Are You comfortable in discussing RISK within your Company?

, ,

Risk – Are you Comfortable in discussing RISK within Your Company? 

By Jim de Vries, Founder, EIG Consulting

Jim de Vries is a certified professional in supply chain risk management, supply chain transformation management, and Founder of EIG Consulting, a professional services organization comprised of innovative leaders who create practical and transformational solutions to enable businesses work smarter and faster.



“RISK” is a four-letter word in the phrase “Supply Chain Risk Management (SCRM)”.  Conversations on “RISK” are often avoided in the workplace.  If so, there will be some barriers to overcome if SCRM is going to be embedded into your company’s culture.  Making a CHANGE on how “RISK situations” are managed may have its’ challenges.  “Culture eats Strategy for breakfast!” (a Phrase that Bill Moore and Jerry Rose coined, but is often attributed to Peter Drucker).


Since managing RISK is fundamental to implementing SCRM, what is the best approach to introduce Risk Management to your company?

Developing a strategy on how to best introduce “Risk Management” concepts (Figure 1: Level 1) into your company is the first step to initiate your SCRM journey.  This strategy may require a very structured branding strategy within your company to define and initiate momentum for the SCRM program.

                                Figure 1: Supply Chain Risk Management Development Journey

Once the executive team and SCRM champions have internalized the vocabulary (LEVEL 1: EDUCATION), the first major collaborative activity is to develop a way to integrate SCRM principles with the “hearts and minds” of the company.  Assessing the company’s RISK appetite (where we are today and where we want to go relative to other priorities) is a first major step to initiating Level 2: AWARENESS.

It is not uncommon for management to avoid discussing RISKs, since it can imply poor performance or decision-making.  Common reactions to business challenges include: “it will never happen again”, “we could never foresee it ever happening again”, “we are dealing with unknowns, we should only focus on the knowns (controllable actions)”.



                                                                                                                                                    Figure 2


Figure 2: SCRM Culture Transformation Level 2 (Awareness) Recognize Vulnerabilities

This protective mindset creates vulnerabilities.  Therefore, to move forward, we need to understand how to build a protective shield to proactively address these vulnerabilities without adding decision-making complexity.  Decision-Making complexity often creates stymied management siloed decisions, resulting in decreased supply chain throughput and increased cost.  Therefore, a judicious and practical cross-functional RISK Protection Shield should be developed.

A well-coordinated communications program (branding strategy) will proactively address cross-functional “siloed” stakeholders paradigms and barriers: “the grass is greener on the other side”; “they have it better”; “if they would just do …”.  Openness and candor is paramount in gaining TRUST across the organization.

RISK-based crucial conversations are the first step to identify RISK phrases that are considered too controversial to discuss.  Once identified, cross-functional teams will uncover the constraints that prevent the overall success of the company versus their individual siloed goals.  These constructive crucial conversations will stimulate opportunities to address what was previously believed to be unknown knowns (uncontrollable one-of-kind) costly RISKs.


BLOG Question 1Please share best practices on how to create an environment in which RISKs are proactively discussed and managed.

There are number of words that fall into this culture SENSITIVE category such as: “what is in RED today”, “what are the RISKS in our plan going forward?”, “how do we address our VULNERABILITIES?”.

Therefore a change in company mindset needs to take place to address compelling questions such as “what are our risks in our supply chain?”  “What is the best approach to initiate building an environment where we can start understanding and proactively addressing supply chain risks?”

                                                                                                                                                         Figure 3


Figure 3: Culture Adoption of a New Concept

It is generally accepted that we do not enjoy going through CHANGE (Figure 3).  CULTURE eats any attempt to CHANGE anything.  Your company’s culture needs to find a reason to want to indoctrinate the principles of SCRM into the hearts and minds of your employees (e.g., “Is it worth the climb?”).   Culture adoption often requires taking a step back and looking at the “big picture” and asking why do we care relative to our other priorities and will we get rewarded by introducing this new concept called SCRM.

  • First we need to be honest and realistic of current cultural environment’s ability to take on a new idea (program in our company). What is our company’s heartbeat (essence)?  Are we currently ready to insert “RISK” into our company’s vocabulary?  If not, what are the steps for your culture to begin the SCRM journey from theory to practice?  (EDUCATION)
  • Once we prepare ourselves for the change journey that we will be taking by introducing a new vocabulary into our environment, we need to accept that there are potential Risks that we currently believe are uncontrollable. We need to move our mindset from reacting to eliminating or mitigating in the future. (AWARENESS)

BLOG Question 2:  is your team comfortable to openly discussing “RISKS” within your Supply Chain? If we are to take Supply Chain Risk Management (SCRM) seriously, should we work to establish a “RISK” branding strategy?

