Supply Chain Risk Leadership Council


The on-going risk that disaster may negatively impact global supply chains is aptly underscored by weather patterns in Asia

Crisis Management in the Supply Chain

By Neil Shister, Editor

 

The on-going risk that disaster may negatively impact global supply chains is aptly underscored by weather patterns in Asia.  According to researchers at the Laboratory for Atmospheric Research, Pacific typhoons occur year-round and, in a typical ‘season’, 17 will occur (half a dozen have been recorded in Hong Kong since June).  In Vietnam the prediction in 2009 was for six cyclones capable of causing significant damage.  Taiwan authorities warned there could be three to five severe tropical storms affecting their country.

 

Various high profile disasters severely disrupted that region’s commerce in 2009:

·         A 7.6 magnitude earthquake ravaged Indonesia swaying buildings hundreds of miles away in neighboring Malaysia and Singapore.

·         A 6.5 magnitude earthquake in Tokyo in August so damaged a Corning LCD manufacturing plant that operations were suspended with resulting sales losses projected to be $65 million.

·         A Philippines storm that dumped a month’s worth of rain in 12 hours resulted in Manilla flooding that was declared “a state of calamity”. 

 

Developing responses to supply chain disaster had become a rising priority at many companies by 2006 according to a McKinsey survey taken that year.  But the disconcerting admission of some 80% of the 3100 managers surveyed was that they were, at best, only “somewhat capable” of mitigating key supply chain risks; 27% of those went so far as to call themselves only “slightly capable”.  (Three years later progress appears to have been made, with one-third of the 89 executives surveyed by AMR Research reporting that their companies had dedicated budget line items for SCRM).

 

Joe McMorrow, Supply Chain Resiliency Manager, arrived at Cisco Systems around the time of the McKinsey report, charged with helping bring Supply Chain Crisis Management to “a new level” (crisis management processes had long been in place for manufacturing, dating from when factories were located in San Jose).  He knew what was required: “We needed to establish crisis management benchmarking, develop protocols to activate global crisis teams, and a way to effectively communicate with the entire organization.”

 

“We muscled our way through,” he recalls about those early days, and by 2008 the current iteration of what is now called the Value Chain Crisis Management Team had taken form. 

 

The lessons Cisco learned along the way offer a good example for others implementing SCRM programs.

 

 

“Supply chain risk management programs need a ‘sense and respond capability’,” advises McMorrow.  “The questions to ask are ‘Where do you need to have visibility at all times?  How will you know what is happening on the other side of the globe so that a rapid risk assessment can be performed? What does it take to pull a team together to react quickly?’ ”

 

Step one in the process is physically mapping the supply chain.  In Cisco’s case, this meant hundreds of suppliers around the world.  To achieve this, the Cisco team incorporated supply chain mapping into their bi-annual Supplier Business Continuity Planning process.  The Cisco BCP program requires all of their suppliers to identify locations and key contact information for each supplier site around the world.  “Having this information available is extremely powerful”, says McMorrow.  When an event such as an earthquake occurs, the team is able to identify potentially affected suppliers real-time, and can even tailor their intelligence gather to these locations.

 

To provide the real-time granular information required for ‘sense and respond’ situational readiness, Cisco turned to NC4, Inc. (www.nc4.us).  ‘Alert Profiles’ were constructed to capture the kinds of global incidents Cisco wanted to monitor (e.g. meteorological, infrastructure, terrorism) and then, as NC4 Product Manager Chris Needs explains, “we leverage our suite of tools to gather relevant intelligence from our extensive sources – ranging from public media sources to more restricted, sensitive sources.”  

 

With mapping and information gathering processes in place, the system is capable of continuous monitoring and real time risk assessments.  To that end, Cisco identified 50 key supplier locations world-wide and set criteria for when alarms needed to be sounded (for example, when an earthquake occurs within 200 miles of a site).  Criteria can be fine-tuned via mapping and real-time monitoring. 

 

As backup, the Value Chain Crisis team is also linked into the Global Operations Command Centers that Cisco maintains worldwide to monitor conventional security concerns (e.g. fire, break-ins).

 

Alarm activates the Value Chain Crisis Management team.

 

The last time this happened was this past spring, when the H1N1 virus was identified in Mexico.  The team remained activated for 10 days.  “We went through the process of quantifying the impact of Mexico shutting down,” recalls McMorrow.  “We kicked off our team within hours of learning about this epidemic in Mexico City, and within four days our Crisis Team had provided a detailed risk assessment including estimates of the potential impact on orders and revenue, and available contingency plans.”

 

While Cisco sites were ultimately not impacted, McMorrow still calls this “the single largest event.  “Like most international companies, the H1N1 situation in Mexico flexed the entire Crisis Management hierarchy, from Local response to the executive level, and had the potential to become a real impact on business continuity across the globe.”

 

His take-away from this incident?  “Pandemics are real!”