, which aim to
anticipate and mitigate risks
before they occur, reactive
measures are implemented in
reaction to an event that has
already taken place. While
reactive measures may help
address immediate issues and
minimize the impact of an event,
they are typically less effective in
preventing or avoiding problems
altogether. Reactive measures
aim at minimizing the detrimental
impact resulting from a risk that
has occurred and are therefore
addressed to the significance of

Organizational
Measures
▶ Organizational measures refer
to strategies, policies, practices,
and structures implemented
within an organization to achieve
specific goals, enhance
performance, and ensure
effectiveness. These measures
encompass various aspects of
organizational management,
including leadership, governance,
culture, structure, processes, and
systems. Organizational
measures are designed to
optimize resources, improve
efficiency, mitigate risks, and
drive continuous improvement.
Organization measures primarily
concern the approach to the
subject of security, through
deployment of personnel and
material resources, and

A further concept focusing on risk- and
uncertainty factors can be seen in
Failure Management.

Access and Theft Prevention in Cross-Dock
Warehouses: These measures are twofold:
to protect against theft and unauthorized
access to packages, and to improve
process-security through quickly finding
erroneous shipments and detecting
insufficiently packed goods
True

Accessibility is the protection of
information from unauthorized,
unanticipated or unintentional
modification
False

AEO: Authorized Even Operator
False

BASC: Business Alliance for Secure
Carrier
False

Because of rising theft incidents over the
past years resulting in annual economic
losses of billions of Euros, cargo theft is
becoming increasingly important for Air
transportation
False

By taking this feature into account,
_____________ can be captured that help
explaining, respectively designing (specific
facets of) a concept for the management
of risk and uncertainty factors.
Theoretical approach

Contaminated foodstuffs or goods with
production faults can be intercepted on
their way to the end-user and recalled
with the help of adaptability concept
False

CSI: Container Security Investigation
False

Digital Security Measures: These are
measures, which serve to protect the
information and information systems used
in the running of the company and in
controlling supply chains.
True

Due to the globalization of markets and a
surge in globe-spanning supply chain
operations, local catastrophes have
increasingly indirect global repercussions
True

Facilities like distribution centers are at
high risk of theft
True

Organizational security measures don’t
reduce the risk of theft on an overall
level
False

Physical Security Measures: These
measures cover the physical protection of
the fixed infrastructure (e.g. buildings,
warehouses) and the mobile infrastructure
(transport vessels, e.g. containers) and
should counteract specific and planned
attacks.
True

Policy changes that might occur over night
in democratic political environments do
represent a risk for some actors within the
environment.
True

Risks external to the supply chain that
cannot be influenced correspond to
________ supply chain risk.
Unsystematic

Secure parking areas have a higher
number of security features in place
than non-secured parking areas
True

Security can be increased by
appropriate cargo packaging or well
considered arrangement of cargo loads
True

Some of the factors of Crisis Management
(CM) are:
Ensuring solvency, realizing minimum, and
maintenance of potential for success

Supply Chain Risk Management (SCRM) is
the most frequently represented concept
in the SCM-literature. SCRM results from
the intersection of the _________
Supply Chain Management (SCM) and Risk
Management (RM)

TAPA: Technology Asset Prevention
Association
False

The business sector also supports
public security by assuming originally
sovereign duties
False

The costs of theft do not merely consist of
the value of the stolen products. The costs
include much more like investigation costs,
administrative costs, product replacement,
high insurance premium, contractual
penalty payments, lost sales, lost
reputation, and lost customers.
True

The extent to which an insurance
company covers the risk of theft
depends on the terms and conditions
True

The focus of _____________ is on the
type of disruption called problems which
can be considered to be the unknown
cause of one or several incidents.
Problem Management (PM)

The infrastructure risk source includes
potential disruptions that evolve from the
infrastructure that a firm maintains for its
supply chain operations
True

The issue of information leakage is a
critical factor concerning cargo theft
True

The logistics sector is globally active
and flexible enough to adapt quickly to
new conditions at any time
True

The objective of the traceability concept is
to facilitate the identification and selection
of damaged goods within the supply chain,
and so to enable their extraction from it:
True

The risk of theft can also be transferred to
other parties. Risk of theft is commonly
transferred to insurance companies.
True

Vehicle-to-vehicle (V2V) and vehicle-to-
infrastructure (V2I) communications are
other scenarios of a wide deployment of
wireless communication technologies that
are changing our lifestyle.
True

WCO: World Carriers Organization
False

__________ deals with relationships
between principals and agents (i.e., actors
who have individual motivations) which
also exist in supply chains, and which may
cause (supply chain) risks.
Agency theory

__________ measures aim at eliminating
the source of risk and are therefore
addressed to the probability of occurrence
of a risk factor.
Preventive

___________ aims at rapidly restoring
normal operations, at minimizing negative
effects resulting from incidents and at
achieving the agreed service levels.
Incident Management (IM)

___________ deals with the management
of risk and uncertainty factors and which is
less discussed from a scientist’s
perspective and more from a practitioner’s
perspective at that moment.
Business Continuity Management (BCM)

____________ focuses on the type of
disruption called uncertainty.
Uncertainty Management (UM)

____________ measures aim at
minimizing the detrimental impact
resulting from a risk that has occurred and
are therefore addressed to the significance
of a risk factor.
Reactive

_________________________ have
developed into global networks that
span the globe.
Supply chains

__________________________________
measures primarily concern the approach
to the subject of security, through
deployment of personnel and material
resources, and determining appropriate
goals
Organizational

Security, Compliance & Loss Prevention Part 9.pptx

Recommended

Recommended

More Related Content

Similar to Security, Compliance & Loss Prevention Part 9.pptx

Similar to Security, Compliance & Loss Prevention Part 9.pptx (20)

More from Sheldon Byron

More from Sheldon Byron (20)

Recently uploaded

Recently uploaded (20)

Security, Compliance & Loss Prevention Part 9.pptx