Serendipity

I have to admit that I didn’t find this blog all by myself. It was a recent tweet by Ken Simpson that alerted me to this blog, which I instantly put on my “to be reviewed”-list. To no avail, I am tempted to say, since Ken actually beat me to the finish line by posting his review of “Gold or Dust?” before I had the chance to do so. Anyway, a big Thank You to Ken for providing me with blog fodder.

Well, as we say in Norway, “a good thing cannot be mentioned too often”, so here it is, my own review of “Gold or Dust?”. Besides, I guess Charley doesn’t mind the publicity, or do you, Charley?

The purpose of Gold or Dust?

Charley started her blog at the very beginning of her journey towards her degree and in her first post in December 2010, explaining “Why Gold or Dust?”, she writes

I’d like to identify the characteristics of people who make great strategic leaders for resilience – both in ‘peace times’ and during a crisis and see if there are methodologies to indicate them during recruitment phases and/or train them in post-recruitment.

I think that is a very bold ambition, and it would be nice if you could pick who’s resilient  and who’s not beforehand, but I’m not so sure it really is possible. I guess I will have to read the thesis to find out.

Oh, and on a side note, and for WordPress nerds only, this really is her first post, since it still bears the “hello-world”-title in the URL a trademark of wordpress.com blogs, which by default are populated with an example post with that URL. Although Charley has changed the post title, which obviously was “Hello World” , she didn’t change the post URL (which she could have done), so in fact, this is the beginning of her blog.

Blog Highlights

Moving on, there is almost too much to pick from, but I have chosen a couple of posts that struck a chord with me. First off is a January 2011 post on Personal Resilience for Organisational Resilience, a post where she explains how personal resilience is a prerequisite for organizational resilience, with hope and optimism as important ingredients:

In a work context, particularly working in crisis operations rooms, it appears that those who deal best with the pressure are those who are confident, optimistic, and intelligent.

I thinks she has a point. Over-optimism and over-confidence is perhaps what leads to the escalation of crises, as Christophe Roux-Dufort writes in his The Devil is in the Details.

The February 2011 posts, for the most, are based on (or just referring to) articles, papers or books that she has read and that made an impact, showing a broad spectrum of resilience-related literature, among others Positive Scholarship, a book that also made an impact with me, in particular the chapter on how organizational resilience is a result of organizational learning.

While the March 2011 posts are mainly tidbits from her academic life, in Crisis management puts huge strain on CEOs she refers to a Reuters article that laments how CEOs are not trained for the many crises they may encounter.

April 2011 only saw two posts (must have been a busy or lazy month), where in Learning from Failure she featured the Harvard Business Review issue on failure and one article on how companies can fail because they don’t analyse the data from their successes. That’s an interesting view.

Her writing has picked up considerably in May 2011, and The Definition of Resilience features no less than fifteen definitions of resilience that she has found in the literature.

June 2011, like April, is a month of few posts, but I had to laugh a bit at The (Resilience) Elephant in the Room, where she ponders how organizations can build resilience if, say, their CEO (or an aspiring one, or any senior manager, to be honest) has no solid record of dealing with crisis, disaster and a great deal of general awfulness? Good question, indeed.

July 2011, busy writing and no time for blogging, but there is some gold here, namely MY definition of resilience, where she defines how she understands resilience.

More gold is found in August 2011, when she in Organisational Resilience – by the Romans writes how Rome could endure for centuries because of capture and governance strategies. I never thought of that, but it makes sense.

Books and Papers

“Gold or Dust?” also features a small section containing a list of selected academic papers on resilience and a section of selected books on resilience, many of which (both papers and books) I hadn’t heard of before, adding more burden to my already overloaded “to be read/to be reviewed”-list. Anyway, thanks, Charley.

Conclusion

I think I will simply side with Ken here, who in his review said that “This is a blog to read and enjoy as ideas are explored developed and refined. It was interesting to read it from the beginning, to see some of the evolution.“

As far as academic blogging is concerned, i.e. truly utilizing blogging for academic development, this is certainly one of the best examples I have seen. Kudos to Charley for a job well done, and I do hope that she will continue to blog even after her MSc, because it would be sad to see this blog end.

Links

• goldordust.wordpress.com: Gold or Dust?
• linkedin.com: Charley Newnham

Related post

• husdal.com: What goes into resilience?

What is resilience?

In her book Liisa Välikangas’ begins by referring to a 2003 article in the Harvard Business Review, “The Quest for Resilience” that she co-authored with Gary Hamel, and where she writes about resilience as a response to turbulent enviroments. Resilience, so the article, refers to a capacity for continuous reconstruction, and Välikangas sees resilience as a strategic much more than an operational ability.

Most importantly perhaps, she sees resilience as inextricably linked to sustainability, where true resilience can only be achieved through sustainable practices, and the book is a call for reforming resilience from a way of returning to a balanced state to a way of sustaining a balanced state. In such a state crises simply don’t occur, because they will be met and overcome (with resilience) even before they can manifest themselves.

Resilience, then, is seen as a facilitator or a catalyst for change, not as a means for quick recovery, even going further than Sutcliffe and Vogus in their Organizing Resilience, and Välikangas shows how “resilient” companies have managed the change despite the turbulence they may be in, while “not so resilient” companies have failed. Be that as it may, that is not my view of resilience.

Resilience I and Resilience II

Välikangas is aware of the popular notion of what resilience entails, namely the ability to bounce back, to make a recovery, or to persist during a crisis. This she calls Resilience II. Her new proposed notion of resilience, however, entails taking timely action before the misfortune has a chance to wreck havoc. This she calls Resilience I.

Välikangas also introduces what she calls strategic resilience, which supersedes both resilience I and resilience II, namely

the capability to turn threats into opportunities prior to their becoming either

Thus, resilience is not simply about having a highly competitive strategy; it is about the company’s capacity to benefit from unlikely events, which could have turned into threats, but instead turning them into opportunities. It is about the capacity to take advantage of serendipity, to take advantage of involuntary sagacity.

