LTD Management
Logistics & Supply Chain Management Consulting Global Solutions That Work


Every company has risk, both real and perceptual, in its operations. Each has a portfolio comprised of potential events, likelihoods and impacts or consequences. The risk collection includes both identified and unidentified possibilities.

Supply chain risk has gained significant traction as an issue. In reality, risk has always been an inherent part of supply chain management. The topic began to take on increased significance as companies evolved from vertical integration into having outside suppliers and customers. Greater market choices coupled with shorter product life cycles brought additional risk. Globalization of sourcing, manufacturing and customers compounded the threat. Sarbanes-Oxley has also contributed to recognition of supply chain risk and consequence. These, coupled with terrorism, economic and political uncertainties, transport strikes and other real-world events have raised supply chain risk to a C-level concern.

The risk issue is not about transport liability and the Rotterdam rules or other type concerns. Risk focuses primarily on potential disruption in the business and its operation. It is not unique to supply chain management. Production, information technology and other areas have disruption possibilities. Redundancy is sometimes used as a risk hedge. But that approach is more difficult with complex and geographically-dispersed supply chains.

Some actions can contribute to and increase risk. Key ones include:

  1. Contradictory expectations by company management. Management can be a source of risk creation. They may not fully understand how supply chains operate. As a result, they may place requirements on the supply chain group that can run counter to minimizing risk. Two examples of this are-
    • Cost compression. There is often an ongoing source of pressure on supply chain management to reduce costs. This strain can position the company to do business with sole sourcing or with lower cost, higher risk suppliers or logistics service providers or deal in areas and countries with more instability.
    • Inventory reduction. Reducing inventory and the capital it represents is not per se a cause of supply chain risk. Inventory is a buffer against uncertainty-an uncertainty that includes the consequences of a risk incident. With fewer inventories on hand, the impact of an episode can be magnified.
  2. Outside parties. To some degree, using a party outside the company's own organization and direct control can be a problem. This is especially so for supply chain management, both international and domestic. Supply chains use many outside parties. Many times risk identification and assessment begin and end with suppliers. While suppliers are extremely important risk assessment target, such a narrow perspective can indicate a limited awareness of supply chain management.

    International shipments can involve seventeen parties-suppliers, ports, transport providers with different modes and at many places that move products across the globe and across the country, warehouses, customs brokers, banks, contract packagers, and cross dock operators just to name some. Collectively all these players can increase the likelihood of supply chain disruption. Any of these can be the weak link in the supply chain to create disruption. The use of these parties often involves a bid activity since pricing is a key determinant throughout the logistics activity for all participants. Each of these outside firms has their own agendas and business models; some may have nominal attention for risk disruptors.

    This is also true with outsourcing which involves some aspect of a bid. A trade-off may be implicitly made between price and risk-and then attempted to be recaptured in a contract. However contract language does not truly mitigate supply chain risk. Instead it can provide a somewhat false sense of security and insulation.
  3. Process challenge. Supply chain management is a process that crosses vertically through the organization and beyond the organization to suppliers, customers and logistics service providers and others potentially located anywhere in the world. The immensity, scope, complexity and distances create a very difficult process to design and even more so to manage. Add in the needs with technology and people and the immensity of the challenge increases. Technology and people are important to supply chain management process success and, at the same time, can create their own vulnerabilities and disruption capabilities.

    The challenge is especially true for companies with a weak process. Such firms can be identified with their continuous string of crises, chaos and firefighting. These companies are more vulnerable to disruption because they see disruption and solving the disruption as a badge of honor. They can be significant risks to themselves and to others they are suppliers and customers for.

Supply Chain Risk assessment structure. A formal risk assessment should be performed. The framework should -

  1. Map the supply chain, both internal and external, as to activities, participants (suppliers, customers, financial institutions, manufacturing, logistics service providers and others), volumes (in units and dollars), and locations
  2. Define what is a critical action and critical player
  3. Identify all essential activities and all essential participants
  4. Rank essential actions and player and relationships
  5. Overlay the map with controls and decision making points, both people and technology driven
  6. Determine gaps, redundancies and other vulnerabilities among and between controls, key activities and critical participants
  7. Evaluate the likelihood of disruption at each gap, redundancy or vulnerability
  8. Apply a cost of occurrence, both financial and nonfinancial, to each gap, redundancy and vulnerability
  9. Weight and prioritize risks
  10. Focus on critical risks
  11. Prepare action plans, in collaboration with key outside and internal participants. Prudent risk sharing is a viable part of the collaboration.
  12. Determine costs of each plan
  13. Implement steps to reduce risks

Not all potential disruptors and disruptions can be identified, prevented or mitigated. The possibilities are endless. A goal of zero risks is unattainable. Also risk reduction is more than a dictum to stop doing what causes supply chain risk. Nor can insurance alone reduce the likelihood of occurrence. Like many things, doing nothing may be the easier course of action. It may also be the worse.