Category Archives: Risk Management

Global Supplier Visibility and Performance

Continued pressures to reduce costs while maintaining quality and other non-cost factors have caused enterprises to look towards outside providers. In many cases, outside providers refer to manufacturers and suppliers in foreign countries, thus adding other variability to an enterprise’s supply chain. Enterprises have undertaken various efforts to manage the new variability: supplier performance, supplier visibility, supplier costing and supplier collaboration are all activities which can help.

Aberdeen has just released the “2006 Global Supplier Visibility and Performance Benchmark Report” (sponsored access) that not only examines GSVP drivers, hurdles, strategies, and tactical action plans for more than 110 companies but offers solid suggestions for improving your GSVP programs.

Considering that Aberdeen has found that the average company has had an average of two major supply chain disruptions per year and that industry average and laggard companies are only able to meet customer-requested ship dates 40% of the time, the need for improved GSVP programs is becoming paramount.

Furthermore, Aberdeen found that despite all of the growing concerns regarding natural disasters, terrorist strikes, political uprisings, etc., the top 3 risks (accounting for over 75% of surveyed disruptions) are actually quality & supplier reliability, lead time increase, and the downstream effects of forecasting errors. Therefore, as I indicated in my posts on supply risk management (I: “An Introduction”, II: “Risks and the Need for Resilience”, and III: “Managing Risk”) and supplier performance management (I: “An Introduction”, II: “The Road to Success”, and III: “Best Practices”) on eSourcing Forum [WayBackMachine] , there is a lot you can proactively do to minimize the chances and effects of disruptions and significantly improve your on-time delivery (by as much as 50% in some cases), and the insightful Aberdeen report is a great start if you want to take your supply chain to the next level. I recommend checking it out. I’ll be posting my own thoughts on it later.

How dependent are you on your supply chain?

This summer, the Supply Chain Management Review ran an article entitled “Ready for the Digital Future” based on an interview with M. Eric Johnson, the Director of the Center for Digital Strategies at the Tuck School of Business at Dartmouth College. Re-reading it closely, I was struck by the quote “a lot of interesting learnings emerged from this research [on supply chain risk]. One that really caught my attention was that supply chain managers, and many managers in general, don’t fully realize how dependent they are on information flows and on others in the supply chain“.

You’re not just dependent on the manufacturer you get your components from, the third party logistics firms that handles transportation from the manufacturer’s warehouse to your plant, and the third party logistics firms that handles transportation from your plant to your customers warehouses, but the individual carriers on which they depend, the service providers that provide the systems that connect you with your suppliers and distributors, the telecommunications carriers that provide the backbones on which their systems run, the feeds from your customers indicating current and forecasted demands, the feeds to your suppliers indicating your current and forecasted demands, etc. Dozens of events could knock out part of your supply chain, and even a single point of failure could have wide reaching repercussions. In fact, that’s why most companies would not be able to articulate the dependencies until they really start digging down deep into the details of their supply chain operations and why you should be doing regular supply chain audits.

Another quote that caught my attention, and a point that is not often addressed well enough in articles about supply chain risk, is how do you protect intellectual property in your supply chain and with your partners. The research documented that all extended enterprises are leaking information all of the time. And they are leaking in ways that many managers would not believe unless I showed it to them. Now, sharing is important, as it is the basis of collaboration, but so is security. Make sure your collaboration systems are secure, your partners under NDA, and that you only share information with a third party that is relevant to the collaboration – in other words, don’t open your whole system when you are only collaborating on a couple of products, restrict access to information that relates to those products. Furthermore, make sure collaboration is based on trust and a common understanding that everyone’s IP needs to be protected. This will be just as effective as any security protocols you can put in place.

There are a number of other really good points in the article, which I highly recommend you read, but the last one I’m going to reflect on in this entry is his definition of a good digital strategy. A good digital strategy is:

  • aligned with the business strategy,
  • designed to harness the organization’s unique competencies, and
  • enabling of new levels of agility, trust, and collaboration.

In other words, supply chain technology is only useful when it aligns with the business. Your business should not have to align to the technology. This is why on-demand software-as-a-service solutions are great – you don’t have to revolve around technology, only solutions that serve your business. To that effect, I’d like to point out Tim Minahan’s recent entry on SaaS, “A Tale of Two Articles” (over on SupplyExcellence [WayBackMachine]), which notes that the center of power for enterprise application decisions has shifted from the CIO to the line-of-business executives and that SaaS makes this possible. With SaaS, you can choose the applications that best suit your need, and not the applications your IT organization is configured to support.

