You have to empathize with anyone who's responsible for managing the risks that accompany global supply chains. One moment you're preparing for the spread of bird flu from Asia - then a hurricane strikes the Gulf Coast. So you shore up your network and people in that area - and an earthquake, tsunami and nuclear disaster hit Japan. You work hard to diversify suppliers from that country - and suddenly you're faced with the prospect of Iran blocking the Strait of Hormuz, and causing oil prices to soar. How can a company guard against every possible calamity, the variety of which seems endless? Where does it even start?

As with any complex problem, you begin by identifying and measuring the specifics of your supply chain. The collection of basic data, both within and outside the company's walls, is essential. Each factory must be profiled in detail, from its location to the number and nature of items produced there. At the moment disaster strikes a particular location, the buyer of goods or raw materials has to know precisely where it can obtain alternative sources of supply. That kind of detailed picture is what enabled Cisco Systems, Inc. to respond within hours of the Japanese quake.

Of course, merely having that information in hand doesn't mean you're immune from the impact of a disaster, notes Patrick Brennan, chief executive officer of Supply Risk Solutions (which just changed its name from BCMexperts). When the quake struck, Cisco quickly learned that it had a number of alternative suppliers - in Japan. Fortunately, it had authorization from the top to secure additional vendors wherever it could find them. Not every company has a deep enough pocketbook to do that.

It's human nature to respond to a crisis by preparing for its recurrence. We are, after all, supposed to learn from experience. If our house gets burgled, we'll put better locks on the doors, and install an alarm system. But that tendency doesn't always work at the level of a complex global supply chain. On the contrary, says Brennan, "it's important to realize that events in future might not be the same as in the past. You need to take a broad look at risk."

The question of how many suppliers to keep on hand for a particular item is never an easy one. There are obvious efficiencies in paring down one's suppliers to the bare minimum, chief among them increased vendor loyalty and lower prices. But a single-supplier strategy is risky business indeed - it can leave a company paralyzed for an unacceptably long period of time. Brennan doesn't see a lot of companies retreating from the cost-driven strategy of supplier consolidation, but he does believe that risk management is becoming a more important element of any decision about building a solid supply base.

Beware of achieving the illusion of supplier diversification, Brennan warns. As Cisco learned the hard way, no amount of suppliers will constitute a buffer if they're all located in the same country or region. That scenario is becoming increasingly common, with the development of global technology centers in key parts of the world. Unless your problem is the failure of a single supplier, having another one next door isn't likely to ensure the uninterrupted flow of product in the event of a major disruption.

There is, of course, one other step that has to occur before a company can implement a workable risk-management program: it has to care. Whether this attitude is occurring on a widespread basis is a point of some contention. Some multinationals have taken significant steps toward shoring up their supplier networks. But Jeff Karrenbauer, president of supply-chain planning consultancy Insight, Inc., recently wrote that a "majority" of companies have spent little or no time planning for random acts of nature and other possible disasters. "That is astounding, troubling and frankly, a significant management failure," he said. Interestingly, Karrenbauer was addressing the latest in an endless string of potential disruptions - the possibility of military action in the Strait of Hormuz.

Jim Lawton, president and general manager of D&B Supply Management Solutions, has a more optimistic view of companies' awareness of the need for better risk-management techniques. "We've definitely seen an uptick in interest," he says. "What's happened in the last year has woken people up to the fact that they need to have a better way of understanding and mitigating the impact of these disasters on their businesses." Whether that attitude has translated into wide-scale, meaningful action is another matter entirely.

Lawton says information-gathering needs to extend beyond supplier profiles to detailed evaluations of country risk and compliance issues. But merely having all of that data on hand doesn't ensure a company's ability to withstand major supply-chain disruptions. Managers need to know what to do with the information - and in a crisis, they're likely to have precious little time to figure it out.

The emerging science of supply-chain analytics can help. In Lawton's words, it provides businesses with "some form of guided navigation" - a means of making sense of that mountain of raw data. Managers can more easily sift through the data that they need to address the issue of the moment. The capability is contained in any number of technology platforms that address procurement, supplier relations and global trade management.

The complete answer doesn't come wrapped in a piece of software. Businesses need to align their processes with the potential risks they face. Most of all, they need to achieve a level of agility that allows them to respond to any emergency that might occur.

One way to achieve that capability is to carry out periodic drills, during which a company will respond to a particular mock disaster. In the process, they come to understand the role of each individual in the chain of command. That's not something you want to be figuring out at the moment of crisis. According to Lawton, only a "very small" number of companies engage in such exercises - but it's a valuable way to ensure survival in a world of mounting uncertainty.

Next: How the awareness of risk is shining a spotlight on the supply chain.

- Robert J. Bowman, SupplyChainBrain

Comment on This Article