Next step in managing risks.

In addition to identifying supply chain risks within each classification, discussed in my previous blog, you need to broadly categorise them. This provides a view about the amount of analysis required. There are categories of risk between certainty and ignorance:

1. Certainty: in reality, you rarely meet situations of certainty. The closest could be depositing money in a bank term deposit, with the central government guaranteeing the repayment if the bank defaults.

You may recognise the next three categories due to their use in articles about risk:

2. Known risks: Select events at risk – these lie outside the upper and lower control limits of control charts; used to show variability in your supply chains.  They include variations in your supply chains, such as late deliveries and changes in material costs
3. Known – unknown risks: risk events whose occurrence is foreseeable. The probability of occurrence or likely consequences are known. For example, a risk is that a shipment is delayed due to customs intervention in the process. The probability of that occurring by country can be calculated. The consequences may be a 24 hour delay, causing some inconvenience or in the worst case, the shipment is not allowed entry and required to be returned to its destination. The consequences are therefore unknown, but potentially bad.
4. Unknown – unknown risks: an event with its probability of occurrence and effect not being foreseen, even by experienced supply chain professionals. These are considered as ‘force majeure’ events.

Force majeure is a French term meaning ‘greater force’ and is common in supply contracts. The objective is to free one or both parties from liability or obligation when an extraordinary event or circumstances occurs. It is beyond the control of the parties and stops the contract being fulfilled. However, it is not intended to protect either party to the contract from negligence.

To better allocate Unknown-unknown risks, divide them into two categories:

4a. Unknown but knowable unknown risks: The term can be shortened to ‘knowable unknowns’, which means there are uncertainties in your supply chains that are currently not known, but which could be identified through investigation.  They are ‘knowable’ in the sense they can be known if sufficient time is allowed to identify the likelihood and consequences of events. Therefore knowable unknowns’ are not what are called Black Swan events.

4b. Unknown and unknowable unknowns: are never identified until they happen. These events are called Black Swans and cannot be addressed using risk management techniques.

Black Swans

The term Black Swans was popularised by Nassim Nichollas Taleb in his book The Black Swan – the impact of the highly improbable. 2008, Penguin. Taleb states that we cannot predict black swan events because they have three characteristics:

1. They are unexpected and unpredictable
2. They have extreme impacts
3. They appear obvious after the event has happened

The term Black Swan comes from the 17^th century northern hemisphere belief that all swans were white. If a bird was another colour, it was not a swan. When explorers came to Australia they found true swans that were black. Therefore the known rules had to be changed. In the 21^st century, black swans are events that change the rules and create a new paradigm.

A Black Swan event is usually seen as a negative, but it can also be positive, such as inventing a new technology. Taleb identifies “the computer, the Internet and the laser as three technological black swans which came out of nowhere. We didn’t know what they were and when we had them right before our eyes we didn’t know what to do with them. The Internet was not built as something to help people communicate in chat rooms; it was a military application and it evolved”.

Disruptive technologies are rarely Black Swans. The term is incorrectly used by established organisations because they are often so entrenched in the current way of doing things, they cannot envisage a different way of providing the product or service. They ignore, or do not sufficiently investigate, the risks.

Build resilience in your supply chains

If risk management is not the solution for Unknown and unknowable unknowns, the objective for your organisation is to avoid being unable to recover from a major disruption, or even a disaster. To achieve this requires supply chain strategies that are flexible and robust within your uncertain Supply Network:

• Identify areas of vulnerability, then build in flexibility and resilience to cope with the impact of unexpected events
  • Increase redundancy through your supply chains
  • Be aware of specialisation and intense optimisation – it can make your organisation more vulnerable as hidden risks rise, with fewer options available for a response
• Establish early warning indicators that signal when something is different from the normal
• Use environmental scanning e.g. PESTEL methodology, to identify ‘knowable unknowns’ before they occur

The fifth category is Ignorance, which is the opposite of Certainty (the first category) in risk management. Ignorance says that you recognise a risk is associated with an event but do nothing to identify the likelihood of occurrence or the possible consequences. This action (or lack of) has a risk in itself, with an unknown cost.

So, there are five categories within the five classifications discussed in my previous blog. The ensuing matrix helps the task of structuring your supply chain risks; this will help in selling the concept of risk to senior management.