Basically then, resilience is not just bouncing back, it is skipping past something you otherwise would have had to bounce back from, perhaps a sort of preemptive resilience (the latter definition being my words, not Välikangas’). 

Operational versus strategic resilience

Välikangas draws a clear line between strategic resilience (defined above) and what she calls operational resilience, which is a defensive rather than offensive capability, and this type of resilience is seen as

the capacity to sustain threat and to accomplish accident recovery

While this kind of resilience can serve very well as the antidote for a sudden shock or jolt, it cannot combat long-lasting organizational decline, she says. That is why strategic resilience is needed, aimed at preventing the organization from falling into decline, and ultimately ensuring that crisis is averted before it can develop, as Cristophe Roux-Dufort describes in his Devil is in the Details.

Basically then, strategic resilience becomes a means for survival. Operational resilience can only sustain you for so long, and I’m temped to use a Norwegian saying here, whereby operational resilience would be described as “peeing your pants”: It’s nice and warm for a while, but it doesn’t last long.

Tests for resilience

Resilience, so Välikangas is a matter of strategy and its consequences. Resilience can only be obtained over time, by successfully applying the right strategy. Resilience is not a one-event quality, it must prove itself time and again. That is why she devised three tests of resilience:

• Competition – a company that has survived a competitive threat is by definition resilient (at that point in time).
• Legitimacy – the degree to which a company that has a legacy (history) and institutional depth (how embedded and interwoven into the society it is) determines the degree of resilience a company has.
• Toughness – a company that has experienced and overcome hardship and resource scarcity is resilient.

“Resilient” responses to future challenges

After reading the book I am compelled to rename the the title of Välikangas’ book. It should have been titled The Sustainable-Competitive Organization (or similar), because that is what it is about, to remain competitive, while at the same time being sustainable and socially responsible. Nowhere is this more apparent than in a table meant to highlight future issues:

That notion of sustainability is something that companies definitely need to consider, if they are to survive in the long term.

Critique

What does it mean to be a resilient organization? After reading this book, frankly, I don’t feel that I have come closer to an answer. While this undoubtedly is an excellent academic discourse on resilience that embraces all possible facets of the subject matter, drawing on an impressive and wide body of knowledge, it doesn’t provide a clear direction.

After reading Ted Goranson’s book on The Agile Virtual Enterprise I knew quite well what constitutes an agile enterprise; after reading Liisa Välikangas book on The Resilient Organization I don’t know equally well what constitutes a resilient organization. The book starts off well and keeps the reader engaged, but somewhere in the middle I got lost in all the sidetracks, textboxes, examples, sidebar notes, case studies and different perspectives and related terms that Välikangas brings to the table, there was just too much of it.

Välikangas brings together many ideas and thoughts on resilience that are worth pondering, but perhaps too many. Each chapter spreads out in a different direction (actually many different directions) and is a discourse in itself, where I found it hard to connect the dots between the chapters. Some even seemed completely out of context. This may be caused by some chapters or parts of chapters having been previously published as articles, and now put together to make a book, something that doesn’t always turn out well.

I know what kind of organization she wants to create, an organization that is innovative, robust, adaptable and strong, an organization that is engaged, competitive and strives for success, and maybe she is right that when an organization is all this it will also be resilient…or maybe it is vice versa, that being resilient implies the above. Maybe it’s just me, or maybe it’s just semantics, but that is not how I view resilience. In my world, resilience has a very specific and perhaps narrow definition, and I’m much more in line with the Australian view on Organisational Resilience.To me, one of the major driving forces in building resilience is adversity, and I didn’t find much of that in this book.

Conclusion

For anyone interested in a deep-dive into what business strategies that promote an enterprise that is innovative, robust, adaptable and strong, this book is highly recommended reading. It is also perhaps a book much more suited for rethinking organizational strategy towards greater sustainability than for creating organizational resilience; at least that’s what I think.

Perhaps the best way to describe Välikangas view of resilience is to take Porter’s “competitive advantage” and add “sustainable” in front, thus creating sustainable competitive advantage. That is in my opinion what the whole book is about, not resilience. Admittedly, maybe I am the one who is mistaken, and this is how resilience is really meant to be understood. What do you think?

Reference

Välinkangas, L. (2010) The Resilient Organization – How Adaptive Cultures Thrive Even When Strategy Fails. New York: McGraw-Hill

Author links

• linkedin.com: Liisa Välikangas

Buy this book

• amazon.com: The Resilient Organization

Related links

• gilbertacton.com: The Quest for Resilience

Related posts

• husdal.com: Resilient Organisations
• husdal.com: The Resilient Enterprise

Resilience redefined

The need to manage uncertainty in modern societies and economies that are complex and vastly interconnected, and that have created what many call a “risk society”, has lead to an increasing popularity of the concept of “resilience” and what resilience entails. In recent years, Yossi Sheffi and his Resilient Enterprise have emerged as one of the proponents of resilience, but he is undoubtedly not the only one, as Martin Christopher and the University of Cranfield were among the first to investigate resilience in supply chains. Now Australia has joined the ranks.

Four approaches

While applying the concept of resilience to the fundamental elements of infrastructure on which our society and economy depends is obviously imperative, the nature of the challenges critical infrastructure organisations encounter means that applying the concept of resilience is not simple and straightforward. Resilience, so the paper, is not just sound risk management, effective emergency response and crisis management, or business continuity management. Resilience expresses itself in one of four ways of how an organization approaches adversity:

• Decline
  • An organisation accepts that adversity may cause it to cease operating
• Survive
  • An organisation’s resilience objective is to exist in a reduced form after adversity
• Bounce Back
  • An organisation’s resilience objective is to regain pre-adversity position quickly and effectively
• Bounce Forward
  • An organisation’s resilience objective is to improve aspects of the organisation’s functioning  so that in adversity it not only survives but possibly gains from the situation

I find this a highly interesting perspective, and particularly the latter reflects much of what I wrote in an earlier post on Organizing Resilience, where

Resilience is the capacity to rebound from adversity strengthened and more resourceful.

