Over the last decade, the globalization of business -- and the manufacturing industry in particular -- has made it imperative for executives and risk managers to reassess how they manage the growing number of risks facing their organizations, especially those affecting supply chains. Effective supply chain risk management in the manufacturing organization goes beyond traditionally insured risks such as tangible assets and related liabilities; rather, it focuses on the assets as part of a process. With rapid change in today's international business environment contributing to increased risk exposure across all operational functions, senior management must consider a more comprehensive risk management program that emphasizes efficiencies and addresses a wide variety of traditional (or insurable) and nontraditional (or noninsurable) risks.

Risk in the Evolving Supply Chain Process

Supply chain trends such as offshore manufacturing, global outsourcing and lean sourcing continue to impact the supply chain. In fact, supply chain risk management has taken center stage as a vital risk management priority. According to a 2007 survey by AMR Research, 46% of companies planned to evaluate and/or implement supply chain risk management technology in the next 12 to 24 months. While 28% of the companies surveyed identified supplier failure and continuity of supply as their top risk concerns, companies also identified nontraditional risks -- brand and reputation issues, regulatory compliance, product safety and catastrophe exposure -- as potential threats.

The survey results highlight not only the increased emphasis senior leaders are placing on supply chain risk management initiatives, but also the evolving spectrum of risks and uncertainty associated with the modern supply chain process. Increasingly, risk managers are tasked with developing organizational responses to risks associated with global and interdependent supply chains in a variety of manufacturing operations. In turn, this development has led to more complex communication pathways and greater demand for the identification, measurement, and financing of risk mitigation related to potential business interruption losses.

To keep pace with the dynamic changes taking place both inside and outside the manufacturing organization, risk managers -- in cooperation with senior management -- must embed risk management practices into all mission-critical points along the supply chain. By teaching risk management techniques to key supply chain personnel, risk managers can encourage the use of appropriate risk-based decision-making techniques. This allows supply chain managers to make more informed distinctions between the competing priorities of process cost-effectiveness and controlled efficiency of enterprisewide risk exposures.

For example, in the effort to maximize efficiencies, supply chain managers may seek to implement just-in-time inventory, although this solution can run counter to a traditional risk management tendency for system redundancies. In fact, supply chain managers are regularly asked to make similar decisions with important risk management implications. Such decisions include discounted versus quality vendors; a single, dedicated high-volume source versus multiple sources; and a small number of high-volume distributors versus multiple distribution relationships.

As the foundation of a successful manufacturing organization, a healthy supply chain is a vital goal for any risk manager. Risk managers must place themselves at the heart of the supply chain process by taking the time and effort to become intimately familiar with all the components that drive this critical business process. As a result, risk managers can influence risk decisions made within individual functional areas of the supply chain and guide decisions on which subsequent risk mitigation steps to take.

A Risk Manager's Perspective

From a risk manager's point of view, following are the three key objectives of an effective supply chain risk management strategy:

  • identifying and prioritizing critical business elements
  • mapping the entire supply chain to show interdependencies
  • identifying potential failure points along the supply chain

Under a traditional risk management platform, risk managers examine the various supply chain components -- procurement, manufacturing, real estate, logistics, legal and warehousing -- and work to identify and evaluate the potential consequences of risk. While those actions play a vital role, a fully comprehensive supply chain risk management plan takes the process a step further by continually engaging senior management and the functional supply chain managers to become active participants in the overall supply chain management process.

In this way, risk managers can become integral players in the supply chain while creating multiple "operational risk managers" in the overall process. They can implement a variety of advanced risk analytic tools, such as value prioritization and allocation, and gap analysis. Comparable to the "numetrics" used by many supply chain managers, risk managers can monitor process exposures by risk-scoring various owned, supplier, or customer geographic locations for natural catastrophe loss potential or using sophisticated modeling techniques to improve risk-adjusted decision making. Furthermore, risk managers will have the ability to use such quantifiable risks associated with the supply chain to enhance risk-based scenario planning and analysis.

The ultimate goal of an effective and comprehensive supply chain risk management strategy is to embed risk awareness into all the core elements of the organization, from the C-suite through supervisors and department heads across the various supply chain functions. Ideally, this goal can be accomplished through the construction of a formal, cross-functional supply chain risk management team that offers a full "cash-to-cash" view of the supply chain's internal and external constituents.

Comprehensive supply chain risk management plays an important strategic role in the operation of a successful manufacturing business, protecting its most valuable assets while creating a unified and high performance risk mitigation model.

Robert J. Schneider is managing principal of the risk management practice at. ISO provides data, analytics, and decision-support services to professionals in many fields, including insurance, finance, real estate, health services, government, human resources, and risk management. Using advanced technologies to collect, analyze, develop and deliver information, ISO helps customers evaluate and manage risk. For more information, please visit www.iso.com.


Interested in information related to this topic? Subscribe to our weekly Value-chain eNewsletter.