Supply Chain Risk Assessment
advertisement
Supply Chain Risk Assessment Model Logic and Measures Dr. Kevin McCormack August 2007 DRK Confidential Do not Distribute without Permission 1 Structuring the Relationships of Supply Chain Risk CAUSES (Categories of Predictive Measures) Relationship Supplier Attributes Performance Human Resources Supply Chain Disruption Situational Factors Financial Health Environmental DRK Confidential Do not Distribute without Permission Disruption EVENTS Misalignment of Interests Quality, Delivery, Service Problems Supplier Union Strike, Ownership Change, Workforce Disruption Supplier Locked Tier II Stoppage Supplier Bankruptcy (or financial distress) Disasters (Weather, Earthquake, Terrorists) CONSEQUENCES (Impacts) Sudden Loss of Supplier Finished Goods Shipments Stopped Recall for Quality Issues Locate and Ramp Up Back up Supplier EFFECTS Revenue Losses and Recovery Expenses Emergency Buy and Shipments Emergency Rework and Rushed FG Shipments Reputation Market Share Loss OTHER IMPACTS Forgone Income 2 Overall Data Flow Internal Analysts and SMEs Risk Event Impact Risk Event Probability Risk Events Combine and Calculate Risk Management Supplier Risk Score Supplier Risk Score (probability) Supplier Risk Event Impact By entity Highest and Average Prob. X Risk Score Total Impact by Entity Risk Indicators by event Risk Indicators by entity Supply Chain Network Diagnostics Analyst’s Modifier Risk Matrix Revenue at Risk 10000000000 1000000000 Risk Indicators 100000000 10000000 1000000 100000 16 17 18 19 20 21 22 23 24 DRK Confidential Scaled Risk Probability Do not Distribute without Permission 25 26 27 Supplier Surveys Internal Analysts Environmental Analysts 3 Revenue Impact Calculation Objective: Find the FG revenue impact on a part basis if a supplier disruption occurs Part A Finished Good 1 Revenue - $5 mil Finished Good 2 Supplier 1 Part B Revenue - $20 mil Part C Finished Good 3 Revenue - $50 mil Revenue Impact Part A - $75 mil Revenue Impact Part B - $20 mil Revenue Impact Part C - $70 mil DRK Confidential Do not Distribute without Permission Total Supplier Impact - $165 mil 4 Supplier Risk Index Supplier H Supplier A Supplier B Revenue Impact Supplier C Supplier D Supplier F Supplier E Supplier L Supplier M Supplier I Supplier N Supplier G Supplier K DRK Confidential Do not Distribute without Permission Risk Probability Index (RPI) Supplier K 5 Risk Wheel Diagnostic DRK Confidential Do not Distribute without Permission Analytical 6 Risk Index (RI) (Diagnostic Mode) DRK Confidential Do not Distribute without Permission 7 SC Risk Assessment Units of Analysis s Interactions and Relationship s s s SC Network Organizer s s Commodity Category s Supplier Attributes DRK Confidential Do not Distribute without Permission Supplier Environment 8 Structuring the Relationships of Supply Chain Risk CAUSES (Categories of Predictive Measures) Relationship Supplier Attributes Performance Human Resources Supply Chain Disruption Situational Factors Financial Health Environmental DRK Confidential Do not Distribute without Permission Disruption EVENTS Misalignment of Interests Quality, Delivery, Service Problems Supplier Union Strike, Ownership Change, Workforce Disruption Supplier Locked Tier II Stoppage Supplier Bankruptcy (or financial distress) Disasters (Weather, Earthquake, Terrorists) CONSEQUENCES (Impacts) Sudden Loss of Supplier Finished Goods Shipments Stopped Recall for Quality Issues Locate and Ramp Up Back up Supplier EFFECTS Revenue Losses and Recovery Expenses Emergency Buy and Shipments Emergency Rework and Rushed FG Shipments Reputation Market Share Loss Copyright© 2006 Supply Chain Redesign, LLC OTHER IMPACTS Forgone Income 9 Relationships On a corporate basis, please select the expected percentage of revenue you plan to come from the xxx industry segment in 2006. On a facility basis, what percentage of your total revenue is from Co.X? 1 3 4 5 65%-90% 15%-65% 5%-15% <5% >75% 50 – 75% 25 – 50% 5 – 25% <5% Taking into account the importance of the following metric when Top 20% evaluating a partnership, how would you rank Co.X relative to your other customers? – Annual revenue, Profit Margin, Growth Potential, Cooperation, Data Sharing How often do you share the following information with Co.X? - Cost Share structure (price drivers), Process /Material Change Notification, Production regularly Schedule, Inventory Status, Accreditation information, EPA violations and EPHS validation history (* EPHS – Essential Public Health Service), 2nd tier supplier information, New product/tech opportunity, Proof of insurance, Financial ratio data, Order fulfillment / process results, Performance data. DRK Confidential Do not Distribute without Permission 2 >90% 20% - 40% 40% - 60% 60% - 80% Bottom 20% Share when asked Don’t share and prefer not to share 10 Performance Please select the accreditations your facility has (check all that apply). 