5 Steps to Develop a Supply Chain Risk Assessment Process

Feb 14, 2017 5:05 PM ET

Gaining as much value from the supply chain as possible while meeting consumer expectations for sustainably and ethically produced products is a difficult balance to achieve. To do so successfully, companies need to identify where threats exist across the supplier network and implement iterative mitigation strategies. Supply chain risks can range from human rights violations to operational disruptions.

Institutions such as the Organization for Economic Co-operation and Development have developed guidelines on which enterprises can base their supply chain management strategies. Some efforts focus on amplifying supplier value contribution, while others aim to increase ethical sourcing.

With these commitments in mind, there are five steps organizations must take to establish effective supply chain risk assessment processes.

1. Define stakeholder concerns
Shareholders, customers and employees dictate how companies compose their downstream and upstream operations.

The University of Tennessee surveyed 163 supply chain professionals, asking them which logistical commitments increase a firm's shareholder value. UT researchers identified the top three trends that positively affect a company's shareholder value:

  1. Customer relationship management: Companies that perform particularly well adjust their supply chain operations to specific audience segments.
  2. Collaborative relationships: Enterprises that use the same key performance indicators as their suppliers can save logistical costs and increase product quality.
  3. Flexible strategies: Organizations usually benefit by developing multi-year supply chain frameworks capable of adapting to changing conditions.

Employees and customers have values that are slightly similar to those of shareholders. AzkoNobel, a chemicals manufacturer based in the Netherlands, noted customers value renewable energy, eliminating waste and maintaining operational integrity. In a similar vein, employees care about workplace engagement, process strategy and safety. Companies must share data throughout the supply chain to identify supply chain risks.

2. Identify points of risk
After identifying what stakeholders want a company to achieve, supply chain managers can assess which factors will hinder the business from accomplishing those goals.

Supplier identification involves understanding how upstream partners conduct operations. This includes determining which materials manufacturers use to develop goods. For example, the OECD noted some companies gather material declaration data from all of their suppliers and classify risk based on which products contain the materials in question.

3. Develop a risk mitigation strategy
Effective supply chain risk mitigation strategies utilize three resources: people, processes and technology. Each of these has a role in analyzing data gathered from suppliers. Therefore, it's imperative enterprises establish an infrastructure dedicated to continuously gathering, interpreting and acting on information.

One technology that promises to increase supply chain visibility is electronic product code-enabled radio-frequency identification. According to Retail Intelligence, EPC-enabled RFID tags can receive, store and transmit data through radio waves to readers, which can relay that information to enterprise resource planning systems. In some cases, the technology allows companies to a product's lifecycle throughout the supply chain.

4. Partner with third-party auditors and data collection agencies
The chief advantage of partnering with a third-party auditor and data collection agency is that it can dedicate the bulk of its resources to collecting and validating supply chain data. Their businesses are built on delivering procurement analysis services, so they have every incentive to conduct supply chain analyses effectively and thoroughly. In contrast, a company that designs and sells smartphones has every incentive to deliver devices that its target audiences desire.

Due to the incentives under which third-party auditors operate, such businesses often possess talent specializing in specific supply chain concerns from anti-corruption efforts to smelter verification. This expertise enables enterprises to analyze specific risks.

5. Simulate outcomes
Once companies understand how they can mitigate risks, they must confirm the efficacy of specific threat-reduction efforts. Upstream partners may fail to provide their procurement information, or neglect to conform to procurement standards and deadlines set by the company.

In these situations, the company will need to decide between different solutions, one of which is to move to a different upstream partner. How will this decision impact product quality and pricing? How does the new supplier validate procurement data?

Across each of these five steps, collaborating with supply chain partners is key. Knowledge is power, and sharing information with all supply chain parties is the key to successfully managing and mitigating supply chain risk.