Guest Post by Geary Sikich (first posted on CERM ® RISK INSIGHTS – reposted here with permission)
Introduction
It is mid-year 2014 as I write this article. We have recognized the need to better manage supply chain risks for the better part of a decade now. Yet, we still seem to be deluded into thinking that the modern supply chain is resilient to the point of invulnerability. Most organizations have a supply chain that is a mix of competencies, from manufacturing to professional advisory services.
Developing business continuity strategies and embedding business continuity processes into an organization’s procurement process can enhance the organization’s ability to actively assess vendor capabilities. By creating a flexible framework for augmenting, retaining, or shedding vendor competencies in order to assure supply chain integrity, the organization can meet customer demand, customer expectations and generate consistent performance.
No one company can deliver end-to-end products and/or services in today’s complex business environment. Your company, like other companies is most likely dependent on vendors of various types (manufacturing, profession services, software, transportation, etc.) to meet customer expectations. Four basic assumptions form the underlying premise for this article:
Complexity: Companies today are complex and their procurement processes are complex management systems operating within multiple networks
Touchpoints: All of a company’s touchpoints (downstream & upstream) within its networks must be considered to effectively evaluate risks, threats, hazards and vulnerabilities to determine the effects and consequences of degradation on the entire system
Responsiveness: Actions at any given level within the network may be inadequate unless the entire network responds in kind
Resource Constraints: Most levels and groups within the company and the supply networks supporting the company lack the resources and specialized skills to know what to do to maximize operational resilience within the network
The integration of vendor business continuity capability as part of the procurement process is becoming an integral part of company strategy. Effective business continuity strategies, like supply chain assurance, need to be designed. Integrating business continuity principles and concepts into the a company’s business portfolio planning process and at each stage of product/service life cycle can provide opportunities to enhance the procurement process, allowing your company to deliver superior products and/or services solutions to its customers.
It is All about Survivability
If you want senior management to pay attention give them something that challenges their focus – and understand that their focus is not on how diversified your supply chain is or that you have a business continuity plan or that your customers are loyal. Senior management is focused on one thing and that is business survivability – will we be in business tomorrow given the issues that we face today.
Can you identify the risks, threats and vulnerabilities that affect your organization’s continuity of business operations? Or, are you just deluding yourself into a series of ill-fated false assumptions that leave your organization with meaningless plans, misguided efforts and lack of buy-in for the value of risk management and continuity planning? When I make the statement in the first sentence of this paragraph, I am referring to the entire “Value Chain” that comprises your organization’s end-to-end touchpoints; that is from customer to supplier, vendor, contractor, consultant and all points in between (senior management, middle management, staff).
Structure – a key element
Identifying risk issues in the “Value Chain” touchpoints (internally and externally) needs to be one of the first steps in the process. Developing a custom fitted questionnaire for all elements of the “Value Chain” as well as internal stakeholders can provide a basis for moving forward. Applicable policies, procedures, recognized “best practices” and regulatory requirements set the benchmarks from which metrics for assessing vendor business continuity capabilities can be developed. Integration criteria should be contained in the vendor’s contract; spelled out in specific terms.
Touchpoints – Internal and External
Identifying procurement touchpoints should be undertaken to assure that key continuity concerns are adequately addressed. Internal touchpoints may include any part of the organization that has direct and/or indirect interface with the procurement process. This would include customer relationship/service touchpoints, strategic planning, quality assurance, operations, human resources, legal, audit and, in some instances, the officers and board of directors of the enterprise. Identifying external procurement touchpoints may seem simple, but when you begin to identify vendors, you have to realize the components that allow the vendor to get their product or service to you are also touchpoints. Therefore, identifying external procurement touchpoints becomes more complex. In addition, due to the popularity of outsourcing today, we are finding that vendors are also outsourcing. A tiered approach to identifying external procurement touchpoints can facilitate organizing the process.