It is also interesting to compare these approaches with the New Zealand Resilient Organisations project, where

Resilience is a 3-fold construct, working in a complex, dynamic and interconnected fashion depending on 1) keystone vulnerabilities, criticality and preparedness, 2) situation awareness, stemming from an assessment of the keystone vulnerabilities, and 3) adaptive capacity.

I should also not forget Asbjørnslett and his 1997 report on how to assess the vulnerability of production systems, where

A robust or resilient system is able to withstand or absorb disturbances without catastrophic failure and still persist. Robust means being able to resist an accidental event and return to the same stable situation than before the event. Resilient means being able to return to a new (often “lower”) stable situation than  before the event.

There is a distinct notion of severity in these definitions. In a business setting, the ability to survive (resilience) is much more important than the ability to quickly regain stability (robustness), something that lead me towards my own definitions of resilience, robustness, flexibility and agility.

What then does Australia view as the essential ingredients of resilience?

Resilience is frequently defined as an ability to bounce back from adversity. While this is a useful definition in many cases, and is an often-desired outcome in a critical infrastructure context, it does have limitations. This is because organisations can use times of adversity to achieve positive change – so they should be open to both the possibility for bouncing back, but also taking opportunities to bounce forward.

That is a definition that I like, and very much like resilience as adaptive transformation.

Three attributes

The REAG has also identified the behavioral attributes of resilience that fall into three categories, as they relate to:

• Leadership and Culture
• Networks
• Change Ready

Leadership and culture refers to an organization that, among other things,

• develops an organizational mindset/culture of enthusiasm for challenge, agility, flexibility, adaptive capacity, innovation and taking opportunity
• fosters an environment that supports agility, flexibility and initiative in decision making through trust, clear purpose and empowerment of employees

A lot of nice keywords here (agility, flexibility, adaptive capacity…), but not really much substance.

The next attribute, Networks, is  slight better described, and “adds some meat to the bone”, as we say in Norway. This attribute refers to organizations that, among other things,

• establishes relationships, mutual aid arrangements and regulatory partnerships
• understands its community interconnectedness and its vulnerabilities across all aspects of supply chains and distribution networks

I’m not sure how “Networks” is a behavioral attribute, since the word “Networks”isn’t even an adjevtive, but anyway…

Finally, the last attribute, Change Ready, is the attribute that fully embodies what organizational resilience really means. A change-ready organization

• promotes proactive anticipation and preparation for future challenges
• develops a forewarning of disruption threats and their effects through sourcing a diversity of views, increasing sensitivity and alertness, and understanding social vulnerability
• promotes empowered and broadly embraced organisational and individual self-efficacy, as well as enthusiasm for finding effective solutions to complex challenges
• promotes requisite decision making using both rational and intuitive abilities, and
• promotes critical reflective learning, lesson retention, knowledge sharing and continuous improvement.

These attributes, so the paper says,  can be applied to any aspect of organizational capability development, similar to the above mentioned post on Organizing Resilience.

Case studies

The second half of the paper is devoted to seven case studies and the resilience lessons these companies made:

• Case 1: the lawyers and the accountants
• Case 2: the hi-tech laboratory instrumentation company
• Case 3: the wholesaler/retailer of household products
• Case 4: the freight company
• Case 5: the communications company
• Case 6: the power station project
• Case 7: the electronic design and manufacturing company

All in all, highly interesting cases that truly showcase resilience and non-resilience.

Conclusion

There isn’t much more to say about this paper. In my opinion the Australians have hit the nail on the head here. What do you think?

Reference

REAG (2011) Organisational Resilience: A position paper for critical infrastructure. Australian Case studies. The Australian Government Resilience Expert Advisory Group.

Download

• tisn.gov.au: Organisational Resilience

Related links

• tisn.gov.au: Critical Infrastructure Resilience
• blog.vrg.net.au: Australian government position on resilience

Related posts

• husdal.com: Organizing Resilience
• husdal.com: Resilient Organisations
• husdal.com: Resilience – adaptation or transformation?

Resilience

One of my earliest posts on economic resilience is the framework developed by Adam Rose, which defines economic resilience as the inherent and adaptive responses to hazards that enable individuals and communities to avoid some potential losses. Adam Rose has also contributed to a recent paper on transportation resilience. But perhaps resilience is not something inherently present, but rather something that is acquired through organizational learning, as Kathleen Sutcliffe  and Timothy Vogus propose?

Transportation

The speedy recovery of the transportation network is imperative to the recovery of the communities struck by any disaster, as it facilitates the supply of resources needed to cope with the event. This also brings to mind an earlier post I had on the New Zealand Lifelines Engineering Project that showed how lifeline engineering is directly related to the resilience of road networks to natural hazards and how it can be integrated into road controlling authority management practices.

Human Relief

Emergency logistics, along with humanitarian logistics are key ingredients in dealing with the aftermath of the Christchurch earthquake, as the 2006 Yogyakarta earthquake showed. On a side note, Ronaldo Tomasini and Luk van Wassenhove recently wrote a book on Humanitarian Logistics that is well worth reading.

Disasters and supply chains

Disasters. The result: Damaged infrastructure. End result: Disrupted supply chains. But how do disasters really impact supply chains? In my post on on a paper researching the impact of disasters on firms in different sectors it is shown that the kind of disaster and the place a company has in the supply chain matters considerably. I’m not sure about New Zealand’s exports and whether the earthquake will have an impact on commodity prices like the Queensland flooding had on sugar prices, but it will be interesting to follow. Here is a newspaper article on some of the economic fallouts from the previous earthquake.

