Risk Assessment and Analysis Techniques
Expert-defined terms from the Professional Certificate in Risk Management in Supply Chains course at London School of Business and Administration. Free to read, free to share, paired with a professional course.
ABC Analysis – concept #
a method for categorising inventory items by value and turnover. Related terms: Inventory Management, Pareto Principle. Explanation: Items are grouped into A (high‑value, low‑quantity), B (moderate value), and C (low‑value, high‑quantity). Example: A‑items might be critical components costing $10,000 each, while C‑items are cheap fasteners. Practical application: prioritises risk monitoring on A‑items because disruption can cause major supply‑chain impact. Challenge: static thresholds may misclassify items when demand patterns shift.
Accident Probability Model – concept #
statistical model estimating likelihood of accidental events. Related terms: Frequency‑Severity Analysis, Monte Carlo Simulation. Explanation: Uses historical incident data to compute probability distributions for accidents such as fires or spills. Example: A warehouse records 3 fire incidents over 5 years, yielding an annual probability of 0.06. Practical application: informs insurance premium calculations and emergency‑response planning. Challenge: limited data can lead to unreliable probabilities and over‑ or under‑estimation of risk.
Activity‑Based Risk Assessment (ABRA) – concept #
risk assessment technique that links risks to specific business activities. Related terms: Process Mapping, Risk Register. Explanation: Each activity (e.g., order fulfilment) is examined for potential disruptions, and risk scores are assigned based on impact and likelihood. Example: In a cross‑dock operation, the activity “load truck” may be vulnerable to labour shortages, receiving a high risk score. Practical application: helps allocate resources to the most vulnerable activities. Challenge: requires detailed activity documentation and may become cumbersome for large networks.
Adaptation Index – concept #
metric measuring a supply chain’s ability to adjust to disruptions. Related terms: Resilience, Flexibility. Explanation: Calculated as the ratio of post‑disruption performance to pre‑disruption baseline, often expressed as a percentage. Example: After a port strike, a firm recovers 80 % of its service level within two weeks, yielding an adaptation index of 0.8. Practical application: benchmarking tool for continuous improvement. Challenge: selecting appropriate performance indicators and time horizons.
Aggregate Risk Modeling – concept #
combining multiple individual risk exposures into a single portfolio view. Related terms: Correlation, Value at Risk. Explanation: Uses statistical aggregation techniques (e.g., copulas) to capture interdependencies among risks such as supplier failure, demand surge, and currency fluctuation. Example: A retailer aggregates risks from 50 suppliers, finding that the combined 95 % VaR is higher than the sum of individual VaRs due to positive correlation. Practical application: informs capital allocation for risk mitigation. Challenge: accurate estimation of correlation structures, especially under rare‑event conditions.
Alternatives Analysis – concept #
systematic evaluation of substitute sourcing options. Related terms: Supplier Diversification, Cost‑Benefit Analysis. Explanation: Compares alternative suppliers on criteria such as cost, lead time, quality, and geopolitical risk. Example: A electronics manufacturer assesses three Asian suppliers, finding that the lowest‑cost option carries high political risk, while a slightly more expensive supplier offers better continuity. Practical application: supports strategic sourcing decisions. Challenge: data collection on intangible factors like regulatory exposure.
Bayesian Network – concept #
graphical model representing probabilistic relationships among variables. Related terms: Conditional Probability, Inference Engine. Explanation: Nodes denote risk factors (e.g., supplier financial health), and directed edges capture causal influence. Example: A Bayesian network links “Supplier Bankruptcy” → “Supply Shortage” → “Production Delay”. Updating the network with new data (e.g., a credit rating downgrade) revises the probability of downstream impacts. Practical application: dynamic risk monitoring and scenario analysis. Challenge: requires expertise to structure the network and calibrate conditional probabilities.
Benchmarking Risk Metrics – concept #
comparing an organization’s risk performance against industry standards. Related terms: Key Risk Indicators, Best Practice. Explanation: Metrics such as average lead‑time variance or supplier failure rate are measured and contrasted with peer averages. Example: A food‑processing firm finds its on‑time delivery rate (92 %) lags the industry benchmark (96 %). Practical application: identifies gaps and drives improvement initiatives. Challenge: ensuring comparable data collection methods across firms.
Black‑Swans – concept #
rare, high‑impact events that are difficult to predict. Related terms: Tail Risk, Extreme Value Theory. Explanation: Characterised by low probability (<1 %) but severe consequences, such as a pandemic or a major cyber‑attack. Example: The COVID‑19 outbreak acted as a Black‑Swans for many global supply chains, causing unprecedented disruptions. Practical application: prompts inclusion of contingency reserves and scenario planning. Challenge: by definition, limited historical data hampers quantitative modelling.
