About the Author xi
Introduction Getting to the Truth 1
Chapter 1 The Laws of the Laws 9
Laws of the Laws
Risk Management Defined
Law of the Laws #1: Everyone, without Exception, Is Part of a Supply Chain
Law of the Laws #2: No Risk Strategy Is a Substitute for
Bad Decisions and a Lack of Risk Consciousness
Law of the Laws #3: It’s All in the Details
Law of the Laws #4: People Always Operate from
Indirect and Secondary Impacts
What Can You Conclude?
Chapter 2 Law #1: If You Don’t Manage and Lead Change,
You Have to Surrender to It 31
The Risk Wake – Up Call — Planned Change, Unplanned Consequences
We Can’t Change the Past, but . . . Can We
Change the Future?
Can You See the Icebergs Ahead?
Chapter 3 Law #2: The Paradigm Should Destroy the Parasite:
Begin by Defining the Paradigm, Not by Fighting the
The Paradigm in Action
Why Does the Organization Need to Identify a
Supply Chain Risk Paradigm?
Beware! The Paradigm Can Shift without Notice
If the Shoe Fits
Chapter 4 Law #3: Manage Your Business DNA in a Petri
Dish of Evolving Risk 87
Expanding the Risk Awareness Universe
Know Your Business—Know Your Surroundings
The Keys to Your Risk Kingdom
Your Operation’s Complete Footprint
Your Action Plan
Chapter 5 Law #4: In Supply Chain Risk Management,
Demand Trumps Supply 115
Building Your Demand-Based Strategy
Market and Client Factors to Consider
Chapter 6 Law #5: Never Set Up Your Suppliers for Failure 143
Supply Chain Risk Management Program
Sourcing Strategies That Create More Risk, Not Less
Trust but Verify
Chapter 7 Law #6: Managing Production Risk Is a Dirty Job:
Focus on Managing the Endless Risk of Manufactured
Weakest Links 173
Going Global with the Production of Risk
A New Collaborative Effort
Why Is Production So Critical?
Part Two of the Double Whammy: Labor
Chapter 8 Law #7: The Logistics Risk Management Rule:
Managing the Parts Does Not Equal Managing
the Whole 199
What Is Logistics Risk?
Cargo and Warehouse Theft
The Piracy Risk
What’s at Risk?
Single Points of Failure and Aggregate Risk
Supply Chains Don’t Survive on Product Flows Alone;
Information Flows Are Essential
In the End It’s All about the Priorities and Economics
Chapter 9 Law #8: Mitigation: If Supply Chain Risk Management
Isn’t Part of the Solution, It Will Become the Problem 225
Now What Do I Do?
Enter the Risk Intelligent Supply Chain
Economic Change—A Catalyst for Redefining
At Time of Disruption
What Is Risk Mitigation?
Chapter 10 Law #9: Financing: The Best Policy Is Knowing
What’s in Your Policy 249
Insurance and Its Role in Supply Chain
Background on Insurance in the Supply Chain Risk Area
Current Insurance Solutions and Their Limitations
Introducing Supply Chain Insurance:
Approach and Challenges
Corporate Customer Benefits Arising from
Supply Chain Insurance
What Does the Future Hold?
A View from the Insurer’s Side
Chapter 11 Law #10: Manage the Risk as You Manage
Your Own: Your Supply Chains Are All
Interdependent but Unique 279
Questioning Old Assumptions
Personal Laws of the Laws
Have you ever stopped for a moment to think about what is needed to produce the products you depend on? Critical drugs like blood thinners, polyethylene (plastic) – based products such as syringes, isotopes for medical imaging, or milk – based baby formula? Or maybe your livelihood depends on your ability to transport products, your customers having access to your online order entry system, or the timely receipt of parts from your suppliers on the other side of the world. But because of a product contamination, failure of a key supplier, labor strike, trade credit squeeze, earthquake, pandemic, software glitch, project mismanagement, or some other adverse event — what you depend on is simply not available.
Ironically, as this book was on its way to print, that was the case for a select group of patients with rare genetic disorders. According to a Wall Street Journal article, Genzyme Corporation, the biotech company that produces Cerezyme and Fabrazyme (enzyme replacement drugs), had to shut down a critical node in its supply chain — the main U.S. manufacturing plant. The identifi cation of a suspected virus in a vat used to make Cerezyme was the suspected cause. Company offi cials stated that this single point of failure would cause shortages over the next few months, while analysts were estimating the potential lost revenue from the shutdown to range from between $ 100 million and $ 300 million. 1 A virus, an unplanned event that suddenly threatened the well-being of the patients as well as the fi nancial stability of the organization, had halted this supply chain.
The occurrence of a single point of failure, the breakdown of any given product, information, and/or cash fl ow caused by a process or resource (e.g., people , technology , physical , or relationship) failure at any given point in global interdependent and interconnected supply chains may interrupt the fl ow of goods and cause systemic failure.
• What are these single points of failure and how will my organization be impacted by a failure at different points in the supply chain?
• How do you recognize whether or not you are exposed (and to what degree)?
• Who is responsible for understanding and managing this risk?
• When and where are you most exposed?
• Why should you invest time, resources, capital, and management attention to address these risks?
• And, most important, what can I or my organization do about it?
These are just a few of the questions that I set out to address when I began this book and that you need to keep in mind as you read forward.
When I began the journey, I found that many of the people with whom I interacted globally struggled to defi ne, understand, and articulate the concept of supply chain risk management. All acknowledged that it was important and that they should be addressing the risk — but most weren ’ t sure if they really were addressing it and they couldn ’ t concisely defi ne who owned the problem. In many instances, they didn ’ t know where to start. So with the help of dozens of experts from industry and academia located around the globe, I set out to defi ne a common language, a shared context, and comprehensive framework to help better understand and manage supply chain risk management. I documented the lessons learned as well as the lessons not learned. This is just the beginning of the journey, and after I completed the manuscript, I realized that I had only begun to scratch the surface. There was so much more to address: enterprise resource planning systems and supply chain technologies, environmental risk and regulations, geopolitical challenges, climate change, and compliance to name a few. I will save those topics for another time. I share with you the countless challenges, practical experience, and the frustration faced by so many senior managers — risk, procurement, logistics, operations, security, product quality, distribution, compliance, manufacturing, finance, and even directors and senior offi cers. The issues are not unique to any industry, geography, company, function, or individual. But what is unique is the supply chain itself. Richard Steinke, Executive Director of the Ports of Long Beach, stated, “ if you have seen one supply chain . . . you ’ ve seen one supply chain. ” 2 I would add to his comment that if you ’ ve seen it — look again — that supply chain and associated risk has probably changed. Simply put, organizations rely on dozens, if not thousands, of virtual supply chains in which the participants and the paths are constantly reshuffl ed.
So let ’ s begin the journey together and acknowledge that there is no end point and that we will be forever learning, improving, and hopefully reducing the risk to the supply chains that we depend on so heavily to deliver what we value the most.