A Foundation of Risk: Supply Managements Other Pillar for Success

Dave HenshallProcess, Risk, Strategy

Risk Management

Risk Management

A Foundation of Risk: Supply Managements Other Pillar for Success

A Foundation of Risk: Supply Managements Other Pillar for Success – The foundation for modern supply management strategy was built upon Peter Kraljic’s matrix, “portfolio analysis” model.


Kraljic’s matrix added ‘risk’ to the well used Pareto Model and provided the foundation on which many procurement board presentations, organisational designs and careers are built.

The primary object of Kraljics matrix was to focus on the risks and opportunities presented by the supply market. Now, with so many supply management guru’s advising CPO’s to look beyond cost savings, it is surprising that to date, the risk side of this model has remained relatively underutilized in many organisations.

Threats have become all too apparent in recent years, to name but a few:

  1. Resource depletion and raw materials scarcity
  2. Political turbulence and shift in power from west to east
  3. Government intervention in supply markets
  4. Intensified competition, and accelerating technological change
  5. Credit crisis
  6. Natural disasters

Today’s modern economic peaks and troughs have become steeper and deeper and, as a result, businesses across the globe have learned that supply and demand patterns are subject to disruption virtually overnight. So, if the ‘cost saving message’ has taken procurement to the edge of the boardroom door, then the ‘risk message’ could finally prize the door firmly open.  The question is; are CPO’s ready to take a seat at the table?

Environmental Scan:

The longest period of economic growth in history coincided with an extended period of squeezing out cost, resulting in more vulnerable supply chains:

  • Strategic sourcing and supplier rationalisation have increased dependence on a smaller number of key suppliers
  • Increased outsourcing of many key activities to suppliers
  • Increased use of Low-Cost-Country-Suppliers (LCCS), extending supply chains, complicating logistics and increasing vulnerability to geopolitical issues
  • Companies have built ‘lean’ supply chains with little room for today’s swings in demand

Increasingly complex customer requirements and shorter product lifecycles have combined with the above to complicate supply risk further, and new environmental and political risks have emerged. Companies have been competing for scarce commodities and to secure suppliers capacity resulting in risk of shortages and price volatility:

  • Oil
  • Iron ore
  • Wheat

Geopolitical issues have threatened to disrupt supplier’s from LCCS:

  • Nuclear tensions with North Korea, and India & Pakistan
  • Terrorist threat
  • Thailand coup
  • Continued Middle East hostilities
  • Somali Pirates

Exposure to risks of global pandemics and natural disasters:

  • Swine Flu
  • Bird Flu
  • Tsunami
  • Hurricane
  • Earthquake

In such an environment, CPO’s must ensure they have a comprehensive strategy to manage risk. Such a strategy is only likely to be fully effective if backed by the CEO and incorporated as part of the business planning process. In this way, risk management becomes a corporate capability in which the CPO has a strong argument to be at the table and exert considerable influence.

Typically in many company’s, supply chain risk management is:

  • Reactive, so risks are often identified only when they have occurred or are imminent
  • Narrowly focused, typically on supplier risks – ignoring other “components” of risk
  • Structured to ‘track’ not ‘manage’ and tracking is often only a ‘snapshot’ rather than a ‘continuous process.’
  • Inconsistently carried out across the organization

By introducing supply risk management at the corporate level, CPO’s can develop a formal framework to manage risk with other key stakeholders that will provide a unified approach across the entire organization. Such a framework should typically include the following components:

Ten Components of a Supply Risk Management Framework:

  1. Governance processes and tools
  2. Supplier Relationship Management and Strategic Sourcing
  3. Clear roles and responsibilities
  4. Company-wide definition of risk types and risk drivers
  5. Common definition of measures and evaluation criteria
  6. Identification and development of data sources and  metrics
  7. Development of processes, tools, and templates, etc.
  8. Automated systems support including:
    • Data collection and repository
    • Tools for risk criticality analysis and risk evaluation
    • Tools for visibility, tracking, and alerts
    • Support for risk mitigation (project management, workflow)
  9. Mitigation strategy database
  10. Training for Supply Management staff and others that manage supply risk

Once a corporate risk management framework is in place; it is possible to evaluate risk from the overall

  • Identify current capability,
  • Identify performance gaps
  • Put in place a programme of delivery to move the organization towards the desired future state

Vulnerability will be reduced and improve the companies sustainable business performance.


The last few years of the economic boom and ultimately the latest bust, have clearly highlighted the inherent risk in modern supply chains. Once again, this puts supply management under the spotlight like never before. The ‘Brave CPO’ will guard against knee-jerk reactions in defining future sourcing strategies and use the current climate to move the agenda beyond cost savings and focus more holistically on the business to drive sustainable value.

The risk platform forms the second pillar of the supply management value proposition. If CPO’s build upon it, they just may find not only the CEO open to the lessons of the last few years, but also the board room door.

Nuff said …