Category Archives: Risk Management

Only an Optimization-Backed Sourcing Platform will Answer a Buyer’s SOS


We all know the importance of a good Sourcing Platform to power our Procurement Value Engine. But even after multiple posts (on Sourcing Innovation) and (white) papers on the topic, one still might not be convinced that an optimization-backed sourcing platform is truly necessary. If the organization is still getting reasonably good results from its (last-generation) sourcing suite, has a large number of templates, workflows, and processes configured for its key/strategic categories, and has a consultancy/service provider that handles its tougher events (and they use an optimization-powered platform for those few really complex or high-dollar categories), it might think that everything is fine. And the reality is that everything is fine … until it isn’t!
from How Optimization-Backed Sourcing Platforms Save Our Souls . . . Or At Least Our Backsides


One has to understand that disruptions don’t only occur in the supply chain after the contract is signed, they occur during the sourcing process, and a significant disruption can result in an evergreen contract renewing at above market prices (which is bad) or a contract expiring and the organization left with insufficient inventory and no source of supply in a tight market (which is worse). And even if the disruption doesn’t result in an evergreen renewal or a (costly) inventory stock-out (that shuts down a production line), it can still result in increased costs, increased risks, and missed opportunities.

Sourcing events need to go smoothly, but in a typical sourcing platform, as may of you know, that’s not always the case. Sometimes suppliers change the rules, and sometimes the rules just change, and everything, as they say, quickly goes to hell in a handbasket.

For example, all of a sudden at the 11th hour, a fire happens or a border closes, and a supplier offers you a backup location, or pulls out, and you need to bring in a supplier at a new location. Your transportation bids are useless, your risk profile is unuseably skewed, and maybe even your whole event setup is useless, and you have to start over. And this is just one of a dozen scenarios that can flip an average buyer’s world upside down with an average sourcing platform.

But if you had a flexible optimization-backed sourcing platform, instead of going back to square one, you’d just keep on truckin’ with an optimization-backed sourcing platform as they are designed, from the gorund up, to support dynamic, complex, cost models, dozens of what-if scenarios, and ever changing real-world requirements and made for change.

A factory and associated lanes disappears, no problem, it is just removed from the model with a single click. A new one is added? No problem, define the associated end points, the lanes are automatically populated, and a partial bid survey can be resent to all incumbent suppliers for revised bids. These are then loaded into the model, amalgamated with current bids, and the model is solved. No starting from scratch, creating new RFPs, creating a new model structure, etc. Just a few simple changes, a few new bids, and everything keeps on going like nothing ever happened.

And this is only one way optimization-backed sourcing platforms save a buyer’s behind. For more, check out the doctor‘s latest paper on How Optimization-Backed Sourcing Platforms Save Our Souls . . . Or At Least Our Backsides, sponsored by Trade Extensions, and realize that if you don’t have one, you need a proper sourcing platform today.

Environmental Sustentation 22: Natural EMPs

In our post on environmental damnation 22, natural EMPs, we noted that EMPs, short for electromagnetic pulses, which are short, typically intense, bursts of electromagnetic energy that are generally disruptive, if not damaging, to electrical and electronic equipment, are a huge overlooked supply chain damnation because today’s information driven supply chains run on communication systems that control the chains, as well as the finances that pay for them. A single well-placed burst can take out an entire data centre, and if your organization is not setup in a distributed infrastructure with distributed off-site backups, your entire operation will come to a screeching halt — indefinitely!

No one thinks about this because people believe that the only real concern is EMP weapons, but these are only possessed by a few military operations that are unlikely to ever use them as they could destroy their equipment at the same time, but this is not true. Natural EMPs, which cannot be predicted and cannot be stopped, can do just as much damage and are much more likely to fry your equipment and bring down your supply chain than a rogue attack by a terrorist group that happened to get their hands on an EMP.

As per our damnation post, whether you realize it or not, there are a number of natural events that cause natural EMPs including, but not limited to:

  • lightning,
  • solar flares, and
  • earthquakes and volcanoes.

There is typically warning of the potential of each of these events, as well as the area and the likelihood, but the warning could be brief and the ability to prevent nonexistent, so any warning is likely to be too late.

So what can an organization do to protect against this damnation?

First of all, it can make sure that critical equipment is shielded, and located in shielded rooms. Low power EMPs will then not be much of a threat to that equipment.

Second of all, it can install equipment to divert as much of the pulse as possible. For example, a well placed lightening rod can divert lightening, and any EMP that might accompany it.

