The Case for Supply Chain Audits

A Call to Action - Quantify vulnerabilities, prescribe options to mitigate risks; how to audit, analyze and deal with supply chain vulnerability

A Call to Action - Quantify vulnerabilities, prescribe options to mitigate risks; how to audit, analyze and deal with supply chain vulnerability

August 25, 2006 — Terrorism, civil wars, dock strikes, attacks on oil fields in Saudi Arabia, potential pandemic, last year's disastrous hurricanes and the ongoing threat of political, social and economic instability around the world have exposed U.S. firms to more than $300 billion in supply chain disruptions, according to a recent study by Aon Trade Credit.

Initiatives to minimize supply chain costs and increase responsiveness, including narrowed supply networks, single sourcing, manufacturing consolidation in less stable countries and other cost-cutting has unintentionally exposed corporations to higher risk.

Executives are increasingly aware that corporate risk has been exacerbated by the hallmarks of globalization: long supply chains, worldwide competition, regional instability, changing government regulations, shifting trading blocks and longer lead times. Because of this risk, many knowledgeable observers are predicting that supply chain certification may come to be required as part of Sarbanes-Oxley compliance.

Action Gap

Every chief executive, operating and financial officer should be demanding a comprehensive supply chain risk audit and a corresponding set of mitigation strategies immediately, not waiting for a successful attack, pandemic or another natural disaster.

AberdeenGroup mentions in a recent white paper that 82 percent of companies are concerned about supply chain resiliency to disruptions, but just 11 percent are actively managing this risk. This action gap is one of the greatest weaknesses of current corporate global supply chain strategies; it threatens business continuity and erodes gross margins.

Corporations need to be aware of what happens when something unexpected occurs within the supply chain. Not only is there the loss of cost of goods, but also indirect costs such as the time delays and labor involved in reordering, re-receiving, restocking, remanifesting and reshipping those goods.

Manufacturers pay higher prices to cancel or re-route just-in-time materials or parts for manufacturing. Customer satisfaction suffers and costs escalate from late delivery penalties. Inventory shortages shut down production lines and halt distribution — for you or your customers.

A Vital Concern

When companies estimate losses due to a disruption in the supply chain, the costs and benefits of alternative restorative action must be considered — through rigorous supply chain design alternatives that consider the costs and benefits of each alternative action. In this way, companies are prepared to address disruption through a well-coordinated plan. When top management is committed to proper preparation, proactive planning permeates throughout the entire organization. These plans guard the bottom line and customer satisfaction.

In the last five years, supply chain vulnerability has risen from an obscure topic, scarcely worthy of serious discussion, to a vital concern of senior executives responsible for preserving corporate continuity. Existing vulnerability practice and literature today focus only on the certification of what would better be termed reliability of primary suppliers and outsourced manufacturing, as well as that of upstream components of their own supply chains. These are important concerns, but they constitute a small fraction of a comprehensive vulnerability analysis.

Companies should perform a supply chain audit that identifies where supply chains may be vulnerable, the strengths and weaknesses of the supply chain, where response programs are weak, where safeguards or alternative sources are missing. A supply chain vulnerability audit is a three-step holistic process that encompasses the entire supply chain, starting with a company's customers and the products they purchase, then working back to the uppermost tier of raw material suppliers. The result is a plan for resiliency in the form of right-sized and strategically located facilities with flexibility for the supply chain, thereby "hardening" it against disruption.

Action Plan

The three steps in this process involve:

  1. Education — Case study examples, given by experienced strategic supply chain planners, quickly establish first principles, dispel false tribal wisdom, define concise business terminology and provide an overview of risk categories and mitigation methods.

  2. Audit — Experts gather data for all components of a supply chain: commodity types (raw materials, intermediate products and finished products), customers, channels and facilities (suppliers, manufacturing locations, distribution center locations, cross-docking operations, ports), then identify critical elements, specific categories of exposure and existing contingency plans, if any, for each such component. This step delivers a complete, clean-sheet view of a global supply chain not available from existing business systems, such as enterprise resource planning (ERP) or execution systems.

    These types of questions are answered within the audit process:

    • Can we operate the business after a disaster? If not, what must we do to get back into operation as quickly as possible?

    • Can we secure customer orders? Inventory? Transportation modes? Supplier alternatives?

    • Are our physical plant and warehouse facilities secure and structurally sound? If not, what are alternative plants, warehouses or other locations we can use?

    • Is power available? What alternatives do we have?

    • What can we do if we have computer, equipment or telecommunications failures?

    • What happens if we lose key staff to an epidemic, medical emergency, bomb threat, toxic gas spill or release, hostage situation or labor strike?

    • How do we protect and preserve our corporate assets?

    • How do we ensure the safety of employees? Drivers?

    • If there are transportation problems, how can we deliver products? What happens in the roads are closed? What alternative routes or modes of transportation can we use?

    • Does our corporate insurance policy cover disasters?

  3. Prescriptive analysis finds how and where to make affordable changes. This step identifies the most cost-effective enhancements to harden a supply chain. Specific analyses for a given supply chain are defined by the audit. Techniques generally fall into the categories of critical commodity analysis, critical customer analysis, critical location analysis and short-term crisis response analysis. Using sophisticated supply chain modeling tools, the cost and service effects of various loss scenarios can be quantified, ranked, then prescribed in detail for the supply chain design modifications that are required to mitigate the risks.
To make the supply chain more resilient, businesses need to do more than just think about the problem; they must prepare to act effectively. Companies need to empower supply chain managers to meet the new security mandates with a combination of management commitment, strategic supply chain planning exercises, and efficient procedures and processes.

Additional Articles of Interest

— Scared yet? Try reading these articles warning of looming threats to the supply chain:

Supply Chain Security: Is Your Company Complacent or Engaged? - Imminent terrorist attacks or no, your competitive advantage demands that you secure your company's supply chain.