The modern supply chain is a beast, operating on a ‘just-in-time’ basis at a large scale. This fast and loose style works well when things are going smoothly and predictably, but when disaster strikes – like a pandemic – the vulnerabilities can no longer be ignored.
The best way to navigate your way through the hard times is preparation. If you operate like tomorrow will be harder than today, it will make you look at your supply chain differently. Where are the vulnerabilities? What’s your contingency plan? It’s not a question of if, but when.
Be Cyber Savvy
The reaction to the Colonial Pipeline cyberattack last month might lead you to believe that ransomware attacks are rare. The reality is that they happen all the time. If you don’t have some kind of contingency plan in place for cyberattacks, you’re playing with fire. Here are two measures you should consider:
- Isolate your networks. A lot of organisations have multiple networks, such as an IT network and an operational technology network (which operates physical infrastructure). If one becomes compromised, you don’t want to have to shut down everything (as Colonial Pipeline had to do). It’s very possible to have safeguards in place that guarantee the safety of other networks when one gets hacked.
- Ransomware attacks don’t happen without warning. Typically, hackers are poking around in your system for days or weeks before the attack, learning about your networks and their vulnerabilities. There is security software available that would detect such activity and allow you to stop the hackers before they get their foot in the door. One common example that all organisations should have is two-factor authentication.
Stockpile for a rainy day
Right now, the automobile industry is crippled by a shortage in computer chips. One company, however, is doing better than its competitors. Toyota experienced a similar shortage in 2011 when a tsunami hit the shores of Japan and compromised its suppliers. In response, they put in place requirements that meant their suppliers had to stockpile six months’ worth of computer chip stock to buffer any future disruption.
Obviously, stockpiling inventory comes with its own costs, which is something to be discussed between you and your vendor. The pros and cons would have to be considered carefully. In most cases, though, the cost of pausing entire production lines (as Toyota’s competitors have had to do) would far outweigh the price of warehousing.
Review your contracts
Contracts often provide the best protection when it hits the fan. When it comes to your key suppliers, here are some provisions you might want to consider:
- Priority clauses stating that your requirements take precedence over the supplier’s other customers.
- Clauses that allow for contract breaks if the future viability of the supplier looks shaky. You might even consider a clause that stipulates the current supplier must assist with the transition to a new supplier by sharing relevant documents and information.
- Clauses that allow visibility and even control over sub-contracting, and stipulate that responsibility of sub-contractor performance rests with the supplier.
- Clauses that demand suppliers produce and keep updated a disaster recovery/contingency plan
What’s your contingency plan for bottlenecks?
If you’re dependent on a few key suppliers, have you thought about what happens if they become compromised? Bottlenecks in the supply chain are ticking time bombs. Something will happen – there’s no doubting that. The question is, what can you do about it? Some options:
- Diversification. Obviously, this would involve additional cost, so it comes down to a question of risk versus commercial value.
- Stick to only a few key suppliers, but make sure they are geographically dispersed to mitigate logistical delays and region-specific disasters.
- Pre-book logistical capacities to negate price hikes when demand spikes.
Not sure where your bottlenecks are? In order to get adequate visibility of your supply chain, you need the help of modern AI spend analysis such as that provided by Purchasing Index. Get a breakdown of your spend by supplier, department, source, category and more. This is the only way to uncover vulnerabilities within your supply chain so they can be addressed.
Audit your key suppliers
Audits take time and money. For those organisations with hundreds or thousands of suppliers, auditing all of them simply isn’t feasible. Instead, run a full risk assessment on your key suppliers, examining their business continuity plans, geopolitical vulnerabilities and their processes. A good indication of a supplier’s trustworthiness is how they stack up against the Supply Council Operations Reference model, or SCOR, which is a standardised assessment of how a supply chain is managed.
How Comprara can help with your contingency plan
As you’ve no doubt realised, sound contingency plans are built on good visibility of your supply network. You don’t know what you don’t know, so the first step is adopting cutting edge spend analysis software that can map your supply chain and uncover its vulnerabilities. Don’t wait for disaster to strike – get in touch with Comprara today and start putting in place buffers that can help you ride out the storm.