In our next BLOG we will discuss continuing the Supply Chain Risk Management transformation journey on how to overcome the “bumps in the road”.



Supply Chain Risk Management Culture Transformation with RISK Management Approaches

The SCRM Consortium deployment approach is a five-stage roadmap to develop SCRM capability (Education, Awareness, Assessment, Mitigation and Management).  While, the first stages are academic, the transition to practical stages is purposeful.  Transitioning from academic to practical, SCRM concepts move from general vocabulary, assessment, case studies to alignment (mitigation and management) within “day-to-day” business decision-making and cadence.  

How Do I Start an SCRM Journey?




Gregory L. Schlegel CPIM, CSP, Jonah
Founder, The Supply Chain Risk Management Consortium (
Executive in Residence, SCRM, Lehigh University
Adjunct Professor, Enterprise Risk Management, Villanova University
Advisory Board Member, RAAD360 (maker of RAAD™, an end-to-end SCRM software platform)

This is a question we, at the SCRM Consortium, get all the time. After teaching SCRM for 6 years at Lehigh University, running 20 workshops per year, around the globe, supporting several different SCRM certificates and certifications and publishing a book on the subject, we’ve put a Roadmap together. But first, a quick-hit definition of SCRM.

From the book, Supply Chain Risk Management:  An Emerging Discipline (which I co-authored with Bob Trent), we look at SCRM like this:

“It is the implementation of strategies to manage every day and exceptional risks along the entire supply chain through continuous risk assessment with the objective of reducing vulnerability and ensuring continuity.” 

If it’s not obvious to you, this is a journey, not a point solution. Many of the SCRM exemplar companies, such as IBM, CISCO, Nokia, Ericsson, Coca Cola and many more have been exercising SCRM for over 15 years! With that said, we’ve developed an SCRM Roadmap. It’s more tactical in nature, because on this journey you are building a house, one brick at a time. (Figure below)


Our first lament is—through two years of research for the book and six years of educating and consulting, we’re still convinced that 70% of all manufacturers, around the globe, do nothing! With that said, companies who buy into the concept, basically start at Ground ZERO. Our ground zero point is—-Education. We’ll give you a sense of each building block section of the Roadmap.

  • EDUCATION (the red section of the Figure above)

    • Normally involves purchasing books, or subscribing to blogs
    • Then, perhaps attending single- or multi-day workshops on Supply Chain Risk, for example:
      • The Supply Chain Risk Management Consortium facilitates workshops for APICS’ Certificate in SCRM
      • The Logistics Institute of Canada offers a four-day workshop for Certification in SC-R, Supply Chain Resiliency
      • Lehigh University offers their own 3-day SCR&R course (Supply Chain Risk & Resiliency) culminating in a University Certificate in Supply Chain Risk & Resiliency
    • Acquiring baseline data, terms, definitions, tools, techniques and methodologies available today
  • AWARENESS (the orange section of the Figure above)
    • Involves executive sessions for companies
    • Risk Appetite and Tolerance exercises
    • Cloud-based Supply Chain Maturity/Risk Assessment Tool, to assess the company’s supply chain maturity and inherent risks (at very high level)
    • This begins the enterprise-wide dialogue about supply chain risk
  • ASSESSMENT (the yellow section of the Figure above)
    • Initiate a project to begin Identifying and Assessing all of the risks within the supply chain
    • Define and classify all the risks to the supply chain
    • Assess the risks with qualitative and quantitative methodologies, which can include supply chain mapping utilizing data-driven, end-to-end supply chain visualization platforms (such as RAAD)
    • And then prioritizing the risks and building Risk Response Plans
  • MITIGATION (the blue section of the Figure above)
    • Next – the hardest step of all – mitigating the risk! This is hard because it involves Change Management…. changing processes, procedures, policies and metrics
    • The SCRM Consortium employs many change management techniques to ensure successful change as it relates to mitigating supply chain risks
  • MANAGEMENT (the green section of the Figure above)
    • This is also a difficult section because we advocate embedding risk tools, techniques and frameworks into business decision making
    • This involves codifying risk workflows and supporting those new flows with solutions to ensure a predictable, repeatable and quality process in terms of risk management

As mentioned earlier, SCRM is a journey, not a point solution. Think of it this way:  as large and expansive as your global supply chain may be, that’s the scope and scale required for your SCRM landscape, as well.  All the best in your journey!