August 02, 2017


Sahil Kothadia

This is first in the series of blogs highlighting the importance of data in supply chain risk management.

 If compared to early 1900s technology and technology adoption is moving at a rapid pace. Electricity took 30 years to reach 10% adoption whereas tablets took about 5 years to reach the same level. Technology is enabling companies to bring out products at an ever faster pace into the marketplace, and supply chains have had to notch up a gear to meet this accelerated market velocity. And, coupled with fluctuations in commodity pricing, natural resources, regulatory changes, geo-political upheavals and cyber threats, supply chain organizations are exposed to higher risks of disruptions that can lead to significant impacts on revenue, profits and brand.

At the same time, the fast pace of technology evolution has resulted in vast amounts of data being generated from across various channels, and it continues to increase exponentially. All this data is a valuable asset to organizations if they are able to “tame the beast”, otherwise it can overwhelm, resulting in incorrect insights, even increasing the level of risk.

Nowhere is data availability and quality more paramount than in managing supply chain risk. A large percentage of organizations and their leadership teams understand the need of proactive risk management to ensure a continuous supply chain, but aren’t sure where to start. However, at its core the supply chain risk problem is a data problem, and understanding the issues with your company’s data and what needs to be done to enable the transformation from raw data to insightful information is the stepping stone to enable an effective proactive risk management program. To understand your supply chain organization’s data problem is to understand the AAAA problem: Acquisition, Accuracy, Access, and Analysis.




A supply chain risk management organization in the company should be like a spider’s web: linking all the suppliers within its network and, like a fly who gets caught in the web, has the ability to detect any disruptions in the network, so it can address the disruption’s potential impact to business operations. The “silk” in your company’s web, is efficient data acquisition.

Most companies do not have sufficient data about their partners in the supply chain. They may have supplier name and address which may be billing address, and not a manufacturing site. 80% of the companies don’t know their supply chain beyond Tier 1 suppliers because they are not able to acquire this data as it is time intensive and cost consuming.  This can be exacerbated by having plethora of ERP systems or dispersed databases across which supplier and risk data is spread and cannot be collated effectively in time for reporting and analysis purposes. Many companies also don’t have an efficient means of accessing information about global events that have the potential of disrupting the supply chain.

In assessing your company’s data acquisition challenges it is important to understand the type of data you need to assess  and monitor your supply chain risk, where that data lives (internally or externally), and the cost to acquire it. The cost can be in resources (internal or outsourced) and dollars (subscription fees, SaaS platforms, etc.) and may have different levels or options based on your program goals.



Once acquired, the data is only useful if data accuracy and quality is assured. Data, if not collated, standardized, and cleansed regularly can fast become stagnant and inaccurate resulting in poor insights which can hinder proactive risk management efforts. Having a supplier invoice address data is okay, but if the address is actually the supplier’s manufacturing site, it becomes valuable information to risk management stakeholders.

If an event were to strike a geography where the supplier sites are located, then having information at hand of suppliers manufacturing site address and key contact personal for that site is of immense value to the right people in order to assess and mitigate the exposure. Poor quality of data flowing between the company and its supply chain network can be a critical point of failure in collaboration between partners during a disruption.

Therefore, developing a data governance process is of utmost importance to supply chain risk managers. They need to be familiar with the data and the data sources to judge the quality of the data and also make sure they maintain a seat at the table in organizations and cross-functional forums that keep the enterprise data accurate and timely.



Every large organization has a challenge in navigating the myriad of CRM, ERP, and other databases that store supply chain data, not to mention the data stored on a spreadsheet on someone’s computer or in someone’s head.  To add to the challenge, some data is only available from sources external to the organization i.e. suppliers or partners, social media, risk monitoring agencies.

Having the data in so many disparate sources, a supply chain risk manager is faced with potential data access chaos. If they do not have access to data at the time of disruption, the risk manager may not have a clear understanding of the level of the impact to the supply chain and  the operations. This results in delay in implementing the mitigation strategy and companies can lose access to capacity and allocations and may have to pay freight and material premiums. This can lead to revenue and margin impacts, and reputational damage, any of which could cause an impact to its shareholders.

Within the audit of the data sources, the risk manager should assure that she has the access to the data needed to address risk in the organization. Ideally, companies should employ a centralized risk management database where “one version of the truth” exists and those individuals that require the data can access it on-demand to either proactively prevent enterprise impact or respond to an incident.



Even if data is available, if companies don’t have the right analytics engines or tools to bring together structured, semi-structured and unstructured data and create risk mitigation models or “What If” scenarios it cannot change data into information that the company can use to drive value. These analytics can ensure protection of company’s valuable assets in case of disruption impacting the supply chain and drive additional value in the form of uncovering strategic cost savings opportunities and optimizing inventory levels.

Given the sheer volume of data available today, analytics engines are the key to provide insights into interdependencies in the supply chain network. On the contrary, poor or insufficient, “surface level” data analysis can lead to lack of collaboration internally within the organization as well as externally, hindering recovery during disruptions and initiatives to proactively address supply chain risk.

To understand if analytics capabilities are sufficient, risk managers must understand the goals of her program as well as the needs of the business as a whole. If the company employs a centralized risk platform, every effort should be made to utilize the platform for analysis if the platform’s capabilities are sufficient. If they are not, external analyses should be linked to the platform so that the data and analysis reside in the same place. This will accelerate adoption, increase utilization and avoid “tool fatigue”.


Supply chain risk stakeholders must realize that data is the new age oil and is an integral part in ensuring a resilient supply chain. Supply chain and risk managers will need data, quality data, have appropriate and almost real-time access and an analytics engine to identify, assess, mitigate and monitor risk of disruption to the supply chain.  Investing in tools that optimize AAAA, will help them navigate supply chain risk with ease and develop a world-class risk management program.