Article 8 Min ReadManaging Cyber Risk through Return on Security Investment
Mitigating Supply Chain Risk with a Single Strategy
For many companies, recognizing and addressing supply chain risk can seem like an impossible task. But a unified approach can chart a clearer course of action.
Many companies’ approach to supply chain risk differs from department to department.
A single supply chain risk strategy helps unify every department under a common goal and identifies risk scenarios — and the actions needed to address them.
Data and analytics can improve visibility and decision making when it comes to a single supply chain risk strategy.
Supply chain issues have been pushed to the top of the news agenda over the past few years. The Russia and Ukraine conflict has sparked a significant and long-term impact on the supply and cost of food across the world. Car manufacturers have taken measures to ensure that they can keep up with the demand for new cars despite an acute chip shortage. As companies triage these and other similar situations, they will inevitably expose themselves to risk.
While supply chain risk has become one of the most important issues for business leaders to tackle, it’s also often misunderstood. For companies to overcome these problems, they must first develop a unified and comprehensive understanding of their risk profile and appetite.
Richard Waterer, global risk consulting leader for Aon, discusses how companies can mitigate risk by formulating an understanding of their supply chain, leaning on data and analytics to avoid issues and setting long-term risk-management goals.
Q: What challenges do businesses typically face when managing supply chain risk or disruption?
Richard Waterer: One of the big challenges facing any company that has exposure to the supply chain is the fact that it feels too broad to get your arms around. An automotive company might have 30,000-plus parts in each vehicle coming from all over the world. That’s a huge risk.
Risk is defined in different ways in an organization depending on the stakeholder. A procurement director would approach supply chain risk by applying the right due diligence when they onboard a supplier. They would negotiate a contract that pushes as much liability to that supplier as they can in the event of issues around quality, cost or time. But they don’t consider where the risk is in their supply chain. It is a supplier-led view rather than an exposure-led view. The issue with approaching risk as separate initiatives is that it’s inefficient, and it may not focus the firm’s resources on the right areas that can have the biggest impact.
Q: How does this traditional approach differ from having a single strategy for supply chain risk?
Richard Waterer: A single strategy for supply chain risk is about a single version of the truth — a taxonomy of supply chain issues that the firm agrees they face consistently and, most importantly, a consistent understanding of the impacts of supply chain risk on the business. If we know what it will cost our business, we can take the necessary steps to invest in making sure that it does not happen or its impact can be minimized.
The concept is not entirely new: forward-thinking firms have been doing enterprise risk management for decades. That entails understanding the most significant threats to an organization and its ability to trade, profiling those and then understanding how those scenarios would impact the organization and managing them. An enterprise view of supply chain risk would follow similar steps.
A single strategy for supply chain risk is about a single version of the truth.
Q: What are the first steps in building a unified supply chain risk strategy?
Richard Waterer: From a risk strategy point of view, it starts with an understanding of where the risk is in the supply chain and quantifying it. If you have a picture of your top risks and an understanding of your level of exposure, that will frame the decisions that you want to make as an organization. Those decisions could be around insurance, risk management or supply chain reengineering if the exposure’s significant enough.
It’s about getting to the heart of what matters most to the company. That could be a set of product lines that generate the most earnings, a set of products that are key to a particular geography or a set of products that are important to the future direction or strategy of the firm. If they can agree on what matters most, then they can start to understand what comprises the bill of materials that traces back from that product line and which suppliers are producing which products. That is key to understanding risk exposure better. Then, companies can build scenarios and understand the “what ifs.”
Q: How can data and analytics help a company identify and assess supply chain risks?
Richard Waterer: Data and analytics can play a critical role in improving visibility in a company’s supply chain. We have seen this help in three scenarios. First, the company already has information on its supply chain and wants to revisit their insurance program to see what kind of coverage they have and if they can cover the losses they incurred because of an interruption from a third-party supplier.
Second, the company is uncomfortable accepting the risk and they want to put stronger risk management around it. Data and analytics can audit suppliers to make sure they are well risk-managed, understand their levels of utilization and determine their fallback position in the event of an interruption. This type of analysis helps companies decide whether they need to find a dual source supplier.