Community resilience

Another matter for Christchurch now will be its community resilience. In this post it is said that in order to achieve community resilience public and private owners of critical infrastructures and key resources must work together, before, during and after a disaster. That said, the good news is that New Zealand has a research project called Resilient Organisations, which aims at assisting New Zealand organisations to recover economic competitiveness after hazard events by improving their resilience. Interestingly, after the previous earthquake, Christchurch put up a special website to assist businesses and people in how to recover: recovercanterbury.co.nz.

What now?

As I said, there’s not much I can personally from here, but having lived in Christchurch myself it is heart-wrenching to see the pictures in the news. I can only hope that Christchurch once again will rise from the rubble and show the world what resilience really means.

News links

• nzherald.co.nz: Christchurch earthquake
• vg.no: Jordskjelv på New Zealand

Related posts

• husdal.com: The Christchurch earthquake (September 2010)

Resilience Taxonomy

What I found most interesting in this paper is the taxonomy of resilience measures they present. This framework is both simple and complex at the same time, but in my opinion it fully conveys what goes into resilience, and is very much based on Holling (2001), who proposed that resilience is related to three overarching concepts:  1) the vulnerability to unpredicatble shocks, 2) the resources or wealth available to a system to help it change, and 3) the internal controllability of relationships in a system, i.e. its rigidity or flexibility. Resilience has both a static and a dynamic side. The static side (A)  is made up of the system vulnerability (1), while the system flexibility  (2) makes the dynamic side (B). System wealth or system redundancy (3) sits in the middle. The underlying indices supporting these three work at three levels: macro (a), meso (b) and micro (c):

While the taxonomy above bears the hallmark of the US Transportation Security Administration, I have been unable to find it anywhere on their homepage or any of their online publications. Maybe my readers can help?

Transportation system resilience strategies

The article also list some possible strategies for achieving transportation systems resielience, taken from theWiley Handbook of Science and Technology for Homeland Security:

Conservation is maintaining service with fewer inputs (e.g., railroad cars, employees) on the supply side or doing with less transportation on the demand side.

Input substitution is shifting input combinations or transportation modes to achieve the same function or level of productivity

Inventories include both emergency stockpiles and ordinary working supplies of production inputs for both the transportation system and for economic activities dependent on transportation.

Excess capacity refers to idle plant and equipment. A special case is redundancy that refers to back-up systems that do not increase productive capacity, but rather compensate for damaged capital (e.g., multiple tracks).

Relocation is changing the site of business activity in terms of travel routes or end-user sites.

Resource unimportance refers to the portion of business operation that can continue without a critical input like transportation.

Import substitution is importing resources from other regions. This might be imports for the transportation system itself or the employment of the transportation system in doing so.

Export substitution refers to selling goods to other regions that cannot be sold otherwise to local customers.

Technological change allows for easier manipulation to restore function, to increase production, change hours of operation, and to respond to altered service demands.

Production recapture refers to working overtime or extra shifts to catch up on lost production or service.

Logistics refinement refers to reducing impediments to the delivery of goods and services.

Removing operating impediments involves debris removal and related complications, and streamlining paperwork for insurance claims and government assistance.

Management effectiveness refers to skills that promote restoration, repair and reconstruction.

Speeding restoration refers to a range of options such as alternative means of access to repair sites and incentive contracts.

Input substitution, import substitution, inventories, as above, also speed restoration, but pertain to materials and labor needed for repair activities rather than normal production operations.

Many, but not all of thes strategies can be found in the resilience taxonomy above.

Resilience metrics

The authors provide a crude mathematical definition of resilience.

Adapting an established definition, direct static economic resilience (DSER) refers to the level of the individual firm or industry, and can be operationalized as the extent to which the estimated direct output reduction deviates from the likely maximum potential reduction given an external shock:

DSER = (%ΔDY^m – %ΔDY) / (%ΔDY^m)

where, %ΔDY^m is the maximum percent change in direct output, %ΔDY is the estimated percent change in direct outputIn essence DSER is the percentage avoidance of the maximum economic disruption that a particular shock could bring about. The above can readily be adapted to transportation resilience in the narrow sense by reinterpreting the economic output changes as transportation journey changes.

On a side note, this definition of resilience stems from the previous work of Adam Rose, whose work has been presented on this blog almost three years ago, when I posted an srticle on how to define and measure economic resilience. While used to define transportation resilience in the article above, I do believe that this could be readily adapted to supply chain resilience as well.

UK Transport Network Resilience

For comparison I suggest to look at a report on the network resilience and adaptation of the transportation network in the UK, using completely different metrics. Interestingly, some of the metrics used there stem from some of my own earlier research on transportation reliability and vulnerability, and which I thought that no one would ever use.

Reference

Cox, A., Prager, F., & Rose, A. (2011). Transportation security and the role of resilience: A foundation for operational metrics Transport Policy, 18 (2), 307-317 DOI: 10.1016/j.tranpol.2010.09.004

Author links

• linkedin.com: Andrew Cox
• linkedin.com: Fynnwin Prager
• usc.edu: Adam Rose

Related posts

• husdal.com: Network Resilience and adaptation

Not a dull moment

Amazingly, I did not have a dull moment where I felt like skipping a page or two when reading this book. The starting point is that every company has its unique customer value proposition, be it Zara’s high end fashion at a reasonably price or Wal-Mart’s everyday low pricing, but

No firm can compete successfully on all dimensions of customer value, such as innovation, choice, price and experience. Management needs to pick its goals, since operations and supply chain strategies, the market channel, or even the skill sets required to be successful depend on the specific value proposition.

That is perhaps where many firms fail, as no firm can be extremely efficient and compete on price and at the same time be extremely responsive and compete on a wide range of choices. It is simply not possible, as companies tend to be either highly efficient or highly responsive, but not both.  Simchi-Levi, however, shows how to match value propositions and strategies, and how to achieve the best possible tradeoff between efficiency and responsiveness.