Bow‑Tie Analysis – concept #
visual risk assessment tool that maps causes and consequences of a single event. Related terms: Hazard Identification, Control Measures. Explanation: The “knot” represents the central event; left side shows threats, right side shows outcomes, with barriers placed on both sides. Example: For “Container Loss”, threats include “Port Congestion” and “Theft”, while consequences include “Revenue Loss” and “Customer Dissatisfaction”. Practical application: clarifies where controls are effective or missing. Challenge: may oversimplify complex, multi‑event interactions.
Business Impact Analysis (BIA) – concept #
systematic study of the effects of disruptions on business functions. Related terms: Criticality Assessment, Recovery Time Objective. Explanation: Identifies essential processes, quantifies financial loss per unit time, and determines acceptable downtime. Example: A pharmaceutical company calculates a $2 million loss per day for halted production of a flagship drug. Practical application: prioritises recovery resources and informs continuity planning. Challenge: obtaining accurate loss‑per‑day figures, especially for intangible impacts.
CAPM (Capital Asset Pricing Model) for Supply‑Chain Risk – concept #
adaptation of CAPM to estimate the cost of risk capital for supply‑chain projects. Related terms: Beta Coefficient, Risk Premium. Explanation: Calculates expected return as risk‑free rate plus beta times market risk premium, where beta reflects supply‑chain volatility relative to a benchmark index. Example: A logistics firm estimates a beta of 1.2, leading to a higher discount rate for risky projects. Practical application: assists investment appraisal under uncertainty. Challenge: determining an appropriate market proxy for supply‑chain risk.
Cause‑Effect Diagram (Fishbone) – concept #
graphical tool to identify root causes of a problem. Related terms: Root‑Cause Analysis, 5 Whys. Explanation: The diagram’s “spine” represents the problem, while branches denote categories such as People, Process, Equipment, Materials, and Environment. Example: For frequent stockouts, the fishbone may reveal causes like inaccurate demand forecasting and supplier lead‑time variability. Practical application: guides targeted corrective actions. Challenge: may become overly detailed without clear prioritisation.
Cluster Analysis – concept #
statistical technique grouping similar data points, used for risk segmentation. Related terms: K‑Means, Hierarchical Clustering. Explanation: Suppliers or customers are clustered based on attributes like order frequency, geographic risk, and financial health. Example: A retailer clusters suppliers into three risk tiers, enabling differentiated monitoring intensity. Practical application: streamlines risk‑management resource allocation. Challenge: choice of distance metric and number of clusters can significantly affect outcomes.
Co‑Location Risk Assessment – concept #
evaluation of risk concentration when multiple critical functions share the same geographic location. Related terms: Geographic Concentration, Single‑Point‑of‑Failure. Explanation: Analyses the probability that a natural disaster, political unrest, or infrastructure failure simultaneously impacts several supply‑chain nodes. Example: A company’s main warehouse and primary supplier’s plant are both situated in a flood‑prone river basin, raising co‑location risk. Practical application: informs decisions on facility siting and redundancy planning. Challenge: quantifying correlated exposure across different entities.
Composite Risk Score – concept #
aggregated metric that combines multiple risk dimensions into a single numeric value. Related terms: Weighted Scoring, Risk Matrix. Explanation: Each risk factor (likelihood, impact, detectability) is assigned a weight; scores are summed to produce a composite rating. Example: Supplier X receives a composite risk score of 78/100, signalling high overall exposure. Practical application: facilitates ranking and prioritisation of suppliers. Challenge: subjective weighting can bias results; periodic review is essential.
Conditional Value at Risk (CVaR) – concept #
risk measure that captures the average loss beyond the VaR threshold. Related terms: Tail Risk, Expected Shortfall. Explanation: While VaR indicates a loss percentile (e.g., 95 %), CVaR quantifies the mean of losses exceeding that percentile, providing a more coherent risk metric. Example: A supply‑chain portfolio has a 95 % VaR of $5 million; its CVaR is $7 million, reflecting heavier tail losses. Practical application: supports capital allocation for extreme events. Challenge: requires robust loss distribution modelling, especially for low‑frequency high‑severity risks.
Contingency Planning – concept #
development of predefined actions to respond to identified risks. Related terms: Business Continuity, Scenario Planning. Explanation: Plans include alternative suppliers, safety‑stock levels, and communication protocols. Example: A retailer establishes a “dual‑source” contingency that activates if the primary supplier’s lead time exceeds 30 days. Practical application: reduces downtime and mitigates financial impact during disruptions. Challenge: maintaining plan relevance as market conditions evolve.
