Workshop: Developing a Risk Management Plan

Report
Workshop: Developing a Risk
Management Plan
This workshop was developed by the USAID | DELIVER PROJECT as part of its Risk Management
Toolkit, which can be found at http://deliver.jsi.com/dhome/whatwedo/supplychainsys.
1
ACTIVITY 1: WORKSHOP
INTRODUCTION
2
Session Objectives
By the end of the session, attendees will have—
• learned the basic concepts of supply chain risk
management
• evaluated and prioritized supply chain risks by
frequency of occurrence and degree of impact
on operations
• developed potential strategies for each risk.
3
Overview
• What is supply chain risk management?
• Why is supply chain risk management
important?
• Activity: Evaluate and prioritize risks
• Supply chain risk management approaches
• Activity: Draft risk management approaches
• Debrief: form longer-term risk mgmt. plan.
4
Basic Components of Supply Chain
Risk Management
• Identify risk events:
– Definition: Possible actions or outcomes with a direct
negative impact on supply chain objectives
– Range: Can completely disrupt the supply chain, or only
cause delays in scheduled plans
• not just theft or corruption.
• Evaluate and prioritize risks
• Create a supply chain plan to work through each risk,
or group of risks.
5
Risk Management Schematic:
Activities and Organizational Structure
Risk Context
Participation
Risk
Evaluation
Learning
Risk
Treatment
Risk and
Performance
Monitoring
• Map supply chain, • Assess and agree • Use levers within • Base on
supply chain
on features of risk
and outside
understanding of
classification,
events: likelihood,
supply chain
drivers of risk and
product
impact, ability to
risk treatment
• Avoid system
classification.
control, etc.
plans
activities; reduce,
hedge, and accept • Monitor risk
risk.
drivers
• Risk management
performance.
•System evaluation
•Planning and execution
improvement
Incident
Handling
Credit: USAID | DELIVER PROJECT 2013
Participation: Initiating
group + technical assistance
+ stakeholder collaboration
• Incident detection
• Specific and
general
contingency plans.
6
Why Is Supply Chain Risk Management
Important?
• In private sector, risk management is proving
beneficial for complex supply chains: global
supply chain, multiple tiers of suppliers,
critical components in products.
• Success in public health setting—in Côte
d’Ivoire, Mozambique, and others.
• Enables collaboration and consensus building
between stakeholders about supply chain
issues and steps to address these issues.
7
Risk Management Case Study
• Content from TO5/advocacy materials
• Also, see appendix for some presentation
material.
8
ACTIVITY 2: RISK EVALUATION
9
Intrinsic Health
Complexity
Data Availability
& Quality
Procedural
Complexity
Stakeholders
Collaboration
Quality
Management
Fundamentals
& Resource
Availability
Economic
Politics
Health Policy
Decisionmaking
Resource
Destruction/
Theft
Natural Events
10
Credit: USAID | DELIVER PROJECT 2013
Sources of Public Health Supply
Chain Risk
Likelihood
Low High
Tsunami
Low
High
Impact
Credit: USAID | DELIVER PROJECT 2013
Risk Evaluation: Basic Approach
11
Risk Evaluation: Group Instructions
• Using a constructed list, group considers each risk.
• Assign a group consensus score for frequency and
impact of occurrence, including documentation.
• Use a 1 to 4 scale for both frequency and impact; 1 is
minimal impact or rare event, and 4 is certain
occurrence in the next year or a system-wide
disruption.
• During plenary groups compare responses.
• Adopt average or review each risk or select
consensus score.
12
Processing Risk Evaluation Scores:
Prioritization
• Include graphic applications.
• Adopt cutoff score.
• Review list to ensure participants agree to
accept lower priority risks.
13
ACTIVITY 3: INTRODUCTION TO
SUPPLY CHAIN RISK MANAGEMENT
APPROACH
14
Risk Management vs. Conventional
Management Approach
Conventional Management
“How do we get our
operations right?”
• Assumes behavior and
occurrences, within a
specific narrow range,
defined as normal:
– prepares for these
– Reacts to dysfunctions.
• Appropriate when
managers can sufficiently
control operationalaffecting factors.
Risk Management
“What is our plan for when
things go wrong?”
• Contemplates abnormal,
previously unexpected,
behavior and occurrences:
– prepares for these.
• Appropriate when
managers lack sufficient
control over operationalaffecting factors.
15
Rating Scale Interpretations: Impact
and Likelihood
• Impact
– Based on overall supply chain mission objective
– Maximum rating should map to complete breakdown in supply chain
mission
– Minimum rating should map to mild deviation from mission.
• Likelihood
– Can be based on frequency in a specific time, e.g., a year or a month
– Maximum rating should map to most frequent occurrence of risk
events in supply chain
– Minimum rating should map to the least frequent occurrence of risk
events in the supply chain.
• Template available in risk management toolkit to make explicit
interpretations and create a reference for everyone working in risk
evaluation.
16
Risk Feature Drivers
• Risk feature drivers—aspects of health operations
that affect the significance of risk event features:
impact, likelihood, etc.
• Can identify risk drivers for risk events—implies a
better understanding of their mechanisms; helps
improve consistency of risk-event evaluation.
• Risk drivers—
₋ specific to risk event, but different risk events can
share the same drivers
₋ help risk monitoring and performance monitoring.
17
Risk Management Schematic:
Activities and Organizational Structure
Risk Context
• Mapping supply
chain, supply
chain
classification,
product
classification.
