Risk Management for a More Resilient Supply Chain


silver chain link with black background

The past two years have taught us many lessons regarding our supply chains and how they are nowhere near as resilient as they need to be to cope with globe spanning crises such as the COVID-19 pandemic and the Russian invasion of Ukraine.

This is especially true in the pharmaceutical space which has seen its ability to move lifesaving medicines, treatments, and especially vaccines tested to breaking point. And, while we have managed to emerge from the pandemic, the effects on our global supply chains are still being felt – and compounded by other ongoing crises.

These facts are driving supply chain resilience to the top of the agenda. One of the best ways to achieve higher levels of resilience is to better manage risk within our logistics operations.

How to Mitigate Risk

The first thing you need to do is to identify where they greatest risks to your supply chains lie. One mistake many organizations make at this stage is to focus too heavily on their tier one suppliers – those absolutely essential for business continuity – and don’t pay enough attention to tier two or three.

However, it is in these secondary and tertiary tiers where the most disruption actually occurs. Research by cloud-based business automation technology, Jaggaer discovered that tier two incidents rose to 24.9% (from 23.2% in the previous year), and those occurring in tier three and beyond rose to 12.2% (up from 11.0% in 2018).

Once the major sources of risk have been identified, you can develop a risk scorecard specific to your business and use it on a proactive and continuous bases to conduct assessments on new suppliers during the onboarding process. Because situations and risk factors can evolve so rapidly, many organizations serious about better managing supply chain risk are employing AI and automation technology to constantly run the numbers on their supply chains.

Once your data starts flowing, you then need to categorize it based the impact each potential risk area could have. Since risk mitigation strategies need to focus on areas of the business which are the most critical and contain the greatest potential for harm, you will need to customize this based on the priorities of your organization. However, some areas to consider might include:

  • Total time to recover from disruption
  • Relocation time/time to substitute
  • Impact on brand image and reputation
  • Volume of stakeholders which may be affected
  • Number of vetted alternative suppliers

All these factors should feed into you risk assessment matrix and will help your organization’s supply chains become more agile and resilient in the future. By mapping disruption probability against the impact of that potential disruption you can see at a glance where the greatest interactions of probability and impact lie and strategize for mitigation.

Example: Cybersecurity

One of the areas of supply chain risk which is rising to the top increasingly regularly in recent years is the potential for cyberattacks. This is especially relevant in light of the Russia/Ukraine conflict, given the disruption it is already causing to certain key supply chains and Russia’s advanced cyberwar capabilities.

"Supply-chain security and resilience are a focus of attention for the US government because the risk demands it," said former Director of the National Risk Management Center at the Cybersecurity and Infrastructure Security Agency, Bob Kolasky. "The increase in digitization and use of information and communications technology to deliver critical functions has introduced new aspects of risk that need to be managed. It’s also caught the attention of our adversaries. Nation-states that are interested in causing harm via cyber methods are looking at supply chains as a mechanism for those attacks."

This means organizations – especially those in critical industries such as pharmaceuticals – need to prioritize cybersecurity when it comes to shoring up their supply chains and developing risk management strategies.

When developing a risk management framework, organizations need to consider which are the most critical functions in their supply chains which could be vulnerable to attack, and which secondary functions contribute to their continuity. Once you’ve identified those functions you can use the steps outlined above to establish what the overall impact of failure or disruption to those areas would be.

Final Thoughts

Creating new levels of supply chain resilience is going to be critical within the pharmaceutical industry as we continue to navigate the apparent permacrisis. Having a solid strategy to assess and mitigate risk – especially in the realm of cybersecurity – will give our essential chains the best chance of avoiding disruption.

You can hear Janssen Senior Director of Advanced Customer Capabilities, Samir Gami, speak on the topic of risk management and supply chain resilience at LogiPharma 2022, taking place in September at The Westin Copley Place, Boston, MA.

Download the agenda today for more information and insights.

Return to Blog