Executive Briefings

The Difficulties, Rewards of Effective Supply Chain Security and Risk Management

Analyst Insight: Our research finds that very few companies have a good handle on supply chain risk. The dynamic nature of trading partner relationships, the depth and global footprint of multi-tier supply networks, and many other factors make building a resilient supply chain very difficult. However, those that manage supply chain risk well can gain market share when the inevitable disruptions occur, impacting their competitors. - Bill McBeath, chief research officer, ChainLink Research

Our recent research found that most companies seriously under-invest and do quite poorly at managing supply chain risk. In our survey, executives were asked to rate the effectiveness of their company's supply chain organization at managing each of 18 different types of risk, such as production risks, commodity price volatility, competitive risks, natural disasters, infrastructure outages, theft, geopolitical risks, and counterfeits. The ratings do not paint a pretty picture. In 16 out of the 18 types of risks studied, fewer than half of respondents rated their management of those risks as "good" or "very good."

The areas with the most "poor" ratings are geopolitical risks, natural disasters, labor disputes, infrastructure risks (power, utilities), and demand forecasting. Not only are these areas largely out of a company's control, but also, in many cases, they are hard to predict and there are no easy mitigation strategies. Many companies fail to take a proactive approach to managing these types of risks.

It is very difficult to effectively manage supply chain risk, especially across multiple tiers. This fact represents a big challenge, but also a tremendous opportunity. When disruptions occur in the supply chain, some materials or components are likely to be in short supply for a period of time. But, it can be very difficult, especially in the first few days after the event, to understand which components will be most affected and to which degree they will be short. Those companies that are prepared and have the right systems, processes, relationships and agreements in place become aware of the actual situation much sooner and often have locked up all the existing spare capacity by the time others even figure out what is happening. In these "coups," the nimbler and more prepared company is able to produce goods while others are stuck waiting for parts. In some cases, this has changed the balance of power within a sector and caused dramatic, permanent shifts in market share.

Given the profound consequences, there are things that individuals and companies can and should do to build supply chain resilience capabilities:

• Risk programs can be sold to the C-suite - through strategic metrics, such as impact on shareholder value or market share - metrics top management really cares about.

• Prioritize/rationalize risk investments - identify and target the most critical capabilities required for your supply chain to function. Solving all areas of supply chain risk is too big to try and tackle everything.

• Map and monitor your multi-tier supply chains.

• Build systems and culture for rapid awareness/response.

•  "Build it alone" strategies are expensive-industry standards and services can help, such as:

o Industry databases and services to collect risk data about your supply base
o Emerging services to map the multi-tier supply chain and identify vulnerabilities
o Alerting services to warn when an event may impact your supply chain

• Embed risk management throughout the organization (engineering, procurement/supplier management, logistics, manufacturing) and throughout the product lifecycle.

Yes, effectively managing supply chain risk is hard to do. Those few that do it well realize a big competitive advantage.

                                      The Outlook

To date, supply chain risk management has received a fair amount of lip service, but not much investment. That is not going to change overnight. However, as companies continue to get pounded with disruptive events around the world, CEOs and senior executives will become more receptive to the need to invest in supply chain resilience capabilities. Expect a modest but steady increase in awareness and investment in 2012 and beyond.


Keywords: Supply Chain Security & Risk Mgmt, Supply Chain Analysis & Consulting, Global Supply Chain Management, ChainLink Research, Production Risk, Commodity Price Volatility, Competitive Risk, Natural Disasters, Infrastructure Outages, Theft, Geopolitical Risks, Labor Disputes, Counterfeiting

Our recent research found that most companies seriously under-invest and do quite poorly at managing supply chain risk. In our survey, executives were asked to rate the effectiveness of their company's supply chain organization at managing each of 18 different types of risk, such as production risks, commodity price volatility, competitive risks, natural disasters, infrastructure outages, theft, geopolitical risks, and counterfeits. The ratings do not paint a pretty picture. In 16 out of the 18 types of risks studied, fewer than half of respondents rated their management of those risks as "good" or "very good."

The areas with the most "poor" ratings are geopolitical risks, natural disasters, labor disputes, infrastructure risks (power, utilities), and demand forecasting. Not only are these areas largely out of a company's control, but also, in many cases, they are hard to predict and there are no easy mitigation strategies. Many companies fail to take a proactive approach to managing these types of risks.

It is very difficult to effectively manage supply chain risk, especially across multiple tiers. This fact represents a big challenge, but also a tremendous opportunity. When disruptions occur in the supply chain, some materials or components are likely to be in short supply for a period of time. But, it can be very difficult, especially in the first few days after the event, to understand which components will be most affected and to which degree they will be short. Those companies that are prepared and have the right systems, processes, relationships and agreements in place become aware of the actual situation much sooner and often have locked up all the existing spare capacity by the time others even figure out what is happening. In these "coups," the nimbler and more prepared company is able to produce goods while others are stuck waiting for parts. In some cases, this has changed the balance of power within a sector and caused dramatic, permanent shifts in market share.

Given the profound consequences, there are things that individuals and companies can and should do to build supply chain resilience capabilities:

• Risk programs can be sold to the C-suite - through strategic metrics, such as impact on shareholder value or market share - metrics top management really cares about.

• Prioritize/rationalize risk investments - identify and target the most critical capabilities required for your supply chain to function. Solving all areas of supply chain risk is too big to try and tackle everything.

• Map and monitor your multi-tier supply chains.

• Build systems and culture for rapid awareness/response.

•  "Build it alone" strategies are expensive-industry standards and services can help, such as:

o Industry databases and services to collect risk data about your supply base
o Emerging services to map the multi-tier supply chain and identify vulnerabilities
o Alerting services to warn when an event may impact your supply chain

• Embed risk management throughout the organization (engineering, procurement/supplier management, logistics, manufacturing) and throughout the product lifecycle.

Yes, effectively managing supply chain risk is hard to do. Those few that do it well realize a big competitive advantage.

                                      The Outlook

To date, supply chain risk management has received a fair amount of lip service, but not much investment. That is not going to change overnight. However, as companies continue to get pounded with disruptive events around the world, CEOs and senior executives will become more receptive to the need to invest in supply chain resilience capabilities. Expect a modest but steady increase in awareness and investment in 2012 and beyond.


Keywords: Supply Chain Security & Risk Mgmt, Supply Chain Analysis & Consulting, Global Supply Chain Management, ChainLink Research, Production Risk, Commodity Price Volatility, Competitive Risk, Natural Disasters, Infrastructure Outages, Theft, Geopolitical Risks, Labor Disputes, Counterfeiting