33 rules of operations

The book takes on a very unique approach that I haven’t seen before: The book is built around 33 rules that cover all possible aspects of supply chain operations and management, and that are placed throughout the eleven chapters of the book, hence the title. Many of these rules stem from anecdotes and examples of companies that failed or succeeded in their efforts. These stories are at the heart of this book, a book that is about  the principles, frameworks and processes that enable the aligning of a company’s specific customer value proposition with its operations strategy.

In the first part, the book first looks at how customer value proposition translates into operations strategy, and then, how a firm can match products and markets with the appropriate strategies. Here, procurement and supply contracts, if used well, can turn into competitive weapons, and risk mitigation is highlighted as an important element of operations strategy.

In the second part, flexibility is presented as the key enabler for successful supply chain operations, that is flexibility in system design, flexibility in process design, and flexibility in product design. System design flexibility refers to manufacturing, distribution or capacity redundancy. Process design flexibility would include a flexible workforce, worker cross-training, lean manufacturing and different procurement strategies. Product design flexibility includes modular product architecture, standard components and interfaces, postponement and component substitution.

The final and third part of the book addresses two important emerging trends: oil price volatility and corporate social responsibility. Here, Simchi-Levi shows that the latter is much more than simply charity, philanthropy or compliance with environmental regulations, and making the supply chain greener. In fact, corporate social responsibility can be a considerable revenue opportunity that many companies tend to overlook.

Risk Sources

It is perhaps not fair to judge the importance of a chapter by its length, but fact is that the chapter on risk mitigation is 30 pages, while most other chapters are 15-17 pages, and it is not because this chapter is full of figures. It is, but so are the other chapters, too. To me this is a clear indication that Simchi-Levi sees risk mitigation as an integral part of operations and supply chain management.

Indeed, current industry trends correlate directly to the rising risk levels in the supply chin. As offshoring and globalization  of manufacturing operations continue to grow, supply chains are geographically more diverse and therefore exposed to various types of natural and man-made disasters.

These thoughts are very similar to what appears in Martin Christopher’s book on supply chain management, but where Christopher only scratches the surface, Simchi-Levi goes further. Interestingly, Simchi-Levi divides risk sources along two dimensions: Known-Unknown and Controllable-Uncontrollable.

Popularized by George Rumsfeld, the Unknown-Unkowns are risks that are difficult to predict, while the Known-Unknowns are more likely be forecasted based on statistical data, e.g. supplier lead time or time between equipment failures.

Risk Assessment

While the traditional way of assessing risk is by evaluating predictability and expected impact, Simchi-Levi  discards the former in favor of controllability, since in the end the ability to control is more important than the ability to predict. Consequently, he suggests that management needs to develop risk mitigation strategies that depend on the expected impact on business performance.

This is very similar to what Stephan Gundel suggests in his typology of crises, albeit Gundel still uses predictability, but uses controllability as his second dimension, albeit prefers the term influenceable to controllable.

Risk Mitigation

According to Simchi-Levi, there are three strategies that a firm can employ to manage supply chain risk, particularly the Unknown-Unknowns:

1. creating capacity redundancy,
2. increasing velocity in sensing and responding, and
3. adding flexibility to the supply chain.

Together, these methods create a resilient supply chain, as each method focuses on a different supply chain dimension. Capacity redundancy needs to be built in at the design stage, speed in sensing and responding requires accurate and timely information, and a flexible supply chain community requires partners that embrace flexibility, work towards the same objectives, and are willing to share the costs and benefits.

Using Mexico based CEMEX as an example, Simchi-Levi illustrates the benefit of rule #1 integrate risks into operational and business decisions, showing how CEMEX regards risk management as core competence, as described by Lessard and Lucea (2009). Rule #2 supply chain cost is always flat around the optimal strategy points to capacity redundancy and the issue of tradeoff when looking at where to locate manufacturing plants, as seen in Snyder and Daskin (2005). Finally, rule #3 invest now or pay the price later, is the classic example of how Nokia and Ericsson and how  two different supply chain strategies lead to two very different impacts resulting from the same supply chain disruption.

Simchi-Levi also touches briefly on managing global supply chain risks, suggesting speculation, hedging and flexible manufacturing and sourcing as key ingredients here, and describes them in a clear and concise manner. While speculation takes a certain scenario for granted, which may or may not come true, hedging speculates both ways and may incur a loss in one place, while being a success in a different place. Flexible manufacturing and sourcing allows for moving products and processes to the location that is most cost-efficient, regardless of external circumstances, e.g. currency fluctuations.

The last part of the chapter on risk mitigation strategies deals with an important issue: counterfeit products. Globalization, for all its good, has also increased the chance that counterfeit products may enter the supply chain somewhere along the complicated and long way from the supplier to the end customer, Simchi-Levi discusses what can be done. He suggests four main strategies for supply chain security management: 1) Supplier selection (choosing only authorized dealers), 2) Marking (e.g. only visible in UV-light), 3) Barcodes, 4) RFID and 5) Taggants, which must be evaluated based on 1) their ability to protect public health and safety, 2) their cost and implementation time, 3) their track and trace capability, 4) their scalability, and 5) whether they can provide logistics efficiencies or not.

The advantages and disadvantages of the various technologies suggests that the appropriate approach to counterfeit products depends on product, industry and level of sophistication expected from an adversary.

Conclusion

Simchi-Levi is a true well of knowledge as far as supply chain management is concerned, and it shows. Not only are his rules based on a plethora of examples and anecdotes of firms that succeed or failed in their risk management, the examples themselves have a broad scope, in geography, in impact and in industry. Someone (i.e. Simchi-Levi) has done their homework with this one. There is hardly a point made that is not followed by an example, e.g. CEMEX or Nokia/Ericsson. I find that very impressive, and it also shows the universal  applicability of this book, and the risk chapter has made me rethink the structure of my 2011 lecture on supply chain risk, and perhaps I will use Simchi-Levi this year, and not Christopher Tang’s nine robust strategies for mitigating supply chain disruptions? This is a book I can wholeheartedly recommend, and this is not the last time it will be featured on this blog, because I have yet to present the chapters on flexibility and on corporate social responsibility, which along with risk mitigation are my favorite parts of this book.

