Donna Chapter 12 1

 Some working definitions  Changing times and an uncertain world  The shortcomings of risk management  The need for holistic approaches  A simple framework for a wicked problem 2

 Risk  Supply chain vulnerability  Robust SCM  Resilience 3

 In decision theory: a measure of the range of possible outcomes from a single totally rational decision and their values, in terms of upside gains and downside losses (e.g. gambling)  A particular type of hazard or threat e.g. technological risk or political risk  The downside only consequences of a rational decision in terms of the resulting financial losses or number of casualties 4

 We should strive to identify vulnerabilities by asking questions such as:  What has disrupted operations in the past?  What known weaknesses do we have?  What ‘near misses’ have we experienced?  What would be the effect of a shortage of a key material?  What would be the effect of the loss of our distribution site?  What would be the effect of the loss of a key supplier or customer? 5

 “Strong in constitution, hardy, or vigorous”  Enable a firm to manage regular fluctuations in demand efficiently under normal circumstances regardless of occurrence of a major disruption  But does not in itself make a resilient supply chain 6

 “The ability of a system to return to its original [or desired] state after being disturbed”  The core concept of resilience is:  It encourages a whole system perspective  It explicitly accepts that disturbances happen  It implies adaptability to changing circumstances 7

 In a complex inter-organizational supply chain it would be difficult if not impossible for anyone to identify every possible hazard or point of vulnerability  ‘Known’ problems are only part of the picture  Known Unknowns, Knowable Unknowns and Unknowable Unknowns  Y2K: The Millennium Bug  Creeping Crises (e.g. Foot and Mouth disease)  Post 9/11 Security Matters  Corporate Scandals, Operational Risk and Business Continuity 8

 Known Unknowns  We know that there exist uncertainties, which we know how to solve  ‘Known known’  Knowable Unknowns  There are some uncertainties which we don’t know how to solve, We may choose ignore or face it  Unknowable Unknowns  However, there are still uncertainties that we don’t know that we don’t know 9

 A ‘Known known’ example  In the UK, the government encourage businesses to take the necessary measures to prevent system crashes, and engage in business continuity planning 10

 As a result, nothing happened and the government was delighted, believing the planning had saved the country from disaster  But the non-event left many managers skeptical as to whether the costly preventive measures had really necessary? 11

 Y2K is one of the intractable problems about proactive measures to improve organizational and supply chain resilience  If successful, mean nothing happens, but leads to questions of value or cost/benefits justification  It is very difficult to make a business case for proactive ‘just in case’ measures to improve resilience 12

 The outbreak of foot and mouth disease(FMD) in British livestock herds in February 2001 resulted in damage to whole sectors of economy  FMD was a known threat to livestock, albeit one that had not been seen in UK for a generation  The impact is engaged in production and distribution of food 13

 But FMD also affected car manufacturers and fashion houses across Europe because of the shortage of high-quality leather  All ‘knowable unknowns’ events could be the example of ‘creeping crises’  Creeping crises show the fact that supply chains are more than value-adding mechanisms underlying competitive business models  Supply chains link organizations, industries and economies, they are part of the fabric of society 14

 The events of 9/11 were so far out of risk managers’ field of reference, that they can be classed as “unknowable unknowns”  The closure of US borders and the grounding of transatlantic flights dislocated international supply chains making supply chain vulnerability front page new 15

 Post 9/11, new security measures were hurriedly introduced at US border posts, ports and airports, affecting inbound freight to USA, including:  Container Security Initiative (CSI)  CSI looked to new technology to pre-screen ‘high risk’ containers before they arrived at US ports  Customs-Trade Partnership (C-TPAT)  C-TPAT is a ‘known shipper’ programme, which allows cargoes from companies certified by US Customs to clear customs quickly 16

 In the world of corporate risk management events(e.g. 9/11) were unfolding that would push ‘operational risk’ to the top of the corporate agenda  The Enron Corporation collapsed in late 2001  Once held up as a model of best practice corporate risk management  Another three companies quickly followed 17

