SCM494 Final Paper
Supply Chain Risk Management
Mengqi Wan
With the fundamental importance of supply chain being generally accepted, companies take supply chain optimization and supply chain integration into consideration of their business strategies. The most successful manufacturers seem to be those that have carefully linked their internal processes to external suppliers and customers in unique supply chains (Frohlich, 2001). This movement leads to more interconnected, highly dependent supply chain networks. In addition, globalization and constant change in customer demand result in short product life cycle and pressure for lean production (Tang, 2012). All these factors contribute to companies’ increasing vulnerabilities to supply chain risks. Companies need to implement risk management strategies that maintain their normal service level in facing risks. To cope with the difficulty of managing supply chain risks, companies need to, on the one hand, identify potential risks and evaluate their impacts, and on the other hand, develop mitigation plans and execute them when risk events occur (Tang, 2012). This leads to the following discussion of two important areas: risk categorization and risk mitigation strategies.
Risks can occur for various reasons, in order to better identify supply chain risks, and pioneering research have developed many frameworks to classify different types of risks. Here, I am going to discuss two risk categorization methods and their impacts.
The broad risk categorization adopted in Dr. G and Dr. Oke’s research paper argues that supply chain risks usually fall into two distinct categories: high-likelihood, low-impact risks and low-likelihood, high-impact risks. This risk categorization is based on two factors: probability of disruption occurrence and consequences of risk (Oke, 2009). It is developed by Sheffi and Rice (2005) and named “the Vulnerability Framework”. The first factor looks at the nature of risks: how often does the disruption happen? Is it random or does it follow a pattern? Can it be predicated? The second factor considers the nature of company relative to risk, which can differ among different industries. For example, the Great Japan Earthquake and Tsunami in 2011 had created crisis among the electronic companies which rely heavily on Japanese advanced technology, yet it might have minimum impact on the cotton industry here in Arizona. The case study of a large retail supply chain indicates that not all the risks have the two extreme characteristics, and in fact, some of them show medium probability and moderate impact risks. Companies can use this categorization to analyze their supply chain risks and then use the result to direct management attention and prioritize the planning. Exhibit 1 is a vulnerability map for a single company that shows risks in all four quadrants (Sheffi, 2005).
Another risk categorization, developed by Christopher and Peck (2004), focuses more on how risks are related to the company and its supply chain. It argues that there are three categories of risk which can be further divided into five sub groups: internal to the company (process and control); external to the company but internal to the supply chain network (demand and supply); and external to the network (environmental) (Christopher, 2004). Internal risks refer to those affecting the value-adding and managerial activities as well as the policies and procedures to govern these activities. For example, a manufacturer may realize that quality of the machines it used can negatively affect its production process when they keep breaking down. Therefore, failure in inspection and maintenance of those machines can become a risk to the internal system. The second category includes supply chain risks associated with upstream and downstream partners. During my summer job with Getrag (Jiangxi) Transmission Co., Ltd, one of their suppliers had a power outage in the plant that stopped its production for three days. It caused a shortage in Getrag’s bearing supply which could affect its own transmission assembly lines. The last category refers to the external risks that a company cannot prevent from happening, such as natural disaster and political unrest.
Both risk categorizations require studying characteristics of different risks and their impact on the company. The first method developed by Sheffi and Rice emphasizes more on the nature of risks as well as their impact on the whole supply chain. The second method by Christopher and Peck focuses on the organization structure and how risks affect it on different levels. Also, as mentioned above, each method can have various category results in different industries (Japanese earthquake has low impact on cotton industry in AZ). Nevertheless, the purpose of both categorizations is for companies to use the result as supports to develop suitable mitigation strategies that minimize negative impact of all potential risks on their supply chain.
According to Dr. Oke, mitigation strategies can be classified as generic (i.e. are capable of coping with any type of risks) and specific (i.e. for coping with a particular type of risk) (Oke, 2009). In my opinion, this classification of mitigation strategies goes hand in hand with the probability-impact categorization. On the one hand, for high-likelihood and low-impact risks, companies can apply generic mitigation strategies which have a one-size-fit-all characteristic. One mitigation strategy is risk sharing in a supply chain (Faisal, 2006). It means two actions: one is to share corporate own risk with its supply chain partners. For example, a retailer can negotiate a contract on a fixed price base to share its risk of price fluctuation in raw material. The other action is for companies to identify any potential risks along their supply chain. For example, in SCM455 class, Professor Brown taught us that in order to minimize risks in the upstream supply chain; companies should create a corporate ethical supply chain policy which includes a framework for analyzing and reacting to any potential risks from its suppliers. On the other hand, specific mitigation strategies can be applied on low-likelihood and high-impact risks. As proposed by Dr. G and Dr. Oke, natural and man-made disasters can both be mitigated by a specific approach of understanding and identifying supply chain vulnerability points and developing contingency plans (Oke, 2009). According to Reinforcing the Supply Chain article, after the Japanese earthquake and tsunami, Jabil Circuit realized most of its major Japanese suppliers had only single source for parts and raw materials. Jabil encouraged them to stop clustering their factories around their headquarters and its chief supply-chain officer states that natural disasters have made “dual sourcing” a top priority for the company (Murphy, 2012). An unusual natural disaster can expose where companies’ vulnerabilities are through disruption to their supply chains. As companies become more dependent on their supply chain, they are easier to get influenced if any point in their supply chains fails under an unexpected event. Therefore, companies need to be proactive in building resilience both internally and through out the supply chain so that the impact of huge disasters will not affect their service level and not incur excessive recovery costs (Elkins, 2005).