Reference

Simchi-Levi, D. (2010) Operations Rules: Delivering Customer Value Through Flexible Operations. Cambridge: MIT Press.

Author link

• mit.edu: David Simchi-Levi

Buy this book

• amazon.com: Operations Rules

Official book website

• operationsrules.com: Operations Rules
• operationsrules.com: Download sample chapter

Related link

Supply-side only

It must be said that this article looks exclusively at risk sources on the supply side of the supply chain. While this is perhaps a small limitation as to the number and direction of possible risk sources, it is often the possible disruptions on the supply side that causes most concern, not the demand side. .

Supplier – supply market – supply chain

The supplier risk source consists of potential problems associated with a specific supplier, its management, and systems. Supply market risk sources entail potential problems that exist with the supply market in general – not necessarily only with a specific supplier. The extended extended supply chain risk sources consist of characteristics associated with sourcing from suppliers in locations that are a far proximity to the buying firm’s operations. No less than 14 items were examined, grouped into factors related to the individual supplier, the supply market and the extended supply chain.

The factors listed below were ranked on a 1 to 5 scale by the respondents with a question like: “When making sourcing or supply chain management decisions (for a certain product), to what extent are you are you concerned about said factors, which may contribute to supply chain risk?”, where 1 is “not at all concerned” and 5 is “extremely concerned”.

Supplier

• Ineffective management in the supplier firm
• Financial instability or financial failure of supplier
• Supplier’s incorrect interpretation of requirements
• Incoming product quality problems
• Labor/management porblems at supplier
• Problems in electronic sharing of information (EDI, ERP)

Supply market

• Lack of alternative suppliers
• Inability to influence suppliers
• Inability of suppliers to meet significant increases in required volume

Extended supply chain

• Transportation disruptions in inbound supply channels
• Variability in transportation times in inbound supply chains
• Political instability affecting suppliers’ operations
• Natural disasters affecting suppliers’ operations
• Long distance between company and supplier

The factors above are listed in order of response significance, suggesting that

• Ineffective management in the supplier firm
• Lack of alternative suppliers
• Transportation disruptions in inbound supply channels

are the most important risk factors

Flexibility and redundancy

On the resilience side, flexibility and redundancy are seen as key drivers or contributors for resilience. Personally, I would want to include adaptive capacity and organizational learning as well, albeit for the supply side alone, flexibility and redundancy are perhaps sufficient enough? The factor flexibility consists of auditing supplier processes, monitoring supplier financial conditions, and certifying suppliers. In contrast, the items loading on the second factor, redundancy, includes using dual or multiple supply sources, ensuring excess supplier capacity exists, having supply continuity plans in place, requiring suppliers to report disruptions, and having suppliers hold inventory to prevent stockouts.

The factors listed below were ranked on a 1 to 5 scale by the respondents with a question like: “To what degree do you use said practices specifically to manage supply chain risk for a certain product”, where 1 is “not at all” and 5 is “very high”.

Flexibility

• Audit suppliers’ internal systems and processes
• Monitor the financial condition of suppliers
• Supplier certification program

Redundancy

• Dual or multiple supply sources
• Ensure that excess supplier capacity exists to handle unplanned increase in demand
• Supply continuity/contingency plans
• Require supplier to immediately report disruptions regardless of (little or large) impact
• Require supplier to hold inventory to prevent stockout

The factors above are listed in order of response significance, suggesting that

• Audit suppliers’ internal systems and processes
• Dual or multiple supply sources

are the most important flexibility and redundancy factors

Research model

According to the authors, one purpose of the study is to investigate the relationship between management perceptions of supply risk and the frequency of experiencing the effects of supply disruptions, that is, whether supply management professionals’ judgements about risk stemming from various  risk sources on the supply side are accurate and in fact materialize in disruptions.

H_{1 a – b} Supply management professionals perceiving risk from (a) suppliers, (b) supply markets, and (c) extended supply chains, experience the effects of supply disruptions more frequently.

The other purpose of this study is to investigate whether the use of various supply chain resiliency practices serves a moderating role in reducing the frequency with which buying firms experience the effects of supply disruptions.

H_{2 a – b} Supply management professionals that create supply chain resiliency through (a) flexibility and (b) redundancy in response to risk perceptions, experience the effects of supply disruptions less frequently.

The figure below illustrates the research model and the hypotheses.

And what did they find?

Results

One interesting finding in this study is that supply management professionals’ perceptions of risk from extended supply chains are negatively associated with disruption occurrence. In other words, the more at risk you think you are, the less often do you experience disruptions. Reason: If you consider yourself at risk, you are more likely to engage in proactive measures to reduce the probability of disruptions.

The authors also find that the supply resiliency practices of flexibility and redundancy do not moderate the relationship between the perceived risk from suppliers and disruption occurrence, and that the supply resiliency practice of flexibility does not moderate the relationship between perceived supply market risk and disruption occurrence. Disruptions occur, and neither flexibility nor redundancy can prevent them from happening. However, as they note, the biggest benefits to creating resiliency with flexibility appear to come from the risk that exists from extended supply chains. The constant monitoring of suppliers can uncover “hidden” problems that may exist when sourcing from far-off locations.

Pursuing supply chain resiliency through redundancy moderates the risk perceived from the supply market on disruption occurrence, while flexibility was not found to moderate the relationship between supply market risk and disruption occurrence. So redundancy works with a supply market, but not flexibility, or at least not to the same degree.

Reference

Zsidisin, George, & Wagner, Stephan (2010). Do Perceptions Become Reality? The Moderating Role of Supply Chain Resiliency on Disruption Occurrence Journal of Business Logistics, 31 (2), 1-20

Author links

• bgsu.edu: George Zsidisin
• ethz.ch: Stephan Wagner

Read online

• findarticles.com: Do Perceptions Become Reality?

