Introduction: the assessment of their probabilities of occurrence


major disruptions like Hurricane Katrina, the piracy attacks
offshore Somalia, global financial crisis, flooding’s in Thailand, European
ash-cloud, Japanese earthquake and tsunami among others revealed a lack of
preparedness of supply chain managers towards uncertain developments in
general. Due to the increasing complexity and interrelation of modern supply
chains, the type and nature of uncertain developments or the impact of any
action have become hard or even impossible to predict. Each process and decision in business is prone to
uncertainty. Since wrong assessments and misjudgments may lead to unforeseen
developments, which may have important consequences when detected (too) late,
uncertainties need to be continuously .monitored and managed. In recent
decades, we have observed this term being applied to areas such as decision
theory finance, actuarial science, health care marketing management, emergency
planning and psychology. Along with the increasing number of relevant
uncertainties, the importance assigned to risk considerations has grown.
Particularly in supply chain management many authors have felt the need to
somehow capture risk.

The evolution of risk:

The probability of flooding, earthquakes, and tsunamis in
the Asian region, for example, make supplier shortfalls more realistic and more
threatening for supply chains as can be seen in a number of cases .However,
less probable events like ash clouds in European air space also demand for
appropriate treatment .Contributions in supply chain risk management mainly
discuss the identification of triggering-events and the assessment of their
probabilities of occurrence – although this risk perception might be limited
for supply chains. Although these organizations had to deal with the same
direct consequences of an unexpected incident, Ericsson suffered deeply from a
supplier shortfall possibly provoking them to leave the mobile market,, while
Nokia could manage to acquire backup suppliers and alternative production
capacities .While the aforementioned understanding of risk is based on the fear
of losing an investment, another view focuses on the probability of events that
result in loss. However, the ultimate reason for the high risk of running a
spicery business did not reside solely from external events (such as storms or
piracy), but also from the fact that the merchant usually owned only one ship –
a single supply channel – and all his capital had been invested in the goods
transported by it. As the performance of supply chains is becoming increasingly
uncertain due to unexpected changes, authors transferred this basic probability
based risk concept to supply chain risk management. Although the supply chains
have become more complex, and are caught in a crossfire of a vast amount of
influences, today’s supply chain managers are essentially confronted with a
similar situation to the merchants in the 16th century: In order to prevent
their businesses from losing value, they need to identify alternatives, before
or while changes to their supply chain and its environment occur. The famous
and much discussed example of supply chain risk encountered by Nokia and
Ericsson reveals, how the degree of preparedness leads to different outcomes.
Although in everyday language the term is frequently used and easily understood
, the underlying concepts are hard to define and even harder to assess .The
reason for the widespread, heterogeneous and inconsistent definitions of risk
can be traced back to its evolution, the continuous change of its nature, its
meaning, and its purpose of use. In the 14th century, when the maritime trade
between Northern Italian city states started to increase, traders adopted this
perception and regarded risk as the danger of losing their ships. The business
of a merchant who owned more ships or who additionally dealt in salt trade or
had a commercial partnership – diversified business risk – was less vulnerable.
Within this context, risk expresses the fear that economic activities lead to
the loss or devaluation of an important asset or a decrease in the performance
of the business. An etymological analysis of the European notion of risk leads
to the Greek navigation term rhizikon, describing the need to avoid
“difficulties at the sea. At the beginning of the 17th century, risk became
prominent in mathematics, when Blaise Pascal (1623–1662) and Pierre de Fermat
(1601–1665) started to measure uncertainty in gambling. In fact, the connection
between probability theory and risk has been observed since the 1950s and has
been applied to many research domains. The more general concept of risk
associated with the fear of losing (business) value has not evolved. Their work
led to the development of Probability Theory, which still dominates the modern
concept of risk.

Existing approaches of supply chain risk definitions:

Although the topic is being considered as increasingly
important, there are only a few authors explicitly defining supply chain risk.
Those that do, found their definition on the assumption that supply chain risk
is a purely event-oriented concept. This risk perception is in accordance with
the risk understanding developed over the last four centuries that strongly
relates risk to the as the “variation in the distribution of possible supply chain
outcomes, their likelihood, and their subjective values” .Zsidisin provides a
review of the literature and industrial practices derived from case studies in
order to derive a definition of supply risk . The author proposes a definition
of supply risk that relates the occurrence of an incident with the inability of
the affected companies to cope with the consequences. His definition is adopted
by others as well. Much conceptual work has been provided by Jüttner, Peck and
Christopher. In a common paper the authors define supply chain risk as “the
possibility and effect of mismatch between supply and demand” . Likewise, Peck
defines supply chain risk as “anything that disrupts or impedes the information, material or
product flows from original suppliers to the delivery of the final product to
the ultimate end user”

