Supply Chain Risk Management Activity

In this ever-changing world and competitive world, companies have to deal with different types
of risks either in the digital world or in the real world. In information and communication technology
(ICT) sector alone it encompasses thousands of global companies producing thousands of new hardware
and software components annually. (mitre.org, nd) [1] With the increasing reliance on technology, it is
becoming more and more essential to secure every aspect of online information and data. As the
internet grows and computer networks become bigger, data integrity has become one of the most
important aspects for organizations to consider.(ECPI University, nd)[2] So, it is important to keep in
mind the risk management strategies in our workplace.

Risk is defined in financial terms as the chance that an outcome or investment's actual gains will
differ from an expected outcome or return. (Brock, 2020) To manage our risks we must first identify the
risks that we may encounter. The first phase of the risk management lifecycle is to establish a risk profile
and then enact active monitoring to keep it up to date. (riskmethods.com, nd) [3] Identifying risk may
help us on how we can asses the risks that can possible impact on the company. Which leads us to the
second phase which is Risk Assessment. Understand what impact a risk event could have on your
business. Be aware of those partners who have a significant impact on sales, margins or profit.
(riskmethods.com, nd) [4] After assessing the risks we must now proceed in the third phase which is Risk
Mitigation. Define both preventive action plans and reactive action plans. These are what provide the
basis for addressing risk using appropriate measures to secure supply and protect brand.
(riskmethods.com, nd) [5]

Risks to the ICT supply chain arise from the loss of confidentiality, integrity, or availability of
information or information systems and reflect the potential adverse impacts to organizational
operations. (mitre.org, nd) [7] There are 2 main types of risk to include in your risk management plan,
External and Internal Risks. External Risks are outside of our control while internal risks are within our
control. Every business and organization connected to the internet need to consider their exposure to
cybercrime. (N-able, nd)[9] ICT supply chain is very vulnerable without Network Security. Therefor
network security is important in managing our risk in the ICT world.

Supply chain risk management refers to the process by which businesses take strategic steps to
identify, assess, and mitigate risks within their end-to-end supply chain. (Marotta, 2022)[10] In today’s
connected and digital world, supply chain risk mitigation can be difficult due to globalization and
potential cyber interference. The challenge of supply-chain risk management has been exacerbated by
globalization, where even sensitive products like defense systems use raw materials, circuit boards, and
related components that may have originated in countries where the system manufacturer did not even
know it had a supply chain. (Bailey & Bariball, 2019) [11] This increased complexity has brought with it
more potential failure points and higher levels of risk.

Risk management is mandatory for any company that seeks to ensure continuity and achieve
long-term success. Supply-chain risk management involves mitigation of both exceptional and everyday

Submitted by: LAZO, Roel R.

Supply Chain Risk Management Activity

risks, with the goal of reducing related costs, minimizing inconvenience, and boosting company profits. It
takes into consideration all aspects of a business, from finance and logistics to information technology.
(Sanderson, 2021) Identify and prioritize risks, Create risk awareness in your company, Take up
insurance, Perform due diligence when choosing your suppliers and Conduct regular reviews are the six
ways on how to manage risk in the supply chain according to Sanderson (2021)[13]. Insightful reporting
and dashboards provide visibility to gaps and high-risk areas. By better understanding your risk
landscape, you can take action to protect your business from cyberattacks, avoid costly data breaches,
and monitor the security posture of your vendors. (Reciprocity, 2022)[14] While supply-chain risks may
be inevitable, the ways mentioned will help us to handle potential risk effectively, bounce back from any
disruption, and achieve long-term growth.

Bibliography/References:

[1][7] http://measurablesecurity.mitre.org/directory/areas/supplychainrisk.html retrieved 05/07/2022

[2] ECPI University. Importance of Network Security: Safety in the Digital World retrieved.
https://www.ecpi.edu/blog/importance-of-network-security-safety-in-the-digital-world retrieved
05/07/2022

[3] Brock, T. Trading Skills: Risk Management. 2020. https://www.investopedia.com/terms/r/risk.asp

retrieved 05/07/2022

[4][5][6] https://www.riskmethods.net/scrm/what-is-supply-chain-risk-management retrieved

05/07/2022

[8] QLD. Identifying supply chain risks. 2020.

https://www.business.qld.gov.au/running-business/protecting-business/risk-management/supply-
chains/identifying retrieved 05/07/2022

[9] N-able. Risk Management In Network Security. https://www.n-able.com/features/risk-management-

in-network-security retrieved 05/07/2022

[10] Marotta, D. 10 Supply Chain Risk Management Strategies. 2022. https://global.hitachi-

solutions.com/blog/supply-chain-risk-management/ retrieved 05/07/2022

[11] Bailey, T. & Barriball, E. 2019. A practical approach to supply-chain risk management.
https://www.mckinsey.com/business-functions/operations/our-insights/a-practical-approach-to-supply-
chain-risk-management retrieved 05/07/2022

[12][13] Sanderson, A. Six Ways to Manage Risk in the Supply Chain. 2021.
https://www.supplychainbrain.com/blogs/1-think-tank/post/32473-how-to-manage-risk-in-the-supply-
chain retrieved 05/07/2022

[14] Reciprocity. What is Supply Chain Risk Management? 2022.

https://reciprocity.com/resources/what-is-supply-chain-risk-management/ retrieved 05/07/2022

Submitted by: LAZO, Roel R.