Supply Chain Audits

Recently, Supply and Demand Chain Executive published a guest column by Dr. Jeff Karrenbauer of INSIGHT entitled “The Case for Supply Chain Audits” which not only coincides with my views on the need for Global Supply Chain Visibility, Integrated Sales and Operations Planning, and Supply Risk Management, as well as the views I share with my colleague David Bush on “Supply Chain Weather-Proofing” (over on e-Sourcing Forum) and the need for solid planning, but emphasizes the fact that vulnerabilities cost dearly, noting that Terrorism, civil wars, dock strikes, attacks on oil fields in Saudi Arabia, potential pandemic, last year’s disastrous hurricanes and the ongoing threat of political, social and economic instability around the world have exposed U.S. firms to more than $300 billion in supply chain disruptions, according to a recent study by Aon.

The article points out that every chief executive, operating, and financial officer should be demanding a comprehensive supply chain risk audit and a corresponding set of mitigation strategies immediately, noting that only 11% of companies are actively managing risk (as per Aberdeen’s recent “Global Supply Chain Benchmark Report”) and that this action gap is one of the greatest weaknesses of current corporate global supply chain strategies.

As such, companies should perform a supply chain audit that identifies where supply chains may be vulnerable, the strengths and weaknesses of the supply chain, where response programs are weak, and where safeguards or alternative sources are missing. A supply chain vulnerability audit is a three-step holistic processes that encompasses the entire supply chain, starting with a company’s customers and the products they purchase, then working back to the uppermost tier of raw material suppliers. The result is a plan for resiliency in the form of right-sized and strategically located facilities with flexibility for the supply chain, thereby “hardening” it against disruption.

The three steps are:

  1. Educate
    Use case study examples from experienced supply chain planners that establish first principles to dispel false tribal wisdom, define concise terminology, and provide an overview of standard risk categories and mitigation methods. (See my supply risk management weekend series on eSourcing Forum for some basic methodologies: I: “An Introduction”, II: “Risks and the Need for Resilience”, and III: “Managing Risk”.)
  2. Audit
    Gather relevant data for all supply chain components, commodity types, customers, channels, and facilities; identify critical elements and specific categories of exposure for each component; and identify potential vulnerabilities. This step asks a lot of questions, including can we operate the business after a disaster? if not, what must we do to get back into operation as quickly as possible?.
  3. Prescriptive Analysis
    Determine what affordable changes can be made where to minimize risk and harden the supply chain to ensure business continuity after a disruption or a disaster. Use techniques such as critical commodity analysis, critical customer analysis, critical location analysis, and short-term crisis response analysis to formulate the action plans. Use sophisticated supply chain modeling tools to quantify and rank the cost and service effects of various scenarios and the effect of proposed improvements.

And when you consider that the article also points out that knowledgeable observers are predicting that supply chain certification may come to be required as part of Sarbanes-Oxley compliance, I’d say that an audit is a great place to start.

Quantifying the Value of Supply Chain Security Investments

As mentioned in a recent Industry Week article, recently the Stanford Global Supply Chain Management Forum, together with IBM, conducted a study in the manufacturing innovation series called “Innovators in Supply Chain Security: Better Security Drives Business Value” to determine if the significant levels of investment often required to improve supply chain security and mitigate risks was justified. This study, which was based on inputs from eleven manufacturers and three Logistics Service Providers (LSPs) that were considered “innovators” in supply chain security, clearly demonstrated that supply chain security provides quantifiable business value.

In addition to the collateral benefits of:

  • Higher supply chain visibility,
  • Improved supply chain efficiency,
  • Better customer satisfaction,
  • Improved Inventory Management, and
  • Reduced cycle and shipping time

The report quantified the following benefits that resulted in considerable cost reductions and savings for the study participants:

  • Improved Product Safety
    38% reduction in loss; 37% reduction in tampering
  • Improved Inventory Management
    14% reduction in excess inventory; 12% increase in on-time delivery
  • Improved Supply Chain Visibility
    50% increase in data access; 30% increase in data access timeliness
  • Improved Product Handling
    43% increase in the automated handling of goods
  • Process Improvements
    30% reduction in process deviation
  • More Efficient Customs Clearance
    49% reduction in cargo delays; 48% reduction in cargo inspections
  • Speed Improvements
    29% reduction in transit time; 28% reduction in delivery time windows
  • Resilience
    30% reduction in problem identification, response, and resolution times
  • Higher Customer Satisfaction
    26% reduction in customer attrition; 20% increase in new customers

Supply chain security challenges are becoming much more apparent with the rapid expansion of global trade. Currently, over 200 million containers are shipped to the world’s seaports annually, and the US receives approximately 17,000 containers today. With an average of only 6% of US containers physically inspected, increasing security concerns, and the recognition that security has to extend simply beyond asset protection, the US government has implemented and adopted a number of initiatives to minimize transportation risk. These initiatives include:

