Risk ManagementRecent Development in Logistics
~Nishikant Rajeshirke
What is Risk
RISK means the possibilities of meeting changes or of suffering harm or loss.
OR
RISK is a phenomena or event that when occurred causes destruction
RISK MANAGEMENT is the art of reducing the possibilities of a risk and managing those risks in such a way that their impacts can be reduced
Need of Risk Management
Enterprises relying on others firms for their success. Historically, enterprises have spent less than a third of their budgets on purchased goods and services, having relied on internal sources for these.
Today, many enterprises spend most of their budget on purchased goods and services. This is in large part because of the advantages enterprises have found in strategies such as globalization, outsourcing, supply-base rationalization, just-in-time deliveries, and lean inventories.
While globalization, extended supply chains, and supplier consolidation offer many benefits in efficiency and effectiveness, they can also make supply chains more brittle and can increase risks of supply-chain disruption.
For eg. March 2011 Tohoku earthquake and subsequent tsunami in Japan showed how one event can disrupt many elements of global supply chains, including supply, distribution, and communications
Risk Management process
Identifying internal and external environments
Risk identification and assessment
Risk treatment
Continual monitoring and review of risks and their treatment.
Risk Management process
Identifying Internal and External environment
Risk Evaluation
Risk Treatment
Risk Analysis
Risk Identification
Risk Assessment
Supply chain management Risk
“supply-chain risk” as the likelihood and consequence of events at any point in the end-to-end supply chain, from sources of raw materials to end use of customers.
“supply-chain risk management” as the coordination of activities to direct and control an enterprise’s end-to-end supply chain with regard to supply-chain risks.
Potential Risks to an Organization and Supply Chain
External, End-to-End Risks:
• Natural disasters • Labor unavailability
• Accidents • Market challenges
• Sabotage, terrorism, crime, war • Lawsuits
• Political uncertainty • Technological trends
Supplier risks:
• Physical and regulatory risks • Management risks
• Production problems • Upstream supply risks
• Financial losses and premiums
Distribution Risks:
• Infrastructure unavailability • Warehouse inadequacies
• Lack of capacity • IT system inadequacies or failure
• Labor unavailability • Long, multi-party supply pipelines
• Cargo damage or theft
Internal Enterprise Risks:
• Operational • Financial uncertainty
• Political uncertainty • Facility unavailability
• Demand variability • Testing unavailability
• Personnel availability • Enterprise underperformance
• Design uncertainty • Supplier relationship management
• Planning failures
Potential Risks to an Organization and Supply Chain
Identifying Internal and External EnvironmentsRisks exist at discrete levels and entities within an organization Manufacturing risks exist at manufacturing sites. Supplier risks exist at supplier sites (including those of sub-tier suppliers). Distribution risks exist at suppliers and in upstream and downstream transportation and logistics systems. Legislative, compliance, intellectual property, and regulatory risks exist at the country or regional level for multinational enterprises. Finally, strategic risks exist at the business-unit or corporate level.
External environment Risks (Natural)-Risks to Transportation and Security
Risk Identification Two type of Risks:1. Retrospective risks:
Retrospective risks are those that have previously occurred, such as incidents or accidents.
It’s easier to believe something if it has happened before. It is also easier to quantify its impact and to see the damage it has caused.
Q. How to identify retrospective risk?
Hazard or incident logs or registers
Audit reports
Customer complaints
Accreditation documents and reports
Past staff or client surveys
Newspapers or professional media, such as journals or websites.
Two type of Risks:2. Prospective risks:
Prospective risks are often harder to identify. These are things that have not yet happened, but might happen some time in the future.
Identification should include all risks, whether or not they are currently being managed. The rationale here is to record all significant risks and monitor or review the effectiveness of their control.
Q. How to identify
Brainstorming with staff or external stakeholders
Researching the economic, political, legislative and operating environment
Conducting interviews with relevant people and/or organizations
Undertaking surveys of staff or clients to identify anticipated issues or problems
Flow charting a process
Reviewing system design or preparing system analysis techniques.
Risk Identification
Risk Analysis & Evaluation
Risk analysis process is to estimate the likelihood and consequence of risks facing a firm and accordingly prioritize them for ultimate treatment.
2x2 Impact/Probability Matrix:
Impact
Probability
Low
High
Low High
This step is about deciding whether risks are acceptable or need treatment.
Risk Acceptance
A risk may be accepted for the following reasons:
The cost of treatment far exceeds the benefit, so that acceptance is the only option (applies particularly to lower ranked risks)
The level of the risk is so low that specific treatment is not appropriate with available resources
The opportunities presented outweigh the threats to such a degree that the risks justified
The risk is such that there is no treatment available, for example the risk that the business may suffer storm damage.
Ignoring risk doesn’t make the risk go away!
Risk treatment strategy
Avoidance – Changing a project objective to eliminate the threat posed by an adverse risk event.
Transference – Shifting the negative impact of a threat, along with the ownership of the response, to a third party.
Mitigation – Reducing the Probability or Impact of an adverse risk event (threat) to an acceptable threshold.
Acceptance – The project team decides not to change project objectives to deal with the risk.
Passive acceptance: no action, deal with threats as they occur (workarounds)
Active acceptance: establish a contingency reserve to handle risks
Exploit – This strategy seeks to eliminate the uncertainty with an opportunity by changing a project objective to ensure it happens.
Share – Allocating ownership of the positive risk event to a third party who is best able to capture the opportunity for the project.
Enhance – Increasing the probability and/or positive impact of an opportunity.
Contingency – Not a risk response, but an output from risk planning. Developed for actively accepted project risks. This is typically defined as time or funds.
Risk treatment strategy
Continual Monitoring of Risks and TreatmentAfter identifying and treating risks,
Firm should implement a monitoring program, evaluating plans, procedures, and capabilities through periodic review, testing, post-incident reports, and other exercises.
It should check conformity and effectiveness of the program, establish, implement, and maintain procedures for monitoring and taking corrective action as necessary.
Testing and Adjusting the Plan if is requires in order to reduce cost/threat
Areas of Continual Adjustment: If the risk is more obvious and will remain with process due government or their regulatory environment
Conclusion Effective supply-chain risk management (SCRM) is essential to a successful
business. As globalization increases, so too do the critical interdependencies and complexities between suppliers, logistics providers, and a successful enterprise. A breakdown in any part of the supply chain connecting these entities can potentially lead to consequences.
While no risk management program can fully predict, mitigate, or prevent all risks or consequences, companies that proactively implement a supply-chain risk-management program will be more resilient and prepared for the day when a "risk" becomes "real."
Questions ???
Top Related