What are the types of risk in supply chain management?

Author: Manu Steens

In this contribution I give my own opinion, not that of any organization.

The risks of a supply chain are the cause of many problems. Analyzing and getting to know those risks is therefore important. To this end, I analyze the types of risks that are important for short and long chains.

What’s the problem?

Supply chain risk managers, like all risk managers, must have an inward and outward view. So in concrete terms, having an eye for internal and external risks as they manifest themselves in the organization, but also in the cohesion of the organizations in the chain.

How do they address them?

To address those risks, they can use Enterprise Risk Management and Operational Risk Management, as well as BCM and Strategic Risk Management.

Supply chain risks can be divided into two main categories, which can be further divided into subcategories. More specifically the internal and external risks.

What do those risks look like in concrete terms?

External risks are those risks that you have no control over. They depend on the environment in which you operate. They can be very disruptive, they are often unknown or there is no previous experience with them. That is why they can best be tackled with an approach according to BCM or with Strategic Risk Management.

There are five main categories of external risks in the chain, namely:

  • Demand risks. These are formed by unpredictable whims of customers. But it could also be that the customer was completely misunderstood.
  • Supply risks are created by any interruption in the flow of products, usually upstream in the supply chain, with the raw materials or machine parts.
  • Environmental risks. These are classified with the mnemonic PESTEL: Politics (including terror), Economic, Social and societal, Environment (nowadays the climate), Regulations (for compliance)
  • Business risks, often caused by the financial situation of suppliers upstream in the chain, or customers downstream.
  • Physical condition of suppliers’ production halls and their legal compliance.

Internal risks are those risks that you have or can have control over. These are risks that occur in the organizations that are part of the entire supply chain. So the businesses own them themselves. Therefore, they can best be tackled with an approach tailored to the supply chain aspects based on Enterprise Risk Management and Operational Risk Management. This makes them more suitable for mitigating the risks.

There are five main categories of internal risks for suppliers, namely:

  • Production risks, due to technical malfunctions or errors or poorly coordinated processes
  • Business risks caused by shifts of key personnel, job hoppers, war for talent, management errors, slow reporting structures, inadequate hierarchical structure, poor internal and external communication, poor or outdated operating methods.
  • Risks of planning and control e.g.due to ineffective and inefficient evaluation methods, also resulting in incorrect assessments by management.
  • Mitigation risks and disasters, due to the failure to implement measures or alternative processes and procedures, or to implement them in a timely or incomplete manner.
  • Cultural risks, caused by a culture of insecurity, distrust, and individualism, as a result of which things that go wrong (or threaten to go wrong) are reported too late and nothing can be done about it.

Based on this knowledge, it is then easier, but not yet simple, to develop a risk typology for your own organization.

In an ideal world, these typologies are created together by all players in the supply chain. But perhaps that is too much to ask.

Manu Steens

Manu works at the Flemish Government in risk management and Business Continuity Management. On this website, he shares his own opinions regarding these and related fields. Since 2012, he has been working at the Crisis Centre of the Flemish Government (CCVO), where he has progressed in BCM, risk management, and crisis management. Since August 2021, he has been a knowledge worker for the CCVO. As of January 2024, he works at the Department of Chancellery and Foreign Affairs of the Flemish Government. Here, he combines BCM, risk management, and crisis management to create a tailored form of resilience management to meet the needs of the Flemish Government.

Leave a Reply

Your email address will not be published. Required fields are marked *

Recent Posts