Tag Archives: Risk Management

Katrina, Sandy, Dreamliner and Risk Management!!

Posted on by
Reply

I recently conducted a webinar series for IACCM on Risk Management (RM) and asked the following question – What is common between Hurricane Katrina, Hurricane Sandy and the Boeing 787(Dreamliner)? I also predicted that the 787 would probably be grounded by the FAA and they did exactly that. While you are thinking about it, let me share some thoughts on them – these are/were disasters of epic proportions that in the case of the first two have already caused significant havoc. The impact of the 787 on Boeing is yet to be calculated. You would have thought that the leaders in all three situations would have some kind of risk measurement/analysis/mitigation processes/procedures/studies in place that would have warned them of what might occur and allowed them to take the necessary precautions to either prevent or reduce the event from occurring or have appropriate plans in place to manage the fallout from the event?

Would you be surprised that in all three cases, the events that occurred and the aftermath were all known??? The levee situation in New Orleans had been studied ad nauseum and the impact of a major storm had been known for a long time. New York had commissioned various studies to know what a major hurricane might do years before Sandy and the studies had predicted exactly what occurred. The risks associated with the 787 had been known and talked about and studied inside Boeing almost 10 years ago! So it wasn’t a lack of Risk Management tools/process/templates/artificial intelligence scenario planning or your favorite Risk Management gizmo. The risks were all known, quantified, analyzed, templated, studied, processed, powerpointed, exceled, and various meetings were held where all these were discussed and pontificated on. Let that soak in for a few moments!!

All of the effort in Risk Management is a total waste unless it impacts decisions and behaviours-Adoption!! Simply putting the RM “tools” in place offers absolutely nothing. In fact, it probably leads to a false sense of security which will actually increase the risk to the organization. We have worked with way too many organizations helping them develop and roll out RM and our biggest challenge is always convincing the client of that inherent flaw in their thinking. Most of the effort is invested in designing the perfect RM “process” and very little time in evaluating whether it will actually impact decisions and behaviours.

Not that I’m advocating stopping any efforts you may have going on in the area of RM. What I am advocating is to start with the governance and decision making around RM and then work your way backwards to the right tools and processes. Unfortunately, most organizations end up going at it the exact opposite. How decisions will actually get made is at best an afterthought. Making sure that you have the right governance in place is far more critical because then you can design the appropriate RM solution such that it actually drives decisions and behaviors. Otherwise, I can predict with a high degree of confidence ( I just ran it through my latest RM Razzle Dazzle Gizmo) that just like Boeing, you will probably end up with a very sophisticated analysis and very unsophisticated actual RM.

What the above approach will also accomplish is to help change the context around RM. By starting with the goal of impacting decisions and behaviors and therefore initiating your design with the governance and decision making, you will be forced to understand the context around RM in your organization. And if context always trumps content, then it’s not a bad place to start? Remember, your goal is not to control the environment but to have an environment in control and to accomplish the latter, context is far more important than content.

Did you like this? Share it:

Identifying and Measuring Risk in the Supply Chain presented by Dalip Raheja

Posted on by
Reply

The Mpower Group is excited to announce it’s CEO, Dalip Raheja, will be a keynote presenter for two IACCM webinars, Identifying and measuring risk in the supply chain and contracting processand Implementing a risk strategy. Webinars will be on January 15th and January 22nd, respectively.

The Mpower Group is in the business of Mpowering our clients to accelerate superior business outcomes by unleashing the full potential of their Strategic Sourcing / Supply Chain organizations. We are a global consulting firm dedicated to serving the needs of Fortune 500 Strategic Sourcing & Supply Chain organizations.

Dalip New Headshot 09-12

Dalip Raheja is a recognized thought leader, a frequent contributor to research papers and articles and a much sought after speaker. As President and CEO of The Mpower Group, Dalip has over 30 years of experience managing large organizations and change initiatives. His work with Fortune 500 companies in the US and internationally covers all facets of the sourcing process, including contracting and negotiations, relationship management and risk management. In addition, Dalip has been named by Supply & Demand Chain Executive as a “Provider Pro to Know” every year since 2007. Prior to founding TMG, Dalip created and led the Strategic Initiatives group for Bank One. This internal consulting organization launched and managed large complex change initiatives for the bank. The group’s capstone achievement was creation of a comprehensive Strategic Sourcing program that achieved over $1.3 billion in documented savings over three years. Prior to joining the bank, Dalip was a Principal and Regional Business Development Manager in the Strategic Consulting Group of Digital Equipment Corporation. Dalip is currently authoring two books and holds an MBA in Finance and Marketing.

Globalization is having a hard time right now, with the economic downturn generating growing friction and increasing questions over whether global commerce is really worthwhile.

