cpo event - louis ferretti, what every procurement professional should know about supplier &...
TRANSCRIPT
photo of the "Ital Florid by NASIM4248
© 2015 IBM Corporation 1
What Every Procurement Professional Should
Know About Supplier & Supply Chain Risk
Louis Ferretti, Project ExecutiveProduct Environmental Compliance and Supply Chain Social Responsibility Programs
… and How to Uncover, Assess,Manage and Mitigate Supplier and Supply Chain Risk
Celtic Manor Resort Wales June 17 - June 18, 2015
RISK is one of the SIX mega-trends impacting enterprises around the world
• Managing market and political uncertainty is more complex than ever
• Accelerating global shifts pose new risks; resiliency/responsiveness differentiate
• Evolution to a holistic view of risk management
• Risks can be hedged through intelligence
Ris
k
Com
ple
xit
y
IBM Chief Supply Chain Officer Study Identified The Top Five Challenges
Risks, both operational and financial, is the #2 concern of supply chain executives worldwide
Supply chains have become increasingly more global and complex, bringing with them greater challenges and risks
• Japan earthquake / tsunami• Thailand Flooding• Hynix China Fire• Philippines Typhoon• Thailand State of Emergency/Martial Law• Ukraine Political Unrest• Russian Sanctions• Gaza Bombings• Greece Euro
• Manage risks within the extended supply chain based on continuous risk assessment
• Utilize a collaborative and structured approach • Reduce vulnerability, increase resiliency and
ensure supply continuity via mitigation planning
Risk Management SystemRisk Management System
RiskAssessment
RiskAssessment
Risk Mitigation Planning
Risk Mitigation Planning
On-going Risk
Monitoring and Control
On-going Risk
Monitoring and Control
1. Globalization Redefined2. Technological Progress3. Population Migration
4. Risk Complexity5. Sustainability Imperative6. Informed Customer
Major factors affecting the enterprise today
Managing Risk is an imperative for Business Continuity Planning
2
Business Continuity Planning & Supply Chain Risk – An Overview
2
3
External Environment
SeniorLeadership
Approval andOwnership
Business Strategy
Operational Model
Financial Model
EmergingRisks
Lo
wM
ed
ium-L
ow
Me
diu
m-Hig
hH
igh
HighMedium-HighMedium-LowLow
Sample
Sample
Sample
Sample
Sample
Sample
Sample Sample
Sample Sample Sample
Sample
Sample
Sample
Sample Sample
Sample
Sample
Sample
Lo
wM
ed
ium-L
ow
Me
diu
m-Hig
hH
igh
HighMedium-HighMedium-LowLow
Sample
Sample
Sample
Sample
Sample
Sample
Sample Sample
Sample Sample Sample
Sample
Sample
Sample
Sample Sample
Sample
Sample
Sample
Impa
ct
Likelihood
Reputation
Board / Audit Committee
Review
Relationship with critical suppliers:Ability to manage the end-to-end supply chain, including the dependency on critical suppliers
Risk Management Competitive Advantage
Enablement
EffectivenessProgram
and Practices
LeadershipReport Communicate
Monitor Implement
ExternalResearch
ExecutiveInterviews
A systematic approach to Identify, Assess and Address risk Enterprise-wide view Focus on both hazards and missed opportunities Improve business results and drive competitive advantage
IBM has developed a robust Risk Management program – and Supply Chain risk management is an important focus area
3
IBM Enterprise Risk Management
Supplier Failure
Currency
Political
Fuel Costs Social Responsibility
Intellectual Property
Attrition Rates
Labor Disputes
Labor Costs
EnvironmentalRegulatory Compliance
Product Safety
Taxes
ResponsivenessBrand Impact
Geophysical
4
Supply Chain Risks
Cyber Security
4
5
How “Risky” is the Supply Chain ?
