See this on-demand webinar on Supplier Risk, "What Every Procurement Professional Should Know About Supplier Risk Management: The IBM Story."
You will learn:
-Precise framework around supplier risk management and why and where it’s needed
-How IBM manages supplier qualifications, compliance, financial continuity and supplier code of conduct
-Common mistakes made and solutions to supplier risk management
View here: http://procureconwest.wbresearch.com/the-ibm-story-mloc-h-iframe
16. • Business processes in the Cloud
• Mobile/ubiquitous computing decreases
reliance on people creating information
• Analytics gives rise to intelligent systems
that make decisions automatically
• Unprecedented interaction/collaboration
• Mega cities, mega regions and mega
corridors; where most business will
occur
• Globalist employees replace less effective
approaches
• Technology rules and understanding of
intersection between physical and virtual
worlds increases
• Managing market and political
uncertainty is more complex than ever
• Accelerating global shifts pose new
risks; resiliency/responsiveness
differentiate
• Evolution to a holistic view of risk
management
• Risks can be hedged through intelligence
Technological
Progress
Risk
Complexity
• Sustainability is an imperative
• The future sustainable enterprise provides
significant and measurable benefits to
operational efficiency, growth & the brand.
• Consumer demand & government
regulations mandate product lifecycle
GHG, energy, water, waste mngt
Sustainability
Imperative
• Economic power shifts to Asia
• The development of Growth Markets
lead the world’s growth
• Real time business to business decisions
and collaboration in an open environment
• Outsourcing will continue to accelerate as
businesses seek to optimize operations
Globalization
Redefined
• Customers thrive on knowledge and
wield unprecedented power
• Consumers are busier and are demanding
– and receiving – more information before
making their decisions
• Consumers have more power to reward or
punish and want their consumption to
match their values
Informed
Customer
Informed Customer
Population
Migration
Source: IBM Institute for Business Value
16
Major factors affecting the enterprise today
Six mega-trends impacting enterprises around the world
17. External Environment
Senior
Leadership
Approval and
Ownership
Business Strategy
Operational Model
Financial Model
Emerging
Risks
LowMedium-LowMedium-HighHigh
HighMedium-HighMedium-LowLow
Sample
Sample
Sample
Sample
Sample
Sample
Sample Sample
Sample Sample Sample
Sample
Sample
Sample
Sample Sample
Sample
Sample
Sample
LowMedium-LowMedium-HighHigh
HighMedium-HighMedium-LowLow
Sample
Sample
Sample
Sample
Sample
Sample
Sample Sample
Sample Sample Sample
Sample
Sample
Sample
Sample Sample
Sample
Sample
Sample
Impact
Likelihood
Reputation
Board / Audit
Committee
Review
Relationship with critical suppliers:
Ability to manage the end-to-end supply chain,
including the dependency on critical suppliers
Risk
Management
Competitive
Advantage
Enablement
Effectiveness
Program
and Practices
Leadership
Report Communicate
Monitor Implement
External
Research
Executive
Interviews
A systematic approach to Identify, Assess and Address risk
Enterprise-wide view
Focus on both hazards and missed opportunities
Improve business results and drive competitive advantage
17
IBM has developed a robust Risk Management program
– and Supply Chain risk management is an important focus area
18. 18
How “Risky” is the Supply Chain ?
Supply chain failures continue to be the top concern for
US and Canadian business leaders. …
The CHUBB Multinational Risk Survey finds that
….. Businesses cite supply chain failure as the top
concern. …
……[only] 56% of the companies report having a
business continuity plan..
… The lack of continuity plans … is disturbing
From Inside Supply Management – June/July 2014
Global Trends – news in a changing world
20. 20
Initial and On Going Risk Compliance – to legal and internal policies.
• Ethics, Bribery and Corruption
• Import / Export & Embargoed Country Restrictions
• Environmental, Product Safety, Electromagnetic Compatibility (EMC)
• Chemical Management and clean up
• Quality and defective products reporting, corrective action and recalls
• Diverse business relationships
• Data security
• Sustainability and code of conduct
• Financials
• Supply chain risk / business continuity planning
21. 21
- successfully uncover and manage supplier and supply chain risk
• Well defined “on boarding” check list and tool
• Risk profile assessment
• Documented process, line ownership and management system
• Data base / tool to house data and perform computations
• Impact / likelihood weighing algorithm
• Risk ranking methodology
• Mitigation and business continuity plans
• Real time alerts
• Experienced cross functional, multi cultural core team
Key ingredients necessary to
22. IBM Procurement has always conducted some level of supplier risk assessment
Financial, single source, logistics – no consistency of assessment one category to another
Increased global sourcing drove need for a more comprehensive means of assessing
risk especially in view of increased complexity of supply chain and cumulative nature of risk
Set off to buy tool and service
RFIs to leaders in supplier risk management – primarily financial, logistics, single sourced
No one else in industry, asking for a view of total risk (2009)
Engaged procurement council and several commodities
Ran pilot with prototyped tool – lessons learned from user team incorporated in final design
5 Elements: Country, Hub, Supplier, Supplier Site, Commodity
Use of External Data Source Provider as trusted data source for country, region, hub
Sourcing provide input on suppliers, supplier site and commodities
Incorporated iLog Alert feature and Lotus Notes data base for Mitigation Plans
Deployed to Production Procurement Dec 2010
Integral part of management system and executive reviews with associated metrics
Runs 2x/year for existing suppliers
All new suppliers evaluated at time of on boarding
All high risk suppliers to have mitigation plans in place
22
Setting the Context – Getting Started and Beyond
23. Our objective is not to eliminate risk, because without risk there is no progress.
Instead it is to ensure we can manage and mitigate risks.
