Business Driver for This Handbook
Driven by the growing awareness of the risk that dependence on global supply chain networks represent to market share, revenue, cost targets, brand value, and ultimately shareholder equity, increasingly companies are looking to emerging supply chain risk management and resiliency strategies, practices, and tools for answers.
Supply chain resiliency starts with end-to-end (multi-tier) supply chain visibility and includes comprehensive strategies and analytic technology to sense and manage proactively and in a highly responsive manner. These risks range from intrinsic supply chain partner risks as well as embedded network design-related risks.
Goal and Premise
The goal of this white paper is to provide supply chain risk management practitioners with concrete suggestions and guidance on how to create, roll-out, and institutionalize a global supply chain resiliency program (SCRP).
The premise of this guide is that there is an unserved need for information on the topic of building and managing a SCRP that adequately addresses the crucial initial phase of building the business case, identifying the key business drivers in order to establish strategic alignment, and securing executive sponsorship. While best practices in this area have perhaps been documented and shared, they are not integrated into a broader program deployment and operational plan.
This guide also attempts to untangle the confusing array of processes and labels for those processes, put forward (e.g. risk assessment, risk analysis, risk evaluation), as well as the loosely associated best practices. It aims to refresh and organize program implementation and maturation best practices into a single comprehensive and easier to navigate reference and starting point for building a world-class supply chain resiliency program.
Scope and Focus
SCRPs are strategic programs, not operational programs. As such, the intent is to identify strategic and high business-impact risks for mitigation. The focus here is therefore primarily on upstream risks as opposed to downstream (logistical/in-transit) transaction risks which tend to have immediate or short-term resolution horizons. Also, in keeping with SCRPs as a strategic program, the assumption is that risk treatment or the execution of risk remediation measures is, at least in part, if not in whole, the purview of operational business practices and systems. As a result, the role of SCRP programs and systems is primarily to recommend, prioritize, and track mitigations that are, in turn, executed by operational teams.
Further, this guide is organized as a simple roadmap and not a more elaborate maturity model. Key insights from leading maturity models are embedded in the roadmap. The “Plan, Implement, Institutionalize” organization and roadmap is not intended to imply a “waterfall” program structure. It is expected that most programs will take on a more iterative/agile form.
The information and best practices are intended to be useful at varying levels of maturity. However, the relevance and applicability of any specific recommendations and best practice discussed will frequently depend on an organization’s maturity level. The preponderance of higher-maturity level content is in keeping the goal of making this a comprehensive reference guide and provide a vision or roadmap for development for lower maturity-level programs.
While the guidance and insights are intended to apply broadly across vertical industries managing physical supply chains, manufacturing companies (e.g. high tech) and life sciences may find this handbook more useful than others (e.g. financial services which are pre-occupied with cyber security challenges, oil & gas, and retail).
It is also important to acknowledge that higher maturity organizations may eschew the level of structure, and in some areas, prescriptiveness, that is embodied in this guide. Lower-level maturity programs may more naturally embrace this approach.
In general, enterprises should evaluate the relevance of the topics and recommendations based on their unique business context and culture, and embrace suggested best practices based on the maturity of its risk management and resilience people, processes, and technology.
This is version 1.2 of what is intended to be a living document.
The goal is to improve this document over time based on feedback from the Global Supply Chain Resiliency Council membership community, industry analysts, and other industry practitioners and research scholars.