The second risk categorization can also help determining mitigation strategies. Considering both supply and demand, companies can minimize risk impact by increasing understanding within its supply chain. Increased supply chain visibility can prevent companies from the bullwhip effect which leads to excess inventory caused by misleading information from supply chain partners. Supply chain risks such as change of market demand can have a negative impact on companies’ performance when such information is not transferred in time. A research done in China stated that the existence of the asymmetric information distorted the supplier’s production plan which might further cause the performance loss of the supply chain (Lei, 2012). One proper mitigation strategy for such a risk is information sharing along the supply chain via supply chain communication systems (SCCS). An SCCS is an information system shared by supply chain partners in order to facilitate electronic transactions, quality and cost calibration, and collaborative forecasting and planning (Wu, 2006). Information technology (IT) enables companies to transfer real-time information throughout the channel for production plan adjustment, real-time contingency planning, etc.
As the world becomes increasingly globalized, companies are exposed to a larger scale of risks as their supply chains get expanded and more integrated. There are various mitigation strategies available out there nowadays, however companies have limited resource and not all the risks can be fully covered. One important step is for companies to decide how to prioritize their risk mitigation strategies. They should understand the cost trade-offs for different risk mitigation strategies (Elkins, 2005). Furthermore, they should clearly define their business strategies and competitive advantages. Aligning the risk mitigation strategies with their business objectives can bring the most values to their supply chains as well as the whole organization. Study shows that a proper deployment of IT resources in SCCS can build higher supply chain capability in areas such as information exchange, coordination, activity integration, and supply chain responsiveness (Wu, 2009). All four areas are important enablers in supply chain risk management. Therefore, the future of supply chain risk management will rely more on IT resource, such as S.C. apps, as its infrastructure. In addition, risk management responsibilities are interdependent among different functions within a company as well as different partners in the supply chain network. Cross-functional collaboration and multidirectional information sharing and feedback are essential in order to develop and execute mitigation plans successfully (Elkins, 2005). Last but not least, agility becomes a key factor to business success and those companies with great resilience in their supply chain can cope with any types of risks and gain competitive advantage through quick disruption recovery with low cost.
Exhibit 1
An enterprise vulnerability map categorizes the probability of disruptions and the consequences on the company (adapted from Sheffi and Rice, 2005)
Works Cited
Christopher, Martin, and Helen Peck. "Building the Resilient Supply Chain." The International Journal of Logistics Management 15.2 (2004): 1-14.
Elkins, Debra, Robert B. Handfield, Jennifer Blackhurst, and Christopher W. Craighead. "18 Ways to Guard Against Disruption." Supply Chain Management Review (2005): n. pag.
Faisal, Mohd Nishat, D.K. Banwet, and Ravi Shankar. "Supply Chain Risk Mitigation: Modeling the Enablers." Business Process Management Journal 12.4 (2006): 535-52.
Frohlich, Markham T., and Roy Westbrook. "Arcs of Integration: An International Study of Supply Chain Strategies." Journal of Operation Management 19.1 (2001): 185-200.
Lei, Dong, Jianbin Li, and Zhixue Liu. "Supply Chain Contracts under Demand and Cost Disruptions with Asymmetric Information." International Journal of Production Economics 139.1 (2012): 116-26.
Murphy, Maxwell. "Reinforcing the Supply Chain." The Wall Street Journal. Dow Jones & Company, 11 Jan. 12.
Oke, Adegoke, and Mohan Gopalakrishnan. "Managing Disruptions in Supply Chains: A Case Study of a Retail Supply Chain." International Journal of Production Economics 118.1 (2009): 168-74.
Sheffi, Yossi, and James B. Rice, Jr. "A Supply Chain View of the Resilient Enterprise." MIT Sloan Management Review (2005): 41-48.
Tang, Ou, Hiroaki Matsukawa, and Kenichi Nakashima. "Supply Chain Risk Management." International Journal of Production Economics 139.1 (2012): 1-2.
Wu, Fang, Sengun Yeniyurt, Daekwan Kim, and S. Tamer Cavusgil. "The Impact of Information Technology on Supply Chain Capabilities and Firm Performance: A Resource-based View." Industrial Marketing Management 35.4 (2006): 493-504.