Daily Archives: November 23, 2023

Source-to-Pay+ Part 5: Supply Chain Risk (Generic)

In Part 1 we noted that Risk Management went much beyond Supplier Risk, and the primitive Supplier “Risk” (or should we say “Uncertainty”) Management application that is bundled in many S2P suites. Then, in Part 2, we noted that there are risks in every supply chain entity; with the people and materials used; and with the locales they operate in. In Part 3 we moved onto an overview of Corporate Risk and then in Part 4 we took on Third Party Risk (in Part 4A and 4B).

But there’s much more to risk than just the (internally focused) corporate risks and the third party (supplier) risks. There are also supply chain risks. Today we are going to discuss the basic supply chain risks that an organization can expect to keep track of with a generic supply chain risk management application.

Capability Description
Multi-tier Mapping A good supply chain risk management system will map the organization’s known supply chain and allow them to track what facilities are located where, at least to the extent that they supply a higher tier that eventually leads to a good or service being delivered to a company location. This will include the tier 1 suppliers, the tier 2 suppliers they use, the known locations of the suppliers they use, all the way down to the raw materials. It will include intermediate warehouses, ports, (cross)-docks, rail yards, and FTZs used by the organization.

The organization will be able to search by product, and see the known supply chain. Search by location, see the suppliers who are there, and then see all the products that flow through those suppliers at that location.

Geo-Political Tracking For ever region the organization does business in, the platform tracks news and events related to the geo-political climate. Government decisions, labour unrest, increases in crime, terrorist activity, man-made disasters and other, related, events will be tracked. Government stances on issues, local business preferences, likely election outcomes, and anything that could cause a change in the political climate will also be tracked.

For each government decision, labour unrest, terrorist activity, man-made disaster, closure, etc, the platform will associate it with all affected suppliers and supply chain network nodes (warehouses, ports, etc.) in the network. In addition, any news or events that may turn into an event of interest will also be referenced.

Economic Tracking For every region the organization does business in, the platform will track the local economics. How is the currency trading against the primary currencies used by the organization and is it increasing or decreasing in value. How is the local job market, is unemployment decreasing or increasing? How is local consumer spending?

All of the above are indicators of the local economy. The organization is interested in not only how much it will cost for the goods now and tomorrow, but, if they are selling in the local economy, how likely it is the local market will (continue to) be able to afford the products, and how likely the supplier will be able to attract and retain the workforce it needs to serve the organization.

Natural Disasters For every region, and every region between every region the company sources from and every region they sell in, the organization tracks natural disasters, their impacts, and, if recovery is necessary, the state of recovery. It also tracks natural disaster risk, and any nearby (weather) events that could turn into a disaster (hurricanes forming over the ocean, tremors that could signal an earthquake, lava flows that could signal a volcanic eruption, etc.).

In addition to tracking the disasters that have happened, might happen, and will happen again, it also tracks the impact a disaster will have for every day a supplier’s operation is disrupted. The platform will contain the ability to model the cost of a disruption at every tier 1 node and propagate that down the chain.

Disruption Tracking The platform will also contain the ability to track arbitrary disruptions, track the recovery status, model the potential impact, and track the actual impact.

This will normally form the foundation of a control centre, which will be integrated with the analytics and monitoring capability (which, as we noted in our last three parts, will be covered in a separate article), and allow the organization to centrally track, manage, and mitigate organizational risks.

Transport Mapping & Tracking As noted above, the platform will track every region, and every region between every region, that the company operates in and use this information to map and track the organization’s transport networks. Every node used by every carrier will be tracked, every lane will be mapped, and every route monitored to the extent possible by the application.

This normally won’t be a full fledged transport risk management platform, which will be something we cover in another article, but will provide enough foundations that a third party application can be linked in or data feeds imported.

Moreover, a Generic Supply Chain Risk Management Application will also contain a host of generic analytics/planning/monitoring capabilities, but since many of these are common, and since stand alone risk-focussed analytics applications are also part of the plethora of offerings out there, instead of discussing these generic features in this and every other article, as we noted in our coverage of Corporate Risk, we will instead discuss these capabilities in an article dedicated to Risk Analytics and Monitoring.