Supply chains are the lifeblood of retailers, distributors and manufacturers, yet threats abound all over the world. With globalization making supply chains longer and more complex, the risks keep increasing.
Terrorism has been the major focus (and cost) of supply chain security since 9/11, even though those threats to supply chains are remote. There are more immediate and disruptive threats more likely to impact supply chains — for instance, Hurricane Katrina, the toy recalls, the Minneapolis bridge collapse. In fact, a recent beef recall forced a nationally known meat company out of business.
Properly securing supply chains goes beyond mitigating risk; it also makes them more flexible and efficient. A 2006 study by Stanford University, the National Association of Manufacturers and IBM found that improvements in supply chain security led to:
- 38 percent reduction in theft, loss, or pilferage
- 12 percent increase in reported on-time delivery
- 14 percent reduction in excess inventory
- 49 percent reduction in cargo delays
- 29 percent reduction in transit times
That's why companies should change the traditional thinking of supply chain security as a necessary evil and instead think of it in terms of the bottom line. While natural and man-made disasters cannot be eliminated, companies can plan for them and mitigate the risk.
The keys to securing global supply chains are visibility to products at suppliers, in-transit and throughout the distribution network, as well as the ability to immediately take action when disruptions occur. Here are six steps companies can take to secure their global supply chains:
Step 1. Identify the Threat — A company must first understand which threats it is most susceptible to, the likelihood of these disruptions affecting the supply chain and the potential impact to its business. There certainly is no lack of threats — terrorist attacks, natural disasters, pandemics, and recalls, as well as theft, counterfeiting and organized crime, just to name a few.
A company should first consider those threats most likely to occur in its supply network and those that would have the greatest impact on its business. An oil company with major refineries along the Gulf Coast would be most concerned with hurricanes and terrorist attacks. A food company would fear product contamination. A pharmaceutical company's main concern would be counterfeiting. Theft might be the biggest problem for retailers.
In order to prioritize potential threats, a matrix should be set up that has the likelihood of occurrence along one axis and severity of impact along the other. A company should start working with those threats scoring highest on both axes and work its way down. This process likely overlaps corporate risk assessment efforts, so leverage this information to ensure supply chain and corporate goals are aligned.
Step 2. Create a Disruption Map — Once key threats are identified and prioritized, it is important to evaluate where they most likely could occur. A "disruption map" overlays these threat locations onto the global supply and distribution network to see where a company is most vulnerable, highlighting the areas of greatest impact. Threats do not typically affect supply networks evenly, so steps taken to secure the supply chain will vary based on the threat and location.
The flip side to this analysis is to identify opportunities. If a company manufactures or sells products in high demand before or after a natural disaster, a surge strategy quickly stocks high-demand items in stores and nearby distribution centers, generating additional revenue as well as great PR. Planning alternate distribution routes is critical here.
Step 3. Design Security and Recovery Plans — Mitigating risk reduces the opportunity for threats to impact the supply chain, while carefully planning responses to threats a company cannot control minimizes the impact and aids quick recovery.
To prevent threats from significantly harming a business, companies must think in terms of redundancy. When examining the disruption map, companies should look for alternate ways to source, ship and distribute products so no link in the chain becomes a chokepoint — and a major liability — during a disruption.
Creating this redundancy does not necessarily mean added cost. In many cases, multiple suppliers, carriers and distribution centers are already part of the supply chain. Plan alternatives and get agreement from all parties ahead of time to be flexible and handle surges in volume. Adding additional suppliers or carriers may also spur competition, leading to lower prices, innovation and improved service.
Disruptions can affect the supply chain no matter how well a company plans because so many things are beyond its control. Recovery plans can get networks back to normal quickly and efficiently. They should define alternate supply sources, rerouting of supply and distribution lines, and movement of people, equipment and supplies into affected areas. Where disruption events can be forecast (i.e., hurricanes or blizzards), pre-staging equipment and supplies speeds their deployment into impacted areas.
Security and recovery plans should be written out in detail and agreed upon by all parties involved, both internally and externally. If a company doesn't do this, the chances of reacting effectively in a crisis are minimal.
Step 4. Leverage Technology — Technology is critical to securing global supply chains, providing visibility to products and assets across extended networks so companies can immediately take action.
The technology making this possible is the same technology making supply chains more agile and efficient. A number of different, yet integrated technologies are discussed in the accompanying story (see sidebar), showing how they can secure and improve supply chain operations. They include network-wide visibility, asset management, transportation and global trade management, demand forecasting, quality assurance and recall, and workforce management applications. By more effectively leveraging existing technology, operations become more agile, efficient and resilient, and better able to quickly recover from disruptions.
Step 5. Test, Test, Test — Periodically testing security and recovery plans is the only way to know whether they will actually work when a real disruption occurs. Many companies hold emergency response drills that simulate disasters and test the procedures for evacuating injured and other personnel, but few simulate the impact on supply chains.
A thorough testing program simulates disruptions and defines benchmarks for recovery processes. Separate test plans should be developed for each disruption scenario. It is important to accurately simulate each disruption's impact on inventory, physical plant, people and external parties.
