Presentation on theme: "Enhancing Supply Chain Security Dr. Omar Keith HelferichDr. Judith M. Whipple Supply Chain FacultyAssociate Professor Central Michigan UniversityMichigan."— Presentation transcript:
Enhancing Supply Chain Security Dr. Omar Keith HelferichDr. Judith M. Whipple Supply Chain FacultyAssociate Professor Central Michigan UniversityMichigan State University July 31, 2007 – Foundation For Strategic Sourcing
Objectives Define Supply Chain Security Identify status of supply chain security initiatives Identify competencies and capabilities that firms are using to enhance supply chain security Discuss benchmarking tool for improving supply chain security This research was supported by the U.S. Department of Homeland Security (Grant number N-00014-04-1-0659), through a grant awarded to the National Center for Food Protection and Defense at the University of Minnesota. Any opinions, findings, conclusions, or recommendations expressed in this publication are those of the author (s) and do not represent the policy or position of the Department of Homeland Security.
Definition of Supply Chain Protection and Security The application of policies, procedures, and technology to protect supply chain assets (product, facilities, equipment, information, and personnel) from theft, damage, or terrorism and to prevent the introduction of unauthorized contraband, people, or weapons of mass destruction. Closs and McGarrell (2004), “Enhancing Security Throughout the Supply Chain,” IBM Center for the Business of Government – www.businessofgovernment.org
Secure Supply Chain Requirements Preventing any biological, chemical or unauthorized agent to be incorporated into the product Preventing any illegal commodity to be intermingled with the shipment Preventing transportation assets or a shipment’s contents to be used as a weapon Preventing unauthorized access to the product and/or supply chain network Preventing disruptions of the supply chain network/infrastructure
Supply Chain Security Impact: A State of Transition From Corporate security Theft prevention Inside the company Vertically integrated supply chain with 1 st tier suppliers Country or geographic Contingency planning Reactive To Cross functional team To include anti-terrorism End-to-end supply chain Business model that includes 2 nd and 3 rd tier suppliers Global To include crisis management Proactive
Security Expectations: A Changing Future Secure supply chains – containing advanced security processes and procedures Resilient supply chains – able to react to unexpected disruptions quickly in order to restore normal operations Rice and Caniato (2003), “Building a Secure and Resilient Supply Network,” Supply Chain Management Review, September/October.
Industries Under Investigation Food – National Center for Food Protection and Defense (A Department of Homeland Security Center of Excellence) Electronics and Pharmaceuticals (IBM Research Grant) Hazardous Material (Dow Chemical Grant)
Potential Supply Chain Risk High Low Potential # of Incidents Range of Security Strategies SafetySecurity Management Integrated Supply Chain Security UnintentionalIntentional Unintentional Range of Security Strategies
Key Considerations: Capabilities and Competencies Capability – the infrastructure, processes, systems, assets, and resources to develop a specific competency Competency –the broad set of skills, knowledge, and aptitude that create and sustain a secure supply chain Competency 1 Capability 1 Capability 2 Capability 3
Outcomes of the Food Supply Chain Benchmarking Research Provide industry with in-depth understanding of the capabilities that form competencies in supply chain security Define competencies and understand their impact on security performance Compare capabilities, competencies and performance across firms in the food supply chain Create benchmarking process and tool to assist in extended and future comparison and evaluation
Team Members Jean Kinsey, Ph.D. Robert Kauffman, Ph.D. Theodore Labruzza, Ph.D. Jon Seltzer, Ph.D. David Closs, Ph.D. Cheri Speier, Ph.D. O. Keith Helferich, Ph.D. Dan Lynch, Ph.D. Ed McGarrell, Ph.D. Robyn Mace, Ph.D. Judy Whipple, Ph.D. Doug Voss, RA Alan Erera, Ph.D. Chip White, Ph.D. Steven Morris, RA
Competency Assessment Supply Chain Security Practice Competencies Supply Chain Security Performance Firm Demographics Size Channel location Organizational responsibility What practices are used? Which practices are more effective? How do they differ?
