Using ISO31000 to Manage Supply Chain Risk

By Stuart Patch, Operations Director, Academy Global

ACE Groups Emerging risks barometer 2015 found that supply chain risks continue to be a major concern for organisations with some 31% of respondents highlighting this to be of greatest concern for their business. As businesses continue to pursue efficiencies, supply chains are becoming more complex and increasingly global. Whilst this helps the competitiveness of the organisation it also brings with it increased risk.

As supply chains increasingly become a fundamental part of the organisation any issue has the potential to paralyse the business. With this in mind what how can applying the ISO 31000 risk management principles and guidelines be used to help.

Integrate risk management with your Strategy

For risk management to be effective it needs to be integrated within an organisation from top to bottom. To achieve this it should be and integral part of your strategic planning process and major strategic risks should be highlighted. Highlighting risks at this level increases the likelihood of executive support and facilitates the integration of risk management procedures into business activities minimising duplication and increasing sustainability.

Given the increasing role of supply chains in organisations, this will often appear as a strategic risk.

Understand the context of your organisation

It is essential to make sure that the context that an organisation is operating in is fully understood and taken into account. Your organisation and your supply chain may be affected by many factors in you operating environment that are beyond your control. It is important to identify these so that appropriate plans can be established to deal with them.

It is also important to make sure that a regular process is established to monitor the context of your organisation with trigger points identified which, if reached would require a review.

Understand the criticality of each vendor in your supply chain

For each supplier you should understand how critical they are to your organisation. What would happen if they stopped supply, if they supplied defective products or if they were just late.

Identifying how you would overcome or treat these risks is essential. Do you have substitute suppliers available you can call upon? Would they have the capacity to meet your needs? How good are your inbound quality checks? Do you need to improve them? What would be the effect if you didn’t identify a bad product

Ensuring your supply chains risk management process’ are effective

It is common for contracting organisations to seek assurance by selecting suppliers who can demonstrate that they have established and or certified risk management practices. This can be an effective way of trying to control risks emanating from your supplier. However, it is important that there is regular communication with and monitoring of your supplier to make sure that these processes are sustained.

Utilising the Risk Assessment process:

As with any risk management process it is important to go through the process of Identifying, Analysing and Evaluating risks. As you move through the assessment process it is vital that you capture the compounding effect of any risks, as this is where the significant exposure lies. For example, the direct cost of a poor quality product may not be significant. However if it results in a product recall and potential damage to your reputation the compounding effect can make this incredibly significant.

Establish appropriate treatments, monitor and control

Once you have assessed your risks you can devise the appropriate treatments. An effective risk management process will add value to your organisation so you do not spend more treating a risk than the benefit you derive from the treatment.

It is also critical that risks and the effectiveness of treatments continue to be monitored. Risk management is a living, breathing activity and needs to be kept live to be effective.

Your call to action

Are you confident in your organisations ability to manage supply chain risk? Academy Global offer a number of interactive risk management courses ranging from the Fundamentals of Risk Management to an Advanced Diploma of Integrated Risk Management FNS60815 all targeted to improve the effectiveness of your risk management process.

References:

ACE Group – Emerging Risks Barometer 2015