Presentation is loading. Please wait.

Presentation is loading. Please wait.

Supply Chain Risk Assessment: Pitfalls Abound

Published byHubert Day Modified over 7 years ago

Similar presentations

Presentation on theme: "Supply Chain Risk Assessment: Pitfalls Abound"— Presentation transcript:

1 Supply Chain Risk Assessment: Pitfalls Abound
Presenters: Tony Benedict, Partner, Omicron Partners, LLC Erich Heneke, MBA, CMA, CFE, Director, Business Integrity & Continuity, Mayo Clinic This is the Title slide Please do not alter the Track Name

2 FACULTY DISCLOSURE The faculty reported the following financial relationships or relationships to products or devices they or their spouse/life partner have with commercial interests related to the content of this CE activity: Tony Benedict – Nothing to disclose Erich Heneke – Nothing to disclose This slide is for internal use. Please do not alter.

3 Learning Objectives Outline the elements of a full risk assessment.
2.  Devise a program through which supply chain and compliance can work together on risk issues. 3.  Describe the elements of a risk management program. Explore the current role of value analysis in bundled payment models, including the inclusion of diagnostics, implants, devices, procedures, drugs, etc. Discuss the utilization of evidence in product acquisition, standardization and utilization management and its contribution to cost containment and improved clinical outcomes. In supporting clinical leadership in the creation of bundles, discuss and illustrate the utilization of evidence in combination with benchmark data, guidelines and consensus data.

4 Contents The Supply Chain Operational Reference Model
Risk Management Definition The 5 Sources of Supply Chain Risk Strategic Approaches to Creating a Resilient Supply Chain Developing a Risk Assessment Risk Assessment Tools Fishbone Diagram Priority Matrix Scoring System Supplier Assessment Model Path to Effective Vendor Resiliency Supplier Partnerships Characteristics of Robust & Resilient Supply Chains 21st Century Supply Chain Risk Model

5 SCOR (Supply Chain Operational Reference) Framework
Supplier Customer Suppliers’ Supplier Source Internal or External Your Organization Return Deliver Make Plan Customers’ Customer Enable SCOR MODEL

6 Risk Management Risk management
Involves identifying risks, assessing their likelihood of occurring and their potential impact and then developing strategies for addressing those risks. Strategies for addressing risk include: Risk avoidance Risk reduction Risk sharing Key elements of successful risk management include: Know your suppliers Provide supply chain visibility Develop event-response capability

7 The Five Sources of Supply Chain Risk (Internal and External)
Demand Risk Supply Risk Process Risk Manufacturing yield variability Lengthy set-up times and inflexible processes Equipment reliability/theft Information security breach Financial controls Outsourcing / Monitoring key business processes Loss of major accounts Volatility of demand Concentration of customer base Short life cycles Innovative competitors Dependency on key suppliers Consolidation in supply markets Quality and management issues arising from off-shore sourcing Potential disruption at 2nd tier level Length and variability of replenishment lead-times Network/Control Risk Environment Risk Asymmetric power relationships Poor visibility along the pipeline Inappropriate rules that distort demand Lack of collaborative planning and forecasts Bullwhip effects due to multiple echelons Natural disasters Terrorism and war Regulatory changes Tax, duties and quotas Strikes

8 The Five Sources of Supply Chain Risk (Internal and External Examples)
Demand Risk Supply Risk Process Risk Drug shortages IV Solution shortages Dependency on key suppliers Consolidation of suppliers in certain markets (operating room, cath lab, ortho) Manufacturing yield variability Equipment reliability or theft IT/Cyber security breaches Embezzlement, False Claims Outsourcing / Monitoring key business processes (copiers, biomed, etc.) Network/Control Risk Environment Risk Merger Integration: Supply Chain, Accounts Payable/Accounts Receivable Inappropriate rules that distort demand (think regulations) IT/Cyber security breaches Lack of collaborative planning and forecasts Natural disasters Terrorism and war Regulatory changes Tax, duties and quotas Strikes

9 Strategic Approaches: Creating a Resilient Supply Chain
Supply Chain Understanding Supply Chain Design Supply Base Strategy 1. Supply Chain (re)engineering Collaborative Planning Visibility 4. Agility The Resilient Supply Chain 2. Supply Chain Collaboration Supply Chain Intelligence Velocity 3. Supply Chain Risk Management Culture Supply Chain Continuity Teams Consider risk in decision making Board level responsibility & leadership