Definitions of Competencies Process Strategy (PS) – executive commitment to security and the institution of a culture of security Process Management (PM) – the degree to which specific security provisions have been integrated into processes managing the flow of products, services and information Infrastructure Management (IM) – security provisions that have been implemented to secure the physical infrastructure Communications Management (CM) – internal information exchange between employees, managers, and contractors to increase security
Competencies (Continued) Management Technology (MT) – the effectiveness of existing information systems for identifying and responding to a potential security breach Process Technology (PT) – specific technologies implemented to limit access and trace the movement of goods Metrics/Measurement (MM) – the availability and use of measurement to better identify and manage security threats
Competencies (Continued) Relationship Management (RM) – information sharing and collaboration between supply partners Public Interface Management (PIM) – the security related relationships and exchanges of information with the government and the public Service Provider Management (SPM) – information sharing and collaboration between the firm and its logistical service providers
Performance Measures Ability to detect security incidents Reduction in the number of security incidents Increased resilience in recovery Changed risk profile Changed firm and supply chain cost, shrink, injuries, and turnover Improved security relative to competitors Improved ability to meet security requirements
What Capabilities (Practices) Create a Competency? One Example Communications Management Defined communication protocols Information preventing incidents Information detecting incidents Information responding to incidents Information regarding recovering from incidents Information protocols in case of contamination Reporting protocols in case of incident
Research Process In-depth company interviews 15 manufacturers 13 retailers 7 transportation providers Questionnaire Development Overall Survey Response (total respondents = 239) Food Products Association (134 – 58%) Michigan Department of Agriculture (83 – 9%) ASIS International (22 – 10%) Respondents’ Scope of Responsibility Quality Management (101 – 42%) Supply Chain Management (36 – 15%) Security Management (25 – 10%) Other (57 – 24%) Not Defined (20 – 8%)
Who Responded to the Survey – Size of Firm? Size of FirmManufacturer/ Wholesalers < $20 M59 $20 - $100 M44 $100 - $500 M29 $500 M - $1 B10 > $1 B64 Not Defined32
Initial Research Questions Where are firms focusing their efforts? Is there a difference between large and small manufacturers in competency focus? Where are firms seeing results? Is there a difference between large and small manufacturers in security performance?
Where are Manufacturers/Wholesalers Focusing Their Efforts? Score of 5 Indicates Strong Activity
CompetencyMean Score (Large) Mean Score (Small) Process management4.003.79* Management technology3.973.77* Communications management3.943.66* Infrastructure management3.843.68 Metrics/Measurement3.613.31* Process strategy3.613.38* Public interface management3.543.21* Service provider management3.333.03* Process technology3.072.89* Relationship management2.892.66* * Indicates statistically significant difference in mean Is There a Difference Between Large and Small Manufacturers/Wholesalers?
Where are Manufacturers/Wholesalers Seeing Results? Score of 5 Indicates Significant Change (SC)
Is There a Difference Between Large and Small Manufacturers/Wholesalers? Performance MeasureMean Score (Large)Mean Score (Small) Detect incidents inside firm4.033.86 Detect incidents across SC3.653.27* Decreased incidents inside firm2.693.31* Decreased incidents across SC3.193.31 Increased firm resilience3.673.73 Increased SC resilience3.533.35 Improved firm risk profile2.982.81 Improved SC risk profile3.012.98 NOTE: Scale anchors: Significantly Increased – No Change – Significantly Decreased * Indicates statistically significant difference in mean
Performance MeasureMean Score (Large)Mean Score (Small) Firm reduced operating cost2.462.35 Firm reduced loss/shrink3.143.23 Firm reduced insurance cost3.113.02 Firm reduced personal injury3.273.28 Firm reduced employee turnover3.023.04 SC reduced operating cost2.502.55 SC reduced loss/shrink3.063.10 SC reduced insurance cost3.042.94 SC reduced personal injury3.133.18 SC reduced employee turnover3.043.06 NOTE: Scale anchors: Significantly Increased – No Change – Significantly Decreased Is There a Difference Between Large and Small Manufacturers/Wholesalers?
