High-value transactions need scrutiny commensurate with the risk that the organisation may be exposed to if something goes wrong. In other instances the transaction value may be intrinsic, but the effect may be devastating and it is for these reasons that one has a backup plan.
“It boils down to being inquisitive. Considering that risk is prevalent in supply chains, ‘What if’ can help prevent a fatal judgement error,” says Jim Makuwa, a tutor for Commerce Edge Academy, in this month’s SmartProcurement.
The ‘4Ts’: four strategies for managing risk
1. Treat (or control) the risk
Complacency can creep in and negative issues may incrementally expose you to threats. It is possible to reduce such risks to an acceptable level by building control mechanisms into relationships or operational activities.
However, it is important that the strategies adopted are proportionate to the risk and are cost effective. Furthermore, if control measures are introduced it is imperative that the operation is not impeded by an over-controlling attempt to eliminate the risk.
A service level agreement is a good mechanism to ensure that the supplier’s performance is kept in-check and to identify when there is a need to take corrective measures.
2. Transfer (or share) the risk
Some risks can be transferred to another body or organisation through insurance, contractual arrangements, outsourcing or partnerships.
Realistically, transferring a risk is extremely difficult to achieve effectively and is often confused with action ownership (where the risk is owned by entity A – who feels the pain if the risk comes about – but action to mitigate or control the risk lies with entity B).
If the risk is transferred then care needs to be taken that the risk has actually been transferred. Recorded how and to whom the risk has been transferred (e.g. insurance).
Importantly, some risks (such as risk to reputation) cannot be transferred.
3. Tolerate (or accept) the risk
It is never possible to remove all risks entirely and all risks eventually have to be accepted as they form part of, or are inherent in, the activity under scrutiny.
There are some risks which we have no control over and some for which any management actions would be prohibitive in terms of resources. It is critical that these risks are identified, clearly understood and acknowledged, and a contingency plan established for dealing with the affects that will arise if the risk is realised.
4. Terminate (or avoid) the risk
Although unusual, it may be that a particular risk cannot be adequately controlled or transferred and the level of risk is such that it cannot be accepted. In this case the only course of action is to eliminate the risk by ending all or part of a particular activity.
However, management should tread carefully in such instances: while an identified risk may be too much to absorb, an organisation should not stifle innovation. Most innovative ventures are risky in nature because of the surrounding atmosphere of ‘unknowns’ and must be approached with caution.
Conduct further analyses to determine if they are lucrative.
Succession is key to risk management
Skill in risk management is not developed overnight: it is gradually learned through exposure to different circumstances and issues. Senior management should expose junior personnel to activities that reduce the exposure or threat to an organisation. It is necessary for the sake of continuity. Co-opt junior supply chain professionals in risk management committees so that they find their footing from experienced senior members.
However, while it does take experience to identify and act prior to the occurrence of a risk event, this does not imply that only senior managers can escalate areas of concern. It would be mindful, not to mention career expanding, for a junior professional to identify a risk that was overlooked by others.