Category Archives: Risk Management

To Truly Be Successful at Supplier Risk Management, ADMIRE!

Now that we’ve carefully explained that you’re just not up to the task of preventing a black swan event, hopefully you have made risk management a priority. So, to help you understand, at a high level, what this is, we’re reprinting this classic post from 2010. Most of the articles out there get the basics wrong, but if you get them right, it’s not that hard to do a decent job (especially if you get a good platform to help you out). Enjoy!

Not only is supplier risk at the forefront of thought these days, but articles on it are at the forefront of online publications as well, including this recent article in Supply Chain Digest on the key drivers of successful supplier risk management. However, most of the articles miss the point.

For example, according to this article, the trick to successful supplier risk management is to:

  1. engage top-level management,
  2. segment suppliers based on relative risk,
  3. rigorously measure and manage risk,
  4. give category managers tools and training, and
  5. collaborate with key suppliers.

Which is all good advice that is fine and dandy, but it misses the point. Risk management is all about identify risks, identifying mitigations, monitoring risks, and executing mitigations at the appropriate time. Management support is important, but it doesn’t have anything to do with risk identification or mitigation. Segmentation is a good tactic as more attention needs to be placed on suppliers which represent more significant risks, but again it has nothing to do with risk identification or mitigation. The same goes for giving category managers tools and training. Collaboration is relevant only if the mitigation requires collaboration. In other words, in this list, the only key driver is the “rigorous management and mitigation of risk”.

The reality is that success depends on your ability to ADMIRE the situation. Specifically, the ability to:

  • Ascertain the risks,
  • Define the risks that could cause significant damage,
  • Monitor those risks,
  • Identify appropriate mitigations,
  • React when signs of the risk begin to materialize, and
  • Engage the supplier when collaboration is required to mitigate the risks and
  • rinse and repeat

That’s it. But don’t forget the rinse and repeat. The biggest risks today are not the biggest risks tomorrow, so you always have to be actively engaged in risk management. Always. And since there are always more risks than you can actively address and mitigate, at any particular time you need to focus on the major ones (but still monitor for, and evaluate, the rest and as soon as they become likely or potentially costly, elevate the priority so that a mitigation plan is prepared in time).

Share This on Linked In

The Black Swans are Gunning For You!

Maybe, after years of humming and hawwing you finally put a proper supply chain risk management program. Maybe you feel you’ve learned enough about disruptions to identify them early and react quickly and the threat of those black swans has been minimized. Maybe you just had the worst disruption in a decade and you know that there are few of them (outside of their native Australia), but many organizations, and the odds are that you won’t see them again for a decade. Maybe you’re safe. Maybe.

But what you don’t understand is these swans are angry. Very angry. And they have a right to be. How would you feel if you were, more or less, consider the ugly duckling compared to your white cousins. Ridiculed and reviled thanks to Dr. Taleb who called you out as the cause of every single unexpected event that few predict, especially when those events have devastating consequences. And to top it off, associated with your raging white cousins that are, the vast majority of the time, the perpetrators of the “swan attack”.

So what do you do when you’re angry? You get revenge. On the biggest targets. And what’s the biggest target? The modern, global supply chain.

And before you think the doctor‘s off his gourd, he knows that, 99.999% of the time your supply chain disruption is not the direct cause of a black swan attack, but that no matter how good you think you are at preventing and detecting black swan events, you’re not good enough. At least not yet.

How does he know this?

  1. The percentage of Procurement organizations that have dedicated risk management solutions is miniscule.
  2. The percentage of Procurement organizations that have dedicated risk management solutions and leading SRM solutions is smaller still.
  3. The percentage of Procurement organizations that have dedicated risk management solutions, leading SRM solutions, and modern strategic sourcing / supply chain optimization solutions is much smaller still.
  4. The percentage of Procurement organizations that have dedicated risk management solutions, leading SRM solutions, modern strategic supply sourcing / supply chain optimization, and six sigma level disaster planning capability is so much smaller still that it’s almost non-existent.

And the reality is that unless you’re at level 4, you’re not going to see enough of the potential disruptions headed your way to analyze their impact probability and potential severity, and you won’t even get a hint of coming big, “black swan” events, until the tsunami is right on top of you and there’s nothing you can do to get out of it’s way. As a recent post by the public defender  points out, events that seem unlikely, surprising, or virtually impossible do happen, more often than we expect, and our risk analysis, mitigation approaches and management actions should bear this in mind.