Vendor Continuity Capability Questionnaire
Developing the vendor continuity capabilities questionnaire needs to be carefully thought through. You are, in essence, creating a legal document that could contain sensitive information and must be protected. You are also creating a potential liability document for yourself.
Let me explain; the legal term, constructive knowledge is defined in Black’s Law Dictionary thus, “If one by the exercise of reasonable care would have known a fact, he is deemed to have constructive knowledge of such fact; e.g. matters of public record.” Constructive notice is defined in Black’s Law Dictionary thus, “Such notice as implied or imputed by law, as in the case of notice of documents which have been recorded with the appropriate registry of deeds or probate. Notice with which a person is charged by reason of the notorious nature of thing to be noticed, as contrasted with the actual notice of such thing.” Negligence is defined in Black’s Law Dictionary thus, “The omission to do something which a reasonable man, guided by those ordinary considerations which ordinarily regulate human affairs, would do, or the doing of something which a reasonable and prudent man would not do.”
With the type of information that you will collect in order to assess vendor continuity capabilities, your organization could be held liable, under the concepts of negligence (foreseeability), constructive notice, and/or constructive knowledge, for NOT taking action to mitigate potential losses. The questionnaire that we have most often utilized consists of eight parts as highlighted below:
- Part 1: Governance Provisions & Management Commitment
- Part 2: Business Continuity Strategies: Developing and Implementing BCP
- Part 3: Business Impact Analysis, Risk Evaluation & Control Mechanisms
- Part 4: Maintaining Continuity: Training, Awareness, Exercising & BCP Updates
- Part 5: Incident Response Operations
- Part 6: Crisis Communications
- Part 7: Coordination (External Entities)
- Part 8: Vendor Certification
The length of vendor questionnaires will vary with the industry group represented and the depth of initial analysis that the procurement group chooses to perform. Generally, the questionnaires that have been developed for clients have contained approximately fifty questions. The questions are designed to require the vendor to provide quantifiable answers. Should the procurement group assessing the adequacy of the answers determine that there is a need for further analysis; a formal audit team is assembled to determine how to resolve the concern over vendor continuity capability.
Vendor Continuity Capability Assessment
During the course of assessment data will be collected, analyzed and developed into assessment findings and recommendations regarding vendor continuity capabilities. The data should be organized by Essential Element of Analysis (EEA) criteria that the organization establishes and uses to conduct data collection, analysis and evaluation. Examples of typical EEA are summarized below.
- Organization: As defined herein refers to the current procurement process, vendor roles/responsibilities and deliverables during the procurement process life-cycle and current criteria for the organization’s business continuity programs and plans.
- Vulnerability Identification and Control: As defined herein refers to establishing minimum acceptable criteria for vendor vulnerability identification and control methodologies as these methodologies relate to vendor business continuity programs and plans and the ability of the vendor to integrate its methodologies on a sustainable basis with the client’s business continuity management strategy.
- Continuity Strategy and Approach: as defined herein refers to the metrics developed and used to verify vendor integration of business continuity management program and plans with the client’s business continuity management strategy.
- Documentation: As defined herein refers to the documentation of vendor business continuity management program and plan capabilities.
- Resource Management and Development: As defined herein refers to the metrics for vendor validation of staffing (Business Continuity staffing) and associated vendor integration of continuity planning, resource development and awareness of continuity.
- Continuity Maintenance: As defined herein refers to the procedures used to assure resilience of the vendor continuity process.
Objectives
The overall objective of integrating business continuity criteria is to facilitate the ongoing development and implementation of enhancements to the procurement process including program management (normal operations and incident management operations), stakeholder communication and knowledge transfer associated with vendor business continuity management programs for vendors operating within your company’s procurement system.
In developing the overall design objectives careful consideration should be given to ease of use by procurement staff, other personnel and external parties (as appropriate). Three elements associated with enterprise assurance apply:
- Strategic Element consisting of support for compliance efforts, communications to stakeholders (vendors, customers, internal groups, etc.) and strategic active analysis processes.
