Upload
fmbabs
View
141
Download
1
Embed Size (px)
Citation preview
Risky Business
Using Risk Management in Today’s Uncertain World
What Skydiving Taught me about Risk
Copyright 2014 by Babineaux Educational Services and Training, Inc.
Who am I?Mike Babineaux, CPSM, C.P.M., A.P.P.Experience
40 years Supply Management Experience 30 year FedEx Veteran 20 year Skydiving Career
2000+ jumps & 24 hrs freefall time
SCM Educator and Trainer Babineaux Education, Services and Training, Inc. www.BESTraining.com 901.413.8893
Risky Business
Using Risk Management in Today’s Uncertain World
What Skydiving Taught me about Risk
Copyright 2014 by Babineaux Educational Services and Training, Inc.
"Unfortunately, the sky is a demanding mistress, and totally unforgiving of any
lapse in vigilance, attention, concentration, or focus."
Pat Works(fellow skydiver & good friend)
Risky Business(What Skydiving Taught me about
Risk)
Risky Business(Using Risk Management in Today’s Uncertain World)
How many of your companies have a formal Supply Risk Management
Policy and Procedure?
Earlier than Friday, March 11, 2011?
Risky Business(Using Risk Management in Today’s Uncertain World)
Earlier than Friday, 11 March 2011?
Fukushima Daiichi nuclear disaster
Upside to Fukushima Daiichi Nuclear DisasterBy Patrick Burnson, Executive EditorNovember 24, 2011 - SCMR Editorial
• A “White-Hot” Topic • Companies more aware • The need is significant
ObjectiveUnderstand a risk management profile and strategy
Agenda & Direction
Definitions Supply Chain Risk Risk Analysis Risk Management
Agenda & Direction
Definitions Risk Stakeholders Assessment Mitigation Monitoring Tolerance
1. exposure to the chance of injury or loss
2. the amount that the insurance company may lose
Definition - Risk
Definition - StakeholderIn Skydiving the stakeholders are the airport operators, the aircraft owners and operators, the equipment operators and ultimately – the skydiver themselves.
In general they’re any person (s) with a vested interest in something; those who will be affected by and/ or can influence a decision-making process.
Applied to an organization's supply management structure, this definition would include all persons and organizations that have something that would be at risk in the event of a supply disruption.
The ISM Glossary - “Identifying and quantifying the risk of a supply disruption using a framework that describes:• the attributes of suppliers, • their relationships and interactions with the assessment organization”
A formal policy and Procedure that’s SOP
Definition - Risk Assessment
Risk mitigation entails specific steps undertaken by supply management professionals to reduce the impact of factors that might lead to injury, loss, damage or failure and thus reduce the liability of the organization in its relations with various stakeholder groups, including employees, suppliers and customers
Definition - Risk Mitigation
The identification of which factors must be monitored in order for prompt detection and
reaction to occur
Definition - Risk Monitoring
Global Event Monitoring Becoming more important
Disasters often are only reported locally and take organizations by surprise
Definition - Risk Monitoring
Japan Europe United States
Global Event Monitoring Becoming more important
A second-tier supplier to one of the organization's first-tier suppliers can be hit by weather, political issues, import
restrictions, etc. which will impact the entire chain.
Definition - Risk Monitoring
2nd Tier Supplier
Prime Supplier You
Global Event Monitoring Becoming more important
Definition - Risk Monitoring
“I didn't know we had a supplier there!"
Definition - Risk Tolerance
The risk of not having enough of the “rights”– Quantity– Time– Place
and the organization's tolerance around this type of risk
Definition - Risk Tolerance
The risk of not having enough of the “rights”– Quantity – How few?– Time – How late?– Place – How close?
Not having the right stuff to the right place at the right time leads to . . .
LostSales
Idle Equipment
IdleLabor
Economic Issue
Agenda & Direction
Definitions Risk Stakeholders Assessment Mitigation Monitoring Tolerance
Definitions
Supply Chain Risk Risk Analysis
Risk Management
Agenda & Direction
Supply Chain Risk
Supplier Management
Supply Chain Stability
Recovery/ Continuance
Time
The way a customer manages its suppliers is a strong predictor of supply chain stability and of its
ability to continue or recover in the event of a disruption.
Prime
1st Tier
2nd Tier
Responsible for ensuring the
performance of their suppliers
and their suppliers' suppliers
Supply Chain Responsibilities and Relationships
Prime
2nd Tier+
1st Tier
Must examine their
relationship to the second
and third tier suppliers as
well as the risk management capabilities of the primary contractor
Supply Chain Responsibilities and Relationships
Prime
1st Tier
2nd Tier
The relationship
and interactions
they have with the primary
supplier often determine the level of risk (or
disruption potential) of a supply chain.
Supply Chain Responsibilities and Relationships
Beyond Tier ConsiderationsBeyond Tier Considerations
A supply chain is only as strong as its weakest link
The identification (and mitigation) of potential weaknesses is a critical aspect of risk management
Risk management must go beyond the tier suppliers and their relationships
Beyond Tier ConsiderationsBeyond Tier ConsiderationsThird-party service providers such as
transportation and warehousing organizations must not be overlooked.
Beyond Tier ConsiderationsBeyond Tier ConsiderationsTheir operations may contain greater potential supply risk than the primary or secondary suppliers or contractors.
