SUPPLY CHAIN RISK MANAGEMENT-2

Continue..

              iii.        RISK EVALUATION

Acceptable risk levels will be unique to each organization and supply chain. They may vary by commodity, product, or service, as well as over time. Different risk-tolerance levels may be set for different levels of the organization. While generally tied to financial impact, through which risks may best be understood and compared, risks may also be tied to other corporate assets such as reputation.

One means of evaluating risk is to use a “heat-map” showing risk-events on a matrix defining likelihood and consequence levels. This technique allows managers to easily see the relative likelihood and consequence of differing risks. To use this method effectively it is critical to have well-defined and consistently used criteria for the different likelihood and consequence levels.

              iv.        RISK TREATMENT

When an enterprise understands its supply chain and analyzed its potential risks, it can implement an effective supply-chain risk management program with its partners, that is, its suppliers, carriers, and logistics providers. Such a program should have at least three elements: protecting the supply chain, responding to events, and continuing business operations while recovering from events. We discuss each of these below. An effective supply-chain risk management program must ensure that an enterprise and its partners implement appropriate measures to fully secure goods and their components from the point of origin to final destination.

Protection of Supply Chain includes:

ü  Physical Security

ü  Access Controls

ü  Personal Security

ü  Education and Training

ü  Procedural Security

ü  IT Security

ü  Business Partner Security

ü  Conveyance Security

Crisis Management comprises the overall strategic and tactical responses of an organization to recognize and respond effectively, efficiently and comprehensively to actualize threats. It involves proactive measures to detect, respond to, and recover from a crisis event. Crisis Management preparation and response activities are characterized by several phases:

ü  Preparation

ü  Response (consisting of Risk Assessment, Critical Incident Planning, Risk Mitigation, Emergency Response and Communications to Internal and External Stakeholders and Media Relations)

ü  Recovery and Business Resumption

ü  Testing, Training and Plan Maintenance

     To be effective, business-continuity planning (also referred to as business-continuity management) should be an integrated management process supported from the top levels and managed at both organizational and operational levels. A business-continuity planning team should also establish company risk-tolerance levels and recovery priorities, validate business-recovery strategies, designate team members from each critical business function, ensure planning and documentation meets established timelines, and conduct periodic evaluation of the business-continuity planning program as based on performance objectives. 

Share this

Unknown

See All Articles