But are these challenges due to fundamental flaws in the system, or to shifts in the underlying drivers, or perhaps because of weaknesses in corporate process? In reality, every business depends on world trade and in these two webinars, IACCM and The MPower Group come together to discuss how organizations must adjust to the new realities of globalization.

As we move from a cost-based view of business performance and focus increasingly on value, many of the early drivers for global business are changing and the weaknesses in current process maturity are becoming ever more apparent.

Part I – Identifying and measuring risk in the supply chain and contracting process.

January 15th – 1600 UTC, 5 PM CET, 4 PM London, 11 AM Eastern NA, 10 AM Central NA, 8 AM Pacific

To register for Part I click here!

Part II – Implementing a risk strategy 
January 22nd – 1600 UTC, 5 PM CET, 4 PM London, 11 AM Eastern NA, 10 AM Central NA, 8 AM Pacific 
 

For additional information about The Mpower Group please visit www.thempowergroup.com.

Did you like this? Share it:

And the Gold Goes To…

Posted on by
Reply

WHEN TO JUST SAY NO WHEN YOUR RISK MANAGEMENT IS FULL OF RISK  

The flame will soon be lit (although the sporting events have already started – go USA women’s soccer!), the crowds will be cheering, the opening ceremony will be spectacular (in the best understated British tradition I assume) and thousands of voices will be singing God Save the Queen in their very, very British accents.  And all the planning that has been going on for years will be on display…and so will thousands of British soldiers making sure the Games are secure.

Soldiers at the Olympics you ask?  In the land of the unarmed bobbies?  In fact, one of the selling points of the London Olympic bid was just that…unarmed bobbies for security.

By now you have probably heard about the security fiasco and the name G4S.  It’s quite an irony that London’s risk management process was itself full of risk.  From what can be gathered so far, G4S was contacted to supply about 2,000 security personnel and then in December it dawned on the organizing committee that they really needed 10,000 personnel.  G4S said no problem and everyone went away feeling very secure…till it came time to deliver the 10,000 and that’s when the proverbial %^$# hit the proverbial fan and now people are trying to wipe it off their faces.  Enquiring minds everywhere want to know what happened and especially those of us in the Supply Chain/Sourcing community so I took the liberty of positing a few questions:

  • What kind of “Demand Planning” was going on in the committee that made them increase their requirements 5 fold – JUST MONTHS BEFORE THE GAMES!
  • Was the supplier involved in helping them craft their solution requirement (ummm sir, are you really sure you need ONLY 2,000 personnel??)
  • When the increase in the requirements was placed, did the committee ask for some kind of fulfillment strategy from G4S?
  • Was the lead time and process to “create” (screen, hire, train, deploy etc. etc.) these security personnel ever discussed and validated?  If so, how could the fulfillment strategy for the increased numbers stand any kinds of scrutiny?
  • Was there any discussion inside G4S before accepting the increase?  Who says no to additional business in your company and when do they say no? Does sales ever say no? Does “manufacturing” (fulfillment capability)?  I have yet to see/hear of any disciplined process that would allow a company to say no to a fivefold increase from a customer.
  • Was there any kind of ongoing progress monitoring of G4S put in place to ensure that they were on track?

I’m assuming that by now, this is starting to sound like a fairly common supply chain problem that we all deal with on an ongoing basis.  We have poor demand planning, lack of supplier involvement in the solution (perhaps), no supplier capability validation, no ongoing risk monitoring of this supply chain, etc. etc.  And remember, this is a risk management solution with no intrinsic risk management – kind of ironic.  I now wonder what kind of supply chain/sourcing expertise did the committee have access to?  If none or very little, then may we expect other supply chain problems to crop up as the games go on?  While I’m sure that the games will go on flawlessly and hearing will be held and fines levied and suits filed, I’m sure that the committee could have done without this major last minute glitch and the subsequent bad publicity.  I’m also quite sure that there are many conversations within G4S on whether they should have accepted the huge risk that they took when they went along with the significant increase in demand.  If only they would have called upon some of our British professional brethren because here is the kicker…”Somehow, G4S was awarded a sole-source contract by the organizing committee in a process where little transparency exists.”

Your honour, I rest my case!!

Did you like this? Share it:

May Question of the Month Answered! What is the Best Way to Manage Supply Chain Risk?

Posted on by
1

The question of the month from an anonymous reader was posed like this:  What is the best way to manage supply chain risk?

We were working with the Chicken Platform team at one of the world’s largest QSR (Quick Service Restaurant) in helping them introduce chicken to their menu.  While it may not sound like a big deal, it was a huge undertaking that involved significant complexity.  One of the elements we added to their menu strategy was risk management because it became obvious to us that while there was significant risk involved, there was no systemic way of identifying and mitigating that risk.  So you can blame us if you don’t like the chicken items at this iconic global QSR.

