Workshop: Developing a Risk Management Plan 1 This workshop was developed by the USAID | DELIVER...
-
Upload
baby-holyfield -
Category
Documents
-
view
213 -
download
0
Transcript of Workshop: Developing a Risk Management Plan 1 This workshop was developed by the USAID | DELIVER...
Workshop: Developing a Risk Management Plan
1
This workshop was developed by the USAID | DELIVER PROJECT as part of its Risk Management Toolkit, which can be found at http://deliver.jsi.com/dhome/whatwedo/supplychainsys.
Session Objectives
By the end of the session, attendees will have—• learned the basic concepts of supply chain risk
management• evaluated and prioritized supply chain risks by
frequency of occurrence and degree of impact on operations
• developed potential strategies for each risk.
3
Overview
• What is supply chain risk management?• Why is supply chain risk management
important?• Activity: Evaluate and prioritize risks• Supply chain risk management approaches• Activity: Draft risk management approaches• Debrief: form longer-term risk mgmt. plan.
4
Basic Components of Supply Chain Risk Management
• Identify risk events:– Definition: Possible actions or outcomes with a direct
negative impact on supply chain objectives– Range: Can completely disrupt the supply chain, or only
cause delays in scheduled plans• not just theft or corruption.
• Evaluate and prioritize risks• Create a supply chain plan to work through each risk,
or group of risks.
5
Risk Management Schematic: Activities and Organizational Structure
Risk Context
• Map supply chain, supply chain classification, product classification.
Risk Evaluation
• Assess and agree on features of risk events: likelihood, impact, ability to control, etc.
Risk Treatment
• Use levers within and outside supply chain
• Avoid system activities; reduce, hedge, and accept risk.
Risk and Performance Monitoring
• Base on understanding of drivers of risk and risk treatment plans
• Monitor risk drivers
• Risk management performance.
Incident Handling
• Incident detection• Specific and
general contingency plans.
Participation
Participation: Initiating group + technical assistance + stakeholder collaboration
6
Learning• System evaluation• Planning and execution
improvement
Cred
it: U
SAID
| D
ELIV
ER P
ROJE
CT 2
013
Why Is Supply Chain Risk Management Important?
• In private sector, risk management is proving beneficial for complex supply chains: global supply chain, multiple tiers of suppliers, critical components in products.
• Success in public health setting—in Côte d’Ivoire, Mozambique, and others.
• Enables collaboration and consensus building between stakeholders about supply chain issues and steps to address these issues.
7
Risk Management Case Study
• Content from TO5/advocacy materials• Also, see appendix for some presentation
material.
8
Sources of Public Health Supply Chain Risk
Intrinsic Health Complexity
Data Availability &
Quality
Procedural Complexity
Stakeholders Collaboration
Quality
Management Fundamentals
& Resource Availability
Economic Politics Health Policy Decisionmaking
Resource Destruction/
TheftNatural Events
10
Cred
it: U
SAID
| D
ELIV
ER P
ROJE
CT 2
013
Risk Evaluation: Basic Approach
Likelihood
High
Low Tsunami
Low High
Impact
11
Cred
it: U
SAID
| D
ELIV
ER P
ROJE
CT 2
013
Risk Evaluation: Group Instructions
• Using a constructed list, group considers each risk. • Assign a group consensus score for frequency and
impact of occurrence, including documentation.• Use a 1 to 4 scale for both frequency and impact; 1 is
minimal impact or rare event, and 4 is certain occurrence in the next year or a system-wide disruption.
• During plenary groups compare responses.• Adopt average or review each risk or select
consensus score.12
Processing Risk Evaluation Scores: Prioritization
• Include graphic applications.• Adopt cutoff score.• Review list to ensure participants agree to
accept lower priority risks.
13
Risk Management vs. Conventional Management Approach
Conventional Management“How do we get our operations right?”• Assumes behavior and
occurrences, within a specific narrow range, defined as normal:– prepares for these – Reacts to dysfunctions.
• Appropriate when managers can sufficiently control operational-affecting factors.
Risk Management “What is our plan for when things go wrong?”• Contemplates abnormal,
previously unexpected, behavior and occurrences:– prepares for these.
• Appropriate when managers lack sufficient control over operational-affecting factors.
15
Rating Scale Interpretations: Impact and Likelihood
• Impact – Based on overall supply chain mission objective– Maximum rating should map to complete breakdown in supply chain mission– Minimum rating should map to mild deviation from mission.
• Likelihood– Can be based on frequency in a specific time, e.g., a year or a month– Maximum rating should map to most frequent occurrence of risk events in
supply chain – Minimum rating should map to the least frequent occurrence of risk events
in the supply chain.• Template available in risk management toolkit to make explicit
interpretations and create a reference for everyone working in risk evaluation.
16
Risk Feature Drivers
• Risk feature drivers—aspects of health operations that affect the significance of risk event features: impact, likelihood, etc.
• Can identify risk drivers for risk events—implies a better understanding of their mechanisms; helps improve consistency of risk-event evaluation.
• Risk drivers—₋ specific to risk event, but different risk events can share
the same drivers₋ help risk monitoring and performance monitoring.
17
Risk Management Schematic: Activities and Organizational Structure
Risk Context
• Mapping supply chain, supply chain classification, product classification.