10 Developing a Risk Assessment Program
Decide on scope. Do you plan to analyze all materials? How do you rank materials based on critical nature to process? Decide on tools for analysis – Fishbone, FMEA templates Involve the appropriate people. Purchasing, materials planning/management, process development, quality, manufacturing, company leadership Determine goals and timeline Setup frequency of assessment and monitoring program

11 Cause and Effect Analysis (Fishbone Diagram)
Failure to Deliver on Time No Stock Available Lead-Time Too Short Carrier Performance Quality Problems Capacity Constraint Inflexible Systems Inadequate Communications Poor Scheduling Supplier Management Materials Supply Problem Achieve Plan Forecasting Poor Process Control

12 The Risk Management Priority Challenge
High Consequence/ Impact Low Low High Probability of Occurence Where can we reduce the probability? How can we reduce the consequence? How should we segment supply base?

13 Risk Analysis Scoring System
S = Severity 1. No direct effect on operating service level 2. Minor deterioration in operating service level 3. Definite reduction in operating service level 4. Serious deterioration in operating service level 5. Operating service level approaches zero O = Likelihood of occurrence 1. Probability of once in many years 2. Probability of once in many operating months 3. Probability of once in some operating weeks 4. Probability of weekly occurrence 5. Probability of daily occurrence D = Likelihood of detection 1. Detectability is very high 2. Considerable warning of failure before occurrence 3. Some warning of failure before occurrence 4. Little warning of failure before occurrence 5. Detectability is effectively zero

14 Supplier Assessment Model
Five levels of maturity 1: Undefined and not capable 2: Defined and applied, but not 100% efficient or not applied everywhere in the company 3: Defined, applied and effective 4: Predictable 5: Optimised A separate matrix for each process with: Four domains : Process People & Organisation Tools & Data Performances Metrics Items for Improvement Action Plan between supplier and customer Expectation Supplier performance

15 Path to Effective Vendor Resiliency Management
Map the Vendor Risk Landscape Vendor Resiliency Prioritization Understand Resiliency Integration Needs Validation Respond Business Impact Analysis (BIA). The BIA provides a detailed, foundational view of how interruption events (e.g., loss of technology, reduction in personnel, loss of facilities, and loss of third parties) can impact the organization. Which vendors will have the most impact on my organization if they suffer an interruption, and how quickly will the impact materialize? How do my potential crisis recovery strategy involve my critical vendors? Revenue and inventory impact Proximity of the vendor and logistics Capacity utilization (performance and capacity of the vendor) SLAs and right to audit Potential impact on service/product quality Exposure to labor, country, and geopolitical risks Level of vendor integration with your technology Correlated risk (natural and man-made hazards, geographic concentration, availability, and reliability) amongst individual and clustered vendors A list of the goods and services provided by the vendor A list of the processes within your organization that consume the vendor’s service/product Where the vendor’s activities are geographically performed A determination of the point at which a vendor interruption crosses the threshold of criticality A description of possible regulatory impacts from a vendor’s lack of resiliency A description of the vendor’s role during an interruption and business process recovery A list of the goods and services provided by the vendor A list of the processes within your organization that consume the vendor’s service/product Where the vendor’s activities are geographically performed A determination of the point at which a vendor interruption crosses the threshold of criticality A description of possible regulatory impacts from a vendor’s lack of resiliency A description of the vendor’s role during an interruption and business process recovery Maintaining higher inventory levels for at-risk items Collaborating with the vendor to improve its resiliency Creating limited “backup” vendor relationships that can be activated quickly Implementing more robust business continuity practices for the affected business processes Replacing the less resilient vendor to reduce risk.

