How well managed is your supply chain? - BSI Group Management and... · • More difficult to...

Copyright © 2014 BSI. All rights reserved.

How well managed is your supply chain?

Courtney Foster – Senior Analyst, Supply Chain Solutions

2 Copyright © 2014 BSI. All rights reserved.

BSI’s Supply Chain Solutions BSI brings together a practical and economical toolkit supported by a global network of qualified auditors around the world who can be your eyes and ears and give you visibility into your supply chain. BSI’s offering is based on 3 offerings:

+ + BSI’s supply chain intelligence and risk analysis web portal

Assess, map, and manage your suppliers

BSI’s onsite supplier verification and audit service

BSI Supply Chain Solutions - Advisory Services Supply Chain Requirements and Strategy Review, Risk Mitigation Strategies, Program Implementation,

Quantitative Risk Modelling, Corporate Standards Development, Special Reports


Risk Assessment Process - Complexity is Increasing

Constant Changes • Facility locations • Supplier churns rates • Legal & other requirements

Fragmentation • Price pressure • Just in time shipping • Globalization • Capital flow

Lack of Strategic Connectivity • Internal departments • Multiple initiatives • Resources to manage

Complex Networks • Intermediaries • Subcontractors • Domestic importers • Wholesalers

2014


Factory 1 Factory 3

Subcontractor

Factory 1

Factory 2

Factory 3

Factory 1

Factory 2

Factory 4

Factory 3

Raw materials

Raw materials

Subcontractor Subcontractor

2014

Multiple Actors Leads to Difficulties with Visibility

Agent


Why Does Supply Chain Risk Matter?

• Consumers increasingly link the actions of suppliers with corporations

• Incidents at business partner/supplier sites can reflect negatively on your brand

• Several major areas of risk • Inability to deliver to your customers on time – business continuity • Damage to your company’s reputation – sustainability • Regulatory penalties – government requirements • Direct financial damage – cargo theft

20/11/2014

Your REPUTATION is your

http://www.google.com/url?sa=i&rct=j&q=Brand+reputation&source=images&cd=&cad=rja&docid=RYLIHlWhlwtONM&tbnid=oDqvdePVrnND6M:&ved=0CAUQjRw&url=http://www.wizseoservicesaustralia.com/reputation-management-australia/&ei=7pi0Uf7wDMnlyAGx3IGIDg&psig=AFQjCNFn8MgBMZiYYCKwM2a72Qi7A2lx7g&ust=1370876494091409


Inability to Deliver to Your Customers on Time

20/11/2014

25% of companies reported losses greater than $1 million due to

supply chain disruption in 2013

76% reported at least one supply chain disruption

28% said they have no business continuity

arrangements for their suppliers


The PA-12 Shortage and the Auto Industry • Demonstrates that insufficient supplier vetting can

undermine business continuity strategies

• A 2012 explosion at a factory in Germany led to a shortage of a key component in a resin used to make a specific plastic, which is then used in auto parts

• Suppliers for the major car companies all sourced from the factory and had no contingency plans for replacing the supplier

• The shortage threatened to severely hamper auto production in the United States and imposed indirect costs as companies thoroughly tested alternative chemicals

• SCM tool helps proactively verify suppliers for potential BCM issues which could have solved these problems

11/20/2014


Damage to Your Company’s Reputation

20/11/2014

Executives say a strong corporate brand is just as important as strong product brand

company’s market value is attributable to its brand reputation


Direct Financial Damage Due to Cargo Theft

20/11/2014

BSI-recorded cargo thefts in Italy


CEO Stress Test?

1. How many suppliers do you have?

2. How many are direct vs. indirect?

3. Do you actively verify the living profiles of your suppliers?

4. Have you conducted risk assessments of all your suppliers?

5. How many have you physically visited?

a. What are the issues and where?

b. What improvements have you made?

6. Does your supply chain adhere to your corporate values?

7. Can you tell your supply chain story?

http://www.google.com/url?sa=i&rct=j&q=reputation&source=images&cd=&cad=rja&docid=jp76IwabdVoGfM&tbnid=WCy5GQQGaf-NzM:&ved=0CAUQjRw&url=http://www.forbes.com/sites/meghanbiro/2013/01/20/in-digital-we-trust-4-questions-to-keep-your-reputation-in-check/&ei=pZm0Ue-aCaPRyAGM4oDIDw&psig=AFQjCNEJtREuZPEZoU_0BCyskXFfuiQ5lQ&ust=1370876653446761


• Manual Supplier Self-Assessments

• No Geographic Risk Intelligence


• Supply Chain Geographic Risk Intelligence

• Automated Software for Supplier Self-Assessments

• Supply Chain Geographic Intelligence

• Risk Methodology for On-site Audits

• Corrective And Preventative Action Plans

SUP

PLI

ER P

ERFO

RM

AN

CE

Entry Level Layer

Layer 1

Layer 2

Layer 3

INCREASED SUPPLY CHAIN VISIBILITY AND COMPLIANCE

2014

Progression Towards Maximum Compliance


Entry Level Layer


• No Geographic Risk Intelligence

2014

Entry Level Layer


Objectives and Criteria Goals of Questionnaire Supply Chain Security Program Social Responsibility Business Continuity Code of Conduct

Questionnaire Functionality Needs • Attachments needed? • Additional supporting text needed? • Weight of questions o Requirements vs. Recommendations

• Question scored in risk calculation?