 New regulation, Sarbanes-Oxley Act(SOX) is noteworthy (Ch10)  SOX requires full disclosure of all potential risks to corporate well-being within the business  Board members have become more interested in identifying ‘knowable unknowns’ and have turned to risk management and to Business Continuity Management(BCM) 18

 Rooted in IT disaster recovery, but its remit has expanded greatly  Helps to prove that management have acted with ‘due diligence’  Start with the preparation of a Business Continuity Plan  Best practice:  An on-going programme of training, rehearsals and reviews of the initial plans to cope with various eventualities  Careful consideration to the management of an after- the-event recovery phase 19

 Decision Theory and Managerial Tendencies  Objective Risk and Perceived Risk 20

 Concerned paid little attention to uncertainty surrounding positive outcomes, viewing risk in terms of dangers or hazards with potentially negative outcomes  Managers focus on the possible losses associated with plausible outcomes  Decisions involving risk are heavily influenced by their impact on the manager’s own performance targets 21

 In comfortable circumstances managers are likely to be risk-averse, but when staring failure in the face, researchers show that this tendency reverses and they become risk-pron  There is unlikely to be a single unified attitude to risk taking within a large organization 22

 A view of risk set out by the engineers and physicists of The Royal Society:  ‘Objective risk’: determined by experts applying quantitative scientific means  ‘Perceived risk’: the imprecise and unreliable perceptions of general public  ‘Detriment’: the numerical measure of harm or loss associated with an adverse event 23

 Social scientists contend that, where people were involved, objective and perceived risk become inseparable  Risk is not a discrete or objective phenomenon  Risk is an interactive culturally determined one  Risk is inherently resistant to objective measurement 24

 Engineering-derived ‘objective’ views lead to a business process engineering and control perspective  Open interactive societal systems views offer a persuasive argument for perceived risk  The global supply chain view illustrates that culturally determined perceptions of risk could vary greatly from one region to another  Hence the forces of nature can demonstrate just how far removed from a controlled environment this all might be 25

 SCM is integrative and interdisciplinary  Logistics is just one of several established sub-disciplines  Supply chain risk management can be expected to display all the characteristics of a ‘wicked problem’ 26

 Wicked Problems  Societal problems are inherently different from the problems that scientists and some engineers tackle  Involve multiple stakeholders  Any solution, after being implemented, will generate waves of consequences  Should be considered within ‘valuative’ frameworks 27

 A supply chain as an interactive system 28 Focuses on what is being carried- work and information flows- and process design within and between organizations. In the ideal world of scientific management, mastery of process control methodologies would facilitate the identification, management and elimination of risk. Focuses on what is being carried- work and information flows- and process design within and between organizations. In the ideal world of scientific management, mastery of process control methodologies would facilitate the identification, management and elimination of risk. Unfortunately!! We don’t live in an ideal world, so levels two, three and four bring in a host of other factors that often intervene. It is helpful to explore the impact on operations of the loss of links or nodes in the production/distribution and infrastructure networks, through network modeling. e.g. With the element of SCM and resource requirements are increasing, the probability that assets may be damaged, stolen or mislaid along the way is increasing. It is helpful to explore the impact on operations of the loss of links or nodes in the production/distribution and infrastructure networks, through network modeling. e.g. With the element of SCM and resource requirements are increasing, the probability that assets may be damaged, stolen or mislaid along the way is increasing. From a pure SCM perspective risk at this level is the downside financial consequences of a specific event. The loss of a sole supplier or customer is the most obvious danger here. Socio-political factors, such as action by pressure groups can be identified by routine ‘horizon scanning’ using specialist or general media sources, allowing measures to be put in place to mitigate the impact. The creeping crises referred to earlier in this chapter could all be regarded as level four disruptions, but it would be wrong to regard them only as external threats to the supply chain. Socio-political factors, such as action by pressure groups can be identified by routine ‘horizon scanning’ using specialist or general media sources, allowing measures to be put in place to mitigate the impact. The creeping crises referred to earlier in this chapter could all be regarded as level four disruptions, but it would be wrong to regard them only as external threats to the supply chain.

Thank You for Your Attention 29