Supply chain failures continue to be the top concern for US and Canadian business leaders. …
The CHUBB Multinational Risk Survey finds that
….. Businesses cite supply chain failure as the top concern. …
……[only] 56% of the companies report having a business continuity plan.. … The lack of continuity plans … is disturbing
From Inside Supply Management – June/July 2014 Global Trends – news in a changing world
5
6
Initial and On Going Risk Compliance – to legal and internal policies
Ethics, Bribery and Corruption
Import / Export & Embargoed Country Restrictions
Environmental, Product Safety, Electromagnetic Compatibility (EMC)
Chemical Management and clean up
Quality and defective products reporting, corrective action and recalls
Diverse business relationships
Data security
Sustainability and code of conduct
Financials
Supply chain risk / business continuity planning
7
- successfully uncover and manage supplier and supply chain risk
Well defined “on boarding” check list and tool
Risk profile assessment
Documented process, line ownership and management system
Data base / tool to house data and perform computations
Impact / likelihood weighing algorithm
Risk ranking methodology
Mitigation and business continuity plans
Real time alerts
Experienced cross functional, multi cultural core team
Key ingredients necessary to
Setting the Context
Executive Direction
c. 2009
….. will initiate a broad piece of work to evaluate the risks in our extended supply chain….. will prioritize based upon known or anticipated issues.
The gas supply …. Israeli situation …. ongoing issues in Thailand …..effects of a lower economic growth rate on political and social stability And many other risks including but not limited to transportation
costs/climatic/political/economic/social/environmental/health, etc...
…. globalizing our supply chains have introduced additional risks
8
2 x year complete Supply Base Assessment Country / Hub / Supplier / Supplier Site / Commodity
External and Internal Market Intelligence
Real Time Alerts Critical elements of the Supply Chain for Countries,
Hubs, Suppliers, Sites, Commodities External and Internal Market Intelligence
Additional Market Intelligence Feeds and Actions White Paper, Advisories, Weekly Reports Bi-Weekly Updates to the Management Team Quarterly Briefing to IBM‘s Chief Risk Officer Central Repository (aka community) for all Risk Related Topics
External Data Source focusing on selected growth market countriesand hubs Providing specialized alerts
External Data Source Provider searching upstream supply chain, e.g. Conflict minerals, rare earth metals
9
Highlights - Risk Process and Management System
Our objective is not to eliminate risk, because without risk there is no progress.Instead it is to ensure we can manage and mitigate risks.
SocialListening
MarketIntelligence
Socialand
EnvironmentalLeadership
BusinessAnalytics
Supplier Total Risk Tool & ProcessSupplier Total Risk Tool & Process
RiskAssessme
nt
RiskAssessme
nt
Risk Mitigation Planning
Risk Mitigation Planning
On-going Risk
Monitoring and
Control
On-going Risk
Monitoring and
Control
• Comprehensive risk assessment• Ongoing mitigation
Protections against loss of revenue and profits by minimizing likelihood and severity of supply chain disruption
SolutionSolution
ISC Risk Management ToolsISC Risk Management Tools
Managing market and political uncertainty is more complex than ever
Risks can be hedged through intelligence and holistic view of risk management
1. Incorporating key information about global supply chain from market intelligence communications
2. Augmenting existing information not available via current market intelligence processes
3. Listening for sentiment and trends for critical items and events
• IBM Outstanding Innovation Award
• Patent for impact likelihood algorithm
• CSCMP finalist for Supply Chain Innovation Award
10
Uncovering and Managing Supplier / Supply Chain Risk
Key Benefits Key Benefits Recognition Recognition
• Uncovers multiple risks, assesses likelihood & impact of each• Addresses risks with formal mitigation plans• Provides consistent risk management approach across
brands/commodities• Trends and patterns are revealed by systematic risk analysis
Risk Mitigation Plans(via Lotus Notes database)
Plans formulated to address identified risk
Plans reviewed and approved by management
Supplier Financial Risk Assessment (SFRA) Tool
Supplier-Site & Pandemic Questionnaires
CommodityLead
Council Lead
Supplier & Commodity Questionnaires
Country & Hub Questionnaires
Market Intelligence
External Data Source Provider
External Data Source Provider
Country & Hub Questionnaires
Country & Hub Questionnaires
Cognos Business Intelligence Reporting• Risk ratings by … Country Hub Supplier Supplier Site Commodity
Reports Generated … - Global View - Supply Chain Report - Questionnaire Report -
Cognos Business Intelligence Reporting• Risk ratings by … Country Hub Supplier Supplier Site Commodity
