Monthly Archives: December 2013

The Best Supply Chain Security in the World is Useless …

… if you forget to lock the digital back door!

As Tim Garcia pointed out in a recent article over on Manufacturing Business Technology, In Securing Your Supply Chain, Don’t Forget To Lock The Back Door, because up to half of all reported company data breaches slip in through unguarded digital back doors. Just because you take all of the security precautions that are possible with your own network, this doesn’t mean that you can account for the practices of other companies your enterprise interacts with on a daily basis though digital backdoors that could be contained in every piece of enterprise technology that you use.

So what should you do? For starters, follow the advice in Tim’s article.

  1. Use up-to-date anti-virus and monitoring systems on all inbound and outbound connections.
    Whether it is between business systems at different locations, your SaaS and cloud providers, or third parties — protect all data links.
  2. Restrict all sensitive digital communications and transactions to secure, monitored, channels.
    Don’t allow sensitive data or monetary transactions to flow over unapproved, unsecured channels for any reason.
  3. Analyze every nook and cranny in your digital supply chain for vulnerability.
    Thieves and competitors will find the one digital pathway you miss or ignore in your vulnerability assessment.
  4. Communicate the Security Procedures and Protocols
    Make sure the entire C-Suite is aware, approves, and communicates them downward.
  5. Have a Recovery Plan
    Despite you best efforts, it only takes one newly discovered zero-day exploit or one employee who forgets to encrypt some critical data for thieves and spies to break into your network, steal your data (and your customers’ data), and put you in a bind. Have a plan to deal with the worst-case scenario as soon as it happens to minimize the losses to your bank account and your corporate reputation.

In addition, SI recommends

  1. Have harsh penalties for (repeat) offenders who do not follow the procedures.
    Just like some employees will continue to buy off-contract unless you have harsh penalties in place to curb this behaviour (such as no reimbursement without an approved PO signed by their supervisor and a Procurement executive, write-ups that negatively impact their performance review and maximum bonus, etc.), some employees will take shortcuts if they think its easier or quicker to do so or the security procedures are overkill.
  2. Look for systems where you can control the distribution of data seen by your suppliers.
    If the only way to restrict the data that is viewable by a user logged into one of your systems is to export it to Excel or PDF, and this is the primary mechanism used to share data with your suppliers, even if it’s sent encrypted, once the supplier decrypts it – you have no control. If, on the other hand, the system implements fine-grained security and you can create customized supplier views and restrict data exports, this limits what the supplier sees and its options for sharing that data. It’s even better if the supplier can create customized sub-views for the data it needs to share with one of its suppliers working on a part of the component it is building for you. Even though the military often goes crazy with its security measures (as anything on the public internet is not “protected” just because you print it off and put it in a binder), they have the right idea — sensitive data that is sent outside the four walls of the organization should be restricted to what is need to know.

8 Key Design Considerations for Optimizing Your Demand Planning Process: Part II


Today’s guest post is from Josh Peacher, a Senior Consultant in the Operations Practice of Archstone Consulting, A Hackett Group Company.

In the first installment, we focused on defining the 4 basic design considerations for optimizing your organization’s demand planning process. These considerations included:

  1. Utilization of time series forecasting and exception management to drive a base forecast
  2. Selecting the right software tool for your business
  3. Identifying a set of core metrics and KPIs that help to identify opportunities and drive accountability
  4. Effectively leveraging external information to elicit a more accurate forecast

These design considerations are foundational in nature and effectively addressing each will ensure that your organization’s demand planning process has a solid base. However, to truly move the needle towards world class performance, a set of more advanced considerations must be applied.

5. Drive Towards a Consensus Demand Plan

A formal demand planning process should conclude with an aligned set of forecast numbers that the entire organization understands and can speak to. This doesn’t necessarily mean that a “One-Number” forecast must be reached as this can be very difficult and cause a whole set of different issues. However, organizations should look to align on a set of numbers and be prepared to speak to and manage to the gaps. Key participants in the consensus demand plan conversation include Sales and Account Teams, Finance, Supply Planning, and Demand Planning. Each of these groups will bring a different perspective and set of information to the discussion resulting in a more informed final demand plan.

6. Identify the Right Level of Detail

When defining the appropriate level of detail to forecast at, leading companies strike a balance between importance to the business and complexity of the process. The diagram below defines a general set of guidelines for identifying the appropriate level of forecast detail based on the situation. As a general rule of thumb, the more important and complex the set of items is to the business, the higher the required level of detail and rigor.

