LUP Student Papers

Improving proactive supply risk management of a large purchasing department

• Mark

Abstract

The topic of Supply Risk Management (SRM) has increased in relevance as the need for a resilient supply chain has become more prevalent. There have been numerous articles published throughout the years regarding SRM and Supply Chain Risk Management (SCRM), including articles with case studies of global OEM’s.
Company A, a global OEM located in Sweden, has realised that proactive SRM is a topic of interest as a result of recent disruptions. In recent years they have developed their reactive risk management capabilities, but expressed a desire to also develop their proactive work. The purpose of this thesis was to develop a proactive SRM model for Company A, a relatively unexplored field of research for Company A.

This thesis... (More)

The topic of Supply Risk Management (SRM) has increased in relevance as the need for a resilient supply chain has become more prevalent. There have been numerous articles published throughout the years regarding SRM and Supply Chain Risk Management (SCRM), including articles with case studies of global OEM’s.
Company A, a global OEM located in Sweden, has realised that proactive SRM is a topic of interest as a result of recent disruptions. In recent years they have developed their reactive risk management capabilities, but expressed a desire to also develop their proactive work. The purpose of this thesis was to develop a proactive SRM model for Company A, a relatively unexplored field of research for Company A.

This thesis contributes to proactive SRM work at a global OEM that recently has started to develop their proactive SRM capabilities. The study includes a literature review over selected articles which contributes by mapping out relevant SRM work. The analysis is based on comparing the findings of proactive SRM work at Company A with the theoretical framework, as well as analysing the organisation using a risk maturity model. This Thesis has focused on analysing the OEM in regards to the typical steps within the SRM process: i) risk organisation and governance, ii) risk identification, iii) risk assessment, iv) risk treatment, v) risk monitoring.

The first step of the developed proactive SRM model, risk governance and organisation, highlighted four aspects that would be necessary for Company A in reaching a higher level of proactive SRM: (i) top management support, (ii) risk culture, (iii) cross functional cooperation and (iv) compliance. Continuously improving these aspects would enable the organisation to become better at conducting proactive SRM activities. The second step, risk identification suggested, firstly enablers were suggested in order to get the fundamentals for identifying risks in order to successfully build up a risk register. Then a deep bi-annual scan is conducted and to have continuous awareness is recommended. The third step, risk assessment, it was recommended to start calculating the risk probability and impact in terms of determining the Business Recovery Time (BRT) and Business Interruption Value (BIV). This was then compared to Company A risk levels and given a score in order to enable a prioritisation list of which risks that should be prioritised. The fourth step, risk treatment with the goal to mitigate the risk based on the inputs given from the risk assessments. This is done by choosing from the suggested risk treatment strategies toolbox that will be continuously improved with the help of the new implemented risk treatment database. The final step, risk monitoring defined as keeping track both of the previous SRM steps as well as the overall SRM performance. The latter alternative can help in improving the organisation SRM work in terms of leading to alignment and consistency so that different departments within the organisation can be comparable.

The developed proactive SRM model has been adapted to Company A purchasing and its needs. However, the recommendation can also be applied to other organisations if modified according to their organisational needs and structure in terms of proactive SRM. (Less)

Popular Abstract

With a globalised and connected economy, regional disruptions can have global consequences. Supply Risk Management (SRM) is the practice of limiting the negative effects of supply disruptions and can be conducted proactively and reactively. Company A, a global manufacturing company located in Sweden, has recently been affected by supply disruptions and is now seeking to develop their own proactive SRM capabilities.

For this we recommend a proactive SRM model consisting of steps: i) risk governance and organisation, ii) risk identification, iii) risk assessment, iv) risk treatment, v) risk monitoring. We also suggest an implementation plan to guide Company A on how to approach the recommended model. The enablers for the implementation... (More)

With a globalised and connected economy, regional disruptions can have global consequences. Supply Risk Management (SRM) is the practice of limiting the negative effects of supply disruptions and can be conducted proactively and reactively. Company A, a global manufacturing company located in Sweden, has recently been affected by supply disruptions and is now seeking to develop their own proactive SRM capabilities.

For this we recommend a proactive SRM model consisting of steps: i) risk governance and organisation, ii) risk identification, iii) risk assessment, iv) risk treatment, v) risk monitoring. We also suggest an implementation plan to guide Company A on how to approach the recommended model. The enablers for the implementation are top management support, a risk aware culture and education in SRM activities.

The first step of the recommended model, risk governance and organisation, highlighted four aspects that would be necessary for Company A to reach a higher level of proactive SRM. Activities are recommended for improving these aspects, which would enable the organisation to further encourage proactive SRM activities.

The second step, risk identification is divided into two parts. Firstly, enablers were suggested to provide supply visibility and successfully build up a risk register. Then a deep bi-annual scan should be conducted and to have continuous awareness is recommended.

For the third step, risk assessment, it is recommended to calculate the risk by impact and probability of occurrence. The impact can be considered as the cost of not receiving a component, during the time it takes to switch source. The probability is the likelihood of having to switch sources and depends on environmental, network and operational risk factors of a supplier. The impact and probability assessments should then be combined to prioritise SRM work.

The fourth step, risk treatment, aims to mitigate the prioritised risk. This is done by choosing suitable treatment strategies and constructing an action plan. The cost of implementing the action plan can be compared to the potential impact of the risk to evaluate the business case. The action plan is then implemented and monitored.

This introduces the final step of the process, risk monitoring. It is done to keep track of the previous SRM steps as well as the overall SRM performance. By measuring the SRM performance it enables continuous improvement of the proactive SRM work.

The developed proactive SRM model has been adapted specifically to Company A purchasing and its needs. However, the recommendation can also be applied to other organisations if modified according to their organisational needs and structure in terms of proactive SRM.

The study includes a literature review over selected articles to map out relevant SRM theory. The analysis is based on comparing the findings of proactive SRM work at Company A with the theoretical framework, as well as analysing the organisation using a risk maturity model. The full study is presented in the report: “Improving proactive Supply Risk Management of a large purchasing department” at the Faculty of Engineering – LTH, Lund University. (Less)