Enablers and Barriers to Risk Mitigation

Daniel Dumke — Mon, 13 Dec 2010 10:14:00 +0000

Everybody concerned with the task of developing risk mitigation strategies has a list in his mind of different factors influencing a company’s exposure to risk and if you think about it: those factors are probably related.

Example: The number of suppliers for one component can have a huge impact on risk, but the necessity of a high number of (redundant) suppliers may itself be affected by the trust you built with your main supplier. Both trust and having multiple suppliers affect supply chain risk by themselves, but they are also related.

Faisal et al (2006) investigate these relations in a more in depth way.

Results

Their results are summarized in figure 1. Information sharing has the most driving capabilities and is therefore located on the bottom of the pyramid. Aligning incentives within the supply chain also drives SC risks but is itself dependent on the information sharing within the supply chain, and so on.

Figure 1: Hierarchy based Model for Risk Mitigation in Supply Chains (Faisal et al., 2006)

Methodology

The authors used Interpretive Structural Modeling to come to these results. The goal is to transform a plain list of variables which are affecting a system into a hierarchy.

Steps:

Generate the relevant factors (eg. using brain storming technique)
Transform the list into a matrix and mark dependencies using expert opinion (see figure 2)
Extend the matrix and calculate driving capabilities and dependence (last row / line, see figure 3)
Using these results build the model

Figure 2: Structural Self Interaction Matrix (V: Line influences row, A: row influences line, X: influence each other, O: no influence; Faisal et al., 2006)

Figure 3: Reachability Matrix (Faisal et al., 2006)

Conclusion / Critique

This model shows several important points: some factors are supposed to be drivers of risk mitigation, therefore influencing them will have a much wider positive effect then only locally. Risk managers should thus focus their time and money on these factors!

The method used has also its drawbacks. First, The results presented by Faisal et al. (2006) are aimed on a very high abstraction level, starting with the initial list, which is the foundation of the whole hierarchy. Since there is no iteration process to enhance this initial list again, it is of utmost importance to be very sure about it. Second, there are also no recursive relations between variable, for example one could think that agility in the supply chain (high dependence index) might influence the trust among the supply chain partners (very high driving index) due to a more customer oriented performance. Third, the resulting list is heavily dependent on the expert opinion, which transforms the variable listing into the dependence matrix.

Those caveats have to be considered before using the resulting hierarchy; for most practitioners looking for such a listing, the best way to proceed would be to recreate it with variables specific to the context of the company.

Reference:

Faisal, M. N., Banwet, D.K., & Shankar, R. (2006). Supply Chain Risk Mitigation:
Modeling the Enablers Business Process Management Journal, 12 (4), 535-552

Rate This:

Tags:

mitigation

risk

framework

Managing Information Risks

Daniel Dumke — Wed, 17 Nov 2010 12:32:00 +0000

At the moment I am looking for gaps in my reading up to now and I found that I have not read much about information risks. It also seems that those risks are not (yet?) in focus, neither in research nor business. So I was happy to find “Information risks management in supply chains: an assessment and mitigation framework” by Faisal, Banwet and Shankar.

Topic / Methodology

The purpose of the paper is to provide a framework for the management of information risks, and to device a way to measure them. The authors therefore use graph theory and interpretive structural modeling to model the interrelations between risks and their drivers and develop a framework for mitigating the risks. They start categorizing information risks as follows:

Information security / breakdown risks (I1)
forecast risks (I2)
intellectual property rights risks (I3)
IT/IS outsourcing risks (I4)

Figure 1: Model for Information Risk Mitigation in a Supply Chain (Faisal et al. 2007)

Framework

The authors next developed the variables which help to reduce information risks using brainstorming sessions. This resulted in 12 variables which where then analyzed using above mentioned methods.

Figure 1 shows the resulting framework. I found it especially interesting that a “soft factor” like management commitment had such an integral role in this framework, pointing the finger on something that business often neglects when managing risks.

Risk Measurement

The framework implies a focal role of measuring the impacts of different risks. The authors conclude:

Measurement of information risks is important to understand their contribution to overall risk susceptibility of the supply chain, and also to determine the impact of the efforts to mitigate them.

With this in mind the authors first determine the interrelationships between the above mentioned risks and then suggest the formula of their “information risk index”.

Figure 2: Representation of the four Information Risk Variables (Faisal et al. 2007)

Figure 3: Information Risk Index of the Supply Chain (Faisal et al. 2007)

Conclusion

I liked reading this article and I agree with the conclusions. When analyzing the results, you also have to keep in mind that this work has not been based on a widespread consensus or even tested empirically.