Social
Listenin
g
Market
Intelligence
Social
and
Environmental
Leadership
Business
Analytics
Supplier Total Risk Tool & Process
Risk
Assessme
nt
Risk
Mitigation
Planning
On-going
Risk
Monitorin
g and
Control
• Comprehensive risk assessment
• Ongoing mitigation
Protections against loss of
revenue and profits by minimizing
likelihood and severity of supply
chain disruption
Solution
ISC Risk Management Tools
Managing market and political uncertainty is
more complex than ever
Risks can be hedged through intelligence and holistic view
of risk management
1. Incorporating key
information about
global supply chain
from market
intelligence
communications
2. Augmenting
existing information
not available via
current market
intelligence
processes
3. Listening for
sentiment and
trends for critical
items and events
Recognition
•IBM Outstanding Innovation Award
•Patent for impact likelihood algorithm
•CSCMP finalist for Supply Chain Innovation Award
23
Uncovering and Managing Supplier / Supply Chain Risk
24. 2 x year complete Supply Base Assessment
Country / Hub / Supplier / Supplier Site / Commodity
External and Internal Market Intelligence
4 x year Supplier Cluster Assessment
Political, Environmental, Terrorism, Labor Risk
External Market Intelligence
Real Time Alerts
Critical elements of the Supply Chain fot Countries,
Hubs, Supplier, Commodities
External and Internal Market Intelligence
Additional Market Intelligence Feeds and Actions
White Paper, Advisories, Weekly Reports
Bi-Weekly Updates to the Management Team
Quarterly Briefing to IBM‘s Chief Risk Officer
Central Repository (aka community) for all Risk Related Topics
External Data Source focusing on selected growth market countries and hubs
Providing specialized alerts
External Data Source Provider searching upstream supply chain re.
Conflict minerals and rare earth metals
24
Highlights - Risk Process and Management System
25. Risk Mitigation Plans
(via Lotus Notes database)
Plans formulated to address
identified risk
Plans reviewed and approved by
management
Total Risk Assessment Tool
Supplier Financial Risk
Assessment (SFRA) Tool
Supply Chain Risk Entities:
• Commodity
• Supplier
• Supplier Site
• Country
• Hub
Risk Categories:
• Disaster
• Political, Legal & Social
• Supplier Financial Stability
• Security
• Country Economic & Financial
Stability
• Infrastructure, Logistics & Energy
• Environment & Natural Hazards
• Labor & Health
Supplier-Site & Pandemic
Questionnaires
Commodity
Lead
Council Lead
Supplier &
Commodity
Questionnaires
Country & Hub
Questionnaires
Market
Intelligence
External Data
Source Provider
Country & Hub
Questionnaires
Cognos BI Reporting
• Risk ratings by …
Country
Hub
Supplier
Supplier Site
Commodity
• Reports Generated …
Global View
Supply Chain Report
Questionnaire Report
Pandemic Questionnaire
Report
Risk
Identified
SFRA
Total Risk
Assessment Tool
(Determines Risk Rating for
combination of all entities and risks)
Automated email alerts via ILOG
Business Rules
Business Continuity
Planning Supplier
Assessment Ratings
Real Time Alerts from External Data Source Provider
– anytime, re. potential disruption threat
Supply Chain Social
Responsibility Audit
Compliance Reference
25
Total Risk Tool and Process Landscape
26. Categories Supplier Site Supplier Commodity Country Hub
Pandemic
Disaster Production Stoppage,
Pandemic related
Raw Material
related
War and Civil
Unrest related
Shut Down
related
Communication &
Cooperation
Environment &
Natural Hazards
Economic /
Financial
HR
Infrastructure,
Logistics & Energy
Labor & Health Includes
Pandemic
Political, Legal &
Social
Product & Market
Requirements
Quality
Security
Strategic
Importance
26
Categories and Types of Risk Evaluated
28. Real time alerts from External Data Source Provider of specific aspects as events
unfolded provided an assessment damage and how quickly supply could be restored
Based on tool out put, immediately knew number of suppliers in Japan, which
categories affected (e.g. commodities, logic, memory) and what tier supplier impacted
Able to immediately contact suppliers and understand
- Extent of damage
- Whether in exclusion zone or not
- Ability to produce / maintain measure of supply continuity
- Supplier contingency plans
- Mitigation Actions (e.g. moving manufacturing to alternative locations)
Can look for supply continuity down through multiple levels of supply chain where IBM
has qualification / sourcing relationships with sub tier suppliers
- Through use of related tool and process
12-24 hour head start in securing supply and implementation of mitigation actions
28
2011 Japan Earthquake / Tsunami and Thailand Flooding
- Demonstrated value of tool and process
29. Likelihood Impact Model
Risk = Probability of Risk Event x Impact to Business
Heat Map with modified Thresholds
