SCRM

Supply Chain Risk Management

Posted By: Eldon Mackley December 18, 2020


Supply Chain Risk Management is a well established methodology for monitoring and managing supply chain risk. If these systems are all "blinking red" it's time for action!


Facebook LinkedIn Twitter

Supply Chain Risk Management (SCRM) is the process of assessing ordinary and exceptional risks to a supply chain and formulating strategies and tactics for responding to the actualization of those risks, i.e., supply disruptions.

Typically SCRM is broken down into 4 sub-processes:


Over the years many methodologies, organizational structures, and software support packages have been developed to facilitate SCRM. However, equally important is the adoption of an organizational mindset that is continually alert to supplier risks, options, and mitigation techniques.

Organizations that have implemented SCRM processes – and have ingrained it into their culture – have benefited from increased supply chain reliability, less negative “surprises”, and the ability to respond quickly and effectively when disruptions occur.

A common SCRM visualization is that of a “Supplier Dashboard”. In fact, many software developers and consulting firms have built, marketed, and implemented systems around the “Dashboard” concept.

RISK IDENTIFICATION

Broad categories can be used to facilitate the identification of common risks. 

Common Supply Chain Risk Categories:

  • Financial problems
  • Environmental issues and natural disasters
  • Organizational weakness, instability, and/or under-competence
  • Technical and mechanical problems in the manufacturing process
  • Cyber security breaches
  • Raw materials supply shortage
  • Transportation disruptions
  • Legal/regulatory compliance

Risk categories are not static in their relative importance.
Example: “Environmental Issues and Natural Disasters” have been perennially included on most any list of risk categories. However, it is doubtful that as recently as one year ago the impact of a worldwide pandemic factored prominently into most organizations’ contingency planning.

Risk categories are neither timeless nor permanent. 
Example: It is hard to imagine that “Cyber Security” was a widely regarded risk a few decades ago – but the emergence of the internet as the backbone for all business communication has firmly established it as a critical risk category.

Risk categories are not isolated from each other.
Example: A natural disaster -- like a pandemic -- can lead to organizational weakness if key people get sick or cannot come to work. Conversely, a weak organization is less likely to implement precautionary health practices that could lessen the impact of a pandemic.

Weighing Risk
Supplier risk probabilities on their own are not very helpful in the development of an SCRM program because some supplier risks have more or less impact upon the ultimate mission of the purchasing organization or can be more or less easily mitigated if they are realized.

Some factors that reduce the impact of supplier risk:

  • Availability of alternative parts
  • Scarcity of competing suppliers
  • Ease/Speed of getting a new supplier up to speed
  • Non-Proprietary processes and methods
  • Low cost/high availability of raw materials
  • High inventory of parts ("in-house" and/or "at supplier")

Some factors that increase the impact of supplier risk:

  • Contractual obligation (difficulty separating from supplier)
  • Uniqueness, rarity, or proprietary nature of parts
  • Competitive Supplier Marketplace
  • Difficulty/Lead Time of changing suppliers
  • Proprietary processes and methods at supplier
  • High Cost/Low Availability of raw materials
  • Low inventory of parts ("in-house" and/or "at supplier")

OPTION EVALUATION

As suppliers’ risks are assessed using a risk/impact framework it becomes apparent which ones require the development of contingent options in case negative potentialities are realized.

If concerns cannot be alleviated through simple awareness, inquisition, and “health checks”, then other, more concrete, options need to be developed.

Examples of Pro-Active Options

  • Alternative supplier lists
  • Alternative parts Identification
  • Re-Design to eliminate vendor proprietary parts
  • Dual (or more) sourcing
  • Revision of contracts and obligations (to increase purchasing flexibility)
  • Prioritization of Delivery ("Need")Dates
  • Inventory Increase (Raw, Subcomponents, and/or Finished Goods)
  • Insurance Purchase

MITIGATION

The term “mitigation” might refer to two different things within the scope of SCRM.

Mitigation of Risk ↔ Mitigation of Consequences

Mitigation of Risk
Mitigation of Risk is forward looking and is the process of taking positive steps to reduce risk and potential impact of negative actualities before they happen.

