riskmethods welcomes a guest post from Andreas Richter, Senior Manager, MHP - A Porsche Company.
In the first part of this blog article, we explained the phases of risk identification and evaluation. Now we want to assign corrective actions to the risks that we recognized and prioritized and verify success. If a production site is affected by the Ebola epidemic as in our example, and the risk to the supply chain has been identified, recorded and evaluated, we now need to take the pre-planned measures.
In a known case from the mobile phone area, a fire destroyed the US factory of a US supplier for Nokia as well as Ericsson. Ericsson acted with cost-efficient single sourcing and stopped production until the factory had been restored after the fire. Nokia, in contrast, chose the initially more cost-intensive strategy of several suppliers and previously initiated preventive risk management for such cases. As a consequence, Ericsson had to merge with Sony to prevent insolvency after several weeks of being unable to produce – while Nokia came out stronger in the end. The example shows how important it is to have alternatives at hand that can be used to counter impairment, such as the closing of factories.
The scope up to which risk management has to be implemented and in how far a company has to insure itself against potential risks are central questions that must be considered and answered carefully. Nokia would surely have had a competitive disadvantage if the above situation had not occurred, since the strategy causes only costs but has no advantages as long as no risk occurs.
Generally, development of measures brings the greatest manual need for action since they must be individually adjusted to the company’s underlying condition and the situation. Only if a risk has already occurred in the past is it possible to preventively draw up a corresponding measures catalogue based on experience. Accordingly, there are hardly any standardized processes and methods in connection with risk control.
The final fourth step is about reviewing the initiated measures for suitability and to continually inspect the measures instituted. Using IT tools permits definition of tolerance areas. If these are exceeded or undercut, there will be the corresponding notifications so that further measures may be initiated. This kind of tool can also calculate what loss is probable in case of specific scenarios. This makes it possible to foresee potential effects of events and to already deal with them in advance. With regard to this inspection and monitoring, it is important to review defined measures for effectiveness based on a target-actual comparison.
Integration of an experience catalogue comprising earlier measures for handling risks may also help. This procedure has two advantages in one: on the one hand, it is possible to profit from positive experience. On the other hand, it is possible to learn from negative experience in how far further measures are helpful. All aspects are to be integrated into the IT tool. The best-practice method can be used for tracking. The measures taken will be reviewed based on a target-actual comparison with concurrent logging in a measures catalog.
Sign up to receive updates from the riskmethods Blog