Risk measures:

In order to assess and compare different solutions that aim
to limit the extent of risk, decision-makers need to (somehow) quantify risk.
Standard deviation, mean-variance approaches, value-at-risk,
conditional-value-at-risk or premiums are risk measures that aim at describing
the interaction of uncertainty and the extent of its related harm or benefit.
Owing to the lack of quantitative measures that capture the more complex realities
of supply chains, these measures – developed in finance and insurance contexts
– are applied for supply chain risk, too. Starting from these concepts, supply
chain risk is also measured by the likelihood and the severity of adverse
effects or the extent of loss In the following, several commonly used supply
chain risk measures are introduced and briefly discussed. Variance or standard
deviation are widely used as a measure of supply chain risk.

Risk assessment:

Risk quantification approaches include expert opinion and historical data
(Bigun, 1995), game theory (Major, 2002), qualitative assessment by risk rating
(Portillo, 2009), risk prioritization using Risk Priority Number (RPN) and risk
mapping (Ravindran & Warsing, 2013; Yosha, 2012), occurrence and impact
classification (Knemeyer et al., 2009; Stecke & Kumar, 2009), simulation
(Vilko & Hallikas, 2012; Wilson, 2007), stochastic model (Goh et al.,
2007), Disruption Analysis Network or DA_NET (Wu et al., 2007), Failure Mode
and Effect Analysis (FMEA), where the failure is evaluated based on severity,
occurrence, and detection (Tuncel & Alpan, 2010), and analytical models
(Bilsel, 2009; Yang, 2007).

In the supply chain risk management literature, we observe that risk
assessment has been done in two domains: risk analysis and vulnerability
observe that research on supply chain risk assessment that combines both risk
analysis and vulnerability analysis was very limited. Peck (2005) has provided a method for analyzing supply chain
vulnerability based on: workflow and information flow, asset and infrastructure
dependencies, organization and inter-organization networks, and environmental
factors, including the social, political, economic, and natural environments. Risk Assessment Risk assessment is evaluating the impact of
disruptions to the supply chain operations (Ravindran & Warsing, 2013). Risk analysis – Risk analysis has been found in most supply
chain risk management studies. Vulnerability analysis – Vulnerability analysis is a
proactive approach to identify conditions that make supply chains susceptible
to risks in order to prepare countermeasures (Asbjørnslett, 2009).

(2007) have pointed out that the severity of supply chain disruption
depends on two main factors: design characteristics (supply chain density,
supply chain complexity, and node criticality) and mitigation capabilities
(recovery and warning). Stecke and Kumar (2009) have identified four factors that
cause vulnerability: an increase in the number of exposure points (e.g.,
transportation routes, transportation modes, geographical factors,
socio-economic factors, additional security check points), increased distance
or time, decreased flexibility due to sole sourcing, and decreased redundancy
through just-in-time or lean policies. It focuses on quantifying risks in terms of occurrence and
potential impact to a supply chain (Asbjørnslett, 2009). Wagner and Neshat (2012) have conducted an empirical study
of supply chain vulnerability indices for different categories of firms.


Risk mitigation:

General risk
mitigation strategies that are suggested in the literature include: taking the
risk (e.g., carrying excess inventory),sharing the risk with partners,
transferring the risk (e.g., making suppliers to assume all the risk), reducing
the risk (e.g., minimizing its impact), eliminating the risk (e.g., redesigning
the manufacturing process), and monitoring the risk (e.g., obtaining real-time
data about suppliers’ performance) (Chopra , 2004; Handfield &
McCormack, 2008; Knemeyer et al., 2009; Ravindran & Warsing,2013; Sheffi
& Rice, 2005; Tomlin, 2006).

It is important for
companies to evaluate the tradeoff between risk reduction and reward when
implementing risk mitigation strategies to ensure that the cost of mitigation
does not outweigh the cost of risk (Chopra & Sodhi, 2004).A review of
supply chain risk management literature has revealed two areas for improvement:
most of the supply chain risk management studies do not assess transportation
disruptions explicitly. Hence, risk assessment for different supply chain
components should be performed separately. Risk assessment in supply chains
typically focuses on quantifying the probability of occurrence and the
potential economic impact of risks. These two factors are insufficient for understanding
the sources of supply chain disruption, especially in a global supply chain,
where each supply chain network component has its own risk and vulnerability.
The risks and vulnerability associated with a facility depends on its
geographical location and the conditions in that country, while the risk and
vulnerability associated with transportation links depend on the mode of
transportation, route, logistics infrastructure, and number of transshipments.
Risk mitigation is taking appropriate actions to reduce risks once they are
identified and evaluated. In a global supply chain, factors that influence
facility and transportation disruptions are different.