Category Archives: Risk Management

Supply Chain Disruptions Come Without Warning

Everyone is still talking about the recent Japan earthquake and the ramifications it will have on your supply chain for weeks, months, and years to come. No one is talking about the fact that, thanks to global warming, forest fire season is now upon as and that more than 30 wildfires raged through Oklahoma last weekend (Fark.com) and that it only takes one fire to destroy a plant or distribution centre.

But it doesn’t take a natural disaster or a political uprising (such as the recent ones in Egypt and Libya) to instantly shut down your supply chain. A simple regulatory decision can have ripple effects through your supply chain. On March 10, the US Transport Security Administration (TSA) issued an emergency amendment to security measures that would take effect immediately that required freight forwarders with air cargo operations at non US locations to request additional information for all shipments on each master airwaybill ( MAWB ). As a result, Air Canada had to embargo all cargo flown to the US until further notice until they could be sure they were in compliance. (Canadian Manufacturing) Now, this embargo only lasted a day, but it could have lasted a week had the regulatory change been more onerous. But like a natural disaster, this disruption came without warning to shippers who relied on Air Canada to deliver their goods to the US.

That’s why you need contingency plans drawn up and ready to go, because you never know when you will need them.

ERP is NOT Always the Answer

Reading this recent article on “Mitigating Risk and Exposure from Subsidiary Operations” in Industry Week, one could get the impression that the only way to mitigate risk is to deploy one or more (connected) ERP systems to manage corporate data. Nothing could be further from the truth. While you do need consistent data and compatible systems, you don’t need an ERP. But I guess I should have expected such misleading advice given that the article was written by a VP at SAP, one of the biggest ERP vendors in the world.

According to the article, in order to mitigate risks to the company’s supplier, quality, liquidity, financial reporting, and unbudgeted spending, a company must streamline and automate mostly manual systems to:

  • enable the sourcing group to automatically provide information on preferred suppliers and negotiated terms to every subsidiary
  • enable headquarters to have ongoing visibility into cash-on-hand and receivables and payables across the organization
  • streamline the financial consolidation process
  • streamline inter-company purchasing transactions
  • implement collaborate processes such as forecasting and budgeting

Furthermore, according to the article, to accomplish this automation, a company needs to either:

  • deploy the same ERP system across the company,
  • deploy a two-tier ERP with simple data integration, or
  • deploy a two-tier ERP with process integration.

First of all:

  • A (cloud-based) SaaS e-Sourcing/e-Procurement platform with contract & supplier management can maintain preferred suppliers and terms and be accessible by every subsidiary.
  • A shared (cloud-based) SaaS accounting / finance system will allow headquarters to have a view into each subsidiary’s financials …
  • … and this shared system will streamline financial consolidation.
  • A (cloud-based) SaaS e-Procurement system will streamline inter-company purchasing, and
  • a cloud-based inventory / distribution / warehousing / logistics management system will allow for collaborative forecasting and budgeting.

So you don’t even need an ERP at all to accomplish the stated goals. Furthermore, while you do need integrated data, you can maintain this data with a simple relational database and integrate it using an off-the-shelf data analysis package with good ETL (extract-transform-load) tools that can merge flat-file data dumps from each system into one file/database for analytics purposes.

This isn’t to say that an ERP at headquarters to maintain master data isn’t worthwhile, just that you don’t need one, and that you certainly don’t need ERP deployments at all of your subsidiaries to accomplish the goals, which is important because enterprise ERPs generally cost seven figures and the cost is generally not justifiable for a small subsidiary.

One Important Lesson Not Learned From Six Failed Implementations

Over on the 21st Century Supply Chain, you’ll find a post entitled “six lessons learned from six failed software implementations” which is quite scary, because it indicates that there was one very important lesson that the organization did not learn.

If you don’t understand the technology, get a 3rd party consultant who is an expert in technology to guide you. (Don’t rely on a vendor!)

One failure is understandable. Every organization will fail in a technology project at one time or another. What’s important is what happens next. If the organiztaion is able to identify what it believes are the (primary) reasons for failure and solutions to those problems, then it is understandable if the organization tries again on its own. (And if it doesn’t, see the above lesson.) If it fails again, then the organization has to admit that it needs help and get the help it needs.

Because if it doesn’t, it’s just going to fail again and again and every other lesson learned is going to be irrelevant because the likelihood of it succeeding in time to get an ROI is slim, approaching none over the long term.

How to Tell the CEO that Your Legacy ERP is a Disaster Waiting To Happen

This recent post over on the HBR blogs about “a system for speaking IT truths to CEOs” is a must read for every CIO and CPO alike. Both the CIO and CPO know that every IT purchase has a life-span and that every piece of legacy software is a ticking time-bomb waiting to detonate and cost the company millions of dollars in a matter of days (or hours, as Comair found out in 2004) if it is not safely disposed of before the clock runs out, but both often have problems conveying the message.

According to the author, who modified a methodology used by medical doctors who often have to deliver bad news on a regular basis, the following seven-step process will often make the process easier.

  1. Understand the CEO’s perceptions
    Does the CEO grasp what a legacy systems issue is?
  2. Hold the calls
    Deliver the bad news in one, uninterrupted, focussed session.
  3. Enlist a business ally
    Make it a business problem, not just a technical one.
  4. Stick to the Facts
    Focus on the risk and the associated loss. CEOs are generally NOT technical.
  5. Don’t Improvise
    Have a set of best-, typical-, and worst-case scenarios prepared in advance and do not deviate.
  6. Insist on Immediate Action
    Infuse a sense of urgency and a time line for corrective action.
  7. Have a Clear Next Step
    Have a specific plan for getting to the goal.

It’s certainly worth a try if you don’t have a better option (and, chances are, you don’t).

If You Don’t Understand Your Energy Risk …

… those hard-earned “savings” could disappear overnight if:

  • oil surpasses $100 a barrel again
    (which many economists and futurists think it will do by the end of the year)
  • carbon taxes are imposed
    (which are unlikely to be postponed much further)
  • energy grids hit capacity
    (and the organization is forced to get its own power plants up and running quickly)

And if that isn’t scary enough, there’s a 69% chance that your organization does not understand it’s energy risk, according to a recent survey by Treasury and Risk (as quoted in a recent Technology Review article on “Navigating Your Energy Risk”). It’s about time your organization calculates its carbon footprint. Unless the risk is known, the organization will be unable to mitigate it when energy prices rise rapidly or carbon taxes are introduced in one of its locales of operation.