Coronavirus: Supply Chain Risk Management Back in Spotlight

The coronavirus, which the World Health Organization (WHO) declared a global health emergency last week, is starting to have an impact on supply chains. Starbucks, Google, and Apple are among the many companies that have scaled back operations in China in response to the outbreak. “As the spread of the new coronavirus in China causes more factory shutdowns, the effect on global industrial supply chains could linger for years,” wrote Mike Bird in the Wall Street Journal last Friday

Coronavirus is also putting supply chain risk management back in the spotlight. How effective are companies at managing supply chain risks?

Falling Short on Supply Chain Risk Management

Back in 2013, many companies were falling short on supply chain risk management. As I wrote at the time:

According to a survey of 600 manufacturing and retail executives conducted by Deloitte, 71 percent of the executives surveyed view supply chain risk as “an important factor in their companies’ strategic decision making, including 20 percent who view it as extremely important.” Yet, 42 percent of the executives from large companies said their supply chain risk management programs are only somewhat or not effective.

Simply put, many companies are still falling short on supply chain risk management, and they continue to pay the price.

Fast forward to last April: We asked our Indago members “How often is risk considered in your supply chain decision-making discussions?” 

Source: Indago (n = 20)

Only 40 percent of the respondents “almost always” consider risk when making supply chain decisions. Another 30 percent “often” take risk into consideration, while 20 percent “seldom” take it into consideration. Simply put, it appears that within supply chain management talking and thinking about risk is not yet as common and instinctual as talking and thinking about cost and service.

“Supply chain risk management isn’t seen as a problem, until it is,” said one of our Indago members, a logistics manager at a global manufacturing company. “Companies should undertake a robust portfolio analysis of vendors, as well as assessment of transportation modes to identify potential sources of concerns and then [develop a] mitigation strategy. The goal should not be to eliminate supply chain risk entirely, but rather make meaningful progress in readiness and advance planning for disruption.”

Coronavirus is another wakeup call for companies that haven’t incorporated risk management into their supply chain DNA.

Learn More About Supply Chain Risk Management

Leading practices in supply chain risk management are well documented in various books and publications, such as Yossi Sheffi’s “The Resilient Enterprise” and “Supply Chain Risk Management: A Compilation of Best Practices” published by the Supply Chain Risk Leadership Council. 

It’s also a topic that we have featured on Talking Logistics many times. In fact, one of our very first guests on the program in 2013 was John J. Brown, who at the time was the Director of Supply Chain Risk Management at The Coca-Cola Company. He shared some great insights and advice on the topic based on his professional experience and work with other leaders in the field.

In another Talking Logistics episode, I discussed why companies need to rethink supply chain risk management.

Here are some of the ideas that I shared:

Make thinking about supply chain risk part of the corporate DNA. 

This was one of my key takeaways from an executive “think tank” session I attended last summer on supply chain risk management. The goal is to incorporate risk in the decision-making process at all levels of the supply chain, just like cost is today. In other words, supply chain professionals need to get to the point where talking and thinking about risk is as common and instinctual as talking and thinking about cost and service. Unfortunately, at many companies today, risk rarely enters the conversation or analysis. Some of my other takeaways from the session were:

  • Focus less on individual risks and more on the capabilities to deal with risks. Also, think about risk management as a program, not a project.
  • Key metrics associated with risk management are Time-to-Recovery and Revenue-at-Risk. Outperforming the competition on these metrics creates a competitive advantage.
  • You need to “dollarize” risk in order to have meaningful conversations with Sales and Operations Planning (S&OP), Marketing, C-level executives, and other internal and external stakeholders.

Supply chain professionals need more training in quantitative risk concepts.

In a thought-provoking HBR blog post, “Why Quants Should Manage Your Supply Chain Risk,” Carlos Alvarenga argues that “anyone who claims to be managing supply chain risks without understanding subjects like real options, hedging, Value at Risk models, financial simulation, and so on, is more like a security guard than a real risk manager.” Simply put, supply chain professionals can learn a lot from the financial, insurance, and other industries where managing risk is a core focus and discipline.

Start by mapping your supply chain. 

Do you know where the manufacturing facilities of your suppliers (and their suppliers) are physically located? Which parts are manufactured at each location? Do you track the history and frequency of disruptions that occur at each facility and geographic region, due to either natural forces (hurricanes, floods, earthquakes, etc.) or other factors (labor strikes, power outages, quality issues, etc.)? The bad news is that few companies gather and track this information; the good news is that there are new supply chain mapping and risk management software solutions available that companies can use to facilitate the process.

Why invest the time, money and resources to move up the supply chain risk management maturity curve? The answer will be clearly evident the next time a supply chain disruption occurs and you’re able to recover faster and with less financial impact than your competition.

For related commentary on supply chain risk management, please read: