SME Risk Management

Small and medium-sized enterprises (SMEs) make up the majority of enterprises in most countries, and thus often play a considerable role in supply chains, yet they often lag behind in implementing effective risk management practices. For SMEs, the establishment of a risk management system is essential to their survival and their business continuity, and a potential supply chain partner may also want to assess the proper implementation of a risk management system before engaging in a relationship. That is why Thomas Henschel wrote Risk Management Practices of SMEs. Evaluating and Implementing Effective Risk Management Systems, where he provides precise recommendations for the implementation of an effective risk management in SMEs.

From a PhD…

The book is based on the research and the survey of German SMEs that Thomas Henschel undertook for his PhD thesis, and it is a book not only for SMEs, but also for banks, government agencies and management consultants to rate and evaluate risk management systems on a common basis. The book presents a scoring approach, which looks at how the SMEs use (or not use) the following components:

  • business planning
  • balanced scorecards and similar instruments
  • risk management process
  • risk management organization
  • project risk management

Based on the survey, and based on the typology developed by Miles and Snow (1978),  companies were classified as

  • reactors
    • a company that simply reacts to whatever occurs, without a clear strategy
  • defenders
    • a company that competes on price and only slowly gives in to change
  • prospectors
    • a company that competes on product and is open to innovation and rapid change
  • analyzers
    • a company in between the two above

This is a very interesting framework and reminds me of the fact that I have yet to read Miles and Snow (1978), a classic I seem to have missed in my own literature searches on risk management.

…to a research project

Thomas Henschel has written several papers on risk management in SMEs:

He is also a leading researcher in the SME at risk research project, based at Napier University, UK.

Risk Categories

In the book, Henschel uses the following classification of risks in direct and indirect risks:

This is slightly different from, but very similar to the SCOR supply chain risk framework.

Do SMEs increase risk?

In a paper from 2004, previously reviewed on this blog, Peter Finch looked at SMEs and supply chain risk and asked the question “Does having SMEs in your supply chain constitute an increased exposure to supply chain risk?”. The answer:

Many SMEs are not used to or trained in wide-ranging risk assessments to the same degree as large corporations are, and corporate supply chains my thus increase their exposure to risk by taking in SMEs, who in turn increase their own risk exposure to risks that are essentially outside of their control. However, all SMEs are capable of understanding and appreciating their own set of risks, and the risks they bring into the supply chain, as well as the overall corporate risks and the role they play in the wider perspective, if this is communicated clearly enough.

That is perhaps somewhat ambiguous at best and Thomas Henschel has taken the matter further. If you would like to know more about logistics challenges and supply chain risk in Germany in general, I suggest reading this book chapter about Risikomanagement in der Supply Chain – Status Quo und Herausforderungen aus Industrie-, Handels- und Dienstleisterperspektive.


The book is a PhD thesis, relies heavily on theory, and is not a handbook for risk management, unlike say, Risk Management Simplified by Andy Osborne, which is a dive straight into it recipe book for risk management in SMEs. That said, what fascinates me about Thomas Henschel’s approach is nonetheless his solid theoretical foundation.


Henschel, T. (2008). Risk Management Practices of SMEs: Evaluating and Implementing Effective Risk Management Practices. Berlin: Erich Schmidt Verlag.

Author links

Publisher link

Buy this book

Related links

Related posts

Read online

Jan Husdal is an engineer turned researcher turned engineer again and he is now a Resilience Adviser with the Southern Region office of the Norwegian Public Roads Administration (Statens vegvesen Region sør) in Arendal, Norway,

Tags: , , ,
Categorization of Supply Chain Risk
In chapter 2 in Supply Chain Risk by Claire Brindley, there is a framework for assessing and positio[...]
Importance and Exposure – Measures of Vulnerability?
Today I am presenting a paper from an old friend of mine. Well, "friend" is perhaps a slight exagger[...]
Supply Chain Turbulence
We are living in turbulent times. So are our supply chains. Nonetheless, the standard tenets of supp[...]
Book Review: Political Risk
Egypt is in crisis. After Tunisia, now Egypt is rocked by a popular uprising, and the outcome of the[...]
Book Review: Managing Supply Chain Risk and Vulnerability
Another book by someone from the ISCRiM group? No, not this time, or perhaps, yes, after all. Managi[...]
Supply Chain Continuity
Many business owners will have come across the term business continuity, and many supply chain owner[...]
Supply chain vulnerability: an invisible global risk?
Supply chain disruption - a global issue? All companies and governments dependent on external suppli[...]
The supply chain of the future
A recent report by IBM, referenced by Supply Chain Digest in IBM Lays Out its Vision for the Supply [...]
Global Risks 2008 - A prediction come true
In my post on Hyper-optimization and supply chain vulnerability: an invisible global risk? I highlig[...]