Category Archives: Risk Management

There’s No Such Thing As Low-Cost Country Outsourcing

The Business Continuity Institute (BCI) recently released the main results of its study across 35 countries that found that 70% of organizations recorded at least one supply chain disruption in 2010. While this is not news, as the statistic has been this high for a few years now, what is news, as highlighted in a “Procurement Leaders summary” is that where businesses have shifted production to low cost countries they are significantly more likely to experience supply chain disruptions, with 83% experiencing disruption. In other words, your chances of a disruption are greater than 4 in 5 if you use low-cost countries! With an average disruption cost exceeding $700,000 ten percent of the time and an average impact on stock price of 9% (source: PWC), there’s nothing low-cost about low-cost country outsourcing once you factor in the losses from the inevitable disruptions!

Then, when you add the fact that 1 in 5 disruptions result in (serious) damage to your brand, you need to ask yourself why so many of you still believe in this fairy-tale. It’s equivalent to looking for the pot of gold at the end of the rainbow. You’re not going to find it.

Share This on Linked In

Should You Be Sharing the Risk?

A recent article in the Supply Chain Management Review on “procurement risk management: what it takes to be a leader”, which correctly states that risk is part of business, noted that, even though procurement has become a frequent topic in the risk management conversation, few companies are translating their trepidations into formal procurement risk management capabilities. Considering that risks have grown considerably in recent years and that at least 7 in 10 companies will experience a major disruption this year, with almost 9 in 10 experiencing some form of disruption, this is not good. Risk management needs to be front and centre in supply chain planning.

But is that enough? Let’s say you put it front and centre, identify your top ten risks, and outline your risk mitigation and/or recovery plans for each risk. Classic thinking would say you’ve done a great job, but have you? If it’s a natural disaster, you’ve probably done all you can do since it’s an event that no one has any control over. But what if it’s a production line breakdown at a key plant of a sole-source supplier? Have you done everything you can? Maybe there’s nothing you could have done to prevent it, but, chances are, there was something your supplier could have done to prevent it.

And maybe they would have if they had more incentive — which leads me to believe that the leaders identified in the referenced 2009 Accenture Study who insist on risk-sharing clauses and back-to-back contracts might be on to something. If both parties agree to share risks, and the costs associated with such risks, both parties are more likely to be alert to risk signals and to take action before a minor interruption becomes a major disruption. If both parties are serious about risk, it’s the right way to go.

Share This on Linked In

If You Think Black Swans Aren’t Deadly …

Consider these recent articles about Hannibal, the rogue killer swan who has, to date, brutally murdered 15 and injured at least 22 more swans in his attempts to drown any swan that gets too close.

Why does he do this this? Unknown, but the current theory is that the water, which is brackish, salty, and quite polluted, is the cause.

Moral of the story? Keep your supply chain clean!

Remember, Hannibal is only a white swan. Imagine what the black swan will do to you if he gets you in his sites!

To Really Be Successful At Supplier Risk Management, ADMIRE!

Not only is supplier risk at the forefront of thought these days, but articles on it are at the forefront of online publications as well, including this recent article in Supply Chain Digest on the key drivers of successful supplier risk management. However, most of the articles miss the point.

For example, according to this article, the trick to successful supplier risk management is to:

  1. engage top-level management,
  2. segment suppliers based on relative risk,
  3. rigorously measure and manage risk,
  4. give category managers tools and training, and
  5. collaborate with key suppliers.

Which is all good advice that is fine and dandy, but it misses the point. Risk management is all about identify risks, identifying mitigations, monitoring risks, and executing mitigations at the appropriate time. Management support is important, but it doesn’t have anything to do with risk identification or mitigation. Segmentation is a good tactic as more attention needs to be placed on suppliers which represent more significant risks, but again it has nothing to do with risk identification or mitigation. The same goes for giving category managers tools and training. Collaboration is relevant only if the mitigation requires collaboration. In other words, in this list, the only key driver is the “rigorous management and mitigation of risk”.

The reality is that success depends on your ability to ADMIRE the situation. Specifically, the ability to:

  • Ascertain the risks,
  • Define the risks that could cause significant damage,
  • Monitor those risks,
  • Identify appropriate mitigations,
  • React when signs of the risk begin to materialize, and
  • Engage the supplier when collaboration is required to mitigate the risks.

That’s it.

Share This on Linked In

Quality DOES NOT Equal Risk Management

Every now and again I see a headline that causes me to foam at the mouth. One of the most recent examples is a recent article in Industry Week titled “Quality Equals Risk Management”. While I’m generally a fan of this publication, I can’t stand it when a headline makes such an erroneous claim.

Quality is a by-product of proper Risk Management. Quality Control is an aspect of proper Risk Management. But even Quality Control does not equal Risk Management! Risk Management is a broad initiative that looks at, and attempts to mitigate, all of the risks in your physical, financial, and information supply chains. This includes managing financial risks around currency exchange, commodity prices, and economic instability. Environmental risks around natural disasters, climate change, and accidents involving hazardous materials. Political risks involving terrorism, the proliferation of Weapons of Mass Destruction (WMDs), failing states, and crime. Compliance and Regulatory risks stemming from globalization, expansion and restriction of trade, and regional instability. Workforce risks from infectious and chronic diseases, pandemics, and liability regimes. And other product risks from lack of raw materials, transportation breakdowns, and theft. Quality is just one aspect of risk — and quality control is just one aspect of risk management!

All quality suggests is that you have good quality control programs in place — but it doesn’t even guarantee that! It might mean you have a high quality supplier who takes pride in their work and goes the extra mile to insure quality despite your shoddy practices. And while the article is right in that quality is the most powerful when it is engaged to prevent defects instead of detecting them after the fact, it is still only one aspect of a well rounded risk management program.

Share This on Linked In