Supply chain risk management re-enters the spotlight of managers’ attention. Is your supply chain resilient? Do you know your vulnerabilities, also the hidden ones? And do you know how to increase resilience, in the current crisis and beyond?
We must think in what-when, not what-if
It is in competitive supply chains’ very nature to be global and complex. For decades now they are caught in a crossfire of minor to major disruptions. Numerous publications present cost estimations that highlight the need for and the benefit of supply chain risk management. Meanwhile, several institutions noticed that both impact and frequency of disruptions have increased for globally spread supply chains. Just to give 2 examples out of many, based on insurance industry tracking of disruptions, the annual number of natural catastrophes has almost doubled in the last 10 years. And the occurrence of other disruptions such as malware infections has even increased more than 50 times in a similar time horizon. Industries and corporations find the competitive and effective execution of their supply chains more frequently at risk. This emphasizes the integration of a thorough approach to risk management that respects the specific situation of the underlying supply chain and provides quantitative decision support. Instead, firefighting and war-room discussions aim, but often fail to reactively soften the full impact of a disruption. The resulting question is not a matter of if, but when the next disruptive event hits supply chains and how we can prepare for it. We all experience first disruptions in our daily lives, both through mega-events like Coronavirus, but also the major disruptions of demand and supply triggered by market participants like insolvencies, factory shutdowns, tariff-related supply crises, etc. Managing all types of disruptions in an effective and anticipative way has already become a foundation for success for companies around the globe.
Managing disruptions does not improve resilience
The prevalent approach of supply chain risk management follows an event-by-event analysis which focuses on the identification of potential disruptive incidents. Unfortunately, such an event-by-event analysis can never be complete, nor does it actively increase the resilience of the supply chain. Until 2010, supply chain executives never thought of erupting Icelandic volcanoes nor could they anticipate nuclear fusions (2011), international trade disputes (2019), or the rise and spread of epidemics (2020). It is hardly possible to identify all potential future threats. Within the traditional supply chain risk management approach what follows the identification of events is the evaluation of their consequences. Anticipating a no-fly zone over Europe lasting for several days initially triggered by a volcanic eruption is surely a consequence a supply chain responsible cannot think of in advance. We call this kind of event a black swan, a term that was originally coined by Nassim N. Taleb. More often we must handle triggers of the kinds we call meteor-like, butterfly-effect-like, level-shift-like disruptions, disturbances or fluctuations. The truth about the world we live in – and our supply chains operate in – is: There will always be unexpected and uncertain developments, whose occurrence and impact we cannot predict, and mostly not even approximate. An approach that is based on exactly knowing occurrences and their impact can hardly support the establishment of supply chain resilience. Trying to do so will almost certainly fail and more so, drown our organization in a sea of false risk alerts, creating massive noise and distracting precious management capacity.
We live in an uncertain world – we finally must accept that
We cannot prevent a volcano from erupting, and we cannot prevent an ash cloud from holding planes on the ground. We cannot prevent a novel virus from causing an epidemic and we cannot prevent suppliers from failing to deliver due to quarantine regulations. We cannot prevent a short circuit from starting a fire in our supplier’s manufacturing facility and we cannot prevent water-contaminated production from delaying the delivery of important materials. We can, however, decide and influence upfront how hard such events hit our supply chains. To do so we need to accept that we do not live in a deterministic nor in an excessively disruptive world, but in an uncertain environment. Uncertainty comes in different shapes with different degrees of information. In the new age of data accessibility, data continuity, and data science algorithms, we sometimes have access to well-defined data– but sometimes we still know nothing about the future development of specific supply chain parameters. However, there are methodologies available that can formalize and model uncertainty in both cases. Unfortunately, these methodologies are not used actively enough in many companies’ supply chain decision-making. For decades, the only planning task that actively integrates uncertainty has been demand forecasting. Or to put it differently: The only data input considered as being uncertain for our complex and globally stretched supply chains is customer demand. Lead time, capacity, cost, etc. are mostly treated as deterministic and non-changing parameters. Since we do not incorporate uncertainty in our decision models, we configure and often even design deterministic supply chains that work perfectly fine – if nothing happens. With respect to long-term supply chain risk management, what we must do is: accept uncertainty and integrate it in every decision-making process – an approach we call risk-aware and resilient planning.
Understanding vulnerability comes first
On the way toward a risk-aware and resilient decision-making, a major step of utmost importance is to understand the dynamics that drive supply chain performance. New technologies allow us to model supply chain processes and make dynamics visible. These Dynamics describe the interdependencies among all, end-to-end supply chain parameters like e.g. lead time, capacity, costs, etc. as well as their correlated impact on supply chain performance. When supply lead time increases, the service level might drop. When supply lead time increases, while production throughput decreases, the service level deterioration can be much higher than in the first case. Thus, the importance of a supply chain parameter increases with its correlation with other parameters, the specified supply chain performance, and its range of uncertainty. Note, the impact on performance should not be assessed as an abstract index, but in terms of a business-relevant KPI e.g. service level decrease [%] or cost increase [EUR] in a specific supply chain node or on overall business level. The quantification of interdependencies through the support of new technologies directly supports understanding how vulnerable the supply chain is in its current state and even more importantly which degrees of future uncertain development it can handle. Such an analysis, therefore, supports identifying the correlation between change of parameters and change of affected KPI. It provides us with the information to which extent supply chain parameters can change until a preset threshold of KPI level cannot be reached. For example, if a certain supplier is insolvent, how long would the company be able to sustain sales at the current level or maintain a minimum threshold of operational cash flow. If a targeted level of supply chain performance could not be reached due to an unconsidered development, supply chain risk has become effective. The analysis supports defining the right resilience measures, i.e. reactive vs. proactive, high vs. low investment, and adjustment or non-adjustment of parameters. Having a clear understanding of the supply chain dynamics, its vulnerable processes, and potential resilient measures, we have everything we need to achieve the ultimate goal of supply chain risk management: We can develop supply chain design and planning principles that build and maintain resilient supply chains.
Understand & influence upfront how hard disruptions hit supply chains
The increase in the number and the aggravation of the impact of supply chain disruptions put the importance of supply chain risk management back in the spotlight. Instead of sensing each and every event that occurs in the world and thus monitoring the entire environment of supply chains, we propose to follow a 6-step approach to accelerate supply chain resilience, first:
- Base your assessments on business-relevant KPIs instead of abstract indices
- Use new technology to assess the dynamics that drive supply chain operations and parameters
- Assess the current vulnerabilities within the supply chain network
- Determine resilient improvement strategies for the supply network configuration
- Integrate resilient strategies in design and planning principles, e.g. DDMRP
- Enable continuous risk-aware and resilient planning, e.g. continuous adjustment of parameters
By following this approach, we move away from managing chaos on a short-term basis and instead move towards a management that builds resilience through risk-aware and dynamic network design, configuration, and planning. That is what supply chain risk management is for! The ultimate goal of supply chain risk management is to make supply chains resilient.
How can we quantify dynamics that drive supply chain parameters? What technologies do we need to integrate risk management? If you have similar questions, please, feel free to connect to us! Or stay tuned – the next blog posts on supply chain risk & resilience will cover these topics!