Entries tagged with “Operational Risk”.


It is confirmed that Grimsvotn volcano in Iceland has erupted sending a plume of smoke and ash several thousand feet into the air.

In the past, this has not been a major issue, and air traffic was routed around a 120 nautical mile no fly zone. However, you may recall the challenges that many fliers to and from Europe encountered last year when another Icelandic volcano belched smoke and ash that was pushed to many of the major air hubs in Europe, slowing or stopping many flights and disrupting the flow of goods through the supply chain.

Hopefully the last time served as a wake up call to develop contingency plans to assure the smooth operation of your business.

One of the benefits of hind site in unexpected natural disasters is the opportunity to create a “lessons learned” document. By looking at the “pain points” that your organization encountered during the incident, you have the ability to develop contingency plans. 

What are some  common pain points?

  • Key personnel out of position due to transit delays
  • Inventory shortage levels due to interruption of supply chain
  • Increased costs due to spike in demand
  • Delayed deliveries
  • Decreased cash flow
  • Cancelled orders

I take a rather different approach to developing contingency plans by working backwards from the pain point (impact on the company) to the triggering effect.  So rather than looking at “Volcanic Activity in Iceland” as the starting point, I look at “delayed deliveries”. 

Why are there delays?  when brainstorming the reasons, think globally before locally.  

  • Limited shipping lanes
  • Lack of containers
  • Insufficient inventory
  • Lack of key components

Then ask Why?

Lack of containers -

  • Increase in demand
  • Not located where shipments are happening
  • Not being unloaded

Why?

Not being unloaded -

  • Customer using as free “warehousing space”
  • Dock strike at key receiving port
  • Unexpected inflow at key receiving point
  • Shipments aren’t moving  out of a shipping point

The why question asked 4 - 6 times will typically  drill down to a root cause, and root causes can be addressed by either establishing an alternative, or correcting the challenge to remove the obstacle.  They key is to not drill so deep that a plan must be generated for each possible reason, after all doesn’t a solution for delayed deliveries because of a volcano in Iceland require the same process steps as a dock worker’s strike in Los Angeles?  In both instances you would look at alternative transportation routes (perhaps moving the product from Frankfort to Madrid, depending on how the wind blows, or re-directing the container to Seattle from LA to get product into the country and stores quicker), or services (moving by ocean from Europe vs. air freight, or air freight from China to LA) and measure the cost and service impact against the cost and service impact for waiting out the obstacle.

The important idea here is to have a contingency plan for those items that may have a serious impact to your business, otherwise you may just erupt like Grimsvotn.

On October 13, the eyes of the world focused on a remote site in Chile where a group of miners finally began returning to the surface of the earth after 69 days of being confined underground due to a cave in.  It was a feel good moment that took our minds off the economy, negative campaigning, unemployment, and a host of other things to savor the moment.

A major part of the success of the operation goes to the careful assessment of various alternatives and the risks and rewards that were associated with each of the various options.  Even more important was the number and various disciplines the Chilean Government called on to assure a successful operation.    According to an article published in Business Insurance October 18, a wide variety of experts were called in to examine all aspects of the situation.  Experts from the insurance industry, NASA, the Chilean Submarine service, psychologists, nutritionists, engineers, and Doctors spent a considerable amount of time methodically reviewing the problem, and solutions.  The risk analysis continued on through the entire event and were not afraid to take the additional time to make sure the outcome was successful.

The article quotes Lane Bos, senior risk engineer and mining industry practice leader for Zurich  who indicated the planners “developed procedures and followed those procedures”.   The process was completed on the fly, but the key point here was they took the time to develop and then follow the procedures, continuously assessing the risk/reward for the action throughout the process.

Human beings are programed to react in certain ways when an event occurs that scares the heck out of us.  Our primal DNA coding pushes adrenaline, shuts down non essential body functions, and drives the mind to find a solution (have I experienced this type of a situation before?  What did I do and how did it work?  Please let me find the right solution before something bad happens!).  

I believe this is why we are so good a firefighting.  Fix it and store in the back of our minds in case we need it again quickly. 

In developing a risk management or business continuity/disaster recovery plan, you cannot plan for all types of emergencies.  In many cases you move from the 50 foot level to a 500 foot level for a base line and then provide alternatives for various scenarios (as an example evacuating the building as the base level, and different meeting points or exit strategies for fire, flood, gas leaks, tornado,etc.).   In developing the base line concept you also are adding to your experience and becoming familiar with the risk analysis process you develop the tools that help when the unexpected comes up. 

While the excellent article on the benefits of quality risk analysis is not currently available on Business Insurance, there is another excellent article on how Chile tapped NASA for assistance which is well worth the read and provides some insight into the thought process from an earlier time. 

An additional interesting PBS show from Nova chronicles the rescue and looks at some of the physical and psychological effects that helped these miners survive.  click here for further information and a preview of the show.

Let’s face it any venture is faced with risk.  We’ve all heard “No Risk, No Reward” and no one would disagree with Earl Nightingale comment “wherever there is danger, there is opportunity, wherever there is opportunity there is danger, the two are inseparable, they go together”.  These comments support how we have previously defined risk (see what is risk). 

Understanding that all things worth doing contain an element of risk is the first step in developing and implementing a risk management program, heck it’s the first word in RISK management.  In order to manage risk, the various risks need to be identified, and assessed for the probability of the event occurring and the impact the event would have on the business

When developing a risk assessment, an organization should create a list of all the risks that it faces, and drilling down, the reason these risks are listed.  Hopefully the list will be generated by a number of individuals within the organization who have different perspectives of risk.  A customer service manager will have a different view of the risks that he/she face as compared to the CFO of the company, or the VP of Sales.  I believe identifying all risks is important.

As the risk list is being developed, the individual risks will be dropping into several broad categories.  These categories identify not only the major focus of the risks, but also provide a road-map on defining the risk and suggested ways to address them.

Typically all the risks will fall into three categories:

  • Strategic- the risks that are associated with the environment the business operates in including marketplace or industry, regulatory issues, competition, reputation, stakeholders, and technology/obsolescence.
  • Financial – The risks to a companies financial strength including cash flow, profit margins, debt and credit management, interest rate fluctuation, and reserve requirements.
  • Operational – The risks involved in the functional operation of the organization like supply chain, fraud, security, human resources, projects, natural and man made disasters, systems and equipment.

Naturally each of these broad risk categories contain sub categories, and the sub categories break down further into additional sub categories that help to clarify and legitimize the concerns these risks pose.

In the next segment of Risk Management 101 we will look at some of the ways to develop the “Risk List”.