Supply Chain Risk Management

The Supply Chain Risk Management (SCRM) assistance provided by RMI includes:

  • Developing the context for your SCRM framework – stakeholders, risk management criterion, risk appetite and tolerance, SWOT of your supply and manufacturing organization, define risk management structures
  • Assist your organization in identifying and validating its supply chain risks – sole, single and multi-source risks beyond the first tier of your supply chain
  • Develop your organization’s risk analysis and validation methodologies and capabilities
  • Facilitate the development and ownership of risk treatment, so that it takes place at all required levels of your organization, maximizing value and lowering risk
  • Support your organization in ‘joining up the dots’ of Supply Chain Risk Management through developing a communications, monitoring and review framework to suit your current and future needs

RMI utilises established best practices including ISO 31000 (Risk Management) and BS 25999 (Business continuity) in developing and implementing the SCRM Process. 

RMI participated in the NSAI National Expert Group which published guidelines to ISO 31000.

Elements that may be considered within this Framework are:

(All SCRM frameworks are contingent on the structure, markets, culture, innovation and capacity of the organisations for which they are designed and implemented.  They are designed to scale as required.  They are processised so as to provide a consistent approach.  They must communicate with clarity and timeliness.)

 Framework Component  Elements to be Considered  Sub-project Activities
 Communicate & Consult
  • What stakeholders are directly consulted
  • What existing forums can we use to communicate?
  • What information is available on other indirect stakeholders?
  •  What additional means of communications are required?
  • Internal & External stakeholders
  • Global forums

 Existing programs & frameworks, e.g. RM, S&OP
 Establish the Context
  • What are the external drivers for SCRM?
  • What are the internal drivers?
  • Organisation supply chain SWOT
  • Engagement with supply partners and logistic providers
  • Streamlining with other organisation initiatives
  • SCRM champion and sponsors
  • Establish framework scope and community
  • Awareness and trust building with partners & providers
  • Agree terminology and risk criterion
 Identify the Risks
  • Operational
  • Disruptive
  • Product profiled; Raw Material profiled
  • Strategic, Business, Hazardous Operations & Compliance Risks
  • Regulatory drivers
  • Processes
  • Product integrity
  • Product families
  • Current resilience ? capacity, processes, BCM in place, engineering programs
  • Supply & Logistics multi-tier risk assessments
  • BCM impact analysis, supporting toolsets & training; Interdependency identification
  • Process robustness
  • Security programs
 Analyse the Risks
  • Consistency of analysis
  • Scoping
  • Review
  • Supply chain risk analysis
  • Business continuity risk analysis
 Evaluate the Risks
  • Existing continuities, contingencies and controls in place
  • Vulnerabilities
  • Prioritisation
  • Cost benefit
  • Integration of existing programs ? Quality, Long Range Forecasting, 3rd party manufacturing analysis, Existing Capacities, etc
  • Review of in-depth risk assessments
  • Consistency through framework
 Treat the Risks
  • Supply qualification
  • Process review and modification
  • Outsourcing and insourcing
  • Enterprise-wide BCM
  • Capacity planning
  • Supply and Demand management
  • Internalised BCM ? policy, awareness, training, toolsets, communications, planning, exercise, maintain, audit, embed
  • Supply qualification
 Monitor & Review
  • Ownership & responsibilities
  • Accountability & sign-off
  • Issue management and escalation
  • Independent Audit Committee
  • Enterprise Risk Management overview
  • S&OP
  • SCRM framework
  • Product Managers and management
  • Continual awareness program
  • Succession planning and management development