Critical Path Method (CPM) Risk Overlay – concept #
integrating risk analysis into CPM project scheduling. Related terms: Schedule Risk Analysis, Monte Carlo Simulation. Explanation: Activity durations are modelled as probability distributions; the critical path’s variability is examined to assess schedule risk. Example: Using Monte Carlo runs, a logistics network redesign shows a 20 % chance of exceeding the target launch date. Practical application: informs buffer allocation and risk‑aware project timelines. Challenge: requires accurate duration estimates and sufficient computational runs.
Cross‑Impact Analysis – concept #
technique that evaluates how the occurrence of one risk influences the probability of others. Related terms: Interdependency Mapping, Systemic Risk. Explanation: A matrix captures positive or negative impacts among risks; iterative calculations update probabilities. Example: A supplier bankruptcy increases the likelihood of “Production Delay” by 15 % while reducing “Quality Issue” probability due to stricter oversight. Practical application: uncovers cascading effects and informs holistic mitigation strategies. Challenge: modelling complex feedback loops can become computationally intensive.
Cyber‑Risk Heat Map – concept #
visual representation of cyber threats based on likelihood and impact. Related terms: Information Security, Threat Landscape. Explanation: Risks are plotted in a matrix; colour intensity indicates severity. Example: A heat map shows ransomware attacks as high‑impact, medium‑likelihood, prompting investment in backup solutions. Practical application: prioritises cyber‑security initiatives. Challenge: rapidly evolving threat vectors demand frequent updates.
Damage Function – concept #
relationship that translates a physical event’s intensity into economic loss. Related terms: Loss Distribution, Exposure Modeling. Explanation: For floods, the damage function may specify that water depth of 0.5 m causes 30 % asset loss, while 1.5 m causes 80 % loss. Example: A warehouse uses a damage function to estimate potential loss from storm surge. Practical application: feeds into catastrophe modelling for insurance and resilience planning. Challenge: calibrating functions for unique assets and limited empirical data.
Decision Tree Analysis – concept #
structured method for evaluating alternative actions under uncertainty. Related terms: Expected Value, Branching Probabilities. Explanation: Each node represents a decision or chance event; branches carry probabilities and outcomes. Example: Choosing between “single‑source” and “dual‑source” strategies, a decision tree quantifies expected cost, incorporating probabilities of disruption. Practical application: aids transparent, quantitative decision‑making. Challenge: tree complexity grows exponentially with numerous uncertainties.
Dependency Mapping – concept #
diagrammatic identification of upstream and downstream relationships among supply‑chain entities. Related terms: Network Topology, Supply‑Chain Mapping. Explanation: Shows how a change or failure in one node propagates through the network. Example: Mapping reveals that a single component supplier feeds ten downstream assemblers, indicating a high‑dependency node. Practical application: helps focus risk‑mitigation on critical dependencies. Challenge: maintaining up‑to‑date maps in dynamic, multi‑tier networks.
Deterministic Scenario Analysis – concept #
evaluation of risk impacts using fixed input values rather than probability distributions. Related terms: What‑If Analysis, Sensitivity Testing. Explanation: Analysts select specific “worst‑case” or “best‑case” values for variables (e.g., a 30 % demand surge) and assess outcomes. Example: A retailer assumes a 25 % increase in raw‑material price and calculates resulting profit margin erosion. Practical application: provides quick, understandable insights for senior management. Challenge: may overlook probabilistic nuance and underestimate tail risk.
Dynamic Risk Scoring – concept #
continuously updating risk scores as new data become available. Related terms: Real‑Time Monitoring, Predictive Analytics. Explanation: Scores are recalculated using streaming data feeds (e.g., supplier financial news, weather alerts). Example: A supplier’s risk score jumps from 30 to 70 after a sudden credit downgrade, triggering an automatic alert. Practical application: enables proactive mitigation before disruptions materialise. Challenge: requires robust data integration and algorithmic governance.
Enterprise Risk Management (ERM) Framework – concept #
holistic approach integrating risk identification, assessment, and response across the entire organisation. Related terms: Risk Appetite, Governance. Explanation: Aligns supply‑chain risk with corporate strategy, establishes risk owners, and defines reporting structures. Example: An ERM policy mandates quarterly risk‑heat‑map reviews for all critical logistics functions. Practical application: promotes consistent risk culture and decision‑making. Challenge: achieving cross‑functional buy‑in and avoiding siloed assessments.