1 3 2 3 or 4 checked 4 1 or 2 checked 5 0 checked ISO900x, ISO13485/13488, ISO14000, FDA registered (new with each network) How many of your engineers directly support the manufacturing of this subcategory? What is your facility’s current capacity utilization in this sub category? >10 5 – 10 <50% 50% - 70% 70% - 80% 80% - 90% >90% In the coming year, do you plan changes to your facility’s capacity in manufacturing for this sub category? Increase Increase No change around 20% around 10% With 3 weeks advanced notification, how much of a demand increase can >50% you satisfy in your next order for this subcategory for Co.X (assuming an average order)? Excluding engineers, how many employees are involved in the > 100 manufacturing process for this sub category (including assemblers, inspectors, shipping, etc.)? On average, how quickly you respond to a technical issue from Co.X? <2 hours What is the Material Reject Rate (percentage of material rejected out of all >99.5% deliveries) for the supplier? What is the Supplier Corrective Action Receipt percentage (percentage of CAR out of all deliveries)? When was the last on-site audit or mail-in quality survey? <1 yr What is the latest Audit Score of the supplier ( percentage of audit result >99% score divided by maximum possible scores)? What is the supplier’s latest on-time delivery percentage (no early or late, >99% based upon contract, percentage of on-time delivery out of all deliveries)? DRK Confidential Do not Distribute without Permission 3–5 2–3 0 -1 Decrease Decrease around 10% around 20% 20% - 50% 10% - 20% 1% - 10% 0% 50 - 100 25 - 50 2 hours – 12 hours 12 hours – 24 hours – >48 hours 24 hours 48 hours >99% <=99.5% 0% >0% <=.25% >98% <=99% >.25% <=.75% 25-May <5 >97% <=98% >.75% <=1% <=97% good Q rep 1-2 yrs >2 yrs No audit >98% <=99% >98% <=99% >65% <=80% >95% <=97% <=65% >80% <=98% >97% <=98% >1% <=95% 11 1 Financial Health Please rank your company’s business growth in 2005 in the industry for this sub category. What is the risk level of supplier's financial status (3 rd Party report)? Top 20% Low Excellent 2 3 4 5 20% - 40% 40% - 60% 60% - 80% Bottom 20% Low to Medium Medium to High Medium High Above Average Below Poor Average Average Please rate the overall performance of your company last year. Please rate the overall performance of the company last year relative to major competitors. Please rate the overall performance of the business unit serving $Company$ last year. Please rate the overall Customer Satisfaction level of this business unit last year. Please rate the overall profitability of the business unit last year Please rate your accounts recievable cycle time (collection time). Please rate your accounts payable cycle time (paying suppliers) DRK Confidential Do not Distribute without Permission 12 Environmental Indicators What is the potential of a major supply chain disruption due to market dynamics? What is the potential of a major supply chain disruption due to merger and acquisition issues? What is the potential of a major supply chain disruption due to regulatory issues? What is the potential of a major supply chain disruption due to a disaster (natural disaster, political, terrorist, etc.)? What is the potential of a major supply chain disruption due to a transportation disruption (accident, transportation union strike, etc.)? DRK Confidential Do not Distribute without Permission 1 Minimum Minimum Minimum Minimum Minimum 2 Below Average Below Average Below Average Below Average Below Average 3 Average Average Average Average Average 4 Above Average Above Average Above Average Above Average Above Average 5 High High High High High 13 Risk Probability Index (RPI) (Analytical Mode) DRK Confidential Do not Distribute without Permission 14 Supply Chain Risk Categories v. Events Categories Events Relationship 1 Misalignment of interest Performance 2 Quality Problem 3 Supplier Union Strike Human Resources Supplier Risk Probability Index (RPI) Supply Chain Disruption Financial Health Environmental Indicators DRK Confidential Do not Distribute without Permission 4 5 6 Supplier Locked (Regulatory) Delivery Problem Service Problem Supplier Ownership Change Workforce Disruption Tier 2 Stoppage Supplier Bankruptcy Disasters 15 Misalignment of Interests 1 2 3 4 5 On a corporate basis, please select the expected percentage of revenue you plan to come from the xxx industry segment in 2006. On a facility basis, what percentage of your total revenue is from Co.X? >90% 65%-90% 15%-65% 5%-15% <5% >75% 50 – 75% 25 – 50% 5 – 25% <5% Taking into account the importance of the following metric when evaluating a partnership, how would you rank Co.X relative to your other customers? – Annual revenue, Profit Margin, Growth Potential, Cooperation, Data Sharing What is the potential of a major supply chain disruption due to market dynamics? Top 20% 20% - 40% 40% - 60% 60% - 80% Bottom 20% Minimum Below Average DRK Confidential Do not Distribute without Permission Average Above Average High 16 Quality Problem 1 2 3 4 5 What is the likelihood of the following disruptions in your supply chain that Once every Once every Once every Once every More than could impact BSC? - Process Change five years three years other year year once every or more year What is the Material Reject Rate (percentage of material reject out of all >99.5% >99% deliveries) for the supplier? <=99.5% What is the Supplier Corrective Action Receipt percentage (percentage of 0% >0% CAR out of all deliveries)? <=.25% When was the last on-site audit or mail-in quality survey? <1 yr No audit good rep What is the latest Audit Score of the supplier ( percentage of audit result >99% >98% score divided by maximum possible scores)? <=99% On average, how often do you monitor and review your suppliers’ Monthly Quarterly performance? >98% <=99% >.25% <=.75% 1-2 yrs >65% <=80% Only if issues arise What is the likelihood of the following disruptions in your supply chain that Once every Once every Once every Once every could impact Co.X? - Quality Problem five years three years other year year or more Excluding engineers, how many employees are involved in the manufacturing process for this sub category (including assemblers, inspectors, shipping, etc.)? Please select the accreditations your facility has (check all that apply). > 100 3 or 4 checked 50 - 100 >80% <=98% Annually >97% <=98% >.75% <=1% >2 yrs 25 - 50 1 or 2 checked <=97% >1% No audit <=65% Never More than once every year 25-May <5 0 checked ISO900x, ISO13485/13488, ISO14000, FDA registered DRK Confidential Do not Distribute without Permission 17 Delivery Problem 1 2 3 What is the supplier’s latest on-time delivery percentage (no early or late, >99% based upon contract, percentage of on-time delivery out of all deliveries)? >98% <=99% Share when asked >97% <=98% What is your facility’s current capacity utilization in this sub category? 50% - 70% 70% - 80% 80% - 90% >90% How often do you share the following information with Co.X? Performance data Share regularly <50% Do you share the forecast and scheduling information with your suppliers? Share regularly With 3 weeks advanced notification, how much of a demand increase can you satisfy in your next order for this subcategory for Co.X (assuming an average order)? What is the likelihood of the following disruptions in your supply chain that could impact Co.X? - Capacity Shortage Excluding engineers, how many employees are involved in the manufacturing process for this sub category? In the coming year, do you plan changes to your facility’s capacity in manufacturing for this sub category? >50% Once >5 > 100 How often do you share the following information with Co.X? - Inventory Status Increase around 20% Share regularly How often do you share the following information with Co.X? - Order fulfillment / process results Share regularly How often do you share the following information with Co.X? - Production Share schedule regularly DRK Confidential Do not Distribute without Permission 4 >95% <=97% Share when asked 20% - 50% 10% - 20% 1% - 10% Once =3yrs Once =2 yrs 50 - 100 25 - 50 Increase around 10% 5 Don’t share <=95% Don’t share 0% Once per >1 per yr yr. 25-May <5 No change Decrease around 10% Share when asked Share when asked Share when asked Decrease around 20% Don’t share Don’t share Don’t share 18 Examples of Risk Management Actions H Equal Revenue Impact and lower risk With Risk Management Revenue Impact ($) Profile 2 With Risk Management Profile 1 No Risk Management L L H Risk Probability Index (Event Probability x Score) DRK Confidential Do not Distribute without Permission 19 Examples