Complexity vs. Importance

7. Ensure Adequate Resources

As I mentioned in the first installment, demand planning is commonly an overlooked element of supply chain planning. This often leads to an insufficient allocation of resources by the organization. Demand planning is an arduous process that requires a high level of dedication and attention. More times than not, I see organizations that have failed to realize this and leave their demand planning team without the necessary bandwidth to perform effectively. The net effect is a less accurate forecast, poor demand signals trickling through the system, and a higher turnover rate. A few simple rules of thumb to ensure that your organization is not falling into this trap include the following:

  • Install dedicated analysts for demand planning.
    This will ensure that demand planners are focusing on value-add activities and have the right information on hand to make informed decisions.
  • Make sure that your demand planners aren’t wearing too many organizational hats.
    It’s an odd phenomenon but demand planners often end up taking on responsibilities that are well outside of their job scope and not essential to their core function. The best way to decipher this is just to simply ask them where their pain points are. Trust me … they will tell you!
  • Understand which segments are the most critical and complex to the business and distribute them across your demand planner resources.
    Ideally, each of your demand planners will have a portfolio of demand responsibilities that are evenly distributed amongst the four quadrants of the above diagram.

8. Define your Organization Process Model

Too often I have seen organizations operating in an environment of chaos because they lack a defined process and cadence for their demand planning cycle. You may believe that you have a process in place, but can you articulate what it is? Can the demand planning resources in your organization define the calendar of events that make up the process? Many times what people believe to be a process is actually floating tribal knowledge and tends to vary depending on who you ask within the organization. Without a well-defined process, it’s difficult to hold others accountable and overall performance tends to suffer. An optimal process must be defined for each organization based upon it’s unique set of variables and constraints. However, the list below is a set of monthly activities that can be found in most leading company processes.

  • Prepare Data
    Cleanse and gather all required data for the demand planning process (internal and external)
  • Generate Initial Forecast
    Generate both the base statistical forecast and manage exception SKUs manually
  • Incorporate Market Intelligence
    Collaborate with trade partners and external contacts to incorporate quantitative and qualitative data into the forecast (e.g., POS Data, Customer Forecast, Promotional Calendars, Pull-Forward Buys)
  • Consensus Reconciliation Meeting
    Meet with sales and finance to reconcile the bottoms up forecast with top down financials and sales forecasts
  • Refine and Publish Final Forecast
    Make final adjustments to forecast before transmitting to ERP
  • Monitor Performance
    Monitor forecast for large anomalies and diagnose root cause of error

Thanks, Josh!

Planes, Trains, and Automobiles — Which is the Safest Way to Travel?

Even though flying is still believed to be the safest mode of travel, with the death risk for passengers of commercial airlines being one in forty-five million flights, compared to the risk of dying in a train crash being one in 156,169, trains could become the safest way to travel, especially if some of the recent innovations to railroad safety are universally implemented.

Specially equipped freight cars pass over railroad tracks as sensors gather multiple data points on their condition. Rail-side detectors scan passing rail cars to evaluate their integrity. Trackside ultrasonic technology identifies internal flaws in passing wheels. These are just a few of the new technologies that have been developed to ensure rail security and prevent accidents, as chronicled in this recent article over on Inbound Logistics.

Widespread adoption of these, and other, safety technologies could result in 2012, which was the safest year ever in the United States for rail according to the AAR (Association of American Railroads), being the 10th most safest year by 2022 and make accidents a rarer occurrence than they are in aviation. According to the FRA (Federal Railroad Administration) Office of Safety Analysis, there were 10,918 rail incidents in 2012, of which 662 were fatal. Incidents include train accidents, highway-rail incidents, and other incidents. The total number of train accidents were 1,743, of which 5 were fatal. The primary causes were human factors (656), track defects (577), and equipment defects (205) with signal defects and miscellaneous causes accounting for the remaining (305) accidents. More automation and safety systems can eliminate the amount of human involvement required, greatly reducing the number of accidents due to human factors, and better monitoring systems would detect the vast majority of track, signal, and equipment failures before they led to incidents. After all, there’s a finite amount of track (of 138,565 miles in the US), a finite number of crossings, and a finite number of trains on those tracks, which can only be in one location at any time. Good automated control systems can eliminate crossing and switching incidents and head-on collisions, and better monitoring that detects 98%+ of defects before they lead to accidents will reduce the accident rate, at least on track, by 98%. The highway crossings will still be an issue, especially if a driver is dumb enough to race the lights, but more crossing bars will help there as well. It might be the case that highway crossings prevent train travel from ever being safer than airline travel, statistically speaking, but there’s no reason that rail (only) incidents can’t be all but eliminated with better technology.

