I interviewed John Schaefer who discussed How Risk Management and Supply Chain Management Intersect.
It’s great to speak with you today, John. I’m looking forward to hearing your views on how risk management and supply chain management intersect. Can you start by providing a brief background of yourself?
Sure, thanks. I’ve got a master’s degree in risk management and have been involved with risk management from many angles, including the traditional insurance-risk management and also internal audit and various consulting positions, working at brokers, consultants, and inside companies. I currently work at SanDisk, and I’m responsible for enterprise risk management, business continuity, and our corporate insurance program.
Can you talk about how risk management and supply chain management intersect?
Sure. Risk management is one of the terms that has changed a lot in the past couple of decades. Today when we talk about risk management, there are many people that talk about enterprise risk management and others who are still talking about traditional insurance-based risk management. The bridge between those to some extent is business continuity, and, fortunately, here at SanDisk I have responsibility for all three of those.
With enterprise risk management, the goal is to figure out all of the major things that can go wrong for the company and make sure that you have appropriate controls in place. When a manufacturing company does that, it’s not uncommon for some of those important risks to be specifically related to the continuous production of our product. If you can’t produce product for any number of reasons, you typically would look at your business-continuity plans as one way of bridging a gap or filling holes if there are issues in the supply chain. We’ve looked at potential disruption to our supply chain as one of the enterprise risks, and we’ve tried to create a number of activities to reduce that risk and then, at the end of the day, to finance whatever that residual risk is, which is where the insurance part of the program comes in.
Do you have any recommendations for implementing this?
I think the key really is communication. I’m fortunate that we have a group within our procurement team that’s very interested in this topic, so we have the ability to talk frequently about how our contingent business-interruption risk—which is the insurance side of things—affects the supply chain continuity, which is what procurement is concerned about.
The first step is really just making sure you have a common picture of the supply chain, that you understand here the value is added in that supply chain, and that you look for the key vulnerabilities to the supply chain. That could be your owned locations, it could be contract manufacturers, it could be your logistics firms, or even, in some cases, your data providers.
Once you understand where the value is added and what the risks are to them, then you need to jointly determine the benefits of mitigating those through multiple suppliers through increases in inventory, buffer stocks, and then again at the end of the day to figure out how much of that risk is going to be financed through some kind of cargo-insurance or property-insurance program.
Where have you seen some success?
I think we’ve seen it in all three areas of my responsibilities. From an insurance standpoint, the fact that I understand our supply and can describe our approaches to reducing risk has been helpful in allowing us to achieve better terms and conditions for our property-insurance program.
From a business-continuity standpoint, we have regular procedures set up that help not only reduce the risks that we face, but to explain that reduced risk to our customers, which provides us with some competitive advantage.
And from a supply chain-risk standpoint, they’re able to allocate their resources more effectively because they know where they need to invest in alternate suppliers and in inventory.
Thanks, John, for sharing today. Did we cover all the points you wanted to discuss today?
I think so.
Great, thank you.
All right, thank you.
About John Schaefer
Director of Risk Management and Business Continuity at SanDisk