Supply Risk Management: just common sense?

Am I missing something here? Does Supply Risk Management come down to plain and simple common sense? I don’t mind authors who use propositions in their articles; it usually shows that they have a pretty good grip on their subject. Besides, it adds structure and focus. In their 2004 paper, Securing the upstream supply chain: a risk management approach, Larry C Guinipero and Reham A Eltantawy put forward and explore four propositions reflecting four situational factors that should govern supply risk management. However, as I see it, not only are these propositions not fully exploited, they appear to be little more than basic common sense, or is it me who is way off?

The four propositions

There are four situational factors that are important in supply chains, namely, the buyer, the supplier, the product bought, and the environment surrounding the purchase. Essentially, what it comes down to, is that the following factors should be considered vis-a-vis potential suppliers:

the degree of product technology
the need for security
the importance of the supplier
the purchaser’s prior experience

Based on this, the authors put forward four propositions:



1. High-tech markets require more extensive risk management than other low-tech markets with slower pace of technological changes.
2. Those suppliers who provide items that have high security requirements require more extensive risk management than those providing items with relatively less security needs.
3. Major suppliers of high volume, value and/or critical items require more extensive risk management than those who supply fewer or less critical items.
4. Suppliers with whom purchasers have less experience require more extensive risk management than with those there is a history of purchasing.

So what it really comes down to is basic common sense, or?

The conclusion

The cornerstone of the paper is a figure that displays three levels or strategies for risk management, limited, moderated and extensive, and how these relate to the above four dimensions, technology, security, importance, and experience.

giunipero-eltantawy-2006

Click image for larger version.
Copyright note: The figure above is taken from the article.

The critique

It was when I studied the figure and attempted to use it for various combinations of “high” and “low” degrees for the four factors that realized the shortcomings of the article, high-tech vs. low teach, while looking at high experience vs. low experience and high vs. low experience at the same time. I simply could not make it work for the combinations I tried. Is there a better way to illustrate this?

Maybe. Simple combinatorics reveals that there are at 16 possible combinations of high and low for technology (T), security (S), importance (I) and experience (E). If each factor is factor is equally weighted, the summary score implies five, not three levels of risk management, as illustrated below, where I have assigned the value of 0 (zero) to low and the value of 1 (one) to high, except for experience, where high obviously is 0 and low is  1. The overall  added score, then, is 0 for the lowest degree of risk and 4 for the highest degree of risk.

Example, low-tech (TL), low need for security (SL), low importance (IL) and high experience (EH) = 0+0+0+0=1. I did this for all combinations, and came up with this:

  1. 0: TL SL IL EH
  2. 1:  TL SL IL EL
  3. 1:  TL SH IL EH
  4. 1:  TH SL IL EH
  5. 1:  TL SL IH EH
  6. 2:  TH SL IL EL
  7. 2:  TL SH IL EL
  8. 2:  TL SL IH EL
  9. 2:  TL SH IH EH
  10. 2:  TH SL IH EH
  11. 2:  TH SH IL EH
  12. 3:  TH SH IL EL
  13. 3:  TH SH IH EH
  14. 3:  TL SH IH EL
  15. 3:  TH SL IH EL
  16. 4:  TH SH IH EL

Of course, if one assigns weights according to the actual importance of each factor to the company, the picture may differ, albeit the basics stay the same. Why Guinipero and Altantawy were unable to come up with this simple deduction, is a mystery to me. Admittedly, the authors do mention that

it is beyond the scope of this paper to address all possible combinations  of  risk dimensions

which implies that they did give it some thought, but I think they could have taken it further, as I did, at least mention  that there are 16 combinations. On the other hand, I guess it is now my turn to admit that it is beyond the scope of this post to address all possible combinations  of  risk dimensions. How does one compare TH SH IL EL to TH SL IH EL? Both have a score of 3. Any takers?

Reference

Giunipero, L., & Eltantawy, R. (2004). Securing the upstream supply chain: a risk management approach International Journal of Physical Distribution & Logistics Management, 34 (9), 698-713 DOI: 10.1108/09600030410567478

Author links

Related

Posted in ARTICLES and PAPERS
Tags: , , , ,

ARTICLES and PAPERS
Lean + Agile = LeAgile: a happy marriage?
Opposites attract and in the supply chain world, "lean" and "agile" appear to be opposites. Both man[...]
Economies of integration
Logistics is no longer what it used to be and logistics today plays a much more important and strate[...]
BOOKS and BOOK CHAPTERS
Book Review: Transportation Network Analysis
Transportation Network Analysis by M. G. H. Bell and Yasunori Iida is a book for the expert rather t[...]
Security and continuity of supply
Aah...the intricacies of the English language. Not supply (chain) security, but the security of supp[...]
REPORTS and WHITEPAPERS
Risky cities - want to work there?
If you are doing global business, do you know where you are at risk and what risk that is most perti[...]
Global Resilience Index
The 2015 FM Global Resilience Index provides an annual ranking of 130 countries and territories acco[...]