Preparation and planning is essential to the success of any business process, and supply chains are no exception. While traditional risk management policies can help decision-makers feel more secure about their operations, supply chain managers need to take a more innovative approach to tackle threats and meet increasing demands, according to an Inside Supply Management report by industry expert Jin Leong.
The first part of this new process is to create a supplier observation database. This program should summarize one-on-one interactions with external or internal changes and public statements made by suppliers. This information can be gathered through press releases or conversations with the organization and its staff, Leong said.
The point of this database is not to use data in a malicious way, but so that supply chain managers can take note of all things occurring within partner companies.
"The goal [is] not to identify a single 'silver-bullet' indicator but to encourage procurement managers to keep their eyes open and detect trends," industry expert Caro Cook said, according to Leong. "In some cases, the observations may point to risk, but in others, the observations may point to opportunity for improvement."
Once there is a large amount of information within the database, supply chain managers can analyze patterns and trends using heuristics, or educated guesses without including any financial or hard data. Using this strategy, businesses can take a defensive stance toward risk management, allowing them to plan for contingencies, Leong asserted.
In addition to these practices, organizations should require suppliers to submit real-time risk assessments. Traditionally, qualification programs relied on a one-time process, which focused on quality, performance and price, but not inherent risk. This means any changes that were made within the company since the initial assessment likely went unnoticed and, as a result, increased the threat landscape, Leong said.
By utilizing a supplier observation database and requiring suppliers to submit qualification assessments constantly and for every project, companies can improve their risk management and be more prepared for any changes that may need to be addressed in the future.
However, supply chain managers should keep in mind that these risk management practices only regard suppliers and partners, not information technology evolutions or disasters. As a result, executives should also have IT risk management and disaster recovery plans to improve data loss prevention best practices.