Supply Chain Risks Not Just About Continuity
A recent article from PropertyCasualty360 details that business executives are not evolving to keep ahead of the complex and increasing risks across their global supply chains, as found in a Zurich survey.
In its fifth annual Supply Chain Resilience Survey released this month, Zurich polled 519 members of the Business Continuity Institute—including risk and supply-chain managers, and business continuity, security and emergency-planning professionals—about their response to the challenge of running smooth global business operations.
The survey finds that three-quarters of business specialists do not have a clear understanding of their organization’s supply-chain disruption experiences, and only a quarter are coordinating and reporting across their enterprise to gain it.
Moreover, 50% say half or more of their suppliers do not have a business-continuity plan in place.
This level of unpreparedness has remained unchanged from 2012.
“Results in 2013 continue to indicate a passive approach to reviewing the likely effectiveness of supplier business-continuity arrangements,” states the report, which goes on to say that supply-chain resilience is a complicated issue that is “not just about continuity”.
While supply-chain disruptions are increasing—over the past four years, 75% of respondents annually experienced at least one incident—they are also occurring further inside the supply chain. Forty-two percent of business interruptions originated below the tier-one supplier (supplying parts to the manufacturer of the final product) in 2013.
The top-three causes of disruption occurred from unplanned IT or telecommunications outages, followed by adverse weather (40%) and service failure by outsourced providers (37%).
This is in agreement with Firestorm’s 5 Failures in a Crisis
In the majority of organizations analyzed, Firestorm has found five common failures in a disaster or crisis.
The failure to:
- Control Critical Supply Chain. It is important to identify the internal and external dependencies of critical services or products.
- Train Employees for Work and Home. Firestorm has found that across most companies 95% of employees do not have a plan at home. If employees do not have a clear strategy for their families, an emergency or disaster can force them to choose between family and work. Family will always trump work.
- Identify and Monitor all Threats and Risks. Knowing the threats an organization will face enables it to manage the results and respond to those threats. Firestorm’s process identifies the potential threats, both natural and man-made.
- Conduct Exercises and Update Plans. Training converts written plans into actionable ones. By test exercising plans and their procedures, the problems or weaknesses identified will stimulate appropriate changes.
- Develop a Crisis Communications Plan. Effective communications is a crucial element in emergency/crisis management and should assume a central role in disaster preparedness. Proper communications establishes confidence in the ability of an organization to deal with a crisis and to bring about a satisfactory conclusion.
The report identifies 15 different generic consequences, some of which had an immediate financial impact and others which had the potential for long term damage.
In order of importance they were ranked as:
- Loss of productivity
- Customer complaints received
- Increased cost of working
- Service outcome impaired
- Loss of revenue
- Damage to brand/reputation/image
- Product release delay
- Product recall/withdrawal
- Payment of service credits
- Share price fall
- Stakeholder/shareholder concern
- Delayed cash flows
- Expected increase in regulatory scrutiny
- Loss of regular customers
- Fine by regulator for non-compliance
The Zurich conclusions rightly recognize however, that these are not simple problems for which there is one solution. Supply Chain Resilience is very complicated and is not just about continuity. Different parts of the organization need the supply chain to deliver different and potentially conflicting outcomes. For example, cheapest, best quality, ethically sourced, socially responsible are objectives that are sometimes impossible to reconcile.
Read Firestorm’s Paper Critical Decision Support: Why Measure Program Readiness? Business Continuity Assessment