- Grand Tactical Element consisting of support for implementation efforts, sustaining business operations, communicating upwards (internal focus), and grand tactical active analysis processes.
- Tactical Element consisting of direct specific implementation steps, communication upwards (internal focus), external communications (vendor interface), mitigation of noncompliance/nonconformance and tactical active analysis processes (scorecards, vendor continuity questionnaire, etc.).
As with any process negotiating continuity commitments may need to be addressed on a case-by-case basis. Once the evaluation process has been completed, it must be managed, enforced and monitored to assure continuity of operations compliance.
Procurement Planning Considerations
Procurement planning considerations will generally consist of the normal day to day functioning of the procurement process. Supply Chain Business Continuity integration elements should consist of a tiered evaluation structure focused on four aspects as presented in Figure 1, Supply Chain Business Continuity Elements. These elements consist of:
- Comprehending and describing supply chain continuity requirements
- Conducting business continuity capability assessments
- Evaluating business continuity capabilities
- Identifying actions to be taken
Each phase of the procurement process can be designated an Essential Element of Analysis (EEA), as defined previously. We recommend that each EEA incorporate in the scorecard process a tiered analysis structure consisting of Measures of Effectiveness (MOE) and Measures of Performance (MOP) to provide metrics for
facilitating the scoring of vendor and potential vendor business continuity capabilities. A Measure of Effectiveness (MOE) is a metric that forms subgroups of information relating to specific areas encompassed by an Essential Element of Analysis. A Measure of Performance (MOP) is a data structure. Measures of Performance answer a specific question. Measures of Performance are grouped to form Measures of Effectiveness. Measures of Performance are measurable and observable, that is, they provide a quantitative basis for evaluation of a specific area. For example, a Measure of Performance might be, “What is the current credit rating for the Vendor under consideration?” Illustrative examples of the EEA – MOE – MOP structure are provided and discussed later in this report. Figure 2, Vendor Business Continuity Metrics, provides an illustrative example of these structural components.
Your company faces a variety of risks that have a potential impact on its supply chain assurance. These can be articulated as either internal or external as depicted in Figure 3, Internal and External Vulnerability Drivers.
These drivers and the ability to manage them (put into place contingency measures) often are interconnected. Understanding this potential interconnectedness is a key factor in assessing vendor business continuity capabilities. Internal and External vulnerability drivers can materialize in a variety of ways. Making vertical, horizontal and diagonal connections between drivers can provide a conceptual understanding and potentially reduce unexpected outcomes as you identify how risk is uniquely embedded in your company’s supply chain.
Risk can be context sensitive, as risk elements interact in different ways depending on the situation. Understanding the potential interaction of risk factors facilitates the ability to measure business continuity capabilities and plan for offsets that can be implemented should a disruptive event occur.
Figure 4, entitled, “Sample Roadmap for assessing vendor capabilities” is an illustrative example of a roadmap for the process of assessing vendor capabilities. The assessment process has been designed to provide a phased approach with progressively more detail accumulated at each phase of the procurement process. This assessment process can be easily embedded into your company’s procurement scorecard system, enabling you to incorporate vendor business continuity evaluation as an integral component of the procurement process.
As depicted in Figure 5, “Typical Procurement Process” the integration of recommended business continuity metrics in the procurement process should be related to the key elements of the procurement process. Incorporating the recommended business continuity capability assessment at each phase of the procurement process can help identify vulnerabilities, develop consequence management strategies, plans and implement mitigation strategies.
Upon conclusion of assessment at each phase of the procurement process you can evaluate vendor business continuity capabilities allowing a “go/no go” decision based on measurable criteria. Prior to proceeding to the next stage in the procurement process the vendor will have been vetted and the next stage evaluation can allow you to continue to refine the vetting requirements and gather more detail on vendor continuity capabilities. Having an in-depth understanding of vendor capabilities at each phase of the procurement process can allow critical decision-making at earlier stages of procurement and can thus can enhance communications between you and your vendors regarding business continuity issues.
