Supply Chain Risk Management
Supply Chain Risk Management 


We can distinguish two type of supply chain risks:

  • Risks arising from interaction between the supply chain and its environment.
immediate impact on a companies’ promise to deliver capabilities. A third concernis the disturbing effect on supply chains of natural disasters such as the Iceland volcano disruption, the Japanese tsunami, and the flooding in Bangladesh or Thailand.These external factors can have a devastating impact on the efficiency and reliability of fulfilment processes.

The Risk Exposure Index is a method developed by the Massachusetts Instituteof Technology (MIT) to quantify exposure from supply chain disruptions, takinginto account the full end-to-end scope and includes multiple tiers of suppliers intothe analysis. Based on estimated “time to recovery,” the method calculates a firm’s financial impact.
  • Terminate the risk; avoidance, e.g., by not entering into a contractual relationship.
  • Transfer the risk; move the consequence.
  • Treat the risk; reduce the possibility or mitigate the impact by control measures.
  • Tolerate the risk; accept the possible outcome.

The first type includes changes in customer demands, unexpected transit delays, production problems at suppliers of critical components and warehouse shortages. They are caused by lack of visibility, lack of ‘ownership’, justin-time practices and inaccurate forecasts.
The second type includes external risks,such as disruptions caused by strikes, terrorism and natural catastrophes (Cranfield 2002). Together, they impact the vulnerability of the supply chain.

Key concerns of supply chain managers are related to product quality, inventory and natural disasters. It takes years to build a reputation of delivering high quality products and services; recovery from quality problems is hard. Global productionand sourcing has created longer supply chains putting pressure on safeguarding fast deliveries whilst putting pressure on minimizing inventories for optimal working capital and cash flow.

This makes the supply chain vulnerable for disruptions with
Terrorism and piracy, and delay caused by customs are less concerning for supply chain professionals. According to Dittmann (2014),compliance and security programs have resulted in faster customs processing.

Companies use risk analysis methods to identify and assess risks and determine effective strategies to cope with the risks in a structured way. Failure mode and effect analysis (FMEA), is such a method. Three factors define the priority: the likelihood or probability of the problem occurring, the seriousness or severity of the consequences, and the likelihood of early detection of the problem.Fault Tree Analysis (FTA) is a proactive method to identify all possible causes of a potential incident. 
BowTie diagram
BowTie diagram

The method helps to understand how systems can fail and to identify ways to improve system reliability. Fault trees have strong similarity with methods used in quality management, such as fishbone or Ishikawa diagrams.

Where FTA identifies the causes, Event Tree Analysis (ETA) analyses the consequences of a potential event. The Bow Tie diagram is a combination of both fault tree and eventtree. Given a specific hazard, prevention measures are placed in the fault tree and mitigation measures in the event tree.

After a proper risk identification and analysis, companies have to make choicesabout managing supply chain risks. A common approach towards Supply Chain RiskManagement, also called the 4T portfolio approach, is to apply a portfolio of actionsto terminate, transfer, treat and tolerate risks (Burtonshaw-Gunn 2008).

Risks may be mitigated by actions such as e.g. the selection of financially strongsuppliers, lean management and six-sigma techniques aimed to reduce or eliminate waste and delays, and the use of visibility tools to track global shipments and take necessary action if needed, and other approaches to reduce lead times and lead time variation.

Other measures include strengthening global logistics competence, predictive modelling, use of air freight, adding inventory, insourcing or near sourcing and (self) insurance. The latter is a way of transferring risk, the cause is not taken away; only the firm’s vulnerability is being managed.