16 Supplier Partnerships
More organizations are seeking to establish partnerships with others in their supply chain: Fewer suppliers, long term relationships, sharing of information (forecasts, sales data, problem alerts), cooperation in planning Benefits: improved operations: higher quality, increased delivery speed and reliability, lower inventories, lower costs, higher profits. Higher supplier flexibility in accepting changes (delivery schedules, quality, quantity), suppliers can help in identifying problems and offer suggestions Aspect Adversary Partner Number of suppliers Many; play one against the others One or a few Length of relationship May be brief Long-term Low price Major consideration Moderately important Reliability May not be high High Openness Low Quality May be unreliable; buyer inspects At the source; vendor certified Volume of business May be low due to many suppliers Flexibility Relatively low Relatively high Location Widely dispersed Nearness is important for short lead time and quick service

17 Characteristics of Robust and Resilient Supply Chains

18 21st Century Supply Chain Risk Model Identify, Assess, Mitigate & Manage Risk
Sustainability Resiliency Predictability Sustainable Supply Chain Visibility Supply Chain Maturity Supply Chain “Sense & Respond” Supply Chain Risk Management Supply Chain Visibility Source: Supply Chain Risk Consortium Competitive Advantage As your Supply Chain Maturity Grows –– Your Supply Chain Inherent Risks Decrease

19 Industry Resources Medical Device Risk Management – ISO ( Institute of Risk Management – ( ), ( ) Risk Management Society – ( )

20 Supply Chain Risk Management Videos
Emeritus Professor Martin Christopher, Marketing and Logistics, SCM Key Challenges – Cranfield University School of Business – duration 8:31 Peter Foster, Cyber Breach Response Plans – Willis TV – June 19, 2015 – duration 2:54 Sharon Lindstrom, Managing Supply Chain Disruptions: How are Manufacturers Today Viewing Supply Chain Risk – Protiviti Risk and Business Consulting – November 12, 2012 – duration 3:14 Professor Brian Squire, Information, Decision and Operations Group, Supply Chain Risk Management – University of Bath – September 6, 2013 – duration 4:38 Tom Teixeira, Supply Chain Risk in a Global Economy – Willis TV – November 18, 2013 – duration 4:19 Professor Richard Wilding, Supply Chain Risk Reduction – Cranfield University School of Business – June 16, duration 5:57 Joe Yacura, Supply Chain: Understanding Risk Factors – Information Systems Group (ISG) – duration 7:58 for segment on cyber security (play 15:17 to 23:15) – total duration 28:45

21 Third Party Risk – Mayo Clinic’s View
Presenters: Erich Heneke, CMA, CFE Director, Supply Chain Mayo Clinic This is the Title slide Please do not alter the Track Name

22 Talking Points Internal Audit Findings from 2016 Risk Assessment
What is Vendor Risk Management Current Focus Areas Current State Future State Next Steps

23 Internal Audit Findings

24 Background on Vendor Risk Management
Third Party Risk Management (TPRM) is the process of analyzing and controlling risks presented to your company, your data, your operations and your finances by parties OTHER than your own company. Vendor Risk Management (VRM) is a comprehensive plan for identifying and decreasing potential business uncertainties and legal liabilities regarding the hiring of third party vendors for information technology (IT) products and services.

25 Third Party Risk Management
Concept for TPRM Third Party Risk Management Financial / Business - Dept mgt of SOW - Supplier Consolidation - COI - Supplier Authentication Financial stability Contract repository Business reviews Start/Anti-kickback/FCPA Environment of Care - Performance metrics/management - Quality - Outcomes Patient safety JACHO Contractor/Employee Data Management - OIS Security - Network Access Supplier System Security Business Continuity Catastrophe planning Stockouts/Backorders Strategic Sourcing Single/Sole Source Interdependency Credentials Access Satisfaction SPAD Procurement Performance Contracting Reputation Technology Process People

26 Contract and Relationship Management Flow
Background on Vendor Risk Management – Current State New Contracts Requests New Contracts New Contracts DDOC Requesting a Contract Analysis & Sourcing Contract Negotiation / Contract Creation Approval & Execution Contract Storing and Repository Performance Monitoring & Reporting Re-Bid, Renew, or Terminate SPAD Person Database Contract and Relationship Management Flow Supply Chain Vendor Master Legal

27 Contract and Relationship Management Work Flow Tool (Ecteon?)
Background on Vendor Risk Management – Future State Contract Requests Person Database DDOC Requesting a Contract Analysis & Sourcing Contract Negotiation / Contract Creation Approval & Execution Contract Storing and Repository Performance Monitoring & Reporting Re-Bid, Renew, or Terminate Payments SPAD Vendor Master Contract and Relationship Management Work Flow Tool (Ecteon?) Supply Chain Legal D&B Clinical Contract Management Business Owner

28 What’s been done to mitigate risk?
Formalized TPRM Oversight Group SPAD/DDOC (Information Security Risk) Clinical Business Continuity Project Clinical Contract Project Publish of Contract Guidelines Vendor authentication

29 Critical-SURG Flag Who: Hospital Surgical Services, SCMPC, & Logistics
Goal: Define the critical few items that warrant additional process controls How: Rank attributes using both qualitative and quantitative approach and base priority on the sum total of those rankings. Look at the distribution to understand the items that are outside of the norm.

