A View From INSEAD

Supply Chain Risk

Professor Enver Yücesan

Professor Enver Yücesan
Programme Director of the Supply Chain Management programme
December 2012

Twenty-first century supply chains are more global than ever before. And, inevitably, the greater the geographical reach, the greater the risk entailed. This is confirmed by research from INSEAD, which – as a leading international business school with a particularly strong reputation in operations management – has several experts in supply chain risk. They include Professor Enver Yücesan whose views about managing that risk are presented here…

The good news, according to Professor Yücesan, is that the risk can be minimized through supply chain design and supply chain risk management. The even better news is that he has come up with a simple four-step framework for managing supply chain risk.

Step 1: Discovery or vulnerability assessment – what are the threats facing your business?

Identifying sources of risk is one of the principle challenges of supply chain design and management. So the first step, says Professor Yücesan, “which is aimed at generating a long list of potential disturbances to the business, requires extensive brainstorming among the key stakeholders in a supply chain.”

According to Professor Yücesan, the brainstorming might result in a very long list: innovation risks, such as the risk of a new product failing; market risks, including fluctuations in the price of raw materials; credit risks, for instance exposure to multiple counterparties; operational risks, such as accidents; industrial risks, such as strikes or even disruptions caused by terrorism and natural disasters; and regulatory risks, such as having to comply with expensive new rules.

Indeed the list will be so long that you cannot possibly hope to address every item on it. Hence the second step…

Step 2: Risk assessment ­– which threats are more important than others?

“Risk (…) can be defined as the undesirable possible consequences of an uncertain event,” says Professor Yücesan. So it follows that the key dimensions for measuring risk are the potentially disruptive impact of the outcome and the likelihood of it occurring. Exposing a pregnant woman to toxic fumes, for example, has a high probability of damaging her unborn child; so any risk of this happening must be eliminated completely. On the other hand, very minor outcomes or highly unlikely consequences can be considered acceptable. Many risks, however, will be considered worthy of active management or mitigation.

“Given that the organization does not have the resources to address all potential threats simultaneously,” says Professor Yücesan, “step 2 is necessary to assess their impact with the objective of compiling a prioritized list of ‘top threats,’ guided by concrete metrics such as lost productivity or earnings at risk.” This enables you to move on to the third step…

Step 3: Risk management – what should we do to mitigate risks and how much should we reserve for unexpected events?

“Adequate risk mitigation strategies,” says Professor Yücesan, “range from operational approaches, such as fool proofing or designing redundancies into processes, to financial approaches, including hedging or insurance.” Whatever the case, he continues, “an adequate governance structure must be established to monitor and improve the risk management process.”

In the end, however, no matter how good the process you put in place, there will always be a need for a fourth step…

Step 4: Crisis management and business continuity planning – what should we do to prepare for and deal with incidents when they arise?

As Professor Yücesan explains, “In spite of proactive planning and rigorous mitigation, disruptive events are bound to happen.” The 2011 floods in Thailand are a prime example. Step 4 therefore focuses on resilience. “It builds, documents and communicates recovery procedures following a disruptive event to ensure business continuity,” says Professor Yücesan. “Not surprisingly,” he adds, “it requires regular rehearsals to ensure that these procedures have been internalized by all the employees.”

As Professor Yücesan reminds us, global supply chains exist in order to provide “unlimited opportunities to match diverse customer requirements with economically viable solutions.” And the key to making this a reality is good supply chain design and, above all, the four steps of good supply chain risk management.

To achieve effective supply chain risk management, consider enrolling on the Supply Chain Management programme, directed by Professor Yücesan.


INSEAD Personalised Experience




Save & Manage



It is easy, simply log in:

Via Social

  • icons
  • icons
  • icons


Use your email address