The tsunami of 2011, which triggered the meltdown at the Fukushima Daiichi Nuclear Power Plant, was a wakeup call for General Motors (GM). GM learned that their business continuity plans at the plants were too “tactical.”
Supply chain risk management has become a hot topic in recent years. It was also a topic of discussion at QAD’s recent Explore 2016 user conference. Risk management was covered in one of the panels in the automotive track. QAD has many automotive customers. I found the comments of Dan Howe, who is in General Motors’ strategic risk management department, particularly interesting. While there are many different types of risks companies face, Dan was mainly focused on the risks associated with securing material availability.
Japanese Tsunami of 2011
Following the tsunami, Mr. Howe said that GM learned it is not enough to appoint “the person who will call the fire department.” You need to identify how an event will affect plants and respond quickly! “Most business continuity plans fall short in their ability to support a quick response.” GM responded in a traditional way to the catastrophe, “We circled the wagons and tried to figure out how to respond.” But their response teams were not sufficiently cross functional.
Supply chain risk management is now strategic at GM. In fact, the CEO has regular meetings with the strategic risk department. But no company can anticipate everything. As one person in the audience pointed out, Volkswagen almost certainly could not have anticipated the emission cheating scandal. Mr. Howe pointed out that while you can’t anticipate everything, you also can’t afford to mitigate all risks. Companies must be both insightful and selective in determining which risks require detailed risk planning.
One of the tactics GM uses to avert, or at least quickly mitigate significant risks, is to have Blind Spot Workshops. At these workshops executives across the company are asked “What keeps you up at night?” Based on these meetings, the 30 top risks are identified and each risk is assigned functional leaders. Every key functional area at GM – procurement, product development, etc. – has embedded risk officers. Each of these top risks has a mitigation plan. And many of these risks must contain detailed resumption planning in their contingency plans.
When it comes to material availability, companies need to look deeply into their supply base. “You can’t just have good knowledge of your Tier 1 suppliers and trust them to manage Tier 2.” GM has worked to inculcate risk based thinking not just internally, but among their suppliers. One indication that this work is starting to pay off is that one of their Tier 1 suppliers came to them and told them about one of their important suppliers that they were starting to worry about.
Since the catastrophe GM has invested in new analytic tools that help them analyze the risks associated with suppliers and catastrophic events. They worked with Resilinc to develop these tools. Resilinc is cloud provider of supply chain resilience solutions. Resilinc helped them geocode supplier’s plants and logistics hubs across their multi-tier supply chain. What this allows GM to do is to draw a circle around an event like an earthquake and answer the question “Which of our suppliers are located within 100 miles of the epicenter? Within 200 miles?” GM can also look at suppliers located within the flood plain of a river and ask question like “Are all of our key suppliers of a particular component located in that flood zone? What happens if they all go down all at once?”
So is all this work paying off at GM? In 2011, following the tsunami, 6 weeks after the disaster GM was still finding suppliers located within the affected area. A few weeks ago Japan had a magnitude 7.0 quake. Within 6 hours GM understood the supplier impacts from that quake.
Tim Feemster says
As we typically see, it is strategy development around risk mitigation that is critical. Emphasis on tactical actions AFTER the event are important but not the entire answer. Data has shown that strategy allows us to impact 80% of the cost impact while tactics only allows us to impact the other 20%. The answer then is stigmatize first, plan the necessary systemic changes, and implement changes to people, process, and technology to make risk reduction a reality.
Tim Feemster says
That is strategize not “stigmatize”, don’t you hate spell check sometimes.