Manufacturers are facing complex business risks and disruptors, resulting in a need for the industry to evolve their risk assessment capabilities, according to a new study, jointly conducted by Deloitte and the Manufacturers Alliance for Productivity and Innovation (MAPI). One of the key findings indicates that supply chains need to be carefully managed or they can adversely impact the sales and brand reputations of manufacturers. Upshot: Manufacturers should build resiliency into their supply chains to address any critical vulnerabilities to prevent or recover quickly from risk-related disruptions.
The new study, “Understanding Risk Assessment Practices at Manufacturing Companies,” looks at how manufacturing companies are dealing with risks today and in the future. The overall finding is “that the current operating environment demands a more analytical, agile, and clinical view of risk to effectively address the complexity and velocity of critical risks and disruptions to their businesses.”
“The pace and impact of innovation, coupled with cyber security risk, creates a risk environment that must be carefully managed,” said Brian Clark, partner, Deloitte & Touche LLP, and co-author of the study, in a statement. “Product innovation can rapidly make existing products obsolete, potentially delivering considerable value to the innovator while leaving the unprepared facing competitive disadvantages. Further, technological innovation enables the manufacturing business model more, but can present a strategic risk as well. For manufacturers to thrive amid the ever-changing risk landscape, a company’s risk assessment practices should align with those changes.”
Supply chains are exposed to a variety of risks – inside and outside their value chains – including geopolitical pressures, regulatory requirements, environmental/social responsibilities and emerging market challenges as well as risks related to third-party service providers and operational risks (development planning, sourcing, production & distribution), according to the study. But supply chains also should consider functional risks around financial investments, human resources and information technology (IT), which all impact the complexities of the supply chain management, the study finds.
This translates into a need to build resiliency into the supply chain. The study finds: Resilient supply chains can address critical vulnerabilities proactively, with a more targeted approach than attempting to predict and prepare for every risk type. A resilient supply chain balances risk and costs to prevent or recover quickly from a multitude of dynamic and simultaneous risk-related disruptions. This is generally achieved through having visibility and transparency in the supply chain, flexibility in sourcing, collaboration within and outside of the organization, and a strong control environment.
One key recommendation to assess supply chain processes is through an internal audit, which can assess regulations across jurisdictions and third-party risks as well as monitor processes globally and evaluate import and export processes. Other study recommendations include measurement techniques for monitoring supplier performance, availability and delivery of materials, and risk sensing analytic capabilities to monitor risk exposures within the supply chain.
In addition to supply chain risks, the study reveals that competitive characteristics, including innovation and talent management were ranked as priority business risks by survey respondents. They also ranked risk management and data analytics, “where internal audit and risk executives are making significant investments,” as competitive capabilities.
Survey respondents also shared what they think will be the biggest business and IT risks three years from now. The top business risks cited include:
- Product design/development innovation
- Transforming the business model to access emerging sources of demand (JVs, M&A, and alliances)
- Pricing/margin pressures resulting in overhead cost constraints
- Talent and succession planning
- Fraud and corruption risks in emerging markets
The top IT risks include:
- Cyber security risk management, including compliance with critical infrastructure executive order
- Mobile device (smart phones and tablets) security
- Cloud computing risks
- Sensitive data loss prevention
- Maintenance/viability of complex, disparate, and/or antiquated systems
In addition, a skills gap in manufacturing can impact a manufacturer’s growth and profitability, according to the study. Similar to the assessing risks in supply chain processes, an internal audit can assess programs, including recruiting and retention initiatives, HR IT systems, and deployment of data analytics capabilities to monitor trends, designed to mitigate talent shortage and skills gap risks, said Deloitte.
Other successful practices, according to survey respondents include: interviews, periodic presentation of specific risk topics to the board committee tasked with governance, and integrating risk assessments into the strategic planning process with business units.
The least-effective practices cited include: risk questionnaires or surveys that are too long or sent to too many people, accepting canned or repetitive risk mitigation responses, and risk assessments that are too narrowly focused.
The study’s recommendation: Companies should assess their risk assessment techniques on a regular basis. In fact, the study reveals that 70 percent of respondents perform annual or semi-annual events that generally take less than 500 hours of time and focus on the global organization and evaluating the impact and likelihood of risk events. Analysts advise that manufacturers consider the following in elevating the value of risk assessments:
- Integrate risk identification into the strategic planning process
- Research potential disruptors to strategy, such as innovation
- Identify mitigation and/or monitoring strategies for the highest priority risks
- Prioritize action-oriented mitigation strategies to change behavior
- Define ownership of key mitigation strategies and drive accountability for results
- Pay attention to how to monitor changes to strategic plan assumptions
- Define risk indicators and determine available information
- Remove bias through the use of both internal and external data to provide objective benchmarks to monitor key assumptions and strategic risks
- Focus dialog on continuous improvement to anticipate a changing risk landscape
- Make strategic risk a standing topic with the board and senior management
The overall approach to risk, which includes identifying and monitoring key risk indicators, supports a holistic approach. According to the study: A holistic approach to risk and risk assessment – as well as continual attention from a board risk committee, a chief risk officer or other champion, and internal audit – helps embed risk consideration within a manufacturer’s business culture. The enhanced ability to recognize and effectively address strategic risks can give a manufacturer a competitive advantage that enables it to not only survive, but thrive amid change.
Another key area that is important in planning the approach to assessing risks is “staying abreast of the unique impacts trends, such as availability of required human talent, changes in available materials for production, the shifting nature of supply chains or even global economic events.”
For more information, click here for the complete study.