of Risk Management Actions H Distributing Spend (and reducing Revenue Impact) to several equal and lower risk suppliers. Overall Revenue / RPI is reduced Revenue Impact ($) Supplier 1 No Risk Management Supplier 2 Supplier 3 Supplier 2 L L H Risk Probability Index (Event Probability x Score) DRK Confidential Do not Distribute without Permission 20 Examples of Risk Management Actions H Distributing Spend (and reducing Revenue Impact) to several equal and lower risk suppliers. Overall Revenue / RPI is reduced Revenue Impact ($) Supplier 1 With risk reduction actions Supplier 1 With combination actions L Supplier 1 No Risk Management Supplier 1 With spend reduction actions L H Risk Probability Index (Event Probability x Score) DRK Confidential Do not Distribute without Permission 21 Supply Chain Risk Assessment Process Week 0 Week 1-2 Week 3-4 Week 5-6 Week 7 Week 8 Week 7 Follow up 1.0 Kick off Note: Cycle Time – 6-8 weeks 1 Category = 30 suppliers 2.0 Preparation Assessment Team Supplier Information Set Up Internal Information Set Up - Manual Process - IT Enabled Process 3.0 Data Collection - Combination Set up Survey Internal Data Survey Data Collection 4.0 Analyze 5.0 Report Review Team Validate Provide Set up information Category Manager and Suppliers Kick Off DRK Confidential Do not Distribute without Permission Review/ Validate Preliminary Data Survey Review & Event Probability Subject Matter Experts and Suppliers Preparation Data Collection Report ID and Begin Mitigation Category Manager and Risk Manager Analyze 6.0 Mitigate Report Category Manager and Risk Manager Mitigate 22 Case 1 DRK Confidential Do not Distribute without Permission 23 Case 1 Supplier Risk Wheel: Supplier Example Union Strike Risk 1 Highly unionized production facilities Disaster Risk 1 Transportation mode and route may cause disruption Service Risk 1 Low number of engineers assigned to company parts Delivery Risks 1 Planned capacity decrease 2 Relatively low number of production employees assigned to company parts 3 Inventory status information is not shared with company 4 Medium to low ability to satisfy demand fluctuations with 5 week notice DRK Confidential Do not Distribute without Permission Quality Risk 1 Relatively low number of production employees in the process for company 2 Six month supplier rating is medium 3 Medium likelihood of quality problems affecting company 24 Case 2 Supply Risk Management Mitigation Planning Planning VP SCM Assign Risk Management Strategy and Guidelines Risk Program MGMNT 0010.1 Develop Program and Plan Risk Analyst 0010.3 Define Target Value Chain Plan Assessment 0010.4a Gather contact Info and pre-survey Feedback 0010.3 Define Value Chain Plan Assessment 0010.4b Provide pre-survey Feedback 0010.11d Review/Approve Risk Mitigation Actions 0010.8b Review and Adjust Strategy and Program 0010.2 Set Priorities Assign Resources 0010.11c Review/Adjust Risk Mitigation Actions 0010.8a Monitor and Manage Program Data Collection 0010.5a Set up and Distribute Survey Analysis and Reporting 0010.6 a Interview Suppliers and ID Part No. 0010.7 Gather Spend, Perf Data and Rev impact 0010.9 Analyze Results, Validate, 0010.10b Develop Risk Mitigation Actions Implement & Sustain 0010.12c Monitor Rollout, Adjust 0010.13b Review, Revise Reassess 0010.13a Review, Revise Reassess 0010.11b Propose Risk Mitigation Actions BI/MI Commodity Manager 0010.4b Provide pre-survey Feedback Supplier 0010.7 Gather Spend Data and Rev impact 0010.5b Complete Survey 0010.9 Review Validate Results 0010.10a Develop Risk Mitigation Actions 0010.6 b Complete Interview Preparation 0010.12a Rollout, Implement & Sustain 0010.11a Propose Risk Mitigation Actions 0010.12a Implement And Sustain Phase III Technology NT DRK Confidential Do not Distribute without Permission 0010.11a Propose Risk Mitigation Actions SAP NT NT NT NT NT 25 Case 2 Mitigation H Distributing Spend (and reducing Revenue Impact) to several equal and lower risk suppliers. Overall Revenue / RPI is reduced Revenue Impact ($) Supplier 1 No Risk Management Supplier 2 H Supplier 3 Equal Revenue Impact and lower risk With Risk Management Supplier 4 L Revenue Impact ($) Profile 2 With Risk Management Profile 1 No Risk Management L H Risk Probability Index (Event Probability x Score) L L H Risk Probability Index (Event Probability x Score) DRK Confidential Do not Distribute without Permission 26 Case 2 DRK Confidential Do not Distribute without Permission 27 Case 2 DRK Confidential Do not Distribute without Permission 28
