If the coronavirus pandemic has taught us anything, it’s that we know very little in terms of supply chain risk mitigation. That much is true for businesses that saw years spent building a supply chain and maintaining their network amount to nothing overnight due to lockdown orders.
What happened when Wuhan, population 11 million, shut down? This city is a major center for trade, economy, finance, but not just that. It’s also a dynamic center for optic-electronic, automobile, iron and steel, bio-pharma, and more. So much so that Wuhan has been extremely appealing to investors and an ideal location for offshore production for many organizations. The situation in China in general became problematic in January, with many brands preparing for potential disruption in their supply chains. Lo and behold, potentiality soon became reality the world over: Europe, India, the US, Central America were (and in most cases still are) heavily impacted.
While working on a strictly local level is likely not sustainable nor recommended, crises of this magnitude prompt the question of how well businesses know their supply chain and how strong their supply chain risk mitigation efforts are or should be. Pandemics are not the only disruptor that can put your operations and future in jeopardy. What about the growing problem of cybercrime? What about regional factors such as politics or potential natural disasters? What about compliance with ethical and environmental policies?
Are you in the know? Are you prepared? Are your suppliers prepared? In short, how sound is your assessment of supplier-related risk and what are your plans B and C to overcome hiccups, icebergs, or pandemics?
In this article, we’ll address 6 of the most critical areas where you should allocate resources toward supplier audit and risk assessment. A better understanding of lurking dangers will allow you to devise coping strategies, with the benefit of knowing how to prioritize your battles.
Complex supply chains are like onions; multiple layers mean more room for something to go wrong. Take the time to draw a map of all involved in your operations, such as:
For each, you may want to evaluate the degree of resilience in case of hardship. Ideally, communicating about potential weaknesses could help you and your partners jointly work toward a solution.
Traditional supply chain risk management focuses on “big items” in terms of procurement spending. This approach dangerously limits the ability to set up mitigation plans. Since the devil is in the details, carefully examine your supply needs. Are there any components, materials, or parts apparently negligible that are in fact essential to your products? Your true strategic suppliers could be the ones you hardly ever think of, yet you may be forced to stop all operations if one of them shuts down.
To alleviate such risk, you can conduct supply chain stress tests and evaluate Time To Recover (TTR) and Time To Survive (TTS) based on several if/then scenarios. This model is similar to bank stress tests set up for banks and financial institutions after the market crisis of 2008.
In the US only, over 164 million sensitive records were exposed in 2019. Hackers are prompt to detect weaknesses and take advantage of them. While there is no reason to believe any of your suppliers have ill-intended purposes, it is sensible to implement supply chain cybersecurity best practices such as information and data security plans, procedures, and policies.
Vendors access your systems more often than you think. Do they have security protocols in place themselves? What do they have access to? Are they accessing from high-risk areas? What user rights should they have? Are suppliers you no longer source from still able to log into your system?
Are there regulations specific to a region in conflict with your own corporate standards? What about government instability or regions under armed conflicts? Issues could also arise from weather threats, financial collapse forecast, pandemics (don’t we know that one by now!).
Gaining visibility via regional risk-mapping is one more ace up your sleeve to prevent costly disruptions and damages.
Let’s face the reality: moving forward, ethical compliance will likely become stricter as awareness continues to rise. In terms of domestic compliance programs, you are likely on top of things – or so you think. Can you say with absolute certainty that no risk of modern-day slavery or human rights violations exist anywhere in your supply chain?
Making sure suppliers accept your corporate policy terms and regularly report on their status and that of their own supply chain is not enough. Real-time updates of potential risks, by vendor, location or product is crucial.
Historically, businesses conduct supplier audits once a year. In view of the questions addressed above, it becomes clear that not all suppliers are risk-equal. With a scoring system, you can dedicate more efforts on high-profile partners (say twice-a-year audits) and reduce the time spent on low-risk ones. You can set up audits for nearly all risks possible and keep peace of mind that disruptions can be minimized thanks to contingency plans.
As history teaches us constantly, there are no risk-free scenarios. Solutions exist, however, to facilitate supply chain risk mitigation and even prevention. Source Intelligence’s mission is to offer the right technology in a comprehensive and user-friendly format to businesses that rely heavily on their supply chain. Our AI-powered vendor management solutions allow you to:
Make sure to minimize the supply chain risks that are a significant threat to your business. Click the button below to see what our fully customizable vendor management solutions can do for you!