  • The Advanced Manifest Rule (AMR) / Advanced Cargo Information (ACI)
    that requires detailed cargo data for all modes to be submitted to the U.S. CBP before arrival and an ocean container is allowed into the U.S. only if detailed contents information has been electronically provided at least 24 hours before the container is due to be loaded on a ship at a foreign port of origin
  • The Container Security Initiative (CSI)
    being used by the U.S. government to push inspections and pre-screening upstream to originating ports
  • The Customs-Trade Partnership Against Terrorism (C-TPAT)
    a pseudo-voluntary security initiative that overviews security best practices and implementation procedures that will reduce inspections and expedite processing for participants
  • The Emergency Planning and Community Right-to-Know Act (EPCRA)
    that details information requiring environmental and safety hazards relating to hazardous materials to be given to people in the community
  • The Free and Secure Trade (FAST) initiative
    that allows low-risk goods being transported by trusted drivers via trusted carriers for trusted firms to pass rapidly through border crossings
  • The Smart and Secure Trade lanes (SST) program
    established by the container shipping industry to ensure the global security of cargo containers by way of a baseline infrastructure that will provide real-time visibility, physical security through non-intrusive, automated inspection and detection alerts, as well as a complete audit trail of a container’s journey

Failure to comply with any of these initiatives can lead to significant delays, and even disruptions, in your supply chain as the result of delayed loading, unloading, clearance through customs, or even diversions.

So what can you do to improve your security? Although the report did not focus on any specific initiatives, it did overview some of the measures taken by the companies that were interviewed. These measures included:

  • additional storage and transportation security
  • anti-piracy features / methods for identifying genuine products
  • product tracking tools / RFID
  • implementing measures to comply with voluntary security initiatives
  • advanced training programs
  • incorporation of security requirements into supplier contracts
  • development of a security knowledge base

The Global Supply Chain Benchmark Report

Yesterday we discussed the “Innovators in Supply Chain Security: Better Security Drives Business Value” report recently released by the Stanford Global Supply Chain Management Forum and IBM that detailed the qualifiable and quantifiable business benefits that result from supply chain security investments. Although the report detailed some of the initiatives being undertaken by the participants, including:

  • additional storage and transportation security,
  • anti-piracy features / methods for identifying genuine products,
  • product tracking tools / RFID,
  • implementing measures to comply with voluntary security initiatives,
  • advanced training programs,
  • incorporation of security requirements into supplier contracts, and the
  • development of a security knowledge base;

The report did not really detail generic priorities for visibility, collaboration, and trade compliance for companies that have identified the need for increased supply chain security or risk management. However, again Aberdeen comes to the rescue with the Global Supply Chain Benchmark Report (sponsored access) that identifies industry priorities for companies about to embark on risk management initiatives.

The report, which notes a critical lack of global supply chain automation, notes that the most critical areas that a company needs to address to keep up with global trade growth and increased competitive pressures are:

  • Supply Chain Visibility
    to increase the transparency and velocity of global activities
  • Business to Business Collaboration
    to improve supply/demand synchronization
  • Trade Compliance
    to ensure undisrupted movement across borders and take advantage of preferential trade agreements to lower total landed costs
  • Risk Management
    to ensure resiliency in the face of supply chain disruptions

The report found that:

  • On average, global supply chains are only 50% as automated as their domestic supply chains at large companies;
  • An astounding 90% of all enterprises report that their global supply chain technology is inadequate (to provide the corporate finance organization with the timely information it requires for budget and cash flow planning and management); and
  • Only 11% of the 82% of companies concerned about supply chain resiliency are actively managing risk.

As a result, Aberdeen recommends that you:

  • Extend supply chain visibility
    by moving to exception-based management of activities and increasing the number of monitored milestones
  • Scale business-to-business collaboration
    and implement collaborative forecasting, advanced inventory management, and replenishment applications
  • Go corporate-wide with trade compliance
    and move toward a single corporate wide trade compliance platform with comprehensive origin and trade agreement management
  • Institutionalize risk management
    and make risk assessment and contingency planning part of your standard operating procedure

In addition, based on the Innovators in Supply Chain Security report, I would recommend that you

  • insure your trade compliance platform incorporates advanced product features,
  • insure your visibility applications are fully RFID compatible, and
  • augment your risk assessment and contingency planning with extensive training on your visibility, collaboration, and compliance systems.

After all, according to the report, best-in-class companies:

  • have end-to-end and cross-functional automation,
  • use commercial visibility solutions to monitor order-line level status, inventory, and mobile assets,
  • collaborate across 3+ processes across multiple supplier and customer tiers,
  • run on an enterprise-wide trade compliance platform that includes preferential trade agreement optimization,
  • frequently perform 3+ logistics agility actions,
  • use managed services or BPO solutions to augment staff, supported by visibility and collaboration technology, and
  • manage supply chain resiliency to risk related events.

The report also contains some great recommended actions for laggards, industry average, and best-in-class companies, so check out the “Global Supply Chain Benchmark Report”!