Risk management in organizations traditionally resides within the finance function, due to its inherent focus on financial impact on the organization. However, most organizations do not assess the supply chain risk separately. In recent years, supply chain risk management (SCRM) has become the focus area for finance executives responsible for Enterprise Risk Management. Hence, there is a need to establish a common language to monetize the supply chain risk. Value at Risk (VaR) is a popular risk metric widely used by the finance industry to understand the risk exposure of a trading portfolio based on historic volatility.
Qualitative Relationship Description
The supply chain risk definition extends from supplier’s supplier to customer’s customer and the global environment they operate in. Hence, any event with a potential to disrupt linkages across the entire supply chain is considered as a Risk Event. Supply Chain Value at Risk – the sum of the probability of risk events times the monetary impact of the events which can impact any core supply chain functions (e.g. Plan, Source, Make, Deliver and Return) or key dependencies.
Simple VaR calculation:
VaR = Probability of Risk Event (P) x Monetized Impact of Risk Event (I)
Advanced VaR calculation:
More accurate measures of VaR can be attained by applying more complex calculations, use of distributions and confidence intervals (see best practices section).
Since VaR is an estimate, traditional estimating techniques of describing accuracy can also be used i.e. + or – 5% (see best practices section).
The use of VaR allows organizations to look at all potential supply chain risks through one metric and helps prioritize mitigation efforts. All the risk events across supply chain functions Plan, Source, Make, Deliver, and Return can be rolled up to an overall VaR for the entire supply chain creating a financial lever to help integrate SCRM into the organization’s overall risk management initiative.
Calculation
Supply Chain Risk VAR ($) = VAR $ (Plan) + VAR $ (Source) + VAR $ (Make) + VAR $ (Deliver) + VAR $ (Return)
Data Collection
A risk event is categorized as any process failure (below target KPI) or disruption which can adversely impact supply chain cost & performance. Following data are required for the simple VaR calculation:
• Probability of process failure – This should be calculated using historical data. Historical data of the specific process metrics (on time delivery, quality failures, supply delays, machine failures, etc.) to calculate the number of times the event may perform below the target (probability). Also, the extent to which it is below the target when it fails.
• Probability of external risk event – Probability of disruptions like hurricane, earthquake can be derived through research data or expert opinions
• Risk Impact – This is a monetary estimate provided by the experts or business function specialist who can assess the repercussions of the risk event until normalcy is restored
1.3.32
AG.1.4
Overall Value at Risk (VAR)
More accurate measures of VaR can be attained by applying the more complex VaR calculation with the use of distributions and confidence intervals (see best practice section).
Discussion
VaR is a measure of an organization’s exposure to supply chain risk events. The effort in measuring VaR on a periodic basis can provide organizations with an ability to mitigate or respond effectively to external and internal disruption events. Hence, VaR is a measure of Supply Chain Agility.
Suppliers can be evaluated based upon the VaR and ranked according to the risk of poor performance. Supply chain risk to customers can also be measured based upon performance measures (profitability, volume growth, returns, and complaints) as well as products (warranty claims, etc.). VaR can also be applied to internal supply chain entities such as manufacturing, distribution or sales locations. Since VaR is a monetized view of the cost of performance below target, it can be rolled up and examined by any demographic or data cut (by region, by customer, by supplier, etc.). Many of the mitigation costs captured in a risk management effort are already included in the Total Supply Chain Management Cost. For this reason, VaR cannot roll up to TSCMC Level 1 and is used as a diagnostic metric at Level 2 and 3.
Caveats in using VaR :
• VaR calculates the probability of non-adherence to metrics value (expected value) based on historical data or research data.
• Data accuracy and inherent prediction errors will also impact VaR accuracy.
• VaR is a retrospective and probabilistic derivation of an event risk, which is applied to predict the possible cumulative loss in the future due to similar risk events.
• VaR is a downside Risk Metric. It calculates the estimated loss for each level of probability for an event. There is no credit given for gains (early arrivals, etc.) for an event therefore it will differ from the average VaR of an event.
• Calculating VaR from historical data requires a large database of events and metrics, and it could be computationally intensive.
AG.2.14 Supplier's/Customer's/Product’s Risk Rating AG.2.15 Value at Risk (Plan)
AG.2.16 Value at Risk (Source) AG.2.17 Value at Risk (Make) AG.2.18 Value at Risk (Deliver) AG.2.19 Value at Risk (Return)
SCOR Supply Chain
sE9 Manage Supply Chain Risk
BP.0149 Supply Chain Risk Management Strategy Implementation and Analysis BP.149 Supply Chain Risk Management Strategy Implementation and Analysis Practices
Processes Hierarchy
AG.1.4
Overall Value at Risk (VAR)
BP.001 Supply Chain Risk Management (SCRM) BP.002 Risk Management Strategies
BP.081 Bowtie Risk Management BP.035 Business Rule Review BP.143 Preventive Returns
BP.161 Enterprise Level Spend Analysis BP.150 Maintain Supply Chain Risk Register BP.173 Supply Chain Risk Monitoring
1.3.34