Not All Risks Are Created Equal: Why You Need a Risk Management Plan Now More Than Ever.

January 22, 2013
By Michelle Kelley

Download PDF


In 2012, an explosion at a resin plant in Germany shut down production of nearly half the world’s supply of a critical polymer used in automotive fuel and brake lines, sending auto manufacturers scrambling to identify and qualify alternate sources.1

In 2011, a tsunami and nuclear disaster in Japan forced the shutdown of nearly 40% of the world’s 12-inch semiconductor wafer production.2

A few months later, massive flooding in Thailand disrupted production of a critical high-tech component supplier, forcing Honda Motor Company to cut vehicle production rates by 50% for several weeks.3

Labor unrest at a major electronics supplier in China, piracy in the Indian Ocean, freight and fuel cost volatility‒it hasn’t been easy managing global supply chains recently. Although the practice of supply chain risk management has been around for many years, events and headlines of the past 18 months have moved discussion of supplier risk to the top of the agenda in many companies.

In addition to delivery disruptions, these events can carry devastating financial implications for suppliers and buyers. Munich Re, one of the largest global re-insurance companies, reported that 2011 was the highest-ever loss year on record for commercial insurers.4

These losses force insurers to raise premiums and reduce coverage for shippers that are already operating under financial strains associated with the global economic slowdown. As a result, more and more suppliers–especially smaller suppliers–are forced to renegotiate contracts with customers or go out of business altogether. Supplier financial risk and continuity of supply have become major concerns for many companies.

So, what should companies with global supplier networks do to manage risk?

Step One: Define Risk Criteria

Supply chain risk can originate from a range of sources, including demand, product, transportation, compliance, and supplier risks. Companies need to carefully evaluate their supply chains to determine what factors can create risk in these categories and define what constitutes acceptable and unacceptable levels of risk for each. Not all risks are created equal. So, the risk definitions should be closely tied to the company’s strategic business objectives. For example, if business objectives depend on quick fulfillment of customer orders, then risk factors that can create stock-outs may be deemed more critical than cost risks related to inventory levels.

Step Two: Identify All Risks

For each supply network, it’s important to identify all possible risks that could impact the operation, not just the obvious ones. Oftentimes, it can be an unexpected issue with a second or third tier supplier that creates a supply disruption. Had the auto industry recognized how collectively dependent their carmakers were on one supplier in Germany, they likely would have developed additional supplier capacity to mitigate the risk of a production stoppage. Flow charts and process maps can be useful tools for visualizing the physical flow of materials and goods through the network.

Step Three: Evaluate and Prioritize Risks

The next step is to assess the risks and classify them in an organized manner, usually in terms of likelihood of occurrence and impact on operations. Once the risk criteria are prioritized, they should be used commonly across the entire enterprise. The risk classification system does not need to be complicated. Experience has shown that a simple system of risk classification (e.g., critical, high, medium, low) is preferable, in that it is easier to communicate and will be used more consistently across the organization. Once the various risks are classified, the focus should shift to identifying root cause factors for the most critical risks.

Step Four: Develop Risk Management Plans

A risk management plan is simply a documented plan that describes a particular risk or risk category, and provides alternatives and steps to be taken to eliminate or mitigate that risk. Detailed risk management plans should be developed for the most critical risks identified in the prioritization process. For supply chain risks, the plans should include elements such as alternate suppliers and transportation modes, contact information, internal and external notification requirements, inventory classification and control measures, and other tasks needed to ensure a smooth transition and continuity of supply. Best-practice companies use cross-functional risk assessment teams to develop plans for the most critical risk scenarios. Failure Modes and Effects Analysis can be used for assessing the potential effectiveness of such plans before they are required to be put into action. This systematic process identifies potential failures in a process design and the countermeasures that could be applied to reduce or eliminate the effects of such failures. Whichever methods the organization decides to use, the plans need to be fully documented so that various functions in the company can be briefed on their roles should the plans be put into action.

Step Five: Exercise & Maintain Risk Management Plans

As with any form of contingency or back-up plan, risk management plans are only useful if they can be successfully executed. If a key component of plan is to activate an alternate supply source for a critical component or material, it makes sense to occasionally place orders with the alternate source to test the supplier’s ability to deliver to specification and on schedule. An alternate supplier who is never used may well turn out to be no supplier at all, just at a time when they are most needed. All risk management plans should be reviewed and refreshed at least annually by the cross-functional team, to ensure that the plans and assumptions are still viable.

Forward-looking companies that rely on international sourcing networks are wise to take a proactive approach to supply chain risk management in the near term.

  1. Nathan Bomey, “Auto Supply Chain Seeks Other Sources of Chemical,” Detroit Free Press, April 24, 2012: A14.
  2. Rick Becks, “Risky Business: Re-thinking Supply Chain Risk and Resiliency,” Supply Chain Brain, February 24, 2012, http://www.supplychainbrain.com/content/nc/general-scm/sc-security-risk-mgmt/single-article-page/article/risky-business-re-thinking-supply-chain-risk-and-resiliency.
  3. Mike Ramsey, “Honda to Restore Some North American Production,” The Wall Street Journal, November 8, 2011, http://online.wsj.com/article/SB10000872396390444443504577601652596499864.html.
  4. Rick Becks, “Risky Business,” Feb 24, 2012.
FacebooktwitterlinkedinFacebooktwitterlinkedin