SME Risk Management

Small and medium-sized enterprises (SMEs) make up the majority of enterprises in most countries, and thus often play a considerable role in supply chains, yet they often lag behind in implementing effective risk management practices. For SMEs, the establishment of a risk management system is essential to their survival and their business continuity, and a potential supply chain partner may also want to assess the proper implementation of a risk management system before engaging in a relationship. That is why Thomas Henschel wrote Risk Management Practices of SMEs. Evaluating and Implementing Effective Risk Management Systems, where he provides precise recommendations for the implementation of an effective risk management in SMEs.

From a PhD…

The book is based on the research and the survey of German SMEs that Thomas Henschel undertook for his PhD thesis, and it is a book not only for SMEs, but also for banks, government agencies and management consultants to rate and evaluate risk management systems on a common basis. The book presents a scoring approach, which looks at how the SMEs use (or not use) the following components:

  • business planning
  • balanced scorecards and similar instruments
  • risk management process
  • risk management organization
  • project risk management

Based on the survey, and based on the typology developed by Miles and Snow (1978),  companies were classified as

  • reactors
    • a company that simply reacts to whatever occurs, without a clear strategy
  • defenders
    • a company that competes on price and only slowly gives in to change
  • prospectors
    • a company that competes on product and is open to innovation and rapid change
  • analyzers
    • a company in between the two above

This is a very interesting framework and reminds me of the fact that I have yet to read Miles and Snow (1978), a classic I seem to have missed in my own literature searches on risk management.

…to a research project

Thomas Henschel has written several papers on risk management in SMEs:

He is also a leading researcher in the SME at risk research project, based at Napier University, UK.

Risk Categories

In the book, Henschel uses the following classification of risks in direct and indirect risks:

This is slightly different from, but very similar to the SCOR supply chain risk framework.

Do SMEs increase risk?

In a paper from 2004, previously reviewed on this blog, Peter Finch looked at SMEs and supply chain risk and asked the question “Does having SMEs in your supply chain constitute an increased exposure to supply chain risk?”. The answer:

Many SMEs are not used to or trained in wide-ranging risk assessments to the same degree as large corporations are, and corporate supply chains my thus increase their exposure to risk by taking in SMEs, who in turn increase their own risk exposure to risks that are essentially outside of their control. However, all SMEs are capable of understanding and appreciating their own set of risks, and the risks they bring into the supply chain, as well as the overall corporate risks and the role they play in the wider perspective, if this is communicated clearly enough.

That is perhaps somewhat ambiguous at best and Thomas Henschel has taken the matter further. If you would like to know more about logistics challenges and supply chain risk in Germany in general, I suggest reading this book chapter about Risikomanagement in der Supply Chain – Status Quo und Herausforderungen aus Industrie-, Handels- und Dienstleisterperspektive.


The book is a PhD thesis, relies heavily on theory, and is not a handbook for risk management, unlike say, Risk Management Simplified by Andy Osborne, which is a dive straight into it recipe book for risk management in SMEs. That said, what fascinates me about Thomas Henschel’s approach is nonetheless his solid theoretical foundation.


Henschel, T. (2008). Risk Management Practices of SMEs: Evaluating and Implementing Effective Risk Management Practices. Berlin: Erich Schmidt Verlag.

Author links

Publisher link

Buy this book

Related links

Related posts

Read online

Tags: , , ,
The six ways of dealing with risk
Classic risk management literature acknowledges four ways of dealing with risk after establishing a [...]
Fragility and sustainability: emerging research areas?
Should short-term loss-minimization and short-term profit maximization really be the driving force b[...]
Adaptation versus Transformation
Many businesses believe themselves to be nested in a stable environment and are confounded when thin[...]
Is Dynamic Supply Chain Alignment the way of the future?
Dynamic Supply Chain Alignment. That is the magic formula that runs like a red thread through John G[...]
Security and continuity of supply
Aah...the intricacies of the English language. Not supply (chain) security, but the security of supp[...]
Risk Management in Maritime Transportation Networks
This week’s focus are risks in the maritime supply chain, and today's article introduces a new metho[...]
Managing supply chain risk
In September and October 2009 the Economist Intelligence Unit surveyed 500 company executives with r[...]
A Decade of Living Dangerously
Do you remember the movie The Year of Living Dangerously with Mel Gibson? Topically unrelated maybe,[...]
Analysing road vulnerability in Norway
How does the Norwegian Public Roads Administration NRPA assess the vulnerability of the Norwegian ro[...]