We can define supply risk as a set of deviations in the characteristics of a supplier and its performance. Such deviations might be associated with variables that are endogenous (i.e. dependent on the supplier) or exogenous (i.e. related to the economic situation or the market context).
As far as the supply risk management process, all companies follow a series of steps before contracting with a supplier. First, when scouting and evaluating suppliers, they collect data on potential partners; then comes segmentation and classification based on how critical a given supplier would be for the company. Here economic-financial indicators are used, and in some cases specific clusters are created (critical suppliers, strategic suppliers, single-source suppliers).
Keeping this information up to date is a task may be taken on by other company departments, or some third party, or the supplier itself. Whatever the case may be, in today's business world, companies have to be extremely cautious when selecting and managing their pool of suppliers, and the Procurement Department plays an essential role here as far as data verification and analysis.
In fact, Procurement is responsible for profiling the supplier, constantly being on the alert for risk factors that could destabilize the supply relationship. This applies both when selecting new partners and when managing current ones.
The aim of our study was to collect and analyze data on supply risk management practices. We focus on risk measurement systems and mitigation measures implemented to reduce risk exposure and potential damage to the client company. With this research, we also hope to share our insights on the general process of Supply Risk Management.
Here are the questions we tried to answer:
Then we did risk mapping with the help of a matrix, drawing connections between the likelihood and the severity of risk. This risk classification enabled us to pinpoint the most appropriate mitigation strategy.
In our study, we did not categorize various types of damage; instead we focused on assessing the magnitude of damage, in light of the fact that damage entails a cost that has economic-financial impact. This cost, a proxy of risk, will be the main determinant of the mitigation action the company decides to take.
We considered two mitigation strategies: flexibility and redundancy.
Both share the objective of limiting or neutralizing the negative effects of damage by allocating additional resources that can be used in case of any deviation or adverse effect. But the two strategies differ in essential ways:
When potential damage is highly likely and very severe, we adopted a combination of the two strategies. We present risk mitigation solutions in clusters (typically two or three), highlighting: the managerial style, the risk mitigation measures deployed, and the pros and cons.
At the same time, for the risk mitigation strategies, we chose a similar framework with the variables: managerial style, redundancy or flexibility strategies, and usage scenarios.
Finally, we demonstrate the existence of a relationship between how companies measure risks and how they mitigate those risks.
The main risk factors that emerged during the research are: financial, economic, operational, innovation-related; ESG (Environment, Social, Governance), geopolitical, process-related, with some amplifiers: dependence and supply chain risk.
In our research project, rather than one approach predominating, several different ones emerged. What's more, we found that often the approach in question is determined by the risk context. The damage that emerges also differs, which may be due to the level of integration of the supply chain.
What we see in our study is that risk measurement approaches and mitigation strategies are contingent on a number of factors:
We also found that our Lab partners integrate supply risk management within the framework of their Enterprise Risk Management (ERM) system, in most cases.
A few companies use systems to support risk management equipped with a comprehensive dashboard, tracking internal and external sources of risk. In contrast, several other companies adopt a structured view, one that is limited to economic-financial risks, or they task external providers with risk monitoring.
Finally, when critical issues arise, only a few companies activate a risk mitigation process semi-automatically (e.g. blocking payments, blacklisting etc.). Leading the mitigation process in most cases is the Procurement Department, which draws up an action plan and shares it with other business functions.
To sum up, our research highlights how companies achieve different results depending on the sector where they do business and their sensitivity to various aspects of risk. So, we conclude that there doesn't seem to be a single model that is best, but rather one that may be better aligned with a given context.
Il corso fornisce indicazioni operative volte a ottimizzare la gestione dei dati, valutando le opportunità alternative disponibili per la propria azienda e valorizzando al meglio il contenuto informativo dei dati stessi.
Affrontare le sfide attuali della funzione HR a 360 gradi, grazie a strumenti metodologici per attrarre, scegliere e trattenere in azienda i migliori talenti.
Apprendere metodi e capacità di intervento organizzativo per adeguare la struttura aziendale alle attuali esigenze di fluidità e flessibilità di assetti e funzioni.