Organizational
Structure &
Participation
Risk
Evaluation
Learning
Risk
Treatment
Risk &
Performance
Monitoring
• Assessment and
• Using levers
• Based on
agreement on
within and
understanding of
features of risk
outside the supply
drivers of risk and
events: likelihood,
chain
risk treatment
impact,
plans
• System activities:
controllability, etc.
avoiding ,
• Monitoring risk
reducing, hedging, drivers
and accepting
• Risk management
risk.
performance.
•System evaluation
•Planning & execution
improvement
Incident
Handling
Credit: USAID | DELIVER PROJECT 2013
Participation: Initiating
group + technical assistance
+ stakeholder collaboration
• Incident detection
• Specific and
general
contingency plans.
18
Risk Management Approaches
• Redesign supply
chain network
• Intelligent task
shifting
• Addressing incentive
misalignment
• Intelligent
commodity/supply
base choice.
Reducing Risk
• Supply chain
management
strengthening
• Improved LMIS
systems
• Outsourcing.
Accepting risk is the default approach.
Hedging Risk
•Use of buffer
inventory/capacity
•Sharing real-time
inventory and
consumption data
•Sharing costs with
supply chain partners.
Credit: USAID | DELIVER PROJECT 2013
Avoiding Risk
19
Risk Management Approaches
In particular, three features of the risk event
can identify an appropriate risk response:
• Is the source of risk controllable?
• Is the source of risk operational?
• Is the source of risk structural?
Controllable
Yes
No
No
No
Structural
No
Yes
Yes
Operational
Yes
No
Risk Response
Reducing
Accepting
Avoiding
Hedging
20
Risk Monitoring
• Two types
– Determine if risk features are changing
• Confirm if original risk response plan is appropriate
– Determine if risk event is impending
• Receive advanced notice of events occurring and can respond to
mitigate events.
• Both types involve monitoring risk feature drivers;
come from insights gained during risk evaluation and
treatment.
• Example:
– Comparing the number of units ordered in a procurement
cycle to a benchmark could be a leading indicator for
whether an emergency order is likely to occur.
21
Options for Risk Performance
Monitoring
• Supply chain performance management tends to focus
on indicative/strategic key performance indicators—
How are we generally doing?—not diagnostic
outcomes—Why are we performing the way this way?
– Indicative/strategic metrics may not capture low likelihood
or low impact events; they tend to be affected by a range
of risk events.
• Additional options for risk performance monitoring:
– diagnostic metrics in operational areas
– risk drivers
– simulated/forecasted performance
• changes in risk features
• effect of risk event.
22
Examples of Performance
Monitoring from TO5 Case Study
Risk Category
Risk Event
Metric
Freight
forwarding
A. Shipments are not delivered on
time due to shipper error
Delivery to Plan (DTP) Reasons
for Late Shipment (% with this
reason)
Warehousing
Warehouse does not manage
inventory properly for storage, or
pick and pack
DTP Warehouse metric (% with
this reason)
• Simulated performance
– For risk treatment, planners would estimate the changes in
risk features as a result of planned risk response.
23
Credit: USAID | DELIVER PROJECT 2013
• Diagnostic metrics
ACTIVITY 4: DRAFTING RISK
MANAGEMENT APPROACHES
24
Exercise: Draft Risk Management
Approaches
• Functional groups address prioritized risks.
• Consider available options, draft potential
plan.
– Use Risk Evaluation and Treatment template from
risk management toolkit.
25
Debrief: Form Long-Term Risk
Management Plan
• Develop timeline for completing management
approaches.
• Do a periodic review.
26
APPENDIX
27
Appendix
RISK MANAGEMENT CASE STUDY:
PROCUREMENT TASK ORDER FOR
USAID | DELIVER PROJECT
28
Risk Management Case Study
• Context
– Task order for procuring and distributing essential
public health supplies
• Objective: Achieve a targeted delivery-to-promise goal
of 95%.
• Implementation
– Workshop exercise at end of 60 days
• Risk identification, evaluation, and some risk treatment
planning.
– Risk treatment plans further developed and
implemented after workshop.
29
Drivers for Risk Management
Approach
• USAID-mandated task order deliverable
– Approach was expected to be generally beneficial
• Prevent issues from being lost during planning.
• Help prioritize resources.
• Enable stakeholders to objectively come to agreement
about which issues to focus on.
– Perception that stakeholders did not agree on what mattered.
– Could help develop consensus: bring partners together,
harmonize expectations, align partners.
30
Risk Identification and Evaluation
• Risk identification:
– List of risk events based on experience; validated with
other partners.
• Risk evaluation:
– 10-point scale
• severity
• occurrence
• detection of failures—not considered as applicable to supply
chain.
– Risk probability number = severity × occurrence ×
detection:
• Threshold of 100 for dealing with risk; some sensitivity analysis
around threshold.
31
Risk Treatment Process
• Development of plans to address risks:
– Workshop produced initial plans
• collaborative process.
– Small groups returned and refined management
approaches
• people with relevant experience in risk areas who exceeded
threshold.
– Circulated to wider team for validation; small teams were
implementers.
• Plans:
– responsibilities and timelines
– effect on risks; estimated revision of risk profile number
– specific to products.
32
Risk Treatment Example: Product
Registration
• Risk analysis and evaluation
– Objective seriously harmed if product not properly registered and
unable to enter country. No single solution works across all countries.
• Risk treatment
– Preventive actions
• product registration requirements in RFPs
• due diligence with potential manufacturer prior to contract award
• product registration technical assistance.
– Strategies on occurrence
• formalize core registration team to work on problem.
– Impact reduction
• transition plans using available products.
– Risk communication
• ongoing among all stakeholders.
33

similar documents