There are two stages to testing. First, conduct well-communicated, controlled tests to walk the organization and third parties through the process. This identifies gaps in the plan and gets everyone comfortable with reacting to each scenario. Then conduct surprise tests to see how the plan — and people — hold up under pressure. Without surprise tests, a company doesn't know how well it will react when a real event occurs.
Depending on the extent of the test, a company may want to let customers know ahead of time just in case the test results create temporary glitches in delivery. Many customers will accept this small risk if they understand it means a company will be better able to serve them during a disruption. Others will not and the test plan will need to work around them.
Step 6. Reevaluate Risks — Supply chains are never static, and neither are the threats. It's critical to reevaluate potential disruption scenarios and supply chain operations regularly to ensure security and recovery plans reflect and support operations as they and the environment change over time.
During this reevaluation, a company may want to move down the list of potential disruptions to begin addressing the next tier of threats not covered earlier. Over subsequent loops through this six-step process, a company can leverage previous work to build ever-broader coverage of potential threats, further reducing risks. This creates further supply chain efficiencies, turning these efforts into a de facto continuous improvement program.
These six steps mitigate as much as possible the risks these threats pose to a supply chain. They also make the supply chain more agile and efficient, turning security from a necessary evil to a source of greater efficiencies positively affecting the bottom line.
SIDEBAR: How Existing SCE Systems Secure Supply Chains
Here are some supply chain execution (SCE) applications you may already have that can help secure and improve supply chain operations:
Network-wide Visibility
A centralized database, containing detailed information on all products and assets at suppliers, in-transit around the globe, in distribution centers, and at customer sites, is best stored in an SCE suite, which includes a warehouse management system (WMS). The WMS provides a completely accurate view of all inventory through a Web-based communication tool. That gives immediate visibility into products at suppliers, warehouses and distribution centers. This visibility not only allows companies to source and ship from alternate sites during a disruption, but it also enables them to more efficiently source orders during normal operations.
Visibility to products in-transit and those shipped to customers should be provided by a transportation management system (TMS). This tool provides Web-based communication with carriers, forwarders and customers for a picture of inventory in motion. The WMS and TMS should be integrated for a single view of inventory across the supply network that provides knowledge and flexibility during disruptions, but also improves customer communications and service.
Asset Management
By tracking and monitoring mobile assets, companies can better track and protect the products inside of them from theft, damage and tampering. There are a number of technologies that can help with this surveillance, such as sensors and RFID tags in trucks or shipping containers.
Asset management software merges the data from these tools into information through role-based dashboards, giving a near real-time view of the assets and products in motion. Companies can take action immediately when movements or conditions depart from accepted norms. This combination of visibility and action helps secure the supply chain from threats such as contamination, spoilage, theft and terrorism, and also enables companies to quickly divert product to other destinations to recover from disruptions.
Transportation and Global Trade Management
Existing transportation and global trade management systems can plan and execute alternate routes to move product around or into affected areas before, during and after major disruptions. This may involve alternate routes, shipping modes, ports, carriers and supplier locations. The key is to plan alternatives ahead of time. Agreements should be reached with alternate sources or carriers, so when a disruption occurs, companies can hit "go" instead of the panic button.
Demand forecasting
Companies should examine the magnitude of the impact on demand of various types of disruptions. For example, a Category 2 hurricane may raise demand for plywood 50 percent while a Category 5 one may raise it 150 percent.
Companies need to isolate demand factors within the local area impacted by a disruption. Traditional demand forecasting systems aggregate demand to forecast production requirements. They lack the specificity to analyze local demand surges associated with disruptions.
It is better for companies to use forecasting models incorporating point-of-sale and store inventory data so they can understand and simulate the demand impact of various events. Integrated store operations and supply chain systems can now conduct this analysis. By integrating local store information with historical patterns, these systems forecast the appropriate inventory levels to prepare for, and respond to, disruptions.
QA/Recall
Today's SCE systems create virtual quarantines of products so they can be shipped directly from production. Since the system knows exactly where the products are and places holds on them until all QA processes are complete, companies can allow inventory to flow through the network. The system prevents products on hold from being shipped to customers until all holds are released.
However, tainted products are still getting through. When recalls occur, products must be recovered quickly and accurately. The key is in knowing exactly what products (by batch or lot number) were shipped to which customers, so only the tainted lots are recovered. The difference in effort, expense and damage to brand image between a general recall and a laser-targeted recall is huge. Today's SCE systems can track this; a few can even assist with the recall.
Workforce Management
Prevention and recovery plans must contain contingencies for addressing the human aspects of the supply chain. Workforce management (WFM) solutions greatly assist in recovery planning and execution. They use historical information, order demand data and labor standards to plan and schedule workforce requirements during both normal and disrupted operations. This lets management know exactly how many workers with which skills are needed to fulfill orders in normal operations (which increases efficiency and service) and in recovering from a disruption event.
The WFM solution should also identify where fulfillment operations can be temporarily moved, as well as the associated labor cost. Preferred methods that define the optimal way to do each task and learning management systems also help new and alternate workers get up to speed quickly.