Definitions Supply Chain Risk Risk Analysis Risk Management
Agenda & Direction
Agenda & Direction
Definitions Supply Chain Risk Risk Analysis
Category Identification Probability Estimation
Risk Analysis - Major Categories
• Financial• Operational• Reputation/Brand• Legal• Environmental• Technical
Risk Analysis - Financial Risk
• Bankruptcy• Mergers & Acquisitions• Currency Exchange
Fluctuations• Commodity Price
Volatility
Risk Analysis – Operational Risk
Inadequate or failed internal processes, people and systems (e.g. fraud or theft)
Risk Analysis – Reputation/Brand
The degradation of a firm’s reputation by negative interactions with the market place
Uncertainty in the applicability or interpretation of contracts, laws or regulations
Risk Analysis – Legal Risk
Risk Analysis – Environmental Risk
Losses from environmental events
Liability losses from environmental impacts
Risk Analysis – Technical Risk
Technology will not perform as planned
Technology will become obsolete
Agenda & Direction
Definitions Supply Chain Risk Risk Analysis
Category Identification Probability Estimation
Risk Analysis – Probability Estimation
Identification of major categories of risk
and
The relative probability of a disruption with associated impact of disruption.
Probability Estimation Procedure Steps
1. Define network/category of concern
Estimating the probability of a supply chain disruption event is difficult and dependent upon the environment built by the suppliers and customers within a trading network.
Probability Estimation Procedure Steps
2. Examine history of disruptionsOnce the network is defined, the general history of disruption potential of this environment can be examined by gathering historical data or by polling experts within the network.
The experts can describe the "typical" disruptions for this network and can provide some rough probabilities, e.g., once per year this happens or once every three years one of the suppliers goes out of business.
Probability Estimation Procedure Steps
3. Define typical disruptionsSome typical disruptions are:
• Misalignment of interests (e.g., a supplier is no longer interested in the organization's account due to market dynamics or legal issues)
• Disasters (weather, war, earthquake, etc.)
• Union work stoppage • Regulatory shutdown,• Transportation snafu’s
Probability Estimation Procedure Steps
4. Match specific suppliers with specific eventsOnce the base probability estimate is complete for network disruption events, specific suppliers can be assigned the likelihood of specific events occurring with specific suppliers, using the results of a supplier-by-supplier risk assessment.
Probability/Impact/Visibility Assessment
Low Impact High
High
Low
HighestPriority
Maximize Focus
LowestPriority
Minimize Focus
Prob
abili
ty
Visibility
High
Low
Agenda & Direction
Definitions
Supply Chain Risk
Risk Analysis
Risk Management
Risk Management
Risk Planning Risk Assessment Risk Mitigation Risk Monitoring
Risk Management - Planning
Steps
1. Confirm scope and current state2. Conduct impact assessment3. Define alternatives4. Develop plans5. Implement readiness
Risk Management - Planning
1. Confirm scope and current state
•Interview stakeholders•Catalog assets & systems•Identify critical functions•Review disaster recovery plans•Identify constraints
Risk Management - Planning
2. Conduct impact assessment
Identify: major threats, vulnerabilities and key risks
• Financial and asset impacts? • Supply chain and stakeholder
impacts?• How can the network absorb these
impacts and respond to them?
Risk Management - Planning
3. Define alternatives
Select risk mitigation alternatives and supply chain and network
contingencies
• What is the organization's risk tolerance? • What can be insured against?• What can be done to manage the rest? • Who can be called upon to step up
production? • How can capacity be shifted?
Risk Management - Planning
4. Develop Plans
• Select the appropriate mitigation recommendations and develop action plans to implement them.
• Define business continuity supply, demand management, contingency and mitigation plans.
• Tightly define business continuity operations.
Risk Management - Planning
5. Implement Readiness•Establish maintenance and detection processes•Validate business continuity plans•Implement threat detection measures•Execute risk mitigation and maintenance measures
Plans should be continuously examined for effectiveness, including sharing plans with appropriate supply
chain partners
Risk Management
Risk Planning Risk Assessment Risk Mitigation Risk Monitoring
A risk assessment identifies and quantifies the risk of a supply disruption
Risk Profile•Single supplier, group or network•Risk Identification•Numerical score (e.g. 1 – 5)•Higher score = lower disruption
potential
Risk Management - Assessment
Labor Unrest Risk Profile Matrix Example
SupplierB
SupplierA
SupplierC
Risk Profile Risk Profile MatrixMatrix
Risk Management
Risk Planning Risk Assessment Risk Mitigation Risk Monitoring
Specific steps to: •Reduce the impact of factors that might lead to injury, loss, damage or failure•Reduce the liability
Risk Management - Mitigation
The Mitigation Effort
Simple monitoring and/or acceptance to
Full-blown contingency plan calling for complete redundancy
Risk Management - Mitigation
Risk Management
Risk Planning Risk Assessment Risk Mitigation Risk Monitoring
Risk Management - MonitoringMost important part of a Risk
Management Program
Timing:• Some areas should only be monitored yearly (e.g.
physical locations do not change that often)
• Other areas should be monitored weekly (e.g. delivery and quality performance)
Risk Management - MonitoringAnother most important part of a
Risk Management ProgramWHO monitors WHAT:
Critical decisions to make BEFORE a disruption, NOT AFTER
Agenda & Direction Summary
Definitions Supply Chain Risk Risk Analysis Risk Management
Agenda & Direction
Definitions Risk Stakeholders Assessment Mitigation Monitoring Tolerance
Definitions Supply Chain Risk
Warehousing Transportation
Agenda & Direction
Agenda & Direction
Definitions Supply Chain Risk Risk Analysis
Category Identification Probability Estimation
Agenda & Direction
Definitions Supply Chain Risk Risk Analysis Risk Management
Planning Assessment Mitigation Monitoring
Final Word
Thanks for Your Time and Attention
Risky Business
Using Risk Management in Today’s Uncertain World
What Skydiving Taught me about Risk
Copyright 2014 by Babineaux Educational Services and Training, Inc.