Embedding into the procurement process specific business continuity objectives, guidelines and assessment metrics can enhance decision-making, communications (vertical/horizontal) and resource management. In addition to the Vendor Continuity Questionnaire, you can develop worksheets that can be incorporated into each phase of the procurement process to further facilitate the assessment of vendor business continuity capabilities. The benefit of having vendor continuity capabilities catalogued and indexed is threefold. First, the company can begin to assess and quantify the risk impact of an event. Second, a determination of how long the risk exposure will last before the event is mitigated and/or the exposure is rectified. Third, a determination of potential recovery costs in terms of emergency actions can be estimated.
Early assessment and quantification of vendor, supplier, etc. business continuity capabilities is essential. In addition to the Vendor Continuity Questionnaire we have developed a set of nine Risk Analysis Worksheets. These worksheets are structured to build on the evaluation criteria in the form of Essential Elements of Analysis, Measures of Effectiveness and Measures of Performance. They are listed below.
- Worksheet 1: Describe the Supplier
- Worksheet 2: Determine Demand Risk
- Worksheet 3: Determine Supply Risk
- Worksheet 4: Determine Process Risk
- Worksheet 5: Determine Control Risk
- Worksheet 6: Determine Environmental Risk
- Worksheet 7: Evaluate Implications
- Worksheet 8: Identify Actions
- Worksheet 9: LMSCARVERtm Supply Chain Risk Analysis
We recommend that your company and its vendors negotiate periodic assessments of sub-tier vendors (vendor’s suppliers) to further assure business continuity capabilities. This can be accomplished through contractual requirements executed at the initial stages of vendor engagement. Your company can utilize the Vendor Continuity Questionnaire and Risk Analysis Worksheets to facilitate consistency of the vendor’s depth analysis. Figures 6, 7 and 8 provide illustrative examples of depth analysis determination criteria.
Procurement Incident Management Considerations
The second part of the procurement process relating to vendor continuity should address incident management considerations. A vendor can complete the vetting process (Vendor Continuity Questionnaire, Risk Analysis Worksheets, Scorecard, etc.) and still experience a disruption that could affect you company’s ability to meet customer requirements (i.e., Philips, Ericcson, Nokia). Having an incident management system as a component of the procurement process can allow your company to respond, recover and restore supply chain operations with less potential for massive disruption. Incident management can range from assessing and classification of a vendor incident to implementation of response actions, such as sending your personnel to vendor facilities to assist in incident mitigation processes.
Contingency alternatives can range from having backup response plans to alternative sources of supply. Once the connected risk themes are identified and evaluated, actions to address consistent themes throughout the procurement process can be taken. Identification of consistent risk themes across a number of risk dimensions can help to determine where your company should place significant effort to mitigate the risk exposure.
Disruptive events (figure 9) as they occur need to be classified by their level of severity in order to determine the potential impact they may have. A classification system can provide a consistent framework for evaluation; enhance the communication process allowing ease of communication between internal and external groups and facilitate response, management, recovery and restoration efforts.
In addition to the event classification system the incorporation of an event assessment form that would be used in conjunction with the Event Classification System for determining the event classification level and for facilitating discussion within your company and with the affected vendor(s). As depicted in figure 10, the degree of degradation of service minus the level of preparedness equals the time for recovery. The less prepared an organization is for service disruption the longer it takes the organization to recover its operations and restore service levels. Having a classification system can enhance the ability to identify potentially disruptive situations early and determine how to respond effectively to minimize the level of service impacts.
The procurement process represents the first line of direct contact with vendors, suppliers, etc. Detection by procurement personnel at any stage of the procurement cycle of potential disruption and classification of severity can allow your company to implement its BCP plan and coordinate with the affected vendor to assure continuity of operations and to mitigate the disruptive event.