Thresholds set to capture 10 – 15% High Risk Supplier
~95%+ Spend Coverage ($12bn)
~650 High to Low Impact Suppliers
~2400 Supplier Site-Commodity Combinations
Main driver Component and Memory
Subtier Supplier include certified FAB locations
Differentiation between Fab, Assembly and Test
Components, Logic, Microcomponents, test
~ 60 Commodities Tracked
From finished Boxes to Assemblies to Chip Families
~50 Country and Regions Tracked
All Growth Markets covered
~50 Key Transportation Hubs Tracked
~ Main Country Entry and Exit Transportation Points
~3000 Supply Chains captured
29
Factoids
30. Past & Current (examples)
Bangkok Political Unrest 2009 / 2010
Russia – Ukraine Gas Dispute 2009 / 2010
Japan Tsunami and Reactor Melt Down 2011
Thailand Flooding 2011 / 2014
Super Typhoon Haiyan – Philippines 2013
Hynix Wuxi, China DRAM plant fire 2013
Thailand State of Emergency 2014
Ukraine political unrest 2014
Madagascar hurricane 2014
Chilean earth quake and tsunami 2014
Mexico City earth quake 2014
Current and Following
WTO ruling and China Appeal re. Rare Earth Metal ruling
Export of ore restrictions
Continued Focus on Youth Unemployment in Europe
Youth Unemployment trigger to Social Unrest
Sanctions on Russia
Vietnam roits against Chinese businesses
Thailand Martial Law
Source
http://www.abc.net.au/news/20
14-01-10/fresh-protests-at-rio-
expulsions2c-
demolitions/5193272
Source
http://en.wikipedia.org/wiki/Typhoon_Haiyan
30
Assessment of Major Risk Events
31. Supplier Sourcing
Consider Supplier Risk in Sourcing Process
Use as decision support tool to award
business
Business Continuity Planning
Consider BCP Readiness into Supplier Risk
Inadequate BCP Readiness require Mitigation
Action to Improve Risk Score
Risk of Flooding
(under development)
Multiple input parameters like topography,
historical weather pattern, soil type, ...
Selected Countries
GPS tagging of Supplier Location
Publicly Available Data Maps
Views provided to Sourcing teams
Use of Mobile Communication
(under development)
Bi-directional Communication with Suppliers
Share Risk Events
31
Pro-Active Elements of Risk Management
32. Executive Interest and Support
Vice President and Controller –
In response to the IBM Board of Directors Audit Committee Meeting, acknowledged our current work is the
right strategy and vision. “The Data Analytics presentation was very well received by the Audit Committee. I
walked them through our strategy, … and wrapped up by outlining the impact of Analytics on the
Enterprise Risk Map. The Audit Committee was very engaged throughout the presentation and
acknowledged that this was the right strategy and vision”
IBM Chief Risk Officer and Vice President Pensions Management –
“I personally reference the tool internally and externally as a prime example of IBM's use of Analytics to
support risk management initiatives which clearly underscores our thought leadership in this area. ”
IBM Corporate Office, Director, Global Risk and Insurance Management –
“This tool has been a huge differentiator for IBM when we present our risk profile to the property
insurance underwriting community. Business Interruption and Contingent Business Interruption are ever
expanding exposures to an organization and not only can impact income to the organization but also our
ability to meet our commitments to our customers.”
IBM VP & Chief Procurement Officer –
“Managing and reducing risk in the supply chain … will be key to IBM’s global growth in the future”
32
Corporate-wide Supply Chain Risk Assessment - viewed as the right
strategy and vision, key to global growth and a differentiator
33. Risk management is a fundamental building block to a supply chain strategy
Supply Chain Leaders are integrating process controls in their logistics and
operations, supplier compliance programs and planning process
Procurement can deliver true value using an intelligent and comprehensive risk
assessment program with suppliers
A strong supplier / supply chain risk management program, can
- demonstrate to clients that IBM can be a reliable supplier, and
- be a key factor in preserving and growing revenue
- be featured to insurance underwriters as rationale for reduced
premiums
Objective of these processes is not to eliminate risk
- without risk there is no progress
- instead it is to ensure we can manage and mitigate risks
“Managing and reducing risk in the supply chain …
will be key to IBM’s global growth in the future”
- John Paterson, IBM VP & CPO
33
Supply Chain Risk Management
– Key Takeaways
34. Q&
A
Lou Ferretti
Project Executive,
Product Environmental Compliance
& Supply Chain Social Responsibility
ferretti@us.ibm.com
Bill DeMartino
Practice Executive,
Spend Analysis & Supplier Management
billd@us.ibm.com
Thank You!
For more information, please visit:
www.ibm.com/procurement-solutions