Questionnaire Development


• Large attachments needed to be sent and received

• Digging through archives for supplier responses

• Inability to have multiple internal representatives send assessments

• Mass communication limitations

• Read receipts difficult to obtain for emails

• Tracking change requests for new supplier

email points of contact

• Follow-up emails required- reminders not

customized based on status

• Multiple points of contact for supplier

2014

Sending Assessments from Personal Email


Obstacle: • You have suppliers you wish to assess in foreign countries who

may or may not speak your native language

Without an Automated Software Tool: • You send out an email with the assessment in English and they

may not understand the request • The supplier may not speak English very well, so they may

misunderstand the questions • They choose to translate the questions through Google, causing

information to be lost in translation • They choose to translate their answers through Google back to

English, which gives you a jumbled mess of words that may or may not be correctly translated

• They choose to answer the assessment all in their native language, leaving you to decipher their answers yourself

• They do not complete the assessment because they do not understand

2014

Language Barrier Between You and Your Suppliers


• Inability to understand where different suppliers are in completion process • More difficult to filter suppliers based on region, division, product type, SAP number • Tagging suppliers to specific buyers/agents more difficult • Hard to track number of reminders, date sent, and the wording of the different emails

Excel Spreadsheet Tracking Completed Assessments


Checklist Results: 70% Compliant

Checklist Results: 70% Compliant

• Assume suppliers are EQUAL risk based on their compliance scores from a simple checklist

• Single-focused self-assessments sent out manually from own email

• No geographic risk incorporated • No automation • Unsystematic, single-focused audits

2014

Traditional Risk Assessment Approach

18 Copyright © 2014 BSI. All rights reserved. 2014

Unsystematic, Single-Focused On-Site Audits


Layer 1


• Supply Chain Geographic Risk Intelligence

2014

Layer 1


• This generic threat information gives an inaccurate assessment for issues related to cargo security

• Much of it is not applicable to supply chain threats • This information does not assess threats in context to other threats in other areas • The information is dated and does not provide active monitoring for a changing world • You cannot look at traditional Travel Security or Political Stability risk and

apply it to supply chain threats

2014

Analyzing the Geographic Threats to Supply Chains– The Minimum Approach

Publically-Available Government

Sources


Travel Security

Political Stability

Cargo Theft

Labor Unrest

FRANCE

2014

Supply Chain Geographic Risk Intelligence


• BSI combines a variety of risk factors, quantifies them, and produces threat ratings for 203 countries

• Countries are rated on a five-panel scale • Low • Guarded • Elevated • High • Severe

11/20/2014

SCREEN-Supply Chain Risk Exposure Evaluation Network

• Intelligence is gathered from a wide range of sources: • Proprietary incident database • Information from auditors around the world • In-depth analysis and synthesis of local news sources • Information from governments, NGOs, and industry

• A dedicated team of analysts is constantly updating and refining our intelligence, making sure our risk ratings reflect the situation on the ground


2014

Supply Chain Geographic Risk Intelligence


Uses of Intelligence – Proper Policies and Procedures

• Local factors should influence mitigation policies and procedures

• China has a High threat rating for both stringency and enforcement of regulations

• Simply following local laws and regulations may not protect companies from scrutiny

• Exposes them to new risks: • Bribery and corruption • Looks like a lack of due diligence • Local practices don’t comport with international standards

• Risk information can inform policy towards their suppliers and help create a more tailored approach

11/20/2014


Uses of Intelligence – Disclosure of Risks

• Supply chain risk information enhances understanding of the importance of risk for your company

• Spotlight News emails and special reports ensure your knowledge is current

• Can be a benefit for working with other companies and disclosure to regulators

• Evidence of a robust process backed by quantitative and qualitative data demonstrates to customers that you take risk assessment seriously

11/20/2014


Environmental

Cargo Theft

Illicit Smuggling

Trade Interruption

Counterfeits

Supplier Name Country Compliance Score- Overall

Compliance Score- Required

Questions

Compliance Score- Recommended

Questions

Geographic Risk –

Cargo Tampering

Risk Factor – Annual Import

Volume

Overall Risk Score

Munich Machines Germany 75% 85% 45% Guarded Tier 1 3

Jakarta Parts Indonesia 70% 600% 75% Low Tier 2 2

British Electronics England 90% 100% 85% High Tier 2 2

Incorporation of Supply Chain Geographic Risk Intelligence into Assessments


Many due diligence programs require “evidence of implementation” to show exactly how you approach the supplier risk assessment process. • Problems manually compiling all of

the information gathered on a single supplier

• Formatting of manual reports can be time-consuming

• Number of reports that need to be generated can be overwhelming

• May have to compile many reports on a daily basis if assessments are completed regularly