Early detection, classification and response can lead to less of a drop in service; a potential reduction in the chaos associated with a disruptive event and shorter recovery and restoration timeframes. Figure 11, depicts the typical functions performed at various levels within an organization as it moves from response to restoration. This figure also depicts the focus for an organization at the tactical, grand tactical and strategic levels. At the tactical level the focus is generally on event response and mitigation. The focus at the tactical level should be on response and mitigation while the need at the tactical level is for support from the next level (grand tactical). At the grand tactical level the focus should be on support for the tactical response.
Additionally, at the grand tactical level the focus should be on the prevention of cascade and containment of cascade effects on the organization. At the strategic level the focus should be on management oversight, coordination and facilitation of restoration of services. It is important to note that a key element in this vertical and horizontal process of detection, classification, response, management, recovery and restoration is seamless communications. Seamless communication is based on the adoption of common terminology and in the functions represented at each level, as shown in figure 11.
Phased Development and Integration
With any large scale project, such as the integration of vendor business continuity criteria into the procurement process, attempting to implement on a grand scale can lead to chaotic results. A phased approach to implementation and integration would generally consist of five phases:
- Phase 1: Assessment & Vendor Continuity Questionnaire – deliverable: letter report with executive summary that will include discussion and recommendations based on the results of the review of Essential Elements of Analysis (Report).
- Phase 2: Procurement Integration (vertical/horizontal) – deliverables: Procurement Management System Vendor Business Continuity Management Program and Plan Integration Criteria Guide (Tools) and Procurement Management System Vendor Business Continuity Management Program and Plan Integration Criteria Guide training program materials (Knowledge Transfer).
- Phase 3: Monitoring & Enforcement – deliverable: Procurement Management System Vendor Business Continuity Management Program and Continuity Plan Integration Criteria Guide maintenance criteria (Sustainability).
- Phase 4: Sustainability – deliverable: periodic metrics, event response reports.
- Phase 5: Maturity Model Evaluation – deliverable: metrics for maintaining the process, change management procedures.
Top Risk Areas
Below is a list of current risk areas that can have an impact on supply chain risk management. The list is really a look at strategic risk, although a quick drill down sees risk implications at the operational and tactical levels.
Sovereign Debt
One of my top areas for concern, sovereign debt and government spending! USA is a particular concern due to being, still the largest economy in the world. China is a close second, as it holds so much USA debt instruments. Top question: What will happen when interest rates rise from their artificially low levels and suddenly governments cannot pay the interest on debt with tax revenue generation?
Geo-Political Instability
Syria, Iran, North Korea, Somalia are immediately associated with political instability and geographic influence. While the conflict in Syria threatens to grow much worse; perhaps dragging in the USA and EU allies, North Korea quietly (not if you are a South Korean) continues to expand its arsenal and threat of an action against its partitioned neighbor to the south. Iran has withstood the current sanctions and continues development of nuclear technology (for peaceful purposes) while periodically threatening to close the Strait of Hormuz. Somalia continues to shelter its pirates (a lucrative business) and provides a business model for pirates operating in Southeast Asia, Nigeria and other parts of the world. Top question: Will Israel attack Iran, thereby starting a potential global conflict?
Technology
Cyber-threats abound and the world is over-teched. Dependency on technology is creating a technology bubble. “Big Data” is now a buzzword. We are overwhelmed by a tsunami of information – much of it “noise” and it is increasing geometrically. Nobody knows what to do with all that data either; it just keeps building, growing and exploding. Top question: How safe are we from cyber-threats?
Infrastructure
Worldwide, we face a growing concern when it comes to infrastructure. Key components of the infrastructure, for example, transformers, can take years to replace. The waiting time for large transformers is now up to three years. Banking and financial institutions are still in the high risk category as bailouts and restructuring have not solved the problems that we created in the past. Transportation – the global supply chain is at risk as threats from the above cited areas and the areas below present challenges that are as yet, unseen. Top question: When and where will the next large scale power outage occur?
