Classification of the Sources of Supply Chain Risk and Vulnerability
· Demand risk relates to potential or actual disturbances to the flow of product, information and cash, emanating from within the network, between the focal firm and its market. It is interesting to note that during the current downturn disruptions in the cash resource within the supply chain has had a major impact on the operating capability of organisations.
· Supply risk is the upstream equivalent of demand risk; it relates to potential or actual disturbances to the flow of product or information emanating within the network, upstream of the focal firm. In a similar way to demand risk the disruption of key resources coming into the organisation can have a significant impact on the organisation’s ability to perform
· Environmental risk is the risk associated with external and, from the firm’s perspective, uncontrollable events. The risks can impact the firm directly or through its suppliers and customers. Environmental risk is broader than just natural events like earthquakes or storms. It also includes, for example, changes created by governing bodies such as changes in legislation or customs procedures.
Risks internal to the corporation relate both to how the firm addresses the external risks and its competences to plan and execute its own business:
· Processes are the sequences of value-adding and managerial activities undertaken by the firm. Process risk relates to disruptions to key business processes that enable the organisation to operate. Some processes are key to maintaining the organisation’s competitive advantage while others may underpin the organisation’s activities. It is important to recognise and classify the importance of the various processes to enable effective risk management strategies to be implemented.
· Controls are the assumptions, rules, systems and procedures that govern how an organisation exerts control over the processes and resources. In terms of the supply chain they may be order quantities, batch sizes, safety stock policies, etc., plus the policies and procedures that govern asset and transportation management. Control risk is therefore the risk arising from the application or misapplication of these rules.
· Mitigation is a hedge against risk built into the operations themselves and, therefore, the lack of mitigating tactics is a risk in itself. Mitigation needs to be considered during the supply chain design process – if this is not undertaken the risk profile can be increased. Contingency is the existence of a prepared plan and the identification of resources that can be mobilised in the event of a risk being identified. This requires all stakeholders within the supply chain to understand what resources can be mobilised and the procedures to do this.
The above simple model enables organisations to classify risk. The risks will always be context–specific, i.e. because every supply chain is different the risks will be different. However some risks can be found that are common to many supply chains.
Cranfield School of Management (2003), Creating Resilient Supply Chains: A Practical Guide, Bedford (ISBN 1 861941 02 1) Bedford: Cranfield School of Management & Department for Transport.