Risk in supply networks – seeing it all, or not?

It is practically impossible to write a paper on supply chain risk without citing Risk in supply networks by Christine Harland, Richard Brenchley & Helen Walker (2003). Why? Because it delivers a holistic take on risk, risk management and supply chains, and an excellent discourse on types of risk, sources of risks and descriptions of risk. Particularly, it relates risk to loss and consequences, and looks at how the increasing trend of product/service complexity, e-business, outsourcing, and globalization affects risks in supply networks.

The evolution of supply chains

I used the paper myself, when writing my book chapter on Managing Risk in Virtual Enterprise Networks, although not so much for the risk definitions. What I found interesting is that Harland et al. describe three different stages in the evolution of supply chains, the In-house model of the 1980s, the Focused model of the 1990s, and the Virtual model of today, where many of a company’s supply activities are now completely outsourced and where the once core activity of manufacturing has been outsourced to contract manufacturers. Albeit not a full Virtual Enterprise Network, Harland’s virtual model carries many hallmark signs of a Virtual Enterprise Network, where supply networks become ever more complex, dynamic and fast-changing webs of relationships. But let us return to Harland et al. (2003) and the discussion of risks.

Types of risk

Harland et. al apply a corporate or enterprise-wide perspective when discussing types of risk, since, as they put it

academia lags behind business that now views risk in a much broader way  […] therefore, we summarise various aspects to provide a multi-perspective, broader view of risk

The list (below) is taken from several authors. Interestingly, none of these authors are strongly related to Supply Chain Management.

• Strategic risk
  • Affects business strategy implementation
• Operations risk (M)
  • Affects a firm’s internal ability to produce and supply goods/services
• Supply risk (M)
  • Adversely affects inward flow of any type of resource to enable operations to take place
• Customer risk (M)
  • Affects likelihood of customers placing orders
• Asset impairment risk
  • Reduces utilization of an asset and can arise when the ability of the asset to generate income is reduced
• Competitive risk
  • Affects a firm’s ability to differentiate its products/services from its competitors
• Reputation risk
  • Erodes value of whole business due to loss of confidence.
• Financial risk (M)
  • Exposes a firm to potential loss through changes in financial markets or defaulting debtors
• Fiscal risk (M)
  • Arises through changes in taxation
• Regulatory risk (M)
  • Exposes the firm to changes in regulations.
• Legal risk (M)
  • Exposes the firm to litigation with action arising from customers, suppliers, shareholders or employees

Seven of these 11 definitions (marked ‘M’) are taken from the same newspaper article , written by Lisa Meulbroek and printed in the Financial Times in 2000. While there is nothing wrong with citing newspaper articles, particularly if written by distinguished scholars, the down side is that it makes it practically impossible to access and verify the references (Sidenote: I did have some additional difficulties tracking down ‘Lisa Meulbrook’, until I realized that Harland et al. – and various other authors – have cited the name wrong, it’s actually spelled ‘Meulbroek’, and normally I would consider a mispelling a surefire sign of not having read a reference at all).

Unfortunately, there is no discussion of the types of risk, only a list, and not surprisingly, considering that Meulbroek is the main reference, an (over-)emphasis on strongly finance-related or business-related risk. However, in  a strategic perspective this is absolutely right, albeit it does deviate from the supply chain views views of, say,  Christopher, Peck and Jüttner.

Risk and Loss

Harland et al. use Mitchell’s definition of risk (R) as the product of the probability (P) of a loss (loss) and the significance or impact (I) of the loss, related to an event n (n):

R_n = P(loss)_n x I(loss)_n

Based on this, they define 6 kinds of losses:

• Financial loss
• Performance loss
• Physical loss
• Psychological loss
• Social loss
• Time loss

Again, as with the types of risks above, they are not discussed much further.

Risk assessment

The risk assessment uses two questions:

1. How likely (probable) is it that an event will occur?
2. What is the significance of the consequences and losses?

This is similar to Paulsson’s DRISC model, who uses the risk triplets employed by Kaplan and Garrick. Note that risk does not depend on the consequence as such, but on the significance of the consequences. Not only that:

The first question can be divided further. The likelihood of an event occurring depends partly on the extent of the exposure to risk and partly on the likelihood of a trigger that will realise the risk.

This discussion is similar to the division of risk into risk sources, drivers and consequences as seen in  Jüttner, Peck and Christopher (2003).

Risk management

What I find worth highlighting is the view on risk management that looks beyond the mere technical and operational:

Risk management, therefore, has to be holistic in its approach  and accept that multiple approaches are required if risk is to be avoided. Modern risk management should incorporate scenario planning and use of expert panels and Delphi studies, in addition to prediction through statistically based forecasting methods.

Risk in supply networks

As Harland et al. rightly point out, there have been a variety of different focuses in research into risk management in purchasing and supply, but little  in supply networks. What their model attempts to capture is the relationship  between increasing complexity and dynamism in supply networks and the  resulting increased risk. In essence what it comes down to in supply  networks, is mutual risk and benefit sharing, according to the type of collaboration within the network.

Risk tool  for supply networks

The tool for managing risks in supply networks is seen in the figure below, and consists of six steps. Obviously, this tool cannot work alone, for one company only. It has to be applied in a joint effort with the partners in the supply network.

Copyright note: The figure is taken from the article.

The steps are:  1) Mapping the supply network, 2) Identifying the risks, 3) Assessing the risks, 4) Managing the risks, 5) Forming collaborative networks, and 6) Implementing the risk management strategy. Now, take a look at Manuj and Mentzer, 5 years later, does it look familiar?

Finally

As the authors note,

Supply networks are undoubtedly becoming significantly more messy units of analysis to deal with. The tangled up changes that cause the dynamics of supply networks to be complicated to understand, also impact on risk. Whilst there has been substantial research attention to date on risk and on supply networks, there has only been limited empirical research on risk in supply networks.

That was 6 years ago. Certainly, globalization and intertwining of supply relations have not become less since then. My personal observation is that supply networks, not individual supplier relations, supply networks rather than individual companies are increasingly becoming the unit of analysis. From a management perspective, this is “seeing it all”, and Helen Peck’s article on Reconciling supply chain vulnerability, risk and supply chain management is a step in the right direction.

Reference

Harland, C. (2003). Risk in supply networks Journal of Purchasing and Supply Management, 9 (2), 51-62 DOI: 10.1016/S1478-4092(03)00004-9

Author links

• bath.ac.uk: Christine Harland
• warwick.ac.uk: Helen Walker
• linkedin.com: Richard Brenchley

Related links

• Jerry Larson: How vulnerable is your revenue stream?

Related

• husdal.com: Supply Chain Management as seen from Space