Share this post

Jan 24, 2022

As the economy deals with the most recent wave of COVID-19 infections, a worker shortage and record-breaking inflation, the focus on the stability of supply chains is becoming more important than ever. It encompasses much more than the traditional concerns of regional sourcing, price and terms, and delivery schedules. Most economists now talk of the expanded supply chain, which begins at raw material and culminates in consumption, and accounts for the interwoven complexity of the modern economy, including operational risk and demand risk downstream.

With this complex economic reality, many companies are wondering how they can ensure that their supply chain remains consistently secure. In fact, Supply Chain Risk Management (SCRM) is a developing security field that seeks to protect a business from beginning to end.

Supply Chain Risk Management Protects Against a Range of Vulnerabilities

Supply chain risk mitigation is the implementation of strategies to manage both everyday and exceptional risks along the supply chain. This is most aptly illustrated in counterfeit and adulterated products. Counterfeiting can seem banal but, for a manufacturer of critical components, it can have dire consequences. Counterfeit electronic parts can be recycled and illegally marketed as original manufactured components. This is a particular challenge in the aerospace and defense supply chain because of the criticality of reliable components. This type of fraud along the supply chain is pervasive because of the nature of global recycling. For example, electronic waste (e-waste) is shipped from the U.S. to a developing country. The e-waste is broken down into components, such as circuit boards, and parts are removed and refurbished. These parts are then repackaged and sold as new at slightly discounted rates. Companies that do not do their due diligence on a supplier may be subject to this type of fraud and include a part in a critical subcomponent. The certifications and regulations necessary to counter this threat are complex and costly.

When properly applied, supply chain risk management practices reduce vulnerability while ensuring business continuity through the continuous assessment of risks up and down the supply chain.

Supply Chain Risk Mitigation in Five Steps

Any risk management strategy starts with identifying vulnerabilities at all levels of the enterprise. From there, the process continues with evaluating the likelihood and consequences that follow, proactively determining mitigation strategies, implementing and evaluating effectiveness, and reassessing risk.

1. Emphasizing Business Continuity and SCRM

The most important thing a company can do is to focus attention and ensure your Business Continuity Plans specifically address SCRM. Assign an executive accountable for SCRM and ensure they have the resources and authority to assign tasks and develop policies and processes. The focus must be on the extended supply chain, and the analysis of the vulnerabilities should be equally broad.

SCRM is not solely a logistics and operational concern, so be sure to include leadership from Legal, Acquisitions, Human Resources, Security and Information Technology. Representation across the enterprise is key to organizational buy-in but bring in outside help if an area is outside your collective expertise.

2. Diversifying Suppliers

The old adage of “don’t put all your eggs in one basket” is certainly worth remembering. However, it isn’t as simple as just ensuring that you have more than one supplier for a critical component. First, diversifying sourcing can have real financial impact on a company. The best prices are usually dependent on volume purchasing and diluting your sourcing to several suppliers can increase your costs. Second, even multiple suppliers may still be vulnerable if they are all in the same country or region. Finally, each of your suppliers has traditional supply chains of their own. What risks do your suppliers face, and are they adequately planning their own risk mitigation strategies? That’s a question worth asking when considering a supplier.

3. Exercising Due Diligence – Always

Ensure you exercise due diligence on your suppliers. Since much of the extended supply chain is outside of your direct control, you have to expand your sphere of influence in other ways. Make sure that you understand your suppliers’ security practices, quality control, business maturity, and the overall value of working with a reliable partner vs. focusing on lowest cost. The process you use to evaluate value is highly dependent on assessing supply chain risks. A higher-cost/high-reliability supplier is preferable to a lower-cost/unreliable supplier. Research has shown that most firms with a global outsourcing component do not quantify risk when considering sourcing decisions! Think of the increased costs as insurance.

4. Adopting a Risk Management Perspective

Assess your transportation network from a risk management perspective. A global supply chain is entirely dependent on transportation networks, and it may seem there is little a company could do to manage this risk. However, not being able to control risk is no reason for ignoring it. The global supply chain increases risk because of longer lead times to move raw materials and products; political, economic, or regulatory disruption or instability affecting international sources; port congestion or delays due to foreign regulations and customs problems; and the impact of unforeseen tariffs or other roadblocks.

Using insurance is a critical mitigation strategy, but that is only a short-term solution. If the problems become systemic, insurance will become cost prohibitive as the market adjusts. Longer supply lines increase risk of damage, delay or loss. Be prepared for the cost of expedited shipping to make up for other delays.

5. Collaborating with your Partners

Work with your partners to evaluate and mitigate risks to the supply chain. This includes suppliers, transportation providers, and customers to make sure that disruptions to the extended supply chain are part of their business continuity plan. When everyone is aligned, both upstream and down, recovery from a disaster will be much more efficient and effective.

In short, remember that SCRM is a critical business continuity function, yet consistently overlooked outside of the logistics team. To be effective, SCRM needs to be an integrated process, combining cross-functional teams from every department in the organization. Most importantly, it needs to be given the attention it deserves from executive leadership in order to be successful.