30 What’s next? Contract Intake Tool
Contract management system enhancements – clinical contracting Network access controls Single database system including workflow and risk ranking (Archer?)

31 Q&A Slide

Download ppt "Supply Chain Risk Assessment: Pitfalls Abound"

Similar presentations

Page 1 Recording of this session via any media type is strictly prohibited. Page 1 RIMS 2014 Building a Resilient Supply Base in Response to Global Shifts.

Page 1 Recording of this session via any media type is strictly prohibited. Page 1 RIMS 2014 Building a Resilient Supply Base in Response to Global Shifts.
Figures in Chapter 1. Learning objectives After studying this chapter, you should be able to; Define logistics and supply chain management. Describe logistics.

Figures in Chapter 1. Learning objectives After studying this chapter, you should be able to; Define logistics and supply chain management. Describe logistics.
Supply Chain Management

Supply Chain Management
1 Supply Chain Management Supplemental to Chapter 6 Partnership (TEC5133)

1 Supply Chain Management Supplemental to Chapter 6 Partnership (TEC5133)
Supply Chain Management

Supply Chain Management
Chapter 5: Supply Chain Performance Measurement and Financial Analysis

Chapter 5: Supply Chain Performance Measurement and Financial Analysis
How to Grow Revenues Through Supply Chain Relationship Management Bill Burke President, CEO ePlains, Inc.

How to Grow Revenues Through Supply Chain Relationship Management Bill Burke President, CEO ePlains, Inc.
13 Marketing Channel Professor Close.

13 Marketing Channel Professor Close.
Managing Procurement and Sourcing Getting What You Need.

Managing Procurement and Sourcing Getting What You Need.
Confidential 1 Risk assessment in the supply chain Supply Chain Risk Leadership Council Developments in Insurance January 30 2008 Confidential – Do Not.

Confidential 1 Risk assessment in the supply chain Supply Chain Risk Leadership Council Developments in Insurance January Confidential – Do Not.
Supply Management Chapter 7.

Supply Management Chapter 7.
Year 12 Business Studies Operations REVIEW.

Year 12 Business Studies Operations REVIEW.
SCMN/Relationships Text: Supply Chain Management

SCMN/Relationships Text: Supply Chain Management
Global Sourcing and Procurement. 1. Understand how important sourcing decisions go beyond simple material purchasing decisions. 2. Demonstrate the “bullwhip.

Global Sourcing and Procurement. 1. Understand how important sourcing decisions go beyond simple material purchasing decisions. 2. Demonstrate the “bullwhip.
Copyright © 2011 The McGraw-Hill Companies, All Rights Reserved GLOBAL SOURCING AND PROCUREMENT Chapter 11.

Copyright © 2011 The McGraw-Hill Companies, All Rights Reserved GLOBAL SOURCING AND PROCUREMENT Chapter 11.
Performance of SMEs Logistics Services Emmanuel Pertin, CDP ISEL

Performance of SMEs Logistics Services Emmanuel Pertin, CDP ISEL
Chapter 6 Sourcing. Objectives After reading the chapter and reviewing the materials presented the students will be able to: Explain the difference between.

Chapter 6 Sourcing. Objectives After reading the chapter and reviewing the materials presented the students will be able to: Explain the difference between.
ICS321 – Management Information Systems Dr. Ken Cosh.

ICS321 – Management Information Systems Dr. Ken Cosh.
Day 1 Afternoon: Managing Extreme Supply Chain Events Lecture – Market Turbulence and Risk Lecture - Environmental Assessment – estimating likelihood and.

Day 1 Afternoon: Managing Extreme Supply Chain Events Lecture – Market Turbulence and Risk Lecture - Environmental Assessment – estimating likelihood and.
© The Delos Partnership 2005 Dairygold Workshop Supplier Relationship Management.

© The Delos Partnership 2005 Dairygold Workshop Supplier Relationship Management.

Similar presentations

Ads by Google