And most importantly, just because they are half a world away doesn’t mean that they won’t devastate your product line in two months when you’re supply can’t supply because their supplier didn’t supply because the raw material supplier couldn’t supply because the earthquake collapsed the mine — something you could have known two months ago with monitoring, which might have given you enough time to get your disaster recovery plan in place. You’ll still be affected. Costs will still go up. Workloads will still double. But you won’t be up the creek without a paddle (just in a more expensive boat with an un-preferred, less favoured one.)

Trump & Brexit Woes? Optimization is the Answer!

SI has been preaching the gospel of strategic sourcing decision optimization since day one, noting how it was the only way to not only achieve the year over year cost savings that could be identified by spend analytics but also identify additional value necessary for struggling under-staffed and under-budgeted supply management organizations to realize the value that was being demand of them. Year-over-year was key. During the noughts, thanks to the success of FreeMarkets and Ariba, everyone thought that e-Auctions were king, as the first e-Auction often returned 20%, 30%, or even 40% savings and the second a healthy 5% to 15% in a host of categories, but no one realized these savings were just a result of excess fat in supplier margins, shaved out by more aggressive, hungrier, competition looking for a chance to prove themselves and grow. Once the fat was trimmed, and inflation began to return near the end of the noughts, subsequent auctions not only failed to identify additional savings, but also resulted in cost increases.

SI knew this, as the early adopters were already beginning to experience this when SI started and multiple options for strategic sourcing decision optimization were available (CombineNet [now Jaggaer], Emptoris [now IBM], Iasta [now Determine], VerticalNet [now BravoSolution], Trade Extensions, and Algorhythm), but the auction providers had big marketing budgets (as a result of their big successes, % of savings contracts, and VC funding) and bigger mouths to spread the auction word. And by the time the blush faded from the rose, most organizations weren’t ready for what seemed to be complex solutions, so the focus turned to better RFX, should-cost models, spend analysis, and weighted evaluation models. This worked for simpler categories, and the fact-based negotiations shave the remaining fat while also identifying processes or unnecessary non-value add offerings that could be trimmed, and savings continued, but began to trail off. That’s why the leaders are slowly accepting decision optimization and why Trade Extensions has been growing aggressively year-over-year for the last five years or so.

But let’s face it … when 40% of the market still doesn’t have any Supply Management tool and only 20% of the organizations that due are leaders (which kind of explains the Hackett 8%), the adoption is still low and the usage still minimal. As long as savings can be squeaked out through other means (analytics, cost modelling, aggressive negotiation, GPOS, etc.), the average organization seems to be doing everything it can not to evolve. Cognitive Procurement is the buzzword, but cognitive dissonance is the reality.

But that could all be about to change. Why? Between Trump continually threatening new border taxes, border closings, and visa program overhauls and Brexit looming on the near-horizon, which will totally change the tax and border situation in Europe, supply chain costs are totally unknown for a large majority of global supply chains. Considering how many global organizations are headquartered (at least regionally) in the US or UK and how many more have their Procurement Centers of Excellence there (either in a distribution hub or a financial hub, of which New York and London are two of the biggest in the world), it’s looming chaos. Are your costs going up? If so, are they going up 10%, 20%, 100%? Are sources of supply going to be cut off due to trade bans? Is your best talent going to be locked out of the US or UK? It’s a nightmare waiting to happen. It’s enough to put even stock market traders into full panic mode.

So what do you do? You manage the risk? But how? Most of the traditional supply chain risk management platforms (Reslinc, Risk Methods, Achilles, etc.) are geared at supply chain visibility — attempting to identify potential disruptions [as a result of external or internal events] before they happen so that mitigation plans can be identified and put in place before they do. However, when the disruption is not an event but an unpredictable [and unaffordable] tax hike or border closing, these solutions, even those that reach level 5 on the Spend Matters scale, are pretty useless. That’s why Sourcing Innovation has recently stated that Supply Management Risk Management Needs to be Cranked to 11. (It’s important to go to 11.)

You see, the key to survival is “what if” the current supply chain becomes unsustainable due to a tax hike or border closing in the US or UK. Running a new scenario with all of the inputs except any lanes, countries of origins, and / or products where you expect to see disruptions, trade bans, or extreme import/export duties. And then running another new scenario under a different set of assumptions on lane, country, and/or product restrictions. Running scenarios at the product level and the category level. Running with current supply base, previous bidder supply base, and newly identified scenario supply base until you have a mitigation scenario that is acceptable and ready to go if something happens.

Only a good supply management decision optimization solution with what-if scenario support can do this – nothing else.

So, since we’ve all forgotten Kermit’s Lesson, this is what we’re left with. But considering how it will enhance your overall supply chain operations in these turbulent times, that’s not a bad thing.

 

Supply Management Risk Management Needs to be Cranked to 11!

SI has been preaching the message of the need for strong supply chain risk management for a while now, given that the chances of your organization NOT experiencing a significant disruption over the next 12 months is about 1 in 10 and dropping fast. In fact, the doctor recently authored an entire risk management series for Ecovadis:

But given the uptake in deep supply risk management solutions, SI is not yet preaching to the choir. Don’t worry, this is not another post preaching from the pedestal, unless, of course, you are a vendor.

You see, even the best solution doesn’t have what you need to suitably address risks in today’s risk-laden supply chain. Consider the current enabling technology components, as addressed in the Supply Risk Management Landscape Report, co-authored by the doctor with the prophet and the maverick.

  • basic portal and information tracking capabilities which tracks all suppler and product info and allows a supplier to manage their end
  • risk analytics and reporting that focusses on relevant spend, supply, and supplier metrics that provide good risk indicators
  • risk intelligence feeds that report on current real-world (third-party) metrics and events that can effect your supply chain
  • commodity management enablement with price benchmarking and forecasting, availability projections, price risk exposure, etc.

These are good, but all these let you do is identify potential risks. Once a risk is identified, you need to do something about it. But a solution that only tracks, reports, augments, and projects — while it may give you some ideas — doesn’t let you do anything about it.

Some providers (like Resilinc) give you a command center that allow you to create disaster recovery plans for specific occurrences, or run what-if reports/scenarios based on decisions on how to mitigate a risk, but this doesn’t help you identify how to mitigate the risks appropriately.

And that’s why supply risk management platforms need to crank it to 11. And how will they do that?

The answer, as the doctor outlined in the aforementioned co-publication with the prophet and the maverick, is to also contain support for:

  • supply chain re-design and optimization based on decision optimization, supply chain modelling, predictive analytics, and “what-if” scenario planning

Now, not a single supply chain risk management solution supports even one of the four core capabilities required (although some will claim they do), but hopefully, now that the flashlight has been shone, they will … or maybe, just maybe, a true SSDO (strategic sourcing decision optimization) provider will hire a few risk experts and build a risk management platform on the right underpinnings. Only time will tell. The most important thing is that you realize when you go to market for a supply chain risk management solution is there is no perfect solution and more innovation is needed.

On the Eighth day of X-Mas (2016)


On the eighth day of X-Mas
my blogger gave to me:
Risk Management Posts
Sustainable Posts
e-Procurement Posts
some SRM Posts
some CLM Posts
some Best Practice Posts
some Trend Bashing Posts
and some ranting on stupidity …

Risk is everywhere. Embedded in everything.

The categories of risk are truly The Dirty Dozen.

Every organization is Playing With Fire: [with all of the] Hidden Risks Lurking in The Supply Chain!

These risks stay hidden thanks to the common practice of Siloed Supply Risk Management [which] Just Wastes Time, Money, and Resources.

It doesn’t have to this way. For instance, here are 3 Best Practices in Supply Risk Management That You Are Likely Overlooking.

These will help you understand that Supplier Risk: [is just] The Tip of the Iceberg.

Because, and it is worth repeating, Hidden Risks are Everywhere!!

And when one rears its ugly head, that’s when you find out that Turbulence [is] Not Just for Airplanes Anymore!

But while the enormity of the situation may drown you, despite what your ERP vendor will tell you, your ERP is a big risk. Here are A Few Reasons Why Your ERP is a Disaster Waiting to Happen.

When it comes to risk, could you be managing it right? Yes, and you could start with some Risk Monitoring.

After all, when you consider what a realized risk costs, It Shouldn’t Be Hard to Justify Investments in Risk Avoidance.

Come back tomorrow for the ninth day of X-Mas.