Social
Seven billion people and counting; the world’s population growth continues to strain the ability of support systems (agriculture, water, infrastructure, etc.) to provide sustainable living conditions. The rise of mega-cities in Southeast Asia puts even more pressure on society. Top question: When will we learn that feeding people is not teaching them to be self-sufficient in terms of procreation control?
Economics
Recession, depression, inflation or deflation, or a combination of all? The gap in wealth and poverty levels keeps expanding. The world’s poor used to be less comprised of former middle class members. Economists continue to tinker with the system; holding interest rates artificially low, providing quantitative easing, rescheduling debt, avoiding the painful reality of defaults. Printing as fast as I can has become an unofficial central bank motto. Uneven demand is skewing prices for energy, food and agriculture products. Top question: What will happen when interest rates start to rise?
Environment
While global warming has been, and is being discussed and debated, no one has come up with much of a solution. Pollution is still a major problem on a worldwide scale. Resource scarcity – strategic minerals is quietly causing commodity prices to gain in volatility. And, we have yet to understand the magnitude of potential geo-magnetic problems that could be caused by Coronal Mass Ejections (CME) and increased solar activity. For most of the things cited here there is no defense and no short term solution or easy correction. Top question: What is the combination of environmental issues that will create the next great unseen crisis?
Foreign Sources of Energy
World energy consumption continues to increase. We consume over ninety million (90,000,000+) barrels of oil daily. World coal consumption is over seven billion (7,000,000,000+) tons annually. According to International Energy Administration data from 1990 to 2008, the average energy use per person increased 10% while world population increased 27%. Regional energy use also grew from 1990 to 2008: the Middle East increased by 170%, China by 146%, India by 91%, Africa by 70%, Latin America by 66%, the USA by 20%, the EU-27 block by 7%, and world overall grew by 39%. Worldwide total energy consumption increased 1.35 percent in 2010 according to World Watch. Since the global financial crisis in 2008, worldwide energy consumption has grown faster than the global economy for two years in a row, as many countries started implementing massive stimulus packages to push their national economies out of recession. Granted we have found new sources of energy (i.e., via fracking, etc.) however questions are now beginning to raise the issue of how much and at what cost. Top question: When is the next resource availability shock going to occur?
Global Workforce
As world population continues to grow, we find that the global workforce is faced with a significant challenge. In many countries an aging workforce is about to transition into the next phase of life. The replacements are ill equipped to fill the roles that are being vacated. “Under-skilled” is a word that has entered the global vocabulary. A skill mismatch poses a real threat to global stability. In the nuclear power industry a significant percentage of nuclear engineers are ready for retirement – no replacement pool is coming out of colleges to fill the gap. Same for petrochemical engineers; where roughly eighty percent of the workforce will soon be eligible for retirement. The list goes on and on. Top question: When will we realign the workforce and match needed skills to educational attainment?
Renewables
Fragmented and disoriented best sums up the area known as renewables. Biofuels, wind, solar, biomass, etc. all promised to be answers to global energy consumption issues. Most have, at best, provided minimum offsets to the use of fossil fuels. One issue, in the USA is a lack of an energy policy. Worldwide, renewables present even less of an alternative as countries wander through policy and program development. Top question: Will renewable energy ever evolve past an interesting sideshow?
Piracy
Worldwide piracy is on the upswing. It is a growing business, spurred on by large gains with minimum exposure. We tend to assume that this means Somali and other pirates hijacking ships at sea. However, take a look at the stats below (some of which are quite dated):
- In 2008 41% of software installed on PCs was pirated.
- $51 billion was lost in 2009 due to online piracy.
- The Information Technology & Innovation Foundation claims 24% of global Internet bandwidth consists of pirated content.
- From 2004 to 2009, 30 billion songs were downloaded illegally.
- Movie piracy costs US film studios $25 billion annually.
- Over 70% of Americans feel that sharing movie and music files with family members is okay.
- Over 50% of Americans feel that sharing movie and music files with friends is okay.
- Hundreds of millions of dollars are spent on anti-piracy campaigns annually.
