New Software Tools to Manage Risk and Disruptions: Part III

Editor’s note: This is the third and final installment of a three-part feature on the current framework for classifying risks and the ongoing efforts to mitigate them.

Leading software tools operate on two dimensions: planning and real time alerts. In the planning mode, the focus is on the development of risk metrics in order to allocate resources for risk mitigation. The focus then is on the high impact/high probability risks. To this end, the IBM software uses several inputs and a curve fitting equation to identify the top right hand side quadrant. The use of the equation to identify the risky suppliers does not seem to be better than the simple placement of supplier on the impact/likelihood space by a group of experienced managers.

More importantly, once calibrated, changes in risk profile of suppliers maybe made automatically to the “high risk” category and managers can assess if they are prepared to deal with the disruptions associated with that particular risk.

For real time alerts, companies do not assess disruption probability. Instead, these software tools sound an alarm when a potentially disruptive event has or may have occurred. The software tools allow decision makers to set thresholds for the alerts in order to avoid an avalanche of minor alarms.

To this end, the first functionality included in these tools is a mapping of the various suppliers and their facilities as well as the company’s own facilities. The rationale is that many disruptions are geographically limited. This is true for cases when a particular plant is hit with an event, such as fire, sabotage, quality issues or industrial action.

Geographical mapping is also useful in alerting companies about events taking place in the vicinity of a supplier’s facility. Such events may include wild fire, political upheaval, violent activities, labor troubles, earthquakes, floods, port/airport closures, bridge collapse, power outage (or brownouts), etc. Even regulatory or legislative actions with potential supply chain impact can be localized geographically.

In the planning mode these applications develop risk scores for suppliers and for each of their sites, as well as for the company’s own sites. Combining this information with the bill of material information, one can develop risk scores for individual parts and from that for individual products and even individual customers. The risk scoring methodology is proprietary to each application. For example, Impact Factor Inc. offers an example of “Vulnerability Rating” 1 to 10 score with 10 being the most vulnerable and 1 being the least. As the company seems to focus on financial risks metrics, the scoring is for companies, rather than locations or individual parts.

In the planning domain Razient seems to focus on regulatory compliance management – implying both corporate risk of non compliance by suppliers and possibly, identifying lax processes by suppliers.
A similar approach was taken by SAP in their Value Accelerator product.

The other use of supply chain risk management applications is for alert systems in real time. The basic methodology here is to impose events on the geographical location reveals which locations are in danger from specific events.

SC
MR