This generally involves proactively executing some of the options identified in the previous stage of SCRM before supply interruptions occur.

Because mitigation of risk is rarely free nor effortless, organizations (and individuals) often delay or totally disregard these activities. However, if during the previous phases of SCRM, care was taken to identify and quantify risks and options, it is more likely such actions will be justified and executed.

Mitigation of Consequences
Mitigation of consequences are the activities that take place after a risk has actualized into a negative event.

In a sense, mitigation of consequences should not rightly be considered a part of SCRM because at the point that these activities take place… there is no more risk!

However, in practice, organizations need to consider the cost benefits of mitigation of risk vs. mitigation of consequences on a case by case basis and determine which whether they want to actually mitigate risk or just “roll the dice”.

While nobody wants to be in situations where they are mitigating consequences, at least organizations that have identified risks and options have a “leg up” on handling negative supply that events that occur suddenly.

The "Bowtie"
A common visualization of a risk management system is a "bowtie" shape. This looks like two opposing funnels with risk factors flowing into one end, a supply disruption in the middle, and consequences flowing out the other end.

In this visualization, mitigation efforts on either side of the center are directed toward "narrowing" the funnels and thereby reducing negative consequences.


CONTINUOUS MONITORING

SCRM systems are often conceptualized and visualized with some sort of prioritization and alert output.

In the simplest form, these outputs can be lists or spreadsheets that calculate and display risks, impacts, mitigation costs, etc..

More complex systems present “dashboard” or color coded displays (e.g. Green – Yellow – Red) to highlight critical supplier risks.

Still more sophisticated systems actually automate the process of “risk input”, for example harvesting public (or with permission – private) financial data, weather conditions, delivery performance, or even HR changes, to constantly re-evaluate risks and potential impacts of supplier issues.

"Feeding" the Monitor
Regardless of the monitoring system, effective organizations never overlook the importance of continually reassessing their own inputs and factor weights. Dashboard “lights” that are not connected to the correct sensors are not really worthwhile. So it is important to periodically and systematically review not only supplier risks, but the impact factor weights that ultimately drive the signal outputs of the overall system.

When The Lights Start Flashing!
SCRM systems and dashboards are an essential part of any well run procurement organization, and they go a long way towards maintaining a steady flow of parts and sub-assemblies to the production floor. 

But what happens when multiple risks hit the framework at once? Or when one particular risk hits so globally as to completely tax all mitigation efforts – like a global pandemic.

Companies must increase their “sensory” (monitoring) capability and augment or streamline their mitigation resources.

Step Up Monitoring
Don’t wait for the phone to ring! Re-visit your supply chain risk assessment and prioritize key suppliers that need to be monitored closely.

Key prioritization factors:

  • Long lead time tooling
  • Long lead time materials
  • Proprietary processes, parts, and sub-assemblies

With each critical or high-risk supplier:

  • Establish Contact
  • Set up Frequent Direct Feedback Mechanisms
  • Expand Your Observational Capability (with on-site supplier visitation)
  • Utilize external data sources (e.g. Weather Data, Covid-19 Positivity Maps)

Be Ready to Mitigate Consequences
In difficult times it is important to maintain a bias toward action. Keep your ear to the ground and believe what you hear!

When serious supply problems arise… to the extent that pre-planning was done, there should exist “playbooks” ready to go. However if too few (or no) mitigation plans exist… it is time to get busy developing them for high risk suppliers.

Whether there is still time for risk mitigation, or if it is time to deal with negative consequences, it is important to rely on your SCRM system and establish a bias towards positive action.

  • Find Immediate Alternative sources and alternative parts and assemblies if possible.
  • Save the Existing Supplier Relationship if Possible – But Move Work if Necessary
  • Consider financial assistance to suppliers who need it. This could be in the form prompt payment terms or customer supplied materials.
  • Make sure you have personnel available to execute mitigation tactics


Contact us for more details on how we can help your team manage risk, avoid supply disruptions, and mitigate negative consequences by using contingent supply chain resources that are local to your vendors!



Copyright © 2024 Preferred Procurement Solutions LLC.