- 70% of 18-29 year-olds have downloaded illegal content.
- Democrats and Independents are significantly more likely to download media illegally.
- Universities spend millions of dollars to combat piracy annually.
Top question: At what point does the economic impact of pirated goods begin to undermine the stability of the global economy?
Markets
Volatility is an underlying premise. Volatility can be a good thing, invigorating markets. It can also be a bad thing, causing investors to flee to the sidelines. The advent of Nano-trading has brought more volatility to the markets. Germany recently banned Nano-trading. A nanosecond is 10-6 of a microsecond (1 nanosecond = 1.0 × 10-6milliseconds). Currently the markets clear trades in microseconds. What this means is that if I can trade in nanoseconds; I can buy and sell many times before the markets can clear my initial trade. Next time you take a look at stock quotes, notice that the price now is carried to the right of the decimal point anywhere from four to eight places. The US financial markets have suffered over 18,000 extreme price changes caused by ultrafast trading, according to a new study of market data between 2006 and 2011. Since I researched this topic, I have found that trading is now occurring in pico-seconds; that is faster than a nano-second. Where will it stop? Top question: When will the markets experience a significant imbalance sufficient to drive investors to the sidelines?
Competition
I have been involved in a recent discussion on LinkedIn as to the number one cause for a business fail. The discussion was started by Chris Cayer, COO Reyactive LLC and a member of the Strategic Business and Competitive Intelligence Group with the following question:
What do you think is the most common reason businesses fail?
Chris is writing a book specifically on how to deal with root causes of business failures, and wanted to hear member thoughts on the subject. I have provided an abridged, edited summary of my comments below, expressing my focus on why competition as a driving force in business success or failure.
- Competition is the main cause of business failure. More companies go out of business because competitors come up with something better or cheaper, etc. ## 1 – Competition.
- The drivers for all of the failures reside in the competition area. Think about the issues, such as: lack of resources – cash, management experience, etc. Competition creates demand and demand creates failure points that result from competing to succeed. I am reading Nassim Taleb’s newest book, “Antifragile” and would suggest that this may have some excellent examples and discussion on competitive forces.
- How does one become profitable? Answer, by eliminating or minimizing the competition. Your customers are someone else’s competitor – they are doing the same thing to survive and thrive – eliminating the competition. Hence, competitive intelligence, competitive analysis, risk management, continuity planning, business/product cycle. No competition, no need to worry about a product lifecycle as such.
- Competitive forces are neither “good” nor are they “bad.” Do not mistake my comments for a judgment on competition and non-competition. Competition is healthy and creative; it drives markets.
- Do not mistake the customer’s actions or inactions for decisions that are based on old paradigms of failure. For example: When did you last purchase carbon paper? Computers effectively made carbon paper obsolete and yet they did not compete directly with carbon paper companies. Typewriters were a direct source of competition, but unseen risk and thinking that what is not seen is not there and what is not understood does not exist, i.e., I make carbon paper therefore my competition is other makers of carbon paper and my customers are captive as they use my product and they have no alternative to carbon paper…. there is a tendency to mistake the unknown for the nonexistent.
It all boils down to competitive forces. Customers are not just consumers; they compete in their markets, etc., etc. Every example provide by business schools has as the underlying basis competition and competitive advantage. Top question: Where will the next competitive shock come from?
Conclusion
New Risk Paradigm: Efficient or Effective?
Uncertainty in a certainty seeking world offers surprises to many people, and to a very select few, confirmation of the need for optionality. Assuring supplier continuity capabilities are of paramount concern today. Realizing that most business processes today extend beyond the boundaries of a single entity, awareness of critical supply chain interdependencies has risen sharply. Simply having profiles of potential high risk suppliers, while extremely important, is by itself not enough. Developing capabilities to assess and monitor vendors to facilitate the active analysis process, providing predictive metrics to supplement the initial assessment process performed during the early stages of the procurement process. Active Analysis is a process that utilizes predictive metrics to identify potential problems before they occur.