Critique

This article excellently highlights some of the supply-side risks that supply chain managers concern themselves with. While I agree with the second hypothesis, I found the argument of the first hypothesis a bit puzzling at first. That said, they did prove it wrong, and it is true that perceived disruption risk and actual disruption risk are often far from each other. On a sidenote, the article by Ellis, Henry and Shockley (2010) provide another interesting article on buyer perceptions of supply disruptions risk. I am also struggling with the factors used to describe flexibility. Admittedly, a supplier certification program may make it easy to switch

ISO 28000 series

News about ISO 28002 have been circulating on the web for some time now, and continuitycomliance.org wrote about ISO 28002 already more than a year ago. Interestingly, the ISO 28000 is listed under “ships and marine technology” on the ISO website. Given the fact that much of today’s global trade is done by cargo ships circling the global in a complex pattern, this is not surprising, and maritime security is important in ensuring timely deliveries of goods and supplies. Nonethless, the ISO 28000 series standards are applicable to all modes of transport, air cargo included, and the recent bomb packages found on cargo planes highlights that supply chain security is not something that should be easily ignored.

The ISO 28000 series consists of

• ISO 28000,
  Specification for security management systems for the supply chain
• ISO 28001,
  Best practices for implementing supply chain security – Assessments and plans – Requirements and guidance
• ISO 28002,
  Development of resilience in the supply chain
• ISO 28003,
  Requirements for bodies providing audit and certification of supply chain security management systems
• ISO 28004,
  Guidelines for the implementation of ISO 28000
• ISO 28005,
  Electronic port clearance (EPC), part 1 and part 2

This post will look at ISO 28002 only.

SCOR-SCRM

The first thing that strikes me when I open ISO 28002 is a figure showing the framework for resilience management in the supply chain. It is the same global environment perspective that is used by the Supply Chain Council in their Supply Chain Risk Management framework based on the SCOR model. Moreover, it is not even referenced as being related to the SCOR framework, even though it is the exact same figure.

Terms and definitions

As with all standards, there is a list of terms and definitions, so let just cite the most useful:

Supply Chain

A supply chain is a linked set of resources and processes that begins with the sourcing of raw material and extends through the delivery of products and services to the end user across the modes of transport.

Simple and straightforward.

Resilience

Resilience is the adaptive capacity of an organization in a complex and changing environment. Resilience also describes the capability of an organization to prevent or resist being affected by an event or the ability to return to an acceptable level of performance in an acceptable period of time after being affected by an event. Resilience means the capability of a system to maintain its functions and structure in face of internal and external change and to degrade gracefully when it must.

Interesting…especially the last notion of degrading gracefully. Adaptive capacity has been covered in previous post on this blog.

Security

Security is the condition of being protected against hazards, threats, risks, or loss.

Interestingly the standard does not differentiate between safety and security. More puzzling perhaps is this on the ISO website: “The ISO 28000 series of International Standards specifies the requirements for a security management system to ensure safety in the supply chain” (emphasis by me). A bit contradictory maybe, because security and safety are two very different animals in my opinion.

Resilience management process

The resilience management process follows the well-known quality principles of Plan-Do-Check-Act, as seen in the figure below:

• Understand the organization’s risk, security, preparedness, response, continuity and recovery requirements (Mind you, ALL need to be covered).
• Establish risk management policies and objectives.
• Implement and operate controls to mange the risk within the objectives.
• Monitor and review the performance and effectiveness of the resilience management system.
• Improve continuously

Resilience policy statement

Adopting the standard requires an organization to produce a resilience policy statement. The policy must

• include a commitment to employee and community life and safety as the first priority,
• include a commitment to continual improvement,
• include a commitment to enhanced organizational and supply chain sustainability and resilience,
• include a commitment to adaptive and proactive risk minimization,
• include a commitment to comply with applicable legal requirements and with other requirements to which the organization subscribes, and
• determine and document the risk tolerance or readiness to bear risk

A couple of things are worth noting here. The first bullet point puts the employees’ well-being ahead of anything else, something Alex Fullick hightlights in his book, Heads in the Sand. It is also interesting to see supply chain sustainability being part of supply chain security. And unsurprising, security is best achieved through proactive mitigation, not reactive response.

Internal and external resilience

ISO 28002 emphasizes the differences between internal and external parameters, as these two perspectives require different scope and criteria for risk management, i.e. risk assessment objectives, risk and recovery criteria, risk treatment processes.

Resilience comes from within an organization, but the test for a company’s resilience is more often than not created by external forces.

Conclusion

There is a strong demand for standards and best practices when organizations are seeking assurance that their suppliers and the extended supply chain have planned for, and taken the necessary steps to prevent and mitigate the threats and hazards to which they are exposed. Only this way can can resilience in the supply chain be achieved. Or was it resiliency? The standard seems a bit undecided as to which word to use as both appear throughout the publication. A standard should try to adhere to one form, in my opinion, especially since it defines resilience, but not resiliency. That said, do we need yet another standard? Alex Fullick thinks there are two many standards already, because if a corporation does choose to follow one (set of) standard(s) it may be missing out on another perspective (subscribed to by the other standards) and have an area that is lacking the attention it deserves. Maybe, so he says, there really cannot be a standard that completely addresses every aspect, and maybe that is why there is always a new one that is developed. As far as ISO 28000 goes, I think that is a needed standard.

Link

• iso.org: ISO/PAS 28002

A brief encounter

Actually, David found me before I found him. After finding my blog he contacted me last Spring me and offered me a copy of his book for review, which I gladly accepted. He must have enjoyed my review of Managing Risk and Resilience in the Supply Chain very much, because the publisher decided to link to it from the official book page. We exchanged a couple of e-mails over my review, but then it all went quiet. Now I know why.

