Start expecting the unexpected
Supply chain security means being ready for anything
By Nancy Bartels, senior editor -- Manufacturing Business Technology, 6/1/2005 6:00:00 AM
In Genesis, Chapter 6, God told Noah, "Make yourself an ark." Lucky Noah. He was warned. Best not to count on the same divine favor to keep your supply chain humming when a random act of God—fire, flood, earthquake, raw material shortage—disrupts it. And make no mistake. At some point—probably sooner rather than later—your supply chain will be hit.
"Risk is normal," says Peter Regen, a VP with consulting services and systems integration company Unisys. "Things we would ordinarily consider extraordinary events happen all the time. I was at a seminar recently where one of the presenters showed a three-year calendar of events affecting the supply chain of a large, multinational corporation. There were a dozen events—SARS [severe acute respiratory syndrome] outbreaks; port strikes; plant fires; hurricanes."
That's four a year. Once a quarter some unexpected event could bring your supply chain to its knees.
The rule of three
Disaster preparedness is about three things: prevention, detection, and response. "How do we prevent the episode, if possible? How do we know when it's happening? How do we respond? Those are the questions companies have to ask," suggests Regen.
The first step is evaluating the risk. "The best companies do this as part of their strategic planning processes," says Jim Hurley, a VP with Boston-based Aberdeen Group. "They take into account the economy, politics, weather, and other factors to determine overall risk. Once they understand the frequency or likelihood of an event and its financial impact, they can at least weigh them. They can make a decision to ignore the risks, to mitigate them, to work around them, or do something else." Companies have to understand how flexible and redundant their supply chains are, says Bob Belshaw, COO of supply chain analytics and modeling software vendor INSIGHT.
"What if this plant went away? How would I fulfill demand? That's part of what you have to understand as you are designing your supply chain," he says.
Risk assessment is about tradeoffs. "You must understand the economics and the cost," says Belshaw. "Think about the current shortage of carriers, and the price of fuel. Can you move your product at the price you thought you could? What does it cost you if it doesn't get there? What tradeoffs will you have to make?" he asks.
What if?
After you have assessed supply chain risk, developing Plan B is the next step.
The tale of Swedish cell phone maker Ericsson is instructive here. In 2000, a fire destroyed the factory of a critical supplier of microchips for its phones, halting operations for weeks. Meanwhile, its competitor, Nokia—thanks to a sophisticated supply chain software system—saw a problem in its supply flow even before it knew about the fire and had time to contact alternative suppliers. The fire, along with another component quality problem that year, caused a nearly $1-billion shortfall in Ericsson's consumer products division.
This kind of risk assessment and response is about supply chain visibility. AberdeenGroup VP Beth Enslow says all kinds of tools are available to gain visibility, improve decision support, and enable notification—particularly from vendors that specialize in the following areas:
-
Financial risk assessment
-
Logistics models that study the effects of disruptions
-
Strategic sourcing tools to model risk factors
-
Supply chain execution systems with exception notification
Still, the most common tool for supply chain management is the ubiquitous spreadsheet—which is not a good thing.
Says Chris Hane, product manager at supply chain optimization software vendor ILOG, "The scale of the global supply chain means that spreadsheets just don't cut it anymore. You need a process and a tool set in place to give you a holistic model of your supply chain. Then couple that with simulation and figure out where the stress points in your supply chain are."
IT system integration is critical here. Best-in-class companies have spent serious money on linking supply chain, enterprise, warehouse, and logistics management systems so everyone who needs to know about a problem in the system does know. This is a process that takes time and does not come cheap, but has to be done if real-time, automated warnings of impending supply chain problems are what the business requires.
Be prepared—or not
But visibility and exception reporting aren't enough. "There's a difference between planning and execution," says John Blanchard, director of transportation at consulting and integration services company ESYNC. All the supply chain optimization and modeling software in the world isn't going to do you any good if you can't execute on your Plan B.
