Supply Chain Audits

Recently, Supply and Demand Chain Executive published a guest column by Dr. Jeff Karrenbauer of INSIGHT entitled The Case for Supply Chain Audits which not only coincides with my views on the need for Global Supply Chain Visibility, Integrated Sales and Operations Planning, and Supply Risk Management, as well as the views I share with my colleague David Bush on Supply Chain Weather-Proofing and the need for solid planning, but emphasizes the fact that vulnerabilities cost dearly, noting that Terrorism, civil wars, dock strikes, attacks on oil fields in Saudi Arabia, potential pandemic, last year’s disastrous hurricanes and the ongoing threat of political, social and economic instability around the world have exposed U.S. firms to more than $300 billion in supply chain disruptions, according to a recent study by Aon.

The article points out that every chief executive, operating, and financial officer should be demanding a comprehensive supply chain risk audit and a corresponding set of mitigation strategies immediately, noting that only 11% of companies are actively managing risk (as per Aberdeen’s recent Global Supply Chain Benchmark Report) and that this action gap is one of the greatest weaknesses of current corporate global supply chain strategies.

As such, companies should perform a supply chain audit that identifies where supply chains may be vulnerable, the strengths and weaknesses of the supply chain, where response programs are weak, and where safeguards or alternative sources are missing. A supply chain vulnerability audit is a three-step holistic processes that encompasses the entire supply chain, starting with a company’s customers and the products they purchase, then working back to the uppermost tier of raw material suppliers. The result is a plan for resiliency in the form of right-sized and strategically located facilities with flexibility for the supply chain, thereby “hardening” it against disruption.

The three steps are:

  1. Educate
    Use case study examples from experienced supply chain planners that establish first principles to dispel false tribal wisdom, define concise terminology, and provide an overview of standard risk categories and mitigation methods. (See my supply risk management weekend series on eSourcing Forum for some basic methodologies: I: An Introduction, II: Risks and the Need for Resilience, and III: Managing Risk.)
  2. Audit
    Gather relevant data for all supply chain components, commodity types, customers, channels, and facilities; identify critical elements and specific categories of exposure for each component; and identify potential vulnerabilities. This step asks a lot of questions, including can we operate the business after a disaster? if not, what must we do to get back into operation as quickly as possible?.
  3. Prescriptive Analysis
    Determine what affordable changes can be made where to minimize risk and harden the supply chain to ensure business continuity after a disruption or a disaster. Use techniques such as critical commodity analysis, critical customer analysis, critical location analysis, and short-term crisis response analysis to formulate the action plans. Use sophisticated supply chain modeling tools to quantify and rank the cost and service effects of various scenarios and the effect of proposed improvements.

And when you consider that the article also points out that knowledgeable observers are predicting that supply chain certification may come to be required as part of Sarbanes-Oxley compliance, I’d say that an audit is a great place to start.