Perceived Performance Results for Manufacturers/Wholesalers The positive results are Increased detection within firm and across supply chain Increased firm and supply chain resilience Decreased personal injury However, there has been an increase in firm and supply chain operating cost
Further Research Questions Do some firms consider security as a high strategic priority? What do these firms do differently than low priority firms? Do high priority firms have better performance results than low priority firms?
Strategic Security Construct Our firm's senior management views supply chain security as necessary for protecting our brand or reputation. Our firm has a corporate level strategy to address security concerns. Our firm’s senior management views supply chain security as a competitive advantage. Our firm’s senior management views supply chain security initiatives as a necessary cost of doing business. Our firm’s senior management supports food supply chain security initiatives. 127 firms classified as high priority; 72 as low priority.
Internal Security MeasureMean Score (High) Mean Score (Low) Information systems provide timely information for response4.353.42* Information systems provide valid information for response4.273.49* Information systems allow us to quickly share information4.483.50* Our firm uses RFID to effectively track products1.891.58 Our firm incorporates prevention information into training4.493.67* Our firm incorporates detection information into training4.293.14* Our firm incorporates response information into training4.343.19* Our firm incorporates recovery information into training3.952.48* Our firm’s information systems are secure4.403.63* NOTE: Scale anchors: Strongly Disagree – Strongly Agree Is There a Difference Between High and Low Strategic Priority Firms? * Indicates statistically significant difference in mean
External Security Measure (across the supply chain)Mean Score (High) Mean Score (Low) Information systems provide timely information for response4.193.19* Information systems provide valid information for response4.143.33* Information systems provide actionable information3.812.87* Our SC partners uses RFID to effectively track products1.881.63 Our firm has processes in place to prevent a SC incident4.273.13* Our firm has processes in place to detect a SC incident4.283.14* Our firm has processes in place to respond to a SC incident4.453.30* Our firm has processes in place to recover from a SC incident4.202.98* Our SC partners’ information systems are secure3.492.60* NOTE: Scale anchors: Strongly Disagree – Strongly Agree Is There a Difference Between High and Low Strategic Priority Firms? * Indicates statistically significant difference in mean
Performance Measure – “Our firm’s security investment has significantly reduced/significantly increased…” Mean Score (High) Mean Score (Low) Our ability to detect security incidents inside our firm4.183.72* Our ability to detect security incidents across the supply chain3.733.23* Security incidents inside our firm3.393.28 Security incidents across the supply chain3.333.12 Our resilience in recovering from security incidents inside our firm 3.863.43* Our resilience in recovering from security incidents across the supply chain 3.623.22* Do High Strategic Priority Firms Perform Better than Low Strategic Priority Firms? * Indicates statistically significant difference in mean NOTE: Scale anchors: Significantly Increased – No Change – Significantly Decreased
What Measures Impact Detection/Recovery for High Strategic Priority Firms? Internal Timely information to respond Prevention information in employee training Recovery information in employee training External Processes in place to recover from an incident in our supply chain Our supply chain partners’ information systems are secure
The Creation of an Assessment and Benchmarking Tool Survey for internal company use Summary of results from company use Benchmark of company results by item, competency, and total score
Example of a Firm’s Diagnostics Results Food Supply Chain Security Firm World Class Scale: Disagree 1 2 3 4 5 Agree MeanBenchmarkGap 1 Process Management3.524.08(0.56) 2 Process Strategy2.693.68(0.99) 3 Infrastructure Management2.013.94(1.93) 4 Communication Management3.803.98(0.25) 5 Management Technology4.004.05(0.05) 6 Process Technology3.143.16(0.02) Public Interface Management3.513.56(0.05) Metrics/Measurement3.063.64(0.58) Service Provider Management3.433.360.07 Relationship Management2.442.96(0.52) Overall Score 31.6036.39(4.79) * Large gaps indicate problem areas * World Class is the sample mean plus 1 standard deviation
Conclusions Food supply chain firms are increasingly interested in protecting their supply chains to protect their customers and brand names. Firms must develop a broad range of competencies to achieve supply chain protection. Firms have seen performance improvements in detection and resiliency. In general, firms embarking on supply chain security initiatives will, at least initially, increase firm and supply chain operating cost. Better performance is linked to extended supply chain security efforts throughout the supply chain.