2014

Manual Generation of Supplier Risk Reports


Layer 2

• Automated Software for Supplier Self-Assessments

• Supply Chain Geographic Intelligence

2014

Layer 2


SCM provides a secure platform enabling you to house your supplier profiles, Manage Supplier Self Assessment & Onsite Supplier Qualification and Verification programs from onboarding, scheduling, reporting, CAPA, benchmarking and status reporting

SCM features include:

•Email communication functions with suppliers

•Checklist builder for customised checklist

•Customised suppliers risk profile calculator

•Automated Risk Assessment & Analysis

•On-demand Dashboards & Reporting

Supplier Compliance Manager (SCM) – Audit platform Identify & Manager Supplier Traceability and Risk

30 Copyright © 2014 BSI. All rights reserved. 20/11/2014

SCM Algorithm- Holistic Approach to Risk Assessments Three main components included in the BSI Proprietary Business Partner Risk Algorithm:

Business Impact Variables

(BSI Patented)

In-transit risk profile captured from Business Partners, which

incorporates information unique to business.

Risk Data Point Examples-

Trade Lanes, Export Volume, Export Revenue, Seals, Modality, Arranging of

Transportation

Geographic Risk Information

(BSI Proprietary)

Country-level intelligence generated from SCREEN

intelligence portal based on countries where business

partners are located.

Risk Indicator Examples- *Business Continuity, *Social Responsibility, *Environmental,

*Security

Compliance with SCM Assessment

(Commonly Used)

Business Partner responses are scored according to the

designated question weighting


Transportation Modality

Chain of Custody

Gaps

Compliance

Assessment Compliance

Annual Volume

= Automated and Holistic

Risk Calculation for Global Suppliers

Risk Output

Risk Intelligence

Industry-Specific risks

2014

Automation of Supplier Risk Assessment Process


Automation of Supplier Risk Report Generation

2014


Email functionality in a software tool allows for: • Tracking and viewing full historical record of email communication • Send tailored assessment invitations and reminders according to where

supplier is in completion process • Send emails to multiple points of contacts and users

2014

Automation of Email Communication


Layer 3

• Risk Methodology for On-site Audits

• Corrective And Preventative Action Plans

2014

Layer 3


Pre-Qualification of Supplier Relationships

Vietnam Specialty Components Beijing Metal Parts

“Beijing Metal Parts” Business Risk = Country Location - China Annual Volume - 75 Shipments Annual Revenue - $450,000 Number of Years in Business: >10 years Number of Employees- 500-1,000

“Vietnam Specialty Components” Business Risk = Country Location – Vietnam Annual Volume - 200 Shipments Annual Revenue - $1.2 million Number of Years in Business: 5-10 years Number of Employees- 151-200

64% Compliant with Questionnaire 82% Compliant with Questionnaire

When entering into the tender process for selecting a new vendor, a risk-based methodology is essential


Obstacles • Tracking and effectively reviewing Business Partner assessments • Ensuring Business Partner receive to CAPA emails- read receipts necessary • Business Partners who feel that corrective action follow-up is unnecessary • Sending out CAPAs on a one-to-one basis can be overwhelming

Macro-level views of vulnerabilities will allow you to send CAPAs to groups of suppliers

• Going through the CAPA process multiple times, exhausting Business Partner Automated CAPA Process Manual CAPA Process

Benefit: You can choose which questions are most important, and if they are answered incorrectly, your pre-determined response will automatically be sent to the Business Partner with no action on your part

Obstacle: It takes time to review each and every Business Partner’s assessment responses in order to determine whether or not they need a corrective action plan

Benefit: If you don’t have time to review every assessment immediately, the automated CAPA will send out your likely response in a timely manner so that your Business Partner can work on creating a suitable plan of action quickly

Obstacle: You may not have time to review each Business Partner’s assessment thoroughly in a timely manner. If you do not review your Business Partner’s assessment until months after they submit it, the CAPAs that you send may not be relevant

Corrective And Preventative Actions (CAPAs)


Historical Tracking and Change Over Time Views

11/20/2014

Current Response

Previous Response

CAPA

Su

bmitt

ed

Year over Year Tracking

Tracking Versions with CAPA submissions


Supplier Verification Service (VerifEye®) • On-site verifications based on Client specific or BSI specific standards or checklist

• Global network in all key manufacturing countries

• Auditors professionally trained , specialized and qualified

• Centralized program management, Reporting and Customer Care • Hong Kong for Asia Pacific

• US for Americas

• UK for Europe, Middle East, Africa

On Site Supplier Qualification or Verification


A Risk-Based Process Will Decrease Audit Costs

Financial spend

Copyright © 2012 BSI. All rights reserved. V1 040513

Contact Us For More Information

Courtney Foster

Senior Analyst [email protected]

+971 4 336 4917

mailto:[email protected]

Date post:	16-May-2018
Category:	Documents
Upload:	duongcong
View:	218 times
Download:	1 times

How well managed is your supply chain? - BSI Group Management and... · • More difficult to...

Documents