Especially now that there is the incentive to do so! As the Inbound Logistics article on where safety and innovation converge points out, railroads are experiencing a competitive resurgence as an energy-efficient freight transportation option, and this means a lot of money is being pumped into rail, and this amount will increase as time goes on as operating efficiencies can make rail more competitive than truck for trips as short as 500 miles! In addition, with the increasing densification of (mega) cities, and (mega) regions that cluster multiple (mega) cities, it will soon be that the only option left for efficient transport of people will be high-speed rail. North America will have no choice but to bite the bullet and build high-speed rail systems in order to maintain its geographic competitiveness, or the best and brightest from its talent pool will migrate to growing (mega) cities and (mega) regions in Europe and Asia, especially in the finance and technology industries where time is money and people can’t afford to sit in traffic for three or four hours a day (as the net result is a complete sacrifice of their personal life).

And if railroads don’t keep up with safety improvements on their own, because of the money involved, legislation will eventually help them along. For example, legislation passed in 2008 requires that all railroads implement positive train control (PTC) technology on main lines used to transport passengers and toxic-by-inhalation material by 2015. This technology, designed to automatically stop or slow a train before certain types of accidents occur, should go a long way towards reducing fatal accidents.

But it sounds like legislation isn’t required, as the rail industry is already pushing for stricter safety standards than the government requires. One example, as outlined in the Inbound Logistics article, is that the AAR Tank Car Control Committee has already petitioned the US Department of Transportation Pipeline and Hazardous Materials Safety Administration (PHMSA) to adopt higher standards for DOT-111 tank cars carrying packaging group type I and type II commodities (which include explosive liquids such as crude oil and ethanol).

In other words, while the rail industry has a way to go, one day rail could be as safe, or safer, than air. Let’s hope it gets there because the rails are again The Road to Riches. The various forms of the automobile may have temporarily overshadowed them, but their glory days have returned.

Happy Birthday, John von Neumann

One hundred and ten years ago today, John von Neumann is born in Budapest, Hungary. von Neumann was the first to design a computer architecture in which the program and the data it operated on were both stored in the computer’s memory in the same address space, which to this day is the basis of computer design.

Without von Neumann, computers may not be so powerful, you might not have your iPads, and the sophistication of today’s enterprise technology could still be quite crude.

Good SaaS vs. Bad SaaS

A recent post over on Richard Anson’s blog on 11 Crucial Tactics for SaaS Pricing, while written for new SaaS vendors who need to know how to price their solutions, did a great job of helping to point out some of the key elements of a good SaaS solution sales process vs. a bad SaaS solution sales process as well as some key elements of a good SaaS solution from a customer’s perspective vs. a bad SaaS solution from a customer’s perspective.

In particular, it focusses in on some of the key non-functional characteristics that should be examined in your SaaS purchase process. These non-functional characteristics can easily be summarized in a quick side-by-side comparison of good SaaS vs. bad SaaS.

Good SaaS Bad SaaS
Value-based Cost-based
ROI-justification Process Improvement
Business Case Justification Potential Manpower Reduction
Priced According to Company Size and Utilization One Price Fits All
Competitively Priced Priced Out of the Ballpark

In other words, if the SaaS solution is good, it will be competitively priced, and priced according to your company size and intended utilization, come with a business case justification, deliver a proven ROI, and clearly deliver ongoing value.

And if a SaaS solution is bad (for you), it will be priced out of the ball-park with respect to its competition (and be either too expensive to deliver value or too cheap for the company to sustain over the long term, which will lead either to the provider’s failure or substantial price increases at contract renewal time), have little in the way of a solid business case justification, or have a poor ROI over the short and/or long term. SaaS is more than features, functionality, hands-off management, and a cool web experience — it’s about delivering value to your bottom line.

For insights on how to cost out the TCO of a SaaS solution, and compare that TCO to an installed solution, see SI’s classic post on Uncovering the True Cost of On-Premise Sourcing & Procurement Software. For insights on what constitutes a good SaaS contract, see SI’s classic posts on SaaS Contractual Considerations (Part I and Part II). And remember, as per SI’s recent post on Maximizing ROI from Technology, it doesn’t matter how strategic the IT Vendor is, it only matters how strategic the solution they offer is.