No matter how good the supply chain gets, assessing and managing risks is always something that needs constant attention.
As CAPS Research notes in a recent report titled “Value Chain Strategies for the Changing Decade,” today's corporate business models provide tremendous opportunities for growth, innovation, and access to new markets — but the increased amount of complexity brings financial, geographic, cultural, or organizational risks.
CAPS found that many companies use similar techniques for integrating value-chain risk management into their overall risk management strategies, and that there are three primary categories companies look at and devise strategies for:
- Strategic value-chain risk/rewards decisions, which are made when introducing new business models and strategies and/or new products or services
- Value chain structural risk results from strategic decisions that establish ongoing risk (e.g., specific suppliers selected, single sources, or geographical location)
- Operational risk management, requiring quick response to crisis events (e.g., earthquakes and tsunamis)
What's interesting is that risk mitigation strategies that were put in place to offset risks from many years ago may at some point become risks themselves and call for new risk mitigation practices.
For instance, many years ago OEMs clustered suppliers close to manufacturing bases. They did that in order to cut component delivery time, increase supplier response time to demand-driven supply chain requirements, and reduce the distance between where parts are shipped and where they are needed. But, in 2011, many companies learned the hard way that such a setup poses serious risks during natural disasters.
When the tsunami struck Japan and floods hit Thailand, many key suppliers sustained substantial damages, and alternative sourcing became problematic. So now, as a result of that risk-turned-reality, companies are again diversifying their geographic or regional supplier footprints — raising the potential for other risks.
The CAPS Research report also highlights some of the risk-management obstacles that still exist and how many companies are limited in developing more comprehensive risk management plans beyond the first tier of suppliers. Lack of supply chain visibility, incomplete data, insufficient resources, and metrics that only assess historical risks without providing greater predictive details are some of the challenges that create a certain amount of risk.
Evidently, risk management is never going to be a perfect science. It can't be. Uncertainty will always be lurking somewhere in some part of the business or ecosystem. Short of having a giant supercomputer in a back office that can calculate and measure every minute detail and spit out formulaic solutions to potential problems, there will always be risks of varying degrees.
What enterprises can do is set their own company-specific standards for what's considered an acceptable risk and decide how often those risks should be weighed against changing opportunities. Making risk management a habit and a regular routine is probably the best most companies can hope to do. As with all imperfect things, only consistent practice can push them closer to perfection.