Here are some of the key lessons we have gathered from the many, many years of dealing with Risk Management (RM).

Unavoidable necessity or desired need?      While there are many tools, templates, methodologies, software packages etc. related to risk that you can spend your money on, it’s far more important to address risk at a meta level in the organization first.  Let me start with a hypothetical question – does your CEO view risk management as a competitive advantage or a necessary nuisance?  If it’s not the former, then that ironically becomes your biggest risk in implementing risk management AND also the first step.  A more robust risk management process converts into a competitive advantage leading to more sales, better margins, etc. etc.  That takes RM from an unavoidable necessity to a desired need.

2D or 3D risk model?     Most of the risk models are two dimensional in nature – they measure impact and likelihood of the event and then allocate resources to manage the risks.  Level of control and influence is often ignored.  What is the point of dedicating resources to measure and monitor risks that you cannot do anything about?  In determining priorities, it is critical that all three dimensions be considered.

Portfolio Risk?  Even when we see risk management being deployed, we are always surprised by the lack of aggregating risk across the “portfolio”.  Various divisions of an organization are doing an excellent job at managing risk individually but no one is aggregating the risk to understand the total exposure.  For example, each division is sourcing from the same geographical region adding significant portfolio risk to the corporation.  While optimizing sub-system risk, we end up sub-optimizing “system” risk.

External vs. internal factors?  Risk is most often viewed as something external to the corporation (market, industry, supplier etc. etc.).  It is fairly obvious that there are a number of internal factors that are never acknowledged or addressed.  Inability to make timely decisions, ineffective implementation of decisions, bad information flow (inventory, demand, lead times etc.) are just a few examples.

“Consonants” vs. “Vowels”?  Clients who have designed pretty good risk models end up not paying enough attention to the adoption of those processes.  Theoretically, they have actually increased their risk exposure by introducing a false sense of security within the organization.  A well designed RM process (consonants) does very little unless it is accompanied by an equally well designed and robust adoption process (vowels).

Controlled response?  In spite of a RM program, risks will manifest themselves.  The question then becomes how does an organization react to it?  What we have observed is that organizations that have a credible RM program in place do a far superior job of reacting to those events because they have developed the confidence and the competencies to deal with events. Organizations that don’t have a RM program end up in a much more reactive mode. A greater impact is then caused by their reaction than the original event.  We recently had a Fortune 25 client go through a major disruption in their supply chain.  Their reaction was to severely tighten up the selection criteria and the decision process to mitigate future risk.  Unfortunately, they also ended up “freezing” their own supply chain organization and their supply base.  40% of suppliers that had been acceptable became non-compliant overnight, even though they had absolutely nothing to do with the disruption.  It’s been months and months since the original incident but the client is still suffering from their reaction to the event rather than the event itself.

Competencies?  The competencies required to effectively roll out a robust RM program are unfortunately in the dreaded soft skills category which are in short supply in most organizations.  RM at the end of the day is all about changing behaviors and the functional skills that are in vogue in most companies can’t really help.

While it is critical to understand various risk factors in our supply chain and try to mitigate them, our research has shown that unless RM is addressed at the meta level in the organization, most efforts fail.  It is for that reason that we must fundamentally change the definition of RM to a competitive advantage as opposed to a necessary evil.  A great place to begin would be for you to start including RM as a decision factor in selecting your suppliers.  Have them show you their RM plan for their supply chain.  It is the best way to elevate the discussion around RM and you may learn a thing or two about how to manage risk.

Regards,

Dalip

Did you like this? Share it:

What Major Risks are Facing Our Community?

Posted on by
Reply

The Mpower Group NPXAt a recent planning call with some of the members of the Next Practices Xchange for their upcoming conference, I was asked to come up with the list of concerns that leaders in the community (Procurement, Strategic Sourcing, Supply Chain, etc. etc.) had.  This was to identify the major risks that are facing the community so that a relevant agenda could be developed.  I pushed back at the members and got them to acknowledge that we would be talking about only those issues that they knew about or had identified.  What about all those that they had not?  Based on some of the research that we have done and the various venues we speak at, here is the list that I gave them as the Top 10 list of risks that they should be focused on.  I also told them that we would crowdsource the prioritization of this list and give them some help in picking the top 2 or 3 for their next conference.

Please pick your top three risks!

View Results

Loading ... Loading ...

So go ahead and provide your input and then check back and see what others said. This information will be used to plan our next conference, so stay tuned.

Regards,

Dalip

Did you like this? Share it: