Zycus and the Supply Risk Explosion

“Ten or fifteen years ago, you could not convince most procurement and supply-chain professionals to talk about supply-risk management. Today you can not get them to stop talking about it.” That is what Zycus, the self-proclaimed spend management experts, claims in their latest whitepaper  “The Supply Risk Explosion – Building a business culture that can cope“. I must admit that they do indeed have a point. Today’s list of supply-related risks can seem nearly infinite: supplier bankruptcy, tight credit, emerging capacity constraints, commodity price inflation, low inventories, product recalls, supply-chain globalization, supply-base rationalization, corporate cost cutting, dangerous management decisions, currency fluctuations, terrorism, increased regulatory activity, outsourcing, sustainability, social responsibility, social media, unfair trade practices, and so much more. How can any firm not be overwhelmed by this?

The times are changing

Procurement and supply-chain management executives worry about many things, and in the past decade, the emphasis has also shifted dramatically.

Fears around things like supplier-quality performance, force majeure, corporate espionage, price volatility, late materials and parts shipments have been supplanted by fears around things like supplier bankruptcy, low-cost country sourcing, cash flow, social responsibility, sustainability, and social media.

The latter three are particularly important, as my post on future value chain trends for 2020 showed just a few days ago. The key, according to Zycus, will be beating outsiders to asking and answering such questions as: what are the total carbon costs associated with where we buy, how far we move materials, and how we decide to transport them? Such reputation risk is only one hitherto unconsidered supply risks that companies must keep an eye on, as  Twitter, Facebook, blogs, and everything else will only magnify any potential damage to a firm because any person, anywhere in the world now has the power to publish facts and/or opinions about any business enterprise. On a side note, how to handle such situtaions is very well covered in Garry Honey’s book on reputation risk.



Risk Management essentials

Zycus says, and very rightly so, there is no secret formula for managing supply risk. It boils down to habitually asking and answering the following questions:

  • What can go wrong?
  • What is the statistical probability it will go wrong?
  • What will be the likely impact if it does go wrong?
  • To what extent could our business (and/or management team) tolerate such an impact?
  • What could we do to prevent it from going wrong (or be compensated if it does go wrong)?
  • How much would that cost?
  • And does the cost of prevention/compensation make sense in context of probability, potential impact, tolerance, AND in context of other—potentially greater—risks?

This is a very simple formula indeed, and much in line with Kaplan’s definition of risk. Moreover, it also emphasizes weighing the costs against the benefits, as in Six Steps to Risk Management by Kiser and Cantrell, because it is very much possible to over-mitigate, where preventing risks may come more expensive than letting it happen.

How to risk-proof strategic sourcing processes

This is perhaps what I like most about this white paper: A clear (actually many clear) examples of what can go wrong in sourcing. Based on a typical 8-step sourcing process, they identify potential risks and pitfalls:

The below are just some of the generic examples used. The whitepaper, available for download below, has concrete and real-life examples in full detail.

Step 1: Identify opportunity, e.g. using incomplete spend data, the firm underestimates total spend in a particular category, and wrongly underestimates needed goods from a supplier, who – as it later turns out – cannot meet the actual demand.

Step 2: Assemble team, e.g. using team members with insufficient domain expertise, with too-close relationships to suppliers, or who may be unaware of proper ethics and laws related to sourcing.

Step 3: Scan market, e.g. defining the supply universe too narrowly, failing to comprehend long-term volatility in things like supplier prices, lead times, and delivery performance, failing to define upstream supply risks, etc.

Step 4: Set strategy/develop specifications, e.g.  poor go-to-market timing, or setting specifications too rigidly, and allowing too many variables, thus undermining analysis and decision making capabilities.

Step 5: Go to market, e.g. engaging with insufficient numbers of suppliers, using the wrong types of engagements  failing to communicate properly or fairly with all parties, failing to control information flows, and failing to capture important information from suppliers.

Step 6: Analyze, e.g. poor or inconsistent weighting of various decision factors.

Step 7: Award/Contract, e.g. suboptimal allocation of business among suppliers, too little legal protection, too much legal protection, too much time in the contracting process, and a failure to compel or ensure compliance.

Step 8: Transition, e.g. failure to capture incumbent suppliers’ acquired or undocumented knowledge and failure to communicate properly with internal stakeholders about how a transition will roll out.

The Risk Maturity Curve

The purpose of this paper, so Zycus says,  is to help sourcing and procurement executives understand where their organizations stand on the maturity curve for supply risk management and what they can do today. This curve has four phases:

  • Aware – Qualitative
  • Active – Quantitative
  • Active – Scientific Predictive
  • Active – Scientific Predictive, Connected, Balanced, Refined

While the whitepaper itself is not going to make a firm go from phase 1 to phase 4 in their risk maturity, what it does show is that effective risk management is a long process. It’s not done in a whim, and it’s not a “do once and then remember”-process, it is an ongoing and continuous effort.

Conclusion

As a whitepaper, this is a good one. What I like about it are the examples provided in the sourcing steps, where some companies seem to make every mistake a company can make. For a researcher like  me, with an academic and perhaps somewhat detached perspective on supply chains and procurement, this paper provides valuable insights not always found in academic articles.

Download

Link

Related posts

Posted in REPORTS and WHITEPAPERS
Tags: , , ,

ARTICLES and PAPERS
Robust, Resilient and Secure
Antagonistic threats against supply chains are a special and limited array of risks and uncertaintie[...]
Information Risk Management
Openness, partnering, trust and particularly sharing of information has often been cited as one way [...]
BOOKS and BOOK CHAPTERS
Book Review: Reputation Risk
Reputation. Not only is it practically impossible to measure, its value is also frequently underesti[...]
Book review: The Network Reliability of Transport
I guess you would have to have attended the conference yourself or be a researcher in this very fiel[...]
REPORTS and WHITEPAPERS
Hiperos - the Integrated View of Supplier Risk
Supply chains have gone global. No longer are they a point-to-chain of goods flowing from a source t[...]
Creating the resilient supply chain
This blog is about supply chain risk, business continuity and transport vulnerability, and while I h[...]