Risk Evaluation
• Assessment and agreement on features of risk events: likelihood, impact, controllability, etc.
Risk Treatment
• Using levers within and outside the supply chain
• System activities: avoiding , reducing, hedging, and accepting risk.
Risk & Performance Monitoring
• Based on understanding of drivers of risk and risk treatment plans
• Monitoring risk drivers
• Risk management performance.
Incident Handling
• Incident detection• Specific and
general contingency plans.
Organizational Structure &
Participation
Participation: Initiating group + technical assistance + stakeholder collaboration
18
Learning• System evaluation• Planning & execution
improvement
Cred
it: U
SAID
| D
ELIV
ER P
ROJE
CT 2
013
Risk Management Approaches
Avoiding Risk
• Redesign supply chain network
• Intelligent task shifting
• Addressing incentive misalignment
• Intelligent commodity/supply base choice.
Reducing Risk
• Supply chain management strengthening
• Improved LMIS systems
• Outsourcing.
Hedging Risk
•Use of buffer inventory/capacity •Sharing real-time inventory and consumption data•Sharing costs with supply chain partners.
19Accepting risk is the default approach.
Cred
it: U
SAID
| D
ELIV
ER P
ROJE
CT 2
013
In particular, three features of the risk event can identify an appropriate risk response:• Is the source of risk controllable?• Is the source of risk operational?• Is the source of risk structural?
Risk Management Approaches
Controllable Structural Operational Risk Response Yes No Yes Reducing No Yes No Accepting No Yes Avoiding
No Hedging 20
Risk Monitoring
• Two types– Determine if risk features are changing
• Confirm if original risk response plan is appropriate
– Determine if risk event is impending• Receive advanced notice of events occurring and can respond to
mitigate events.
• Both types involve monitoring risk feature drivers; come from insights gained during risk evaluation and treatment.
• Example:– Comparing the number of units ordered in a procurement cycle
to a benchmark could be a leading indicator for whether an emergency order is likely to occur.
21
Options for Risk Performance Monitoring
• Supply chain performance management tends to focus on indicative/strategic key performance indicators—How are we generally doing?—not diagnostic outcomes—Why are we performing the way this way?– Indicative/strategic metrics may not capture low likelihood or low
impact events; they tend to be affected by a range of risk events.• Additional options for risk performance monitoring:
– diagnostic metrics in operational areas– risk drivers– simulated/forecasted performance
• changes in risk features• effect of risk event.
22
Examples of Performance Monitoring from TO5 Case Study
• Diagnostic metrics
• Simulated performance– For risk treatment, planners would estimate the changes in
risk features as a result of planned risk response.
23
Risk Category Risk Event Metric
Freight forwarding
A. Shipments are not delivered on time due to shipper error
Delivery to Plan (DTP) Reasons for Late Shipment (% with this reason)
Warehousing Warehouse does not manage inventory properly for storage, or pick and pack
DTP Warehouse metric (% with this reason)
Cred
it: U
SAID
| D
ELIV
ER P
ROJE
CT 2
013
Exercise: Draft Risk Management Approaches
• Functional groups address prioritized risks.• Consider available options, draft potential
plan.– Use Risk Evaluation and Treatment template from
risk management toolkit.
25
Debrief: Form Long-Term Risk Management Plan
• Develop timeline for completing management approaches.
• Do a periodic review.
26
Risk Management Case Study
• Context– Task order for procuring and distributing essential
public health supplies • Objective: Achieve a targeted delivery-to-promise goal
of 95%.
• Implementation– Workshop exercise at end of 60 days• Risk identification, evaluation, and some risk treatment
planning.
– Risk treatment plans further developed and implemented after workshop. 29
Drivers for Risk Management Approach
• USAID-mandated task order deliverable– Approach was expected to be generally beneficial• Prevent issues from being lost during planning.• Help prioritize resources. • Enable stakeholders to objectively come to agreement
about which issues to focus on.– Perception that stakeholders did not agree on what mattered.– Could help develop consensus: bring partners together,
harmonize expectations, align partners.
30
Risk Identification and Evaluation
• Risk identification:– List of risk events based on experience; validated with
other partners.
• Risk evaluation:– 10-point scale
• severity• occurrence• detection of failures—not considered as applicable to supply
chain.
– Risk probability number = severity × occurrence × detection:• Threshold of 100 for dealing with risk; some sensitivity analysis
around threshold. 31
Risk Treatment Process
• Development of plans to address risks:– Workshop produced initial plans
• collaborative process.
– Small groups returned and refined management approaches• people with relevant experience in risk areas who exceeded
threshold.
– Circulated to wider team for validation; small teams were implementers.
• Plans:– responsibilities and timelines– effect on risks; estimated revision of risk profile number– specific to products.
32
Risk Treatment Example: Product Registration
• Risk analysis and evaluation– Objective seriously harmed if product not properly registered and
unable to enter country. No single solution works across all countries.• Risk treatment
– Preventive actions• product registration requirements in RFPs• due diligence with potential manufacturer prior to contract award• product registration technical assistance.
– Strategies on occurrence• formalize core registration team to work on problem.
– Impact reduction• transition plans using available products.
– Risk communication• ongoing among all stakeholders.
33