riskmethods welcomes a guest post from Andreas Richter, Senior Manager, MHP - A Porsche Company.
The large influence of outer circumstances on supply chains has long been known: regional events like the Ebola epidemic in West Africa or the nuclear disaster in Fukushima seem to be far away, but often interrupt the chain of supply. Whether this knowledge will lead to a paradigm change in companies is questionable. A globally leading food group maintains chocolate factories in West and Central Africa, among others. In spite of the current Ebola epidemic in parts of the region, the manufacturer does not consider production on site in danger: nothing has happened yet. They would react if anything did. The food group does not disclose whether there are any emergency plans for this in place or whether they rely solely on their reactional risk management and may accept short interruptions of the supply chain. While the company perceives the situation as uncritical so far, the customers are already reacting skeptically to products from that region. In the case sketched out here, the group operates its local production sites directly and therefore has a direct influence on the processes there. This is more difficult in cooperation with subcontractors or suppliers that are part of their own supply chain. Therefore, optimal risk management requires an integrated concept that includes all links of the supply chain as a mandatory prerequisite. To estimate and manage the risk of delivery failures, MHP has defined four steps for the risk management process in companies. Based on the partial processes of identification, evaluation, control and monitoring/review, the following presents how MHP understands risk management.
Risks and their effects on the supply chain that influence a company indirectly are often difficult to foresee. This makes it particularly difficult to identify risks. This challenge is enforced by the progressing globalization of supply chains and exponential increase of suppliers in the supply chain.
To keep an overview of all suppliers, it is helpful to graphically present the entire network. For this, IT tools can be very helpful. In addition to the graphical display of the context, such tools offer the advantage of being capable of procuring information that can indicate the identified risks (e.g., weather information, news information or business information) from many different sources (e.g., social media, web pages, expert blogs, etc.). This information is then made usable for the company in a consolidated manner. Not only selective risk analyses can be performed, but continuous monitoring of the supply chain can be ensured. In the example of the current Ebola epidemic, a graphical presentation can quickly show how strongly the individual factories are affected and how they affect the supply chain in turn.
Additionally, it is sensible also to use other methods to offer an integrated concept. In addition to standardized processes such as employee meetings and review of the corresponding documents, standard methods such as the SWOT analysis or trend analyses should be applied as well. For specific review of risks for individual partial projects, it is recommended to draw up a roadmap or scenario analysis. Risks found can then be recorded in a checklist and reviewed again at any given time. Generally, the risk management can be as rich and safe in methods as possible – if the partnership with the supplying companies is not transparent and trusting, seamless risk management cannot be ensured. As a consequence, the first step requires making suppliers sensitive for the subject of risk management and creating the corresponding agreements. Accordingly, the appropriate combination of use of tools, methods and process organization depends on the respective underlying conditions in a company.
In a second step, the identified risks are to be evaluated based on various features. First, the possible risks should be classified in a “probability of occurring/scope of damage” matrix to obtain an initial evaluation of the risks. In our example, the classification could be made based on the probability of occurrence of Ebola and its possible scope of damage in the production country; the corresponding consequences could be derived. This matrix could be expanded by the items “probability of discovery” and “costs resulting from preceding risks”, which permits a more detailed classification. All of this can be done manually, but an IT tool can be used as well. For this, a catalogue with potential risks and the corresponding classifications would have to be drawn up first and used. In this context, experience from preceding risks can also be used for more precise and faster classification into the above matrix. For further classification, it is helpful to draw up various models, such as an Ishikawa chart, an error tree analysis or a risk portfolio analysis. In this context, the FMEA procedure (Failure Mode and Effects Analysis) shows that determination of the error in the earliest possible process phase is helpful. The later an error is discovered, the more difficult and more cost-intensive is it to correct.
Sign up to receive updates from the riskmethods Blog