WEBVTT Kind: captions Language: en 00:00:07.440 --> 00:00:12.560 Supply chain risk management has assumed  greater priority in today’s globally   00:00:12.560 --> 00:00:19.120 interconnected supply chains in a volatile,  uncertain, complex, and ambiguous world.   00:00:20.160 --> 00:00:23.600 To see the importance of risk to supply chains,   00:00:23.600 --> 00:00:30.240 you need look no further than the three Vs.  The three Vs are core supply chain goals.  00:00:32.000 --> 00:00:36.240 Increasing visibility relates  to ready access to information.  00:00:37.760 --> 00:00:41.200 Increasing velocity relates to fast throughput.  00:00:42.720 --> 00:00:50.400 The third goal, minimizing variability, directly  relates to risk. Variability is the naturally   00:00:50.400 --> 00:00:58.160 tendency of activities to fluctuate around an  average. Similarly, risk is basically uncertainty.   00:00:59.120 --> 00:01:04.800 Both threats and opportunities are uncertain  so they are both considered types of risk.   00:01:06.080 --> 00:01:13.440 Investors and markets dislike variability and  uncertainty. They reward organizations who can   00:01:13.440 --> 00:01:20.880 minimize their downside threats even if this  reduces some upside opportunities. Having and   00:01:20.880 --> 00:01:28.400 using a sound risk management methodology is key  to reducing both variability and uncertainty. 00:01:29.520 --> 00:01:34.480 An example is the ISO 31000  Risk Management standard,   00:01:34.480 --> 00:01:42.160 which includes a process framework like this. Any organization can use this methodology because   00:01:42.160 --> 00:01:50.000 each will carefully define its risk appetite as  part of establishing the context. A risk-averse   00:01:50.000 --> 00:01:56.560 and a risk-seeking organization can use the  same process but arrive at different responses.  00:01:57.600 --> 00:02:04.560 Next, risks are identified, analyzed,  and evaluated. Identification records   00:02:04.560 --> 00:02:11.200 all known risks, and a classification helps  ensure the process is thorough. Even with   00:02:11.200 --> 00:02:17.040 this process there may be some unknown  risks that no one has identified yet. 00:02:18.880 --> 00:02:23.040 Supply chain risk categories  might include strategic,   00:02:23.040 --> 00:02:31.680 supply, demand, process, environmental, hazard,  financial, malfeasance, and litigation risks. 00:02:33.600 --> 00:02:40.800 Risk analysis starts with a qualitative assessment  of probability and impact. Both can be given   00:02:40.800 --> 00:02:48.640 percentage weights. Multiplying the probability  percentage by the impact percentage results in a   00:02:48.640 --> 00:02:55.520 percentage risk rating. Risks over a threshold  can then be given an appropriate response.  00:02:57.200 --> 00:03:03.840 For significant risks, organizations can  use the expected monetary value method. 00:03:05.360 --> 00:03:12.640 This method still uses probability times  impact, but now impact is measured in monetary   00:03:12.640 --> 00:03:20.240 units. Multiplying monetary impact by the  probability produces a risk-weighted amount.   00:03:21.040 --> 00:03:25.200 It is a threat if negative and  an opportunity if positive.  00:03:26.160 --> 00:03:32.720 For example, say a risk has a 40 percent  probability and could cost the organization   00:03:32.720 --> 00:03:40.720 200 dollars if it occurs. This would be an  EMV of minus 80 dollars, which is a threat.  00:03:42.560 --> 00:03:49.360 The cost of a risk response can be factored in  to find the net monetary impact. For example,   00:03:49.920 --> 00:03:56.880 if a response that cuts the probability  in half costs 100 dollars, then the net   00:03:56.880 --> 00:04:06.320 impact of minus 300 dollars times 20 percent  probability is an EMV of minus 60 dollars. The   00:04:06.320 --> 00:04:13.840 organization may choose to make this response  because it has a better EMV than no response. 00:04:14.400 --> 00:04:20.240 The idea is to ensure that the cost of the  response is appropriate to the given risk. 00:04:21.600 --> 00:04:25.280 A risk evaluation is the  last part of assess risks.   00:04:26.160 --> 00:04:33.760 Evaluation prioritizes risks based on  priority, impact, and needed response urgency.  00:04:34.560 --> 00:04:39.360 The result of the evaluation is a  choice of risk treatment or response. 00:04:40.960 --> 00:04:46.160 Responses include accept,  avoid, transfer, and mitigate.  00:04:47.360 --> 00:04:50.800 Accept means to do nothing  other than watch the risk,   00:04:51.360 --> 00:04:56.720 such as when there are no cost-effective  responses or the impact is negligible.  00:04:58.160 --> 00:05:02.960 Avoid means to change the plan to  eliminate the risk or its impact.  00:05:04.400 --> 00:05:10.560 Transfer involves insurance or a contractual  risk transfer to a supply chain partner.  00:05:12.000 --> 00:05:18.080 Mitigate is to take preventive actions to  reduce the probability or impact of a risk. 00:05:20.160 --> 00:05:26.320 In addition to these actions, note  how ISO 31000 also has an ongoing   00:05:26.320 --> 00:05:31.920 communication and consultation process, a monitoring and review process,  00:05:32.800 --> 00:05:35.120 and a record and report process. 00:05:36.880 --> 00:05:43.920 The main record is called a risk register, which  assigns an ID and rating to each known risk,   00:05:44.640 --> 00:05:48.560 assigns a responsible party, and tracks responses. 00:05:50.240 --> 00:05:58.000 Let’s drill down into supply risks. Supply  risks include availability, pricing, quality,   00:05:58.000 --> 00:06:06.480 supplier lead time, transportation lead time,  customs, and labor. Note how for each risk the   00:06:06.480 --> 00:06:14.400 organization has selected both a preventive and  a contingent action. The preventive action is for   00:06:14.400 --> 00:06:21.040 before the risk event occurs, while the contingent  action is for after the risk event occurs.  00:06:22.320 --> 00:06:28.880 For the quality risk, for example, a penalty  clause in supplier contracts can provide a   00:06:28.880 --> 00:06:37.440 disincentive to providing poor quality. If quality  fails to meet expectations, then the supplier can   00:06:37.440 --> 00:06:47.840 be placed on probation. We hope you enjoyed  this overview of supply chain risk management.