CRISES LEARNINGS MODIFY ANALYTICS MODIFY SCREENING ID NEW SIGNAL SOURCES
RISK ANALYTICS & RISK ANALYTICS & DECISION SUPPORTDECISION SUPPORT
ANALYZEEVALUATEPRIORITIZE
RISK IDENTIFICATION PROCESSESRISK IDENTIFICATION PROCESSES
B. S. C. RISKS (VIA TEAMS AND SURVEYS) C. PROJECT RISKS (PM SYSTEMS AND OTHER)
A. EMERGING AND UNKNOWN RISK SIGNALS
D. RISK TREATMENT EFFECTIVENESS OUTPUTS
IMPLEMENT ACTIONS AND/ORIMPLEMENT ACTIONS AND/ORFACTOR RISKS INTO PLANNINGFACTOR RISKS INTO PLANNING**
Deep dive analysis of specific strategic risk Implement risk treatment for new operational risk Take action to leverage upside of an emerging risk Modify strategy based on risk landscape
MONITOR RISK MONITOR RISK TREATMENT TREATMENT
EFFECTIVENESSEFFECTIVENESS
INSTALL MONITORING POINTSSYSTEMATIZE MONITORING
RISK MANAGEMENT FRAMEWORK
* examples of possible actions, not all-inclusive
SUPPLY CHAIN RISK DASHBOARDSUPPLY CHAIN RISK DASHBOARD
HOLISTIC VIEW OF HOLISTIC VIEW OF RISKSRISKS
SUPPLY CHAIN RISK WORLD
MATERIALQUALITY
ENERGYUSE
WATERUSE
INBOUNDLOGISTICS
OUTBOUNDLOGISTICSWORKER
SAFETY
ENVIRONMENTALCOMPLIANCE
CONVERSIONEFFICIENCY
COST
NATURAL
HAZARDSNGO’s
& SIG’sPUBLIC
PERCEPTIONREGULATORYACTIONS
COUNTRYSTABILITY
PRODUCTQUALITY
PRODUCTSAFETY
PACKAGING
WASTE
WATERAVAILABILITYWATER
QUALITY
CLIMATECHANGE PACKAGING
VOLUME
MATERIALAVAILABILITY
PRODUCTSECURITY
Unique and common risk events exist across the supply chain and at each organizational level Identified risk events are analyzed for probability and consequence, thereby defining the risk level Assessed risks are evaluated and risk treatment options are developed Risk treatment is optimized, implemented and monitored
Note: risks listed above are indicative of the scope of supply chain risks and risk areas, and
may not include all risks
Strategic risks are generally out of our direct control, and must be
factored into business planning.
Operational risks are generally within our direct control, and must be factored into business operations.
RISK MANAGEMENT DEPLOYMENT
CO
UN
TR
YR
ISK
SB
US
INE
SS
UN
ITR
ISK
S
GR
OU
PR
ISK
S
CORPORATE
RISKS
RIS
KS
AR
E A
SSE
SSE
D A
ND
OP
TIM
IZE
D A
T T
HE
LO
CA
LL
Y R
EL
EV
AN
T
LE
VE
L,
AN
D A
GG
RE
GA
TE
D U
PW
AR
DS
TH
RO
UG
H T
HE
OR
GA
NIZ
AT
ION
Develop Initial Risk Register
Use historical and current risk assessments, maybe supplemented by surveys Perform high-level ranking and screening to identify significant risks
Perform Risk Analyses
Bow-tie method to identify causes, consequences Identify existing and new risk treatments Establish risk owner and action items Link to other risks in system Refine risk register
Quarterly Risk Team Reviews
Review action item status Review emerging and new risks Review effectiveness of existing risk treatment Perform new or review existing risk analyses Update and refine risk register
Factor Risks into Business Planning
Ensure strategic and operational risks are considered in annual business planning Use risk information in on-going business processes
A R
isk
Reg
iste
r is
cre
ated
an
d m
anag
ed a
t ea
ch le
vel a
nd
en
tity
,an
d id
enti
fied
ris
ks
are
inco
rpor
ated
into
on
-goi
ng
bu
sin
ess
rou
tin
es
One-time
Initial analyses,then as-needed
Quarterly meetingsto supplementbusiness meetings
Annual basisaligned withbusiness planning
AT EACH LEVEL AND ENTITY