This article provide a brief overview on Supply Chain Risk Management area.It provides some common definitions, as well as a brief description of the new management esigences that have arisen in the current volatile business world.
Risk management concepts have been around for several years, but they have generally been bounded to the financial area. Today, according to common experience and evidences, the supply chain is where risk management is assuming a critical role, since it is where risk becomes most damaging for a company: in fact, the last decades have been characterized by several events (i.e. earthquake in Kobe in 1995, terrorist attack to WTC in 2001, SARS in 2002-2003) that have disrupted supply chain operations repeatedly (Tang, 2006).
One of the main factors that contributed to disruptions is the lean attitude (lean production or lean manufacturing) that took a relevant role in academia and industry during the 90s, pulling the demand for streamlined manufacturing systems with expected zero-inventory and just-in-time movement of goods. In current volatile era, with businesses and, more specifically, supply chains becoming increasingly global, the industrial environment is heavily affected by uncertainty, which can potentially turn out into unexpected disruptions.
According to a study funded in 2006 by Accenture Consulting, three out of four top supply chain executives at major U.S. enterprises say they have had a disruption in the past five years from which it took at least a week - and sometimes several months - to recover, and the risks are increasing.
Moreover, as the results of a survey conducted on 1150 companies in UK show (Woodman, 2006), CEO's and top managers are nowadays getting aware that potentially disruptive events have to be explicitly identified, properly prevented and effectively offset.
In contrast, supply chain managers have so far kept their efforts on efficiency gains, aiming at reducing cost at the expense of an increased risk of disruptions. A study from Forrester Research carried out in 2002 reports that almost 90% of a sample of senior supply chain executives indicated, as their top supply chain priority, the need of improving operational efficiency; only the remaining 10% were more sensitive to flexibility and robustness (Hendricks et al. 2005).
In this context, some concepts have emerged as decisive for the competitive management of modern supply chains: these are declined in literature as operational risk (NSW, 2005 and BCI, 2005), enterprise risk management (Hallikas et al., 2004; Chapman, 2006), business continuity (Christopher, 2003; Sheffi, 2005; BCI, 2005) and business vulnerability (Christopher, 2003).
Hence, I provide some basic definitions that could help in entering this somewhat new world:
- Risk Management: as defined by the ISO IEC Guide (ISO, 2002), it is a set of coordinated activities to direct and control an organization with regard to risk. In other words, a process by which a company tries to ensure that the risks to which it is voluntarily exposed are those ones it is eventually willing to tackle during the course of its routinary activities.
- Enterprise Risk Management (ERM): is defined as a rigorous and coordinated approach to assessing and responding to all risks that affect the achievement of strategic and financial objectives of an enterprise (Miccolis, 2001).
- Supply Chain Risk Management (SCRM): can be defined as the systematic identification and assessment of potential supply chain disruptions with the objective to control exposure to risk or reduce its negative impact on supply chain performance. Management of risk includes the development of continuous strategies designed to control, mitigate, reduce, or eliminate risk.
- Business Continuity Management (BCM): as defined by the Business Continuity Institute, BCM is "an holistic management process that identifies potential impacts that threaten an organisation and provides a framework for building resilience and the capability for an effective response that safeguards the interests of its key stakeholders, reputation, brand and value creating activities" (BCI, 2005).
- Business Vulnerability: supply chain vulnerability is defined as an exposure to serious disturbances, arising from risks within the supply chain as well as risks external to the supply chain (Christopher, 2003). In other words, vulnerability is a result of any weakness within a complex system that can seriously jeopardize its activities (Ayyub, 2003). Vulnerability strictly relates to business continuity planning (and, hence, to risk) through the concept of vulnerability management.
- Resilient enterprise: the concept of resilience is related to the ability of the company to recover quickly from a disruption (Sheffi, 2005). That is, a resilient enterprise is built upon business continuity, which in turn relies on (enterprise) risk management and vulnerability management.
All these concepts have gained attention during the last decade and, very likely, will assume even greater attention in the future.
References