"This is not a software problem," continues Blanchard. "It comes down to using your brain to come up with what you need to do to minimize the disruption to your customers."
Strategic initiatives have to support Plan B, he adds. Using transportation as an example, Blanchard says, "Look at your core carrier program. Make sure you balance your capacity in the event of a disaster. You might want to spread your business around [to multiple carriers] so you have access to suppliers in case something happens."
Then make sure your people understand your plan and can execute it, he adds. They need to know who is doing what when the emergency strikes, and what tools are available to them to do it.
Finally, Blanchard recommends bringing IT into the mix. Make sure that supply chain contingency plans are aligned with the IT department. For example, you need a plan you can still execute if the Internet goes down.
Much of this preplanning is simply thinking about the unthinkable and talking about it with the various relevant departments in your operation, and with your supply chain partners.
The steps seem obvious, but many companies don't take them. In an Aberdeen Group study done last year, 83 percent of executives interviewed said supply chain security was important, but only 12 percent had the budget to improve it. Big companies say 4.7 percent of their annual revenue goes out the door because of security problems of one kind or another, but their security budgets run between 3.5 percent to 11 percent of their IT budgets—and even those spending the most aren't getting real benefits from the purchases.
Their mistake? "They're not organizing security around the needs of the business," says Hurley. "They treat security as a mechanical issue, rather than a business issue. Best-in-class companies integrate physical and information security into business processes."
Call 911
Few corporations have as broad a global reach or as many supply chain complications as General Motors(GM). With manufacturing operations in 32 countries and vehicles sold in 200, the chances of some disaster affecting part of the supply chain on a given day are high.
As part of an ongoing project to improve its overall supply chain performance, GM has been studying how to prevent supply chain catastrophes and what to do when one happens anyway.
Led by Jeffrey Tew, GM technical fellow and supply chain research group manager at GM's R&D department, a group of researchers studied how other organizations respond to disaster. They concluded that manufacturers should look to those whose daily jobs are coping with trouble—the military, first responders such as firefighters, and emergency room personnel—for advice.
The first thing that has to happen when an emergency hits your supply chain is notification. "It has to be fast and to the right people," says Tew. "Make sure your call list includes all the relevant parties, including your supply chain partners."
Tew recommends not depending on humans to get the job done, but building immediate, smart notification—e-mail, instant messaging, automatic computer alerts—into your systems.
Then, stresses Tew, clearly define the event. Why is it a problem? What is its impact on your supply chain?
"What's the exact situation?" asks Tew. "Are there hazardous materials involved? Which ones? Are we dealing with injury and loss of life? What is the level of remaining danger?"
Here's where all your "what-if" analysis comes into play. Your first responders should already know what the plan is and be ready to take the next steps.
"Look at rescue operations like the Coast Guard," says Tew. "They don't know the specifics of the rescue, but they have been trained on "what-if" scenarios. What does an ER staff do to get through traumatic short-term response? Training. They're not relying on judgment as much as rules they have learned. Their response is almost an instinct."
Since companies don't go through that kind of training, Tew says, "what we use as a substitute is the software that does the decision-making."
A tough sell
In spite of the fact that your supply chain has direct impact on your company's cash flow—the lifeblood of the organization—selling preparedness isn't easy.
"It's viewed as a cost center," says Tew. "It's difficult to get people to spend money here because it's not going to generate revenue. What's the big payoff? When it works, nothing happens. How do you sell that?"
Then there's the question of leadership. Somebody—usually top management—has to make supply chain security a priority.
"One of the difficulties we had," says Tew, "is that no one owned the risk. There are many different organizations at GM. No one group owns all of it. It took us a year to work through the organization."
Tew maintains the supply chain lessons are the same whether your company is large or small. "Your operations people are running your supply chain," he says. "You have to get their attention. You have to put analytics and structure together. The tools are there at our fingertips. You don't need a hundred analytics people to put together a strategy. A one- or two-person team can put a system together. What you need to do is get to the top leadership in the company. This has to be done top-down."