Third, the company has recognized that the size of risk exposure is significant, so they address it in their supply chain strategy by bringing production closer, changing suppliers, assessing deal sourcing and inventory management or holding more stock.
That visibility helps companies analyze the areas they want to focus on, where risk sits in the supply chain and what the impact of those risks would be should they materialize. I think all firms would benefit from a single strategy on supply chain risk, but that strategy could be owned by different stakeholders and played out through different projects and initiatives that are driven by a common set of data and analytics.
Q: What advice would you give to leaders who want to improve their supply chain risk management?
Richard Waterer: A balance between efficiency and resilience is the goal. There is a level of investment that’s required to keep that risk managed within your own risk appetite, but at some point, that level of investment could drop off because you’ll be spending more on managing the risk than you are on driving value for the organization. Success looks like striking a balance between those two very broad sets of measures.
No sector has absolutely cracked this — but it’s also less about the response and more about the thoughtfulness and investment that companies are willing to put into their supply chain risk posture. We are seeing that happening a lot more now. There’s been a shift to creating a more open and collaborative culture about risk in many organizations, but there’s a long way to go.
The information contained herein and the statements expressed are of a general nature and are not intended to address the circumstances of any particular individual or entity. Although we endeavor to provide accurate and timely information and use sources we consider reliable, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act on such information without appropriate professional advice after a thorough examination of the particular situation.
The contents herein may not be reproduced, reused, reprinted or redistributed without the expressed written consent of Aon, unless otherwise authorized by Aon. To use information contained herein, please write to our team.
Stay in the loop on today's most pressing cyber security matters.
Article 27 Min ReadTop 5 Cyber Threats To Mergers and Acquisitions
Article 12 Min ReadMitigating Insider Threats: Your Worst Cyber Threats Could be Coming from Inside
Article 17 Min ReadWhy HR Leaders Must Help Drive Cyber Security Agenda
Article 14 Min ReadResisting Cyber Attacks Through Layered Security Systems
Environmental, Social and Governance Insights
Explore Aon's latest environmental social and governance (ESG) insights.
Article 9 Min ReadESG Data: How Businesses Can Use Data to Gain an Edge
Article 12 Min ReadWhy ESG Is Even More Important In A Crisis Like COVID-19
Insights for HR
Explore our hand-picked insights for human resources professionals.
Article 9 Min ReadCOVID-19 has Permanently Changed the Way We Think About Wellbeing
Article 11 Min ReadDE&I in Benefits Plans: A Global Perspective
Article 13 Min ReadHow Data and Analytics Can Optimize HR Programs
Article 17 Min ReadWhy HR Leaders Must Help Drive Cyber Security Agenda
Article 10 Min ReadCase Study: The LPGA Unlocks Talent Potential with Data
Article 16 Min ReadNavigating the New EU Directive on Pay Transparency
Article 14 Min ReadHow to Design Better Talent Assessment to Promote DE&I
Article 8 Min ReadTraining and Transforming Managers for the Future of Work
Article 10 Min ReadRethinking Your Total Rewards Programs During Mergers and Acquisitions
Article 21 Min ReadBuilding a Resilient Workforce That Steers Organizational Success | An Outlook Across Industries
How do businesses navigate their way through new forms of volatility and make decisions that protect and grow their organizations?
More Like This
Article 17 Min Read
How Academic Research Can Help Drive Climate Risk Resilience
By leveraging the advances made by academic research, companies can develop more robust climate risk resilience.
Article 19 Min Read
Pricing Platform: Avoiding Pricing Pitfalls
Pricing pitfalls are more common than you think, whether it's working with incomplete data or key man risk – but with the right pricing process, many of these issues can be mitigated. Read our article to learn about the most common pricing errors, and what insurers can do about it.
Article 18 Min Read
Pricing Platform: The Importance of Getting Pricing Right
In today's increasingly complex insurance landscape, an inadequate pricing system can not only impact insurers' view of risk, but also prevent them from making the right decisions at the right time. Read our article on why it's essential to get pricing right.