Reports Generated … - Global View - Supply Chain Report - Questionnaire Report -
Risk Identified
Inpu
t via
file
impo
rt
Questi
onna
ire
Questionnaire
Questionnaire
Total Risk Assessment Tool(Determines Risk Rating for
combination of all entities and risks)
Business Continuity Planning Supplier Assessment Ratings
Complemented byReal Time Alerts from External Data Source Provider– anytime, re. potential disruption threat
Supply Chain SocialResponsibility Audit Compliance Reference
11
Total Risk Tool and Process Landscape
Categories Supplier Site Supplier Commodity Country Hub
Pandemic
Disaster Production Stoppage, Pandemic related
Raw Material related
War and Civil Unrest related
Shut Down related
Communication & Cooperation
Environment & Natural Hazards
Economic / Financial
HR
Infrastructure, Logistics & Energy
Labor & Health Includes Pandemic
Political, Legal & Social
Product & Market Requirements
Quality
Security
Strategic Importance
12
Categories and Types of Risk Evaluated
Supplier Risk Assessment
0.000%
10.000%
20.000%
30.000%
40.000%
50.000%
60.000%
70.000%
80.000%
90.000%
100.000%
0.00% 20.00% 40.00% 60.00% 80.00% 100.00%
L
I
y = 1 / (10 * (x + 0,05)) + 0,1 y = 1 / (10 * (x + 0,20)) - 0,1 Supplier
High Risk
Medium Risk
Low Risk
Imp
act
Likelihood
13
Impact / Likelihood Assessment
Real time alerts from External Data Source Provider of specific aspects as events unfolded provided an assessment damage and how quickly supply could be restored
Based on tool out put, immediately knew number of suppliers in Japan, which categories affected (e.g. commodities, logic, memory) and what tier supplier impacted
Able to immediately contact suppliers and understand- Extent of damage- Whether in exclusion zone or not- Ability to produce / maintain measure of supply continuity- Supplier contingency plans- Mitigation Actions (e.g. moving manufacturing to alternative locations)
Can look for supply continuity down through multiple levels of supply chain where IBM has qualification / sourcing relationships with sub tier suppliers - Through use of related tool and process
12-24 hour head start in securing supply and implementation of mitigation actions
14
2011 Japan Earthquake / Tsunami and Thailand Flooding - Demonstrated value of tool and process
Case Study
Likelihood Impact Model Risk = Probability of Risk Event x Impact to Business Heat Map with modified Thresholds Thresholds set to capture 10 – 15% High Risk Supplier
~95%+ Spend Coverage ($6 bn) ~450 High to Low Impact Suppliers
~2400 Supplier Site-Commodity Combinations Main driver Component and Memory
Subtier Supplier include certified Fab locations Differentiation between Fab, Assembly and Test
Components, Logic, Microcomponents, test
~ 60 Commodities Tracked From finished Boxes to Assemblies to Chip Families
~50 Country and Regions Tracked All Growth Markets covered
~50 Key Transportation Hubs Tracked ~ Main Country Entry and Exit Transportation Points
15
Factoids
Past (examples) Bangkok Political Unrest 2009 / 2010 Russia – Ukraine Gas Dispute 2009 / 2010 Japan Tsunami and Reactor Melt Down 2011 Thailand Flooding 2011 / 2014 Super Typhoon Haiyan – Philippines 2013 Hynix Wuxi, China DRAM plant fire 2013 Thailand State of Emergency 2014 Ukraine political unrest 2014 Madagascar hurricane 2014 Chilean earth quake and tsunami 2014 Mexico City earth quake 2014 WTO ruling and China Appeal re. Rare Earth Metal ruling
Export of ore restrictions 2014 Continued Focus on Youth Unemployment in Europe
Youth Unemployment trigger to Social Unrest 2013/5 Russian Sanctions 2014/5 Vietnam roits against Chinese businesses 2014 Thailand Martial Law/New Regime 2014 Ukraine 2014/5 Argentina Bond Repayment 2014 Greece and EU 2014/5 Korea/Hong Kong MERS 2015
Source http://www.abc.net.au/news/2014-01-10/fresh-protests-at-rio-expulsions2c-demolitions/5193272
Source http://en.wikipedia.org/wiki/Typhoon_Haiyan
16
Assessment of Major Risk Events
Supplier Sourcing Consider Supplier Risk in Sourcing Process Use as decision support tool to award
business
Business Continuity Planning Consider BCP Readiness into Supplier Risk Inadequate BCP Readiness require Mitigation
Action to Improve Risk Score
Risk of Flooding Multiple input parameters like topography,
historical weather pattern, soil type, ... Selected Countries GPS tagging of Supplier Location Publicly Available Data Maps Views provided to Sourcing teams
Use of Mobile Communication (under development)
Bi-directional Communication with Suppliers Share Risk Events
17
Pro-Active Elements of Risk Management
18
Real time order status visibility and exception alerts Credibility and reliable
information Increased customer
satisfaction levels
Effective supplier collaboration Reduced inventory levels
and operations cost Improved sharing of
demand information and collaboration
Intelligent Operations & Resolution Center
Key Benefits
IBM
Client
BusinessPartners
Suppliers
Improved visibility into finished goods inventory Better service level
commitments Order status
notifications
Transparent operations management Issues / risks identification
and correlation to assess impact to supply chain
Next best action initiation Alert / exception driven
(mobile & web) model Single version of truth
Transparent Supply ChainCloud SocialAnalytics Mobile
TSC Functions
Mobile App for alerts
Global Level KPIs with drill downs
Geo spatial & other visualizations
Our vision is to create the most transparent supply chain in the world: predictive, social, real-time, and global
Transparent Supply Chain – Geospatial Map Alerts- Possible Supplier/Supply Chain Opportunities for Disruptions
22
World Wide Risk Events 2014
23
21
Risk Rover using Watson Content Analytics (WCA)
Project funded via IBM internal ISC Venture Captial Sole Supply Chain Project nominated in 2015 for Extreme Blue™ Extreme Blue™ is IBM's incubator for new Talent and Technology Analyse Climatic Risk Events using WCA utilizing
– Social Listing
– Analytics & Big Data
– Mobile
– Cloud
Top Talent Interns selected to support 12 week event IBM Risk Team consists of technical and business Mentors Project’s 3 Objectives
– Minimum - Proof of Concept Validation
– Target - Expand to additional predictive analytics
– Stretch - Expanded into Watson Q&A type insights
Predicting Risk with Certainty
Domain:Risk team receives many reports and updates re. threats (man made and natural) that can impact supply continuity. Most do not come to fruition causing a supply interruption. Taking action to move the business, when threats do not materialize, produces a measure of distraction, lost time and wasted effort by the teams.
Concept:Search recent and past social, political, economic unrest events to determine if they: a) do come to fruition, and b) if they do, is there an impact to in country commerce, aka disruption transportation, roads, airports, etc.? Conduct same exercise for climatic events.Evaluation of data can show what is the likelihood of an event a) coming to fruition (e.g. disruption) and b) if it is disruptive, what is the likelihood that supplier’s business being interrupted in terms of continuity of goods and services?
Data Sources:Collect and analyze vast array of news reports of social, political, economic unrest events as well as climatic events – over last x years.
Benefits / Opportunity:Procurement, Engineering and Supplier resource conserved and only expended when situation indicates a high likelihood of an event materially impacting the supply chain.
22
“Risk Rover” – Watson Project
Executive Interest and Support
Vice President and Controller –
In response to the IBM Board of Directors Audit Committee Meeting, acknowledged our current work is the right strategy and vision. “The Data Analytics presentation was very well received by the Audit Committee. I walked them through our strategy, … and wrapped up by outlining the impact of Analytics on the Enterprise Risk Map. The Audit Committee was very engaged throughout the presentation and acknowledged that this was the right strategy and vision”
IBM Vice President & Chief Risk Officer --
“I personally reference the tool internally and externally as a prime example of IBM's use of Analytics to support risk management initiatives which clearly underscores our thought leadership in this area. ”
IBM Corporate Office, Director, Global Risk and Insurance Management –
“This tool has been a huge differentiator for IBM when we present our risk profile to the property insurance underwriting community. Business Interruption and Contingent Business Interruption are ever expanding exposures to an organization and not only can impact income to the organization but also our ability to meet our commitments to our customers.”
IBM VP & Chief Procurement Officer –
“Managing and reducing risk in the supply chain … will be key to IBM’s global growth in the future”
23
Corporate-wide Supply Chain Risk Assessment - viewed as the right strategy and vision, key to global growth and a differentiator
Risk management is a fundamental building block to a supply chain strategy
Supply Chain Leaders are integrating process controls in their logistics and operations, supplier compliance programs and planning process
Procurement can deliver true value using an intelligent and comprehensive risk assessment program with suppliers
A strong supplier / supply chain risk management program, can - demonstrate to clients that IBM can be a reliable supplier, and- be a key factor in preserving and growing revenue- be featured to insurance underwriters as rationale for reduced premiums
Objective of these processes is not to eliminate risk- without risk there is no progress- instead it is to ensure we can manage and mitigate risks
“Managing and reducing risk in the supply chain … will be key to IBM’s global growth in the future” - John Paterson, former IBM VP & CPO
24
Supplier / Supply Chain Risk Management – Key Takeaways