example, food products that were distributed to
U.S. government agencies had a revenue rank of
1 (worst), while tech products distributed to U.S
retail had a revenue rank of 6 (best).
x Finally, complete this exercise for all prod-uct-channel and KPI combinations. The end result
will be a listing of overall ratings for each of the
organization’s supply chains. In this example, food
products-U.S. retail and tech products-U.S. retail
scored the highest ratings, implying that these two
supply chains were the most important for this
organization.
This exercise can be conducted individually, but
subject-matter expertise may be required from
different departments. For that reason, it is recommended that it be done in a group composed of key
personnel from the different product groups and
operations teams. Moreover, since supply chain
risks can impact different functions within an organization, it is important to engage cross-functional
teams early on to make them aware of the supply
chain risk management program and to seek their
insight on strategic issues that may need to be considered in developing such a program.
RISK QUANTIFICATION
Risk quantification is an operational matter. It consists of quantification of supply chain risks across
nine categories, and the creation of functional risk
profiles. Its purpose is to identify, segment, and
prioritize different external and internal supply
chain risks.
Once organizations have segmented and identified their most important, unique supply chains,
they can then start to identify risks that are specific
to their operations and quantify the risk elements.
The following categories form a comprehensive
base covering almost all aspects of an organization:
Internal risks: financial, production and inventory, transportation, labor, information technology
(IT)
External risks: supply, demand, natural hazard,
political
Organizations may choose to quantify the risks
embedded in each category as listed above, or
choose only a subset of categories, depending on
what applies to their particular supply chain envi-
ronment and business strategies.
The basis for quantifying risks starts with the
fundamental formula:
Risk = Probability of risk occurring
Impact of that occurrence
To use this formula:
x Create a scale. First, create a 1-to- 5 scale to mea-
sure both probability and impact, with 1 being the
lowest and 5 being the highest.
x Determine the “risk boundaries.” Since the rang-
es for both P (probability) and I (impact) are
from 1 to 5, risk is now measured on a scale of 1
to 25, because Risk=P*I. Hence the lower bound-
ary for risk is 1* 1= 1 (when P and I both have the
minimum value of 1), and the upper boundary is
5* 5= 25 (where P and I both have the maximum
value of 5).
x Define risk levels. Given that the risk profile
can vary anywhere from 1 to 25, the next step is
to define levels of risk using the value ranges. For
example, risk levels can be defined as:
Once the boundaries of risk levels have been
defined, a matrix for easy reference, like the one
shown in Figure 5, can be created.
x Assign risk levels to categories. As a next step, each
risk category, including both internal and external
risks, should be assessed individually against the
risk boundaries created. Each risk category will
score a risk rating in the range of 1 to 25 and should
[FIGURE 3] SUPPLY CHAIN
SEGMENTATION
Supply Chain
Definition
Matrix
Geography, Customer, and/or Market Channel
Food
products
Technology
products
Durable
products
XX X X X
X
X
X
X
X
Lower boundary Upper boundary
Low risk 1.00 8. 50
Medium risk 8. 50 16. 50
High risk 16. 51 25.00