Public sector supply chain

In one of his e-mails he said that he was working  on a paper on supply chain exposures within the public service and local authorities in particular, with Zurich Financial Services sponsorship, and it was on Zurich Financial’s website that I learned of David’s passing. I had a link to his homepage from my book review, and today I noticed that the link wasn’t working. Using Google I found David Kaye’s biography at the Zurich website, telling me of his much too early death. He must have had time to finish the paper, though, because it can be found at the Zurich website, and it is a paper well worth reading.

The wine we never drank

In his last e-mail David said that

I look forward to meeting you one day and putting the world of supply chain risk to rights over a coffee or a glass of wine!!”

It’s a pity we never got around to doing that, but I will think of David the next time I sit down to enjoy a glass of wine.

Links

• husdal.com: Managing Risk and resilience in the Supply Chain
• bsigroup.com: Managing Risk and Resilience in the Supply Chain
• zurich.com: Public sector supply chain: risks, myths and opportunities

The components of resilience

Resilience. A key ingredient in supply chain risk management. Also a key ingredient in logistics risk management, as my recent book review of Risicomanagement en Logistiek points out. In that book the authors apply a framework with three types of resilience to logistics management in order to show what goes into the making of a resilient enterprise. This resilience framework splits resilience into cognitive resilience, behavioral resilience and contextual resilience, which must all come together for resilience to emerge, and is referenced in the book as taken from this article. When I wrote my review of the book above I had not yet read the article itself, so my understanding of the three types of resilience came from the book alone, so here is the full review of the source.

Adapation

The notion of adaption implies that organizations adapt to uncertainty and surprise changes by taking deliberate, intentional and rational steps to regain equilibrium, as championed by Chakravarthy (1982), who proposed a framework of adaptive fit, with three states: unstable fit, stable fit and neutral fit. An unstable fit comes as a result of a defensive strategy towards the change, while a reactive strategy fosters stable fit, and a proactive strategy that looks ahead and anticipates many possible changes promotes neutral fit. The fit assumes that the environment shifts from one state of equilibrium to another, and that the organization is able to adapt to this. However, increasing supply chain complexity and a highly dynamic global business world is not stable, it is turbulent, and demands a new way to managing supply chain network risk: robust transformation.

Transformation

Robust transformation, so the authors say, is defined as

a deliberately transient, episodic response to a new, yet fluid, environmental condition.

Like adaptive fit, robust transformation enables a firm to accommodate the level of complexity displayed in its environment, and it enables a firm to capitalize on environmental changes in ways that create new options and capabilities. But it does not trigger the firm’s immune system response, to use the authors’ own words.

Three responses

Environmental change invokes three responses in organizations:

• First, an implementation of (new) routines in response to change
• Second, routines result in an organizational change
  • adaptive fit
  • robust transformation
  • reinforcement of established organization
• Third, organizational change results in performance consequences, short-term and long-term

The authors stress that there is no one right or wrong response here; the type of environmental change and duration of environmental change is what should determine which way to respond.

Routines and Complexity

Organizational routines are instrumental in how environment complexity and environmental changes are handled by firm. Three main options exist:

• Routines that disregard complexity, where habitual patterns override any attempt at actively managing complexity, by withdrawing from and avoiding change or by escalating committment and continue on the initially set course until it fails.
• Routines that reduce complexity, where organizations  seek adaptive fit by emphasizing order and stability, by regulating interactions and relationships and by limiting differentiated interpretations of the environmental change and how to respond to it.
• Routines that absorb complexity, where organizations maintain a broad repertoire of options and enough action flexibility to create effective and contingent responses.

The first is perhaps a sort of see no evil, hear no evil, do no evil, “ignore it and it will go away” kind of response. Unfortunately, this sort of risk management by ignorance or avoidance is not unheard of in supply chain management. The second probably works well as a quick response getting back to business as usual as soon as possible. The third requires a company that takes comfort in chaos and that thrives in an environment of creativity and continuous organizational learning, something that in itself promotes organizational resilience, as I wrote about in a previous post.

Performance Consequences

Each type of environmental change and organizational (pre-)conditions and the resulting response leads to different performance outcomes. Success is only possible with the right response, under the right conditions, matched with the right change, as illustrated in the figure below:

Resilience capacity

This is the final part of the article that sums up the what is said above, and here the three components of resilience capacity that I described in my review of Risicomanagement en Logistiek are detailed:

• Cognitive resilience
• Behavioral resileince
• Contextual resilience

The first is what enables an organization to notice, interpret, analyze and formulate appropriate and ingenious responses beyond mere survival. The second is what enables a firm to learn about a situation and what moves a firm forward in a collaborative manner. The third is what provides the setting for using the previous components and is marked by deep social capital and a broad network of resources.

Resilience capacity, according to the authors, is learned. It is developed and honed over time, with every new change the firm encounters and successfully (or unsuccessfully, i.e. learning from failures) resolves. Most importantly, resilience capacity will lead the company to correctly judge the proper response to environmental change: complexity absorption and robust transformation for temporary or perpetual change, and than adaptive fit for skipping from one equilibrium to the next.

Conclusion

When looking into supply chain risks and how organizations should face these risks, which is the main topic for this blog, organizational change is indisputably one issue that should be considered. Resilience has grown to become they key ingredient in supply chain risk management. However, supply chain resilience does not come from looking at the supply chain alone; changing routines and processes cannot create resilience.   As Ken Simpson wrote in one of his most recent posts on developing resilience,

Culture and structure are important starting points in creating the environment for resilience. Creating the environment to become resilient requires engagement at strategic levels and as part of overall organisational development.

Resilience can only come from an inner transformation of the whole organization. I think today’s article has a lot to offer and supply chain management and logistics can benefit a great deal from including social and organizational sciences in their thinking, as James Stock already said in 1997.

Reference

Lengnick-Hall, C. (2005). Adaptive Fit Versus Robust Transformation: How Organizations Respond to Environmental Change Journal of Management, 31 (5), 738-757 DOI: 10.1177/0149206305279367

Author links

• utsa.edu: Cynthia Lengnick-Hall
• uncc.edu: Tammy E Beck