In modern networked supply chains, the increasing number and frequency of severe supply chain disruptions means that "business as unusual" has become business as usual. According to a survey conducted last year, more than eight out of 10 surveyed companies have been hit by a supply or demand disruption during the past two years, with almost half of those firms suffering a loss of sales or revenue, and more than one-third having experienced lower profits as a result of a disruption. 1 While the reporting of natural disasters over ubiquitous social media channels tends to skew trends toward modern times, occurrences of large-scale natural disasters, such as the Thai floods, the Icelandic volcanic eruption, the Japanese tsunami, and more have in fact increased over the last century, as is evident in Figure 1. It is no secret that disasters are on the rise and are a reality of a globalized world.
Although the exact consequences of disruptions are hard to measure, the financial impact of such disruptions—both natural and man-made—can be indirectly estimated at both the macro and the micro level. One way to assess the impact of large-scale disruptions is to follow the trends in the stock indices that are specific to the country that has been most directly affected. For example, the Japanese earthquake and tsunami resulted in the Nikkei Index dropping by over 17 percent in the three days following the disaster; the September 11, 2001, terrorist attacks caused the Standard & Poor's index to lose nearly 12 percent over four days after the stock markets reopened following the incident. Supply chain disruptions can have a drastic impact at the organizational level too. A study by Singhal and Hendricks identified a considerable impact on revenue following a disruption, with 30 percent of surveyed firms estimating losses of at least 5 percent of annual revenue as a result of supply chain disruptions.2
Clearly, supply chain disruptions can have a domino effect on organizations and on global commerce. Natural disasters first cause disruption at the macro level. That can then affect an organization's supply chain as disruptions first impact the organization itself, and then cause a chain reaction spreading across suppliers, customers, partners, and the shared value chain. (See Figure 2.) In addition to a direct bottom-line cost impact, supply chain disruptions can also result in unhappy customers, loss of reputation, civil and criminal penalties, and even bankruptcy.
Supply chain disruptions are no doubt hard to predict, but organizations can control the extent to which these disruptions could impact their companies. Toward that end, it is increasingly important for organizations to develop mature risk assessment capabilities and techniques such as supply chain segmentation, quantitative risk assessment, and scenario planning. These tools allow supply chain executives to better understand supply chain risks and develop appropriate risk mitigation strategies.
Supply chain segmentation
Supply chain segmentation is both a strategic and an operational exercise. For the purposes of this article, it is defined as a SCOR (Supply Chain Operations Reference model) methodology that identifies distinct supply chains within an organization based on geography/market channel and product offerings. It can be used to identify unique supply chains and develop risk assessment and mitigation strategies for each of them.
As a precursor to assessing risks in the supply chain, it is important to first understand the unique supply chains within the organization. This is especially important in large organizations that have multiple product offerings that are managed via multiple distribution channels. While high-level risks can be assessed at the organization level, it is ideal to first segment the supply chain and then develop risk assessment programs for each unique supply chain.
One way to segment the supply chain is to use the SCOR framework, specifically the SCOR supply chain definition matrix. The supply chain definition matrix helps define the number of supply chains in relation to a company's customers and products or services. The columns in the matrix are focused on demand—markets, channels, and customers, while the rows in the matrix are focused on supply—business lines, products, locations, and suppliers.
Consider the example shown in Figure 3. A hypothetical company has three main product lines: food products, technology products, and durable products. Food products are distributed across five channels (U.S. retail, U.S. distributor, U.S. direct, U.S. government, and international). Tech products are distributed across three channels (U.S. retail, U.S. original equipment manufacturers [OEM], and international), and durables are distributed across two channels (U.S. direct and U.S. home). In effect, this organization has 10 unique supply chains, each with its own inherent supply chain risks.
It may not be practical for organizations to conduct a risk assessment on all of their supply chains, hence it is important to identify the most important ones using a "Supply Chain Priority Matrix" like the example shown in Figure 4. To set up this matrix:
This exercise can be conducted individually, but subject-matter expertise may be required from different departments. For that reason, it is recommended that it be done in a group composed of key personnel from the different product groups and operations teams. Moreover, since supply chain risks can impact different functions within an organization, it is important to engage cross-functional teams early on to make them aware of the supply chain risk management program and to seek their insight on strategic issues that may need to be considered in developing such a program.
Risk quantification is an operational matter. It consists of quantification of supply chain risks across nine categories, and the creation of functional risk profiles. Its purpose is to identify, segment, and prioritize different external and internal supply chain risks.
Once organizations have segmented and identified their most important, unique supply chains, they can then start to identify risks that are specific to their operations and quantify the risk elements. The following categories form a comprehensive base covering almost all aspects of an organization:
Internal risks: financial, production and inventory, transportation, labor, information technology (IT)
External risks: supply, demand, natural hazard, political
Organizations may choose to quantify the risks embedded in each category as listed above, or choose only a subset of categories, depending on what applies to their particular supply chain environment and business strategies.
The basis for quantifying risks starts with the fundamental formula:
Risk = Probability of risk occurring * Impact of that occurrence
To use this formula:
|Lower boundary||Upper boundary|
Scenario planning is a hypothesis-driven, strategic planning method that involves developing "informed predictions"—that is, "future state" scenarios—and building response strategies for operating under each scenario. Its purpose is to prepare an organization for most plausible eventualities, and to enable it to steer through disruptions in such a way that there will be no substantial impact on its supply chains.
Scenario planning was originally conceived in the 1940s for military applications. But the roots of modern-day scenario planning were developed in the early 1970s by the petroleum company Royal Dutch Shell. Back then, Shell developed a set of possible future scenarios and built response strategies around the price of oil for each scenario. As a result, Shell was better prepared than its competition in reacting to risk and volatility, and consequently made better headway than the rest of the industry.
At a high level, the process of developing scenarios is as follows:
The deployment of scenario planning by organizations and its continued use validates the method as a key aspect in strategic planning and in risk assessment. At a recent Council of Supply Chain Management Professionals (CSCMP) conference, a speaker highlighted a video that was shot in the 1960s, in which the narrator predicts how the world will look in the year 1999. It is quite remarkable how accurately future inventions were predicted and future-state scenarios painted. (By the way, this video is available on YouTube by searching for "Year 1999 A.D.")
The benefits of implementing scenario planning are summed up by one of its pioneers, Arie de Geus: "Scenarios are stories. They are works of art, rather than scientific analyses. The reliability of (their content) is less important than the types of conversations and decisions they spark."
Art and science
Accurately predicting disruptions and completely mitigating risks remains improbable, but by implementing the risk management practices described above, practitioners can be better prepared to manage risks and mitigate some of their impact. In addition, the above techniques can help practitioners: segment the supply chain based on product groups and marketing channels and identify risks specific to each segment; identify risk categories and quantify each risk item based on probability and impact; and plan strategically and develop risk mitigation strategies for different future-state scenarios.
Supply chain risk management is both an art and a science. The art aspect comes from years of experience and sometimes reflects "gut feelings," and the science aspect comes from developing and implementing risk management capabilities in the organization. While three risk management practices were highlighted in this article, it is also worth exploring the newer methods that continue to be developed as organizations search for improved ways of managing supply chain risk and developing competitive advantages in increasingly globalized and complex supply chain networks.
1. The Chief Supply Chain Officer Report 2012, SCM World (September 2012).
2. Kevin B. Hendricks and Vinod R. Singhal, "An Empirical Analysis of the Effect of Supply Chain Disruptions on Long-Run Stock Price Performance and Equity Risk of the Firm," Production and Operations Management 14.1 (March 2005): 35-52.