Event Tree Analysis – concept #
forward‑looking technique that maps possible outcomes from an initiating event. Related terms: Fault Tree Analysis, Probability Branching. Explanation: Begins with a trigger (e.g., “port closure”) and branches into success/failure of mitigation measures, ultimately leading to final consequences. Example: An event tree for “container theft” includes branches for “security inspection success” and “insurance claim processing”. Practical application: quantifies overall probability of adverse outcomes and identifies effective controls. Challenge: requires detailed data on control effectiveness.
Failure Mode and Effects Analysis (FMEA) – concept #
systematic method to identify potential failure modes, their causes, and effects. Related terms: Risk Priority Number, Preventive Action. Explanation: Each failure mode is scored for severity (S), occurrence (O), and detection (D); the product S × O × D yields the RPN. Example: A packaging line’s “seal failure” receives S = 9, O = 4, D = 3, resulting in an RPN of 108, signalling high priority. Practical application: directs resources to improve detection or reduce occurrence. Challenge: subjective scoring can lead to inconsistent RPNs across teams.
Financial Risk Modeling – concept #
quantitative techniques to evaluate monetary exposures in supply chains. Related terms: Discounted Cash Flow, Currency Exposure. Explanation: Models incorporate variables such as commodity price volatility, exchange‑rate fluctuations, and credit risk. Example: A firm models the impact of a 10 % raw‑material price increase on profit margins using a stochastic price process. Practical application: supports hedging decisions and budgeting. Challenge: capturing correlated market movements and non‑linear cost structures.
Fishbone Diagram – concept #
visual tool (also known as cause‑and‑effect diagram) to explore root causes of a problem. Related terms: Root‑Cause Analysis, 5 Whys. Explanation: Central “spine” represents the problem; branches represent categories such as Methods, Machines, Materials, and People. Example: For “late deliveries”, the diagram may reveal causes like “inaccurate demand forecasts” (Methods) and “insufficient driver training” (People). Practical application: structures brainstorming sessions and guides corrective‑action planning. Challenge: can become overly detailed without clear prioritisation, leading to analysis paralysis.
Forecast Error Modeling – concept #
statistical analysis of the deviation between predicted and actual demand. Related terms: Mean Absolute Percentage Error, Bias. Explanation: Errors are modelled as random variables, often assumed to follow normal or log‑normal distributions. Example: A retailer computes a MAD of 4 % and a bias of –1 %, indicating a slight under‑forecast tendency. Practical application: informs safety‑stock calculations and improves inventory resilience. Challenge: demand volatility and promotional spikes can distort error patterns.
Four‑Quadrant Risk Matrix – concept #
simple visual tool plotting risk likelihood against impact to categorise risk levels. Related terms: Heat Map, Risk Prioritisation. Explanation: The matrix divides into low‑low (green), low‑high (yellow), high‑low (yellow), and high‑high (red) quadrants. Example: A supplier’s bankruptcy risk may fall in the red quadrant (high likelihood, high impact). Practical application: quickly communicates risk posture to stakeholders. Challenge: coarse granularity may mask nuanced differences between risks.
Frequentist vs Bayesian Approaches – concept #
two statistical paradigms for estimating risk parameters. Related terms: Prior Distribution, Confidence Interval. Explanation: Frequentist methods rely on long‑run frequency properties; Bayesian methods combine prior beliefs with observed data to produce posterior distributions. Example: Estimating the failure probability of a critical component using a frequentist binomial confidence interval versus a Bayesian beta‑binomial model. Practical application: choice influences how new information updates risk estimates. Challenge: selecting appropriate priors and communicating Bayesian results to non‑technical audiences.
Geospatial Risk Mapping – concept #
overlaying risk data onto geographic maps to visualise spatial patterns. Related terms: GIS, Heat Map. Explanation: Attributes such as supplier locations, natural‑hazard zones, and political instability scores are plotted to identify high‑risk clusters. Example: A map shows that 70 % of a company’s tier‑1 suppliers lie within a seismic‑active belt. Practical application: guides site‑selection, diversification, and insurance strategies. Challenge: data quality and resolution can limit analytical precision.
Hazard Identification (HAZID) – concept #
systematic process of recognising potential sources of harm in a supply‑chain context. Related terms: Risk Register, Preliminary Hazard Analysis. Explanation: Techniques include brainstorming, checklists, and historical incident review. Example: HAZID for a cold‑chain logistics operation highlights hazards such as temperature excursions, vehicle accidents, and power outages. Practical application: forms the foundation for subsequent risk analysis steps. Challenge: ensuring comprehensive coverage across multiple tiers and geographies.
