Supply Chain Risk and Resiliency

Stephen DeAngelis

September 19, 2012

“In a way, it’s laughable,” writes Robert J. Bowman, managing editor of SupplyChainBrain, “that we would even attempt to identify the ‘most likely’ disasters that could affect global supply chains. The ones that actually happen always seem to come as a surprise.” [“Risk Management: It’s All About The Supply Chain,” 5 March 2012] Isn’t that the truth?! Bowman isn’t recommending that companies throw up their hands in submission and simply brace themselves for the next disaster without putting any effort into mitigating the potential effects of such a crisis. That would be as foolish as believing that you have a good chance of predicting what the next disaster is going to be. Bowman continues:

“Sadly lacking in psychic powers, we’re forced to rely on the past as a template for divining the future. That’s why we’re constantly being bitten by black swans, those highly unlikely events which nonetheless seem to happen all the time. The obvious way out of this dilemma is to focus on crafting a resilient supply chain that can recover from any number of disruptions. That’s one of the conclusions of a new report produced jointly by the business consultancy Accenture and the World Economic Forum, whose annual conclave in the Swiss Alps town of Davos brings together world leaders, policy makers and pointy-headed intellectuals to talk about pressing global issues.”

Resiliency is a broad topic. It is best achieved by being proactive in one’s approach to risk management. Bowman insists that we are forced to rely on the past as a template for the future; but, other analysts believe that there are better ways to address risk than relying on the past as prologue. In an article written by Jin Leong, chief procurement officer for the International Monetary Fund, and published in Inside Supply Management, Leong insists:

“Traditional risk management approaches take a static, often outdated, snapshot of risk. Steps like prequalification, risk classification and periodic maintenance reviews rely predominantly on backward-looking indicators and do not necessarily capture future risks. It is well-known that history is not always a good predictor of the future. What businesses today need is a risk management program that anticipates risk and potential supply disruptions in advance, so that mitigating actions can be taken before the disruption occurs.” [“Too Many Risk-Management Systems Are Backward-Looking. They Need to Be Proactive.” SupplyChainBrain, 17 February 2012]

At first it may seem like Bowman’s and Leong’s comments are at odds. I don’t think they are. Bowman doesn’t argue that organizations should avoid efforts that anticipate risks and potential supply chain disruptions, he simply writes that they shouldn’t fool themselves into thinking they really know what’s going to hit them next. In fact, Bowman is gratified that more and more people are thinking about supply chain risk management. He points to the fact that U.S. Homeland Security Secretary Janet Napolitano mentioned the topic at Davos. “We must continue to strengthen global supply chains to ensure that they operate effectively in time of crisis, recover quickly from disruptions, and facilitate international trade and travel,” she commented. “As part of this effort, we look forward to working closely with our international partners in the public and private sector to build a more secure and resilient supply chain.” Bowman wrote, “That’s a big step forward from devising color-coded threat alerts and confiscating forks from airline pilots.” He went on to note that companies cannot control everything that can reach out and bite them. They should, however, do everything in their power to influence the things they can influence. He continued:

“Of primary importance is knowing who is responsible for key supply-chain decisions in moments of crisis. In addition, manufacturers must be able to reach up through several tiers of suppliers, to identify all of the weak points where alternative sourcing would be wise in have in place, well ahead of needing it. Companies that outsourced their manufacturing to China over the past decade have already learned that setup costs aren’t the only factor to keep in mind. The advantages of lower factory wages can be quickly erased by the need to build inventory buffers into the pipeline, and rely on expedited transportation when the main line of supply runs short. The same goes for determining how many suppliers to keep in reserve for a critical raw material, component or finished good.”

As I have noted in past posts on the subject of risk management, there is a cost associated with making supply chains more resilient. That is why conducting a cost/benefit analysis is generally a good idea. In discussions with Jonathan Wright, senior executive in the global operations consulting practice of Accenture, Bowman learned that small changes can have big payoffs when it comes to creating resilient supply chains. He explained:

“While working with MIT, Wright learned how to achieve 80 percent of supply-chain flexibility goals with only a 20-percent bump in manufacturing costs. In other words, a relatively modest investment – say, the shifting of a small amount of production to another supplier – can provide a company with just enough protection to meet most contingencies. In addition, says Wright, businesses need integrated IT architecture, including strong analytics tools that sit atop a well-stocked data warehouse. The combination of technology and human experts analyzing accurate, real-time data can help companies to detect ‘those early-warning signals that are associated with the vulnerabilities’.”

Bowman reported that “precious few” companies have achieved the kind of resiliency they really require. Wright told him, “They have the potential, and some of the foundation. There’s a lot more that can be done to move away from traditional planning to a more holistic, risk-based analytics capability.” In the era of big data, it makes no sense for a company to fail to take advantage of analytical techniques that could help it respond more quickly to an emerging crisis. Bowman concluded:

“Unfortunately, many supply-chain managers remain focused on the needs of the moment – then have to scramble when the unexpected occurs. That kind of short-term thinking is encouraged by the investor community, which seems to care only about the next quarter’s results. … If we’ve learned anything from the disasters of the last few years – and I’m not at all sure we have – it’s that the price of being unprepared is unacceptably high. As Wright says: ‘It’s about having one foot in the present, and one in the future.'”

Earlier this year, the staff at Supply Chain Digest wrote, “Concern about supply chain risk management has grown even more in the past 12 months.” [“Is it Time to Make Supplier Risk Management Programs more Real-Time? 15 February 2012] Like Bowman’s blog and the Inside Supply Management article, the SCD staff rhetorically asked, “Do companies need to move from the traditional, somewhat backward looking approach to supplier risk profiles to one that is more real time?” To answer that question, they refer to the article written by Jin Leong mentioned earlier. The staff agrees with Leong’s assessment, but asks, “How do you get there?” The article continues:

“Leong says that last year, he and a colleague at the IMF (Caro Cook) developed an approach to risk management that would do just that. They say what makes the approach different is that it enables companies to augment traditional risk indicators like Dun & Bradstreet ratings and historical financials with real-time supplier observations. They say that while often single observations for a given supplier do not indicate risk or financial distress, when those factoids are viewed holistically over a period of time and in combination with other indicators, they allow supply management professionals to get a better sense of a supplier’s internal situation.”

In the era of big data, there is really no need to rely on single observations. That is what Leong is arguing. The article continued:

“The heart of the program was the construction of a ‘supplier observation database.’ This database is primarily populated with information from the organization’s supply managers, who are encouraged to enter into the database any real-time observations about suppliers with whom they work. Sources for these observations can include news releases, industry reports, changes in performance or service levels, financial releases, news about competitors, public announcements, leadership changes, and changes in risk ratings, to cite the most common.”

By allowing learning machines to gather and analyze that data, companies can both save money and become better informed. The article asserted that “a collection of such observations can provide advanced insight that a given supplier may be having issues that could lead to problems or a true disruption to a company’s supply chain.” Leong and Cook aren’t alone in recommending analyzing open sources of information to gain valuable intelligence. To learn more, read my post entitled Auditing Working Conditions in the Supply Chain. The article continued:

“So how is all that observation data utilized? Leong says that on top of the database, the IMF has applied a series of heuristic tools (logical rules) that find patterns among the data and look for specific types of incidents that experience has taught the organization might lead to problems at a supplier. Leong cites a illustrative example as follows: ‘If over a six-month period, a supplier (1) is acquired by another company with a different strategic focus, (2) has ceased to assign its senior personnel to manage the ongoing account relationship and (3) service quality is adequate and just meeting requirements, one could conclude that the supplier may be gearing up for a different strategic direction and may be less focused on its existing contracts.’ In such a situation, while the IMF likely would continue doing business with the supplier for now, it would prepare mitigation strategies on the potential real issues that could develop in quality, delivery, etc. The tools are constantly looking at the data, and issuing alerts when a given supplier has a series of observations that match a pattern that might raise concern. In this way, the view of supply risk is more like real time.”

Allowing the system to gather the data, analyze it, and send alerts, managers can concentrate on other pressing business. Leong says that companies may still want to put suppliers through a qualification process, but, he insists, an automated system is the best way to ensure that suppliers continue to maintain qualification status. The article concludes:

“Leong concludes by noting that this new IMF approach and tool it has been able to increase its knowledge of potential emerging supply base issues ‘through frequent observations across a broad, diverse set of inputs,’ adding that ‘This increased level of awareness, coupled with a corresponding increase in preparedness to respond to challenges through rigorous business continuity planning, will significantly minimize the effects on operations of a major supplier disruption.’ The challenge, of course, is finding someone to build the database and the heurist tools. IBM itself built a similar if not even more ambitious tool for itself over the past few years, for example, a program we suspect may someday show up as a commercial package.”

As more and more companies get involved with big data, I’m sure that finding the right company to build the database and the heuristic tools won’t be a problem.