Drawing on more than 15 years of research and client support around Supply Chain Risk Management, one of the top dangers is target fixation. By focusing on a single threat, most supply chain managers ignore much of their risk spectrum. This leads to considerable investment in myopic strategies and limited (if any) preparation for the full spectrum of threats. Distinct vectors align to Strategy, Operations, Infrastructure, or Financial impacts. By providing leadership with visibility into the spectrum of risks, organizations enable those in the field to focus on specific threats, supported by broad spectrum support plans in place to sustain mitigation and response.
By categorizing threats into portfolios of risk (see figure below), leadership can create support plans and a full spectrum of responses in the portfolio. One of our clients prepared for financial risks of dramatic increases in the price of internationally procured materials (steel in this case). Whether the increase was due to a spike in fuel or continued consolidation of raw resources by China, the plan was in place to mitigate financial impact. Once a specific threat - trade barriers, in this case -, emerged, the organization purchased a 3-year supply of steel for the pre-tariff price.
This approach requires a three-tiered view of Supply Chain Risk Management.
· The top tier is the strategy and organizational context for managing risks
· The middle tier is the SCRM planning and execution, including the monitoring and response process.
· The foundational tier is Human Performance, and the skills and role-based capabilities necessary to effectively plan for, monitor, respond and communicate risk management elements.
Typically, organizations focus on field-level training and planning to mitigate supply chain risks. From Continuation of Operations planning (COOP) and OSHA standards to facility security operations the topics are familiar. However, this can lead to inconsistently reported risks to senior leadership. By extension, it results in ineffective response and response management protocols. Poorly designed oversight processes provide leadership with no comprehensive view of the risks the field are facing every day or of the lessons learned. By structuring a SCRM strategy around the three tiers, we do not drastically change those in the field sensing and responding to threats daily. Instead, we enable them with consistent support processes and better targeted funding to prepare for and more rapidly overcome the impacts of a realized threat.
Over the past 15 years, SCV has assembled 19 leading practices in SCRM. These practices have been reviewed, applied, and refined in more than 400 client engagements. These clients range from traditional risk management venues like counter insurgency operators in Baghdad to municipalities with a need to secure their water supply. These types of client challenges fortify the tiered view with lessons learned and proof points across the risk spectrum of Strategy, Operations, Physical, and Financial.
Target fixation is an expensive problem. Fixation on one threat, whether is a hurricane, cyber intrusion, or market fluctuations, carries the cost of allowing all other threats go unmonitored and unmanaged. In the U.S. intelligence community, the age-old adage of “a Russian behind every bush” encapsulates the thought well. While our specialists in the field must manage specific active threats, at the leadership level, we must remain vigilant around the spectrum with SCRM efforts. This means allowing specialists to remain focused, while supporting leadership enables their efforts with a broader view and flexible resources ready to support mitigation and responses.