Thirdly, it can make sure it has a distributed infrastructure with real-time failover and distributed, real-time incremental back-up. Then, an EMP that takes out part of the IT operation in one locale will not take down the entire information (and financial) chain.

It’s not much, but it is enough. And at the same time, the organization also protects against fire, flood, and the FBI (raid) destroying a critical data centre.

Playing With Fire: Hidden Risks Lurking in Your Supply Chain

Modern supply chains are fraught with risk that can result in volatility and increased operational costs, large and sometimes devastating losses, and long term damage to the corporate reputation. These risks can be organized into four major categories, but non-compliance risks alone, the first category, should be more than enough to scare you.

Of the four major categories of risk, the costs of non-compliance risk is often the easiest to quantify, and the corresponding price tag of regulatory violations alone can be enough to halt a supply chain in its tracks as the bank account is bled dry.

Corresponding costs can range from the $3.0M, $3.19M, and $4.95M fines from the recent settlements by Washakie Renewable Energy, ExxonMobil, and Noble Energy for violations of the energy policy, clean water, and clean air acts, respectively through the 13.2M settlement by Lumber Liquidators for violating the Lacey Act to the $81.6M in fines that Wal-Mart had to pay in 2013 for the mishandling of products that became damaged or were returned and became hazardous waste, of which $60M was a result of violations to the Clean Water Act and $14M was a result of Federal Insecticide, Fungicide and Rodenticide (FIFRA) violations.

But environmental acts aren’t the only acts that can result in large fines. There are also worker’s rights acts, where even simple filing errors can cost over 1M, as Abercrombie & Fitch found out when they were fined $1,047,110 for numerous technology-related deficiencies in the company’s electronic I-9 system.

And while most violations of worker’s rights law or filing requirements are rather small, the violations could increase now that anti human-trafficking and modern slavery laws are popping up that can hold your organization responsible for any violation of these laws anywhere in your supply chain, even if the infraction is caused by the supplier to the supplier of your supplier.

But these fines will still likely dwarf the fines being levied by the US Department of Justice for violations of the FCPA – Foreign Corrupt Practices Act. In 2014, the average fine for a violation was $156.6 Million, and this included a $772 Million penalty to Alstom, the second largest penalty in history.

But this is just one set of risks with an associated cost that can bleed the bank account dry and effectively cripple a global supply chain. If you would like to know what the others are, watch for Sourcing Innovation’s latest paper on Playing With Fire — 4 Hidden Risks Lurking in Your Supply Chain (coming soon), sponsored by Ecovadis.

Do You Have Your 2016 Supply Risk Management Game Plan?

Here at SI, the doctor certainly hopes so because you are going to get hit with at least one disruption this year, and chances are it is going to be fairly significant. (I.E. one that will result in, at least, a 3-month stock-out if not promptly mitigated, and not a 3-day stock out that, unless you are Apple launching an iPhone, won’t affect sales noticeably.)

As regular readers know, risk is still increasing, and the odds of your organization not getting hit with at least one significant disruption over the next 12 months is, at best, 1 in 10. You have better odds of winning a prize in a Lotto 6/49 draw (in Ontario, Canada where you win a Free Ticket and effectively get your investment matched on the next draw when your ticket matches 2 of 6 numbers) than of not experiencing a significant supply chain disruption over the next twelve months. Ouch!

But you’re overworked, underpaid, and not trained in risk management and probably don’t have a game plan yet. So what can you do?

Well, you can start by checking out the doctor‘s and the maverick‘s recent four part series on “Your Supply Risk Management 2016 Game Plan” over on Spend Matters Plus (membership required) which dives deep into how you can best define manage your supply risk programs. This series:

  • defines the types of supply disruption, product cost volatility, regulatory compliance, and reputation risk you need to plan for
  • explains why you have to think global and implement local to develop an effective strategy
  • gives you strategies to identify primary risks, mitigations, indicators, and monitors
  • helps you understand how you can align risk and reward to get support
  • helps you understand how to get more C-level visibility
  • and presents a scoring methodology that demonstrates business impact, which is critical to getting C-Level support

All four parts were up as of last month, and all four are a must read for anyone who needs to get a grip on supply risk and how to handle it. Don’t wait until it bites you in your backside three days after a critical order was supposed to arrive (but didn’t because the tier 1 supplier decided not to tell you when the tier 2 supplier didn’t supply the raw material needed for production, which is no longer available because a mine collapse reduced the available, limited, global supply by 10%). The bite a supply disruption can take out of your business is much worse than a boghog will take out of your backside. So SI strongly recommends you check out the following now:

  • Part   I: Supply Risk Definitions
  • Part  II: Developing Strategy
  • Part III: Risk and Reward
  • Part  IV: Measurement and Management

Societal Damnation 42: Pandemics

A pandemic, as defined by Wikipedia, is an epidemic of infectious disease that has spread through human populations across a large region. When people think of pandemics, they traditionally think of the big nine historical pandemics of cholera, influenza, typhus, smallpox, measles, tuberculosis, leprosy, malaria, and yellow fever, which have, at one time or another, wiped out thousands, hundreds of thousands, and sometimes even millions of people.

However, many of the diseases that cause pandemics are still alive and well, and new ones are cropping up all the time. Cholera, easily spread by contaminated water, is caused by bacteria, and still causes 100,000 deaths a year world wide. Influenza is constantly mutating and new strains of bird flu and swine flu which, without proper treatment and prevention, could easily cause millions of deaths are alive and well. And while typhus (typhoid fever) has mostly been eradicated, cases are still being reported in poorer African and South American countries and the bacteria still exists.

As far as we know the smallpox virus has been eliminated in the wild, with no reported cases in 38 years, but never say never, as typhus, which should also have been eradicated by now, is still cropping up. There are still almost 500,000 reported cases of measles a year, even though immunization against measles is easy. Tuberculosis is caused by bacteria and infects about 1% of the global population each year, with 9 Million new cases in 2013 and almost 1.5M deaths.

Leprosy still affects almost 200,000 people globally a year. Malaria, caused by parasitic protozoans transmitted by malicious mosquitos, is still rampant with over 200 Million infections a year, which resulted in 660,000 deaths in 2010. Yellow fever is another infection, caused by a virus, transmitted by murderous mosquito, that infects about 200,000 people a year and annually kills 30,000. And while these pandemics are primarily restricted to the equatorial climates, as temperatures warm and climate changes, those pesky mosquitos could start to migrate northwards.

But this isn’t the only list of highly contagious infectious diseases we have to watch out for. In addition to the ongoing HIV/AIDS pandemic, now we have SARS (Severe Acute Respiratory Syndrome), a viral disease that cannot be cured or prevented that has an average fatality rate of 10% and that spreads easily by close person-to-person contact though respiratory droplets and which could spread like the great fire of 1666 through a dense metropolis. We also have the five strains of the Ebola virus, which spreads easily through contact with bodily fluids (including respiratory droplets or sweat) or infected bats or primates, and Ebola has an average mortality rate of 50%. We have the Marburg virus that causes Marburg Hemorrhagic fever which is a rare, but severe, fever caused by a filovirus (like Ebola) that has a mortality rate of up to 80%. We have hantavirus pulmonary syndrome with a 36% mortality rate in the US that is spread by contact with exposure to droppings of infected mice. (Which means an uncontrolled mice population could bring a new black death that, with unprecedented levels of population density, puts the first round to shame. Remember, just because mice commissioned the earth, that doesn’t mean they won’t kill us all when they are done with their little experiment.)

We could go on, but you get the picture. Not all countries have centres for disease control as advanced as the CDC or the ability to rapidly contain epidemics which could, in today’s hyper-connected and ultra-densely populated world, easily transform into global pandemics overnight. Hollywood might worry about us all contracting a hyper-infectious disease that turns us into zombies, but the reality is that the next plague will probably skip that step and make corpses of us all instead.

So why is SI being so grim? Because, despite the focus of most sites that focus in on the physical, financial, and information supply chains, the reality is that supply chains still run on people. People (control the machines that) make the goods. People control the money (even if it is just the people in banks sometimes). And people input the data that our information systems run on. Without people, supply chains will come to a halt from both an inbound (with no one to supply) and an outbound (with no one left alive to buy) perspective. Not only must we be ever vigilant in keeping our employees safe, but we must be even more vigilant in keeping them well. We need them alive.

And for those dreamers among you, you can forget about replacing your workers with robots or computer algorithms. Remember that we have been promised replacement robot workers since Elektro was debuted at the 1939 New York World’s Fair, but engineers still have not delivered. Not just because we have no true AI (and that’s a good thing*), but because we are still unable to construct systems as flexible and adaptable as the organic systems created by nature.

* what use would intelligent robots have for ugly sacs of water besides to harvest our bioelectric energy?**

** bonus points if you get the two references contained within