In chapter 2 in Supply Chain Risk by Claire Brindley, there is a framework for assessing and positioning supply chain risk issues, written by Andreas Norrman and Robert Lindroth, called Categorization of Supply Chain Risk and Risk Management. What I like about the framework is that it works along three dimensions, each highlighting different areas of research issues or managerial actions: 1) the Supply Chain itself, 2) Risk Management processes and 3) Types of Risk. The framework clearly shows how the dimensions are intertwined and related such that no issue can be distinctively separated from the other.
Three dimensions
Supply chain risks can include a number of different issues, and the article structures these issues along three dimensions. The first dimension addresses the unit of analysis, ranging from single logistic activities, internally or externally, to the whole supply chain or network. The second dimension deals with the type of risks; these can be different in nature and may not be suitable for analysis within the same study. The third dimension addresses the level of risk management activities, starting with risk identification and ending with business continuity management.
Copyright note: The figure above is taken from the article.
Risk management = Business continuity management?
It is interesting to see that the article makes a link between risk management and business continuity management (BCM). BCM deals with the development of strategies, plans and actions which provide protection or alternative modes of operation for those activities which, if interrupted, might bring a seriously damaging impact or fatal loss to the company. And true, these days, in the era of globalization and supply chains stretched around the globe, a well-functioning supply chain more often than not is such an integral part of a companies business that in fact Supply Chain Risk Management (SCRM) can be equated with Business Continuity Management.
Types of risk
Personally I do not subscribe to the three-level categorization of types of risk as seen in the figure above. However, if seen as an example only, this dimension can hold many types of risks and be divided according to the purpose of the analysis, for example (Hiles and Barnes, 2001):
- Strategic risk
failure or success - Financial risk
lack of financial control - Operational risk
human error, mistakes in design - Commercial risk
failure of business relationships - Technical risk
equipment breakdown
Or, another example (Deloach, 2000):
- Externally-driven or environmental risk
external factors, competitors, customers, regulations - Internally-driven or process risk
operations and processing - Decision-driven or information risk
insufficient or erroneous decision support
Supply Chain Risk Management
Whichever categorization you prefer, this framework is an invaluable tool for SCRM, which the authors define as
to collaboratively with partners in the supply chain apply risk management process tools to deal with risk and uncertainties caused by, or impacting on, logistics related activities or resources.
Conclusion
What I enjoyed in this definition is the emphasis on the word collaboratively. No company is an island, and no company can apply SCRM on their own. The whole network must be included. Supply Chain Risk Management is a holistic activity. Only then can it succeed.
Reference:
Norrman, A and Lindroth R (2004) Categorization of Supply chain Risk and Risk Management. In: Supply Chain Risk. Ed. Brindley, C. , Ashgate Publishing, pp. 14-27
Author links
- researchgate.net: Andreas Norrman
- lu.se: Robert Lindroth