Supply chains have experienced unprecedented stresses in recent years – even apart from COVID-19.
SKU proliferation, omnichannel effects, labor shortages, M&A activity and digitization have all driven an increase in supply chain costs and risks. The increased costs have often been exponential for order processing, shipping, handling, transportation and advanced distribution models. In the last decade, about 10 cents on every dollar have shifted from margins or profits to supply chain costs.
While these factors were already increasing supply chain costs, COVID-19, the Suez Canal blockage, the SolarWinds breach, other high-profile cyber hacks, and increasing “black swan” events have had an additional impact and caused manufacturers to turn more attention to risk management.
Many manufacturers need to elevate risk management in their supply chain cost models. Grant Thornton National Supply Chain Leader Jonathan Easton pointed out that, “by proactively identifying supply chain risk and taking steps to mitigate business disruption, you begin to take the initial steps to reduce your cost to serve.”
Understand the threats
Risk management begins by looking at the possible threats that can disrupt a business and ultimately erode customer satisfaction, brand equity and shareholder value. IT risks can include external cybersecurity failures or internal IT infrastructure failures. As digitization reaches more touchpoints in the supply chain, and more processes within suppliers, the IT risks escalate.
The IT risks are only the beginning. Suppliers can face financial or legal threats which extend to their partners. Environmental, social and corporate governance (ESG) issues are emerging as a source of concern, given the recent emphasis on ethical sourcing. We’ve improved our ability to detect and preempt terrorism, but it still presents a risk. Domestically, supply chains will almost surely be affected by increased regulations flowing from recent executive orders. Internationally, they are subject to political instability.
Taken together, these threats are daunting – threatening data safety, financial performance, customer service viability and business reputations.
A response to such threats combines a clear, comprehensive view of your supply chain with the capability to respond effectively to threats. Eaton asked four key questions about preparedness:
- Have you quantified the risks that you may be facing?
- Do you know where they originate?
- Do you have a view of your full network and your supply chain ecosystem?
- How capable are you, right now, of responding to emerging threats?
These questions are not easy to address. But when you can answer them, you’re in a better competitive position. You can use the answers to take a new approach to supply chains.
A new approach to black swans
To prepare for supply chain disruption, organizations need to rethink the traditional approach to supply chain management. The traditional approach emphasized IT and inventory management, and focused on managing production, but siloed managers seldom communicated across departments.
The traditional approach categorized (and marginalized) individual events – such as COVID-19 or SolarWinds – as black swan events which no risk management approach would be prophetic enough to predict.
But the key is not prophecy. It’s readiness. “The point is not to try to anticipate COVID-19 or other disruptions,” Eaton explained. “The point is to identify your risk factors, then leverage the proper tools to quantify the potential impact and seriousness of that risk so that you can proactively develop a plan to mitigate the risk and maintain business continuity.”
Black swan events are not an excuse for poor planning or insufficient supply chain risk management capabilities. Proper planning is focused on a new overarching goal: preserving the integrity of the supply chain to operate as an interconnected system across all enterprise functions and all aspects of the extended network.
It’s not easy. Your response must be both agile and integrated. But, ultimately, this new supply chain risk management (SCRM) approach can go beyond risk mitigation to create a significant competitive advantage.
Traditional vs evolving supply chain risk management (SCRM)
The evolving SCRM framework generates an approach with four components
: it assesses the risk environment, classifies the risk magnitude, develops response options and gains resiliency through learning.
With a new goal and framework in mind, manufacturers urgently need to use some essential tools to take action.
Tools for the new approach
To implement an evolving approach, organizations will need practical tools:
AI-based supply chain risk management
Three tools for supply chain risk mitigation
uses data and intelligence from thousands of external sources to properly evaluate the entire supply chain ecosystem across dozens of risk factors. This determines where risk exists and illuminates it for immediate resolution before the risk becomes a disruption and cripples a supply chain. The very best solutions show upstream suppliers and downstream third-party providers, assigning risk rates.
Supply chain optimization
that provides remediation to minimize risk is the bridge between identifying the risk and the SOC for supply chain. Executive dashboards can leverage AI-based SCRM solutions to capture relevant and nearly real-time data for executives to incorporate supply chain discussions into their regular decision-making process and monthly business continuity cadence.
AICPA SOC for Supply Chain reports
are attestation reports intended to provide the users of those reports comfort that manufacturers, producers and distributors subject to the examinations have designed and are operating controls sufficient to provide reasonable assurance that service commitments and system requirements would be achieved. These SOC reports
are based on the AICPA’s Trust Service Categories, address the common security criteria and can include criteria related to availability, processing integrity, confidentiality and privacy. The reports provide a credible, efficient alternative to ad hoc diligence exercises and overlapping vendor questionnaires.
While SOC for Supply Chain Reports haven’t been widely adopted yet, Grant Thornton Advisory Services Partner Forrest Frazier sees them playing a large role in future risk management efforts. “I liken them to SOC 2: People were really curious when it came out, but it took a while for them to fully understand how to use it.”
At the beginning of 2020, most manufacturing supply chains were not ready to cope with the emergence of COVID-19. The supply chains that were ready quickly became a significant competitive advantage. Now, it’s essential for manufacturers to have supply chains that are ready when the next black swan arrives.
Partner and National Supply Chain Practice Leader
+1 704 632 3523
Partner and Special Attestation Services Practice Leader
+1 704 632 6801