Hazard‑Likelihood Matrix – concept #
tabular tool that assigns numerical scores to hazard likelihood categories. Related terms: Risk Matrix, Scoring Scale. Explanation: Likelihood may be rated as Rare (1), Unlikely (2), Possible (3), Likely (4), or Almost Certain (5). Example: A flood in a low‑lying warehouse is rated “Likely” (4). Practical application: standardises likelihood assessments across risk analysts. Challenge: subjectivity in assigning categories; calibration workshops are often needed.
Heat‑Map Dashboard – concept #
digital interface that visualises risk scores, trends, and alerts in real time. Related terms: Key Risk Indicators, Data Visualization. Explanation: Uses colour coding (green‑yellow‑red) to highlight risk status across suppliers, regions, or processes. Example: A dashboard shows rising risk scores for a supplier due to a recent political protest, prompting a review. Practical application: enables senior managers to monitor risk health at a glance. Challenge: data latency and over‑reliance on visual cues without underlying context.
Historical Loss Data Analysis – concept #
examination of past loss events to derive statistical parameters for modelling. Related terms: Loss Distribution, Frequency‑Severity Curve. Explanation: Aggregates incident counts and monetary losses to fit distributions (e.g., Poisson‑Gamma). Example: Over ten years, a firm records 120 supply‑disruption incidents with an average loss of $150 k, fitting a log‑normal severity distribution. Practical application: informs insurance premium calculations and capital allocation. Challenge: incomplete reporting and changing business environments may bias results.
Hybrid Risk Modelling – concept #
combining deterministic and stochastic techniques to capture both known and uncertain elements. Related terms: Monte Carlo Simulation, Scenario Analysis. Explanation: Deterministic base case parameters are supplemented with random variables for uncertain inputs. Example: A supply‑chain cost model uses fixed transportation rates but stochastic demand forecasts. Practical application: balances model transparency with realistic uncertainty representation. Challenge: selecting appropriate mix of deterministic and stochastic components without over‑complicating the model.
Impact‑Likelihood Matrix – concept #
two‑dimensional grid that plots potential impact against likelihood to classify risk severity. Related terms: Risk Heat Map, Priority Setting. Explanation: Each risk is placed in a cell; red cells (high‑impact/high‑likelihood) demand immediate action. Example: A “port strike” risk lands in a yellow cell (moderate impact, low likelihood), suggesting monitoring rather than immediate mitigation. Practical application: assists resource allocation. Challenge: subjective placement can vary between assessors; calibration is necessary.
Incident Reporting System – concept #
structured platform for capturing and tracking risk events. Related terms: Root‑Cause Analysis, Corrective Action. Explanation: Users log incidents, assign severity, and trigger workflow for investigation. Example: A logistics provider’s system records a “vehicle breakdown” incident, automatically notifying the risk manager. Practical application: builds a database for trend analysis and continuous improvement. Challenge: ensuring consistent data entry and avoiding under‑reporting.
Information Flow Analysis – concept #
assessment of how data moves through the supply‑chain network and where bottlenecks exist. Related terms: Supply‑Chain Visibility, Data Latency. Explanation: Maps sources (e.g., ERP, IoT sensors) to consumers (e.g., planners, customers) and evaluates timeliness and accuracy. Example: Identifying a two‑day lag in inventory updates from a downstream distributor reveals a visibility gap. Practical application: prioritises investments in real‑time tracking technologies. Challenge: integrating disparate IT systems and standards.
Insurance‑Linked Securities (ILS) for Supply‑Chain Risk – concept #
financial instruments that transfer specific supply‑chain risks to capital markets. Related terms: Catastrophe Bonds, Risk Transfer. Explanation: An ILS may be structured to pay out if a defined event (e.g., a hurricane) causes losses exceeding a trigger. Example: A manufacturer issues a $50 million catastrophe bond covering hurricane‑related supply‑chain disruptions. Practical application: diversifies risk financing beyond traditional insurance. Challenge: structuring terms that align with actual loss exposures and regulatory compliance.
Key Risk Indicator (KRI) – concept #
metric that provides early warning of changing risk levels. Related terms: Performance Indicator, Threshold. Explanation: KRIs are selected for relevance, measurability, and predictive power. Example: “Supplier on‑time delivery rate < 90 %” serves as a KRI, triggering escalation when breached. Practical application: enables proactive risk management. Challenge: over‑reliance on lagging KRIs can delay response; selecting leading indicators is essential.
Knock‑On Effect Analysis – concept #
evaluation of secondary impacts that follow an initial disruption. Related terms: Cascading Failure, Supply‑Chain Ