How to manage risk with supply chain continuity planning

Researchers predict that both natural and human-made disasters will increase five times in the next 50 years. These events include pandemics, equipment failures, fires, labor disputes, supplier defaults and political instability — each of which can have devastating effects on any business. That’s why supply chain continuity planning is crucial for companies in these times of uncertainty.

Such disruptions, as illustrated by the current fallout of the Coronavirus pandemic, have reinforced the insights that not only can supply chain disruptions affect operations, they often result in financial damage well beyond the immediate operational impacts. Yet studies have found that many managers understand so little about their supply chain risks that they don’t even know what kind of framework would fit the particular supply chain dynamics they face. As a result, their supply chain resiliency hasn’t kept pace with the continually rising level of logistical complexity.

The most effective and proactive method for managing risk in the supply chain is to develop strong continuity plans that will inform an overarching Supply Chain Continuity Plan (SCCP). Comprising an integrated set of formalized procedures, the SCCP enables both resilience and responsiveness in the supply chain. This allows it to withstand the effects of significant disruptions without negatively affecting the customer experience or suffering significant recovery costs.


Developing a practical framework

An essential first step in developing an SCCP is to apply a practical framework supported by documented policies and procedures. The framework consists of two parts – risk analysis, and risk monitoring and control.

  • Risk analysis

As part of risk analysis, a dedicated risk management function or team needs to be in place to identify and evaluate current supply network vulnerabilities, such as single-source suppliers, single points of failure and high-revenue impact suppliers. They also need to assess supplier business continuity planning, such as their preparedness and time-to-recovery in the event of a supply chain disruption, as well as their capacity to handle the increased demand.

Understanding each other’s priorities and working together to develop supply chain continuity plans builds on this foundation to create greater resilience. Risk can be identified according to the following categories:

Risk Category Examples
Catastrophic Pandemic (such as COVID-19), earthquake, geopolitical unrest
Strategic Unprofitable new product introduction, quality risks associated with low-cost countries, supplier rationalization, tax and financial impact of market expansion, environmental risks
Periodic incident Recurring supplier failure, customer service failure and technology failure due to upgrades or migration
Daily surprises Plant shutdowns, unanticipated fluctuations in demand, unplanned supplier failure, unexpected transportation shortages

All potential risks should be captured in a risk register for each supply chain function to facilitate visibility and regular reviews. A standard register should incorporate the following aspects:

    • Risk categorization and description
    • Risk probability, impact and level
    • Financial impact
    • Description of risk response and cost
    • Accountability, due date, budget, and status for the risk response
  • Risk monitoring and control

Risk monitoring ensures that existing risks are continually assessed, and new risks identified as a result of changes in the supply chain or broader organization. These can include real-time alerts and notifications, supplier audits and change notifications, and ‘war room mobilization’, such as services that assess and organize a rapid response to supply chain events. Such processes require integration with a company’s supply chain risk management platform to detect disruptions and determine how they could potentially impact suppliers, parts and, ultimately, cost and revenue.

Risk monitoring enables the appropriate mitigating actions and contingency plans to be developed and adjusted in response to new risks and changing risks as they occur, ensuring there are no gaps in the SCCP. The continual monitoring of risks can be achieved by updating the risk registers regularly, by identifying risk triggers, and through variances and trends of identified risk indicators.

An integrated SCCP approach, done properly, can facilitate compliance, reduce the cost of risk management, improve supply chain resilience, and also facilitate the implementation of a supply chain strategy with confidence.


Download Of black swans, confirmation bias, and the O-ring theory: Why cynics can help you build supply chain resilience for an insight into this crucial component of corporate risk management.