Today business leaders have the responsibility to protect their organizations by facilitating continuity planning and preparedness efforts. Using their status as “leaders,” senior management and board members can and must deliver the message that survivability depends on being able to find the opportunity within the crisis. It is critical for senior management and the board of directors to:
- Shape the evolution of “risk thinking” within the organization
- Establish a clear definition of what “risk” means to the organization and its “Value Chain”
- Know the line between risk oversight and risk management
- Consider re-thinking the chief risk officer role and skill set
- Monitor the company-wide risk culture
- Avoid the trap of false precision
- Get out of the weeds by taking a deep dive to determine risk and establish risk buffering strategies
- Regularly assess, train and validate organizational business continuity, crisis management and risk (management) buffering plans and programs.
Most people agree that the world changed as a result of the events that took place on September 11, 2001; we need to rethink our concepts of risk management to encompass “Value Chain” thinking rather than traditional risk concepts of insurance coverage and financial exposure. Today we cannot merely think about the plannable or plan for the unthinkable, but we must learn to think about the unplannable.
Market research indicates that only a small portion (5%) of businesses today have viable plans, but virtually 100% now realize they are at risk. Seizing the initiative and getting involved in all the phases of crisis management can mitigate or prevent major losses. Just being able to identify the legal pitfalls for the organization of conducting a crisis management audit: can have positive results.
Geary Sikich – Entrepreneur, consultant, author and business lecturer
Contact Information: E-mail: G.Sikich@att.net or gsikich@logicalmanagement.com. Telephone: 1- 219-922-7718.
Geary Sikich is a seasoned risk management professional who advises private and public sector executives to develop risk buffering strategies to protect their asset base. With a M.Ed. in Counseling and Guidance, Geary’s focus is human capital: what people think, who they are, what they need and how they communicate. With over 25 years in management consulting as a trusted advisor, crisis manager, senior executive and educator, Geary brings unprecedented value to clients worldwide.
Geary is well-versed in contingency planning, risk management, human resource development, “war gaming,” as well as competitive intelligence, issues analysis, global strategy and identification of transparent vulnerabilities. Geary began his career as an officer in the U.S. Army after completing his BS in Criminology. As a thought leader, Geary leverages his skills in client attraction and the tools of LinkedIn, social media and publishing to help executives in decision analysis, strategy development and risk buffering.
Geary has a passion for helping executives, risk managers, and contingency planning professionals leverage their brand and leadership skills by enhancing decision making skills, changing behaviors, communication styles and risk management efforts. A well-known author, his books and articles are readily available on Amazon, Barnes & Noble and the Internet.
Charu says
There are different factors involved in risk in the supply chain. By analyzing the potential causes it is possible to asses the likelihood of occurrence and the impact.
Greg Hutchins says
Yes, you’re right. We would add try to follow a framework when architecting, designing, deploying, and assuring your SCRM program.
Greg Hutchins says
Supply chain risk is becoming more critical as new geopolitical wars erupt.
John Smith says
It is true that supply chain risk can be raised from everywhere. It could come from natural disasters to many others circumstances. It can come at any time so it is advisable that supply chain managers must always be prepared to find a way to safe from them. Thanks
Greg Hutchins says
Supply chain risks are increasing due to trade imbalances with China and other countries. The new 25% tariffs that may go into effect in February with China may result in trade wars.
What does this mean for companies? The basics of business for over 20 years – the value of outsourcing – will be reevaluated as risk increases. What should companies with suppliers in China do as the cost of their supplied product increases – make internally, continue to buy from China and eat the costs, or source in a different country.
hard questions – no easy answers.
Supply Chain Risk Management Plan: What You Need to Include says
hi thanks for the information and posts
Greg Hutchins says
You’re most welcome. Glad it worked
supply chain risk management software says
good info
Greg Hutchins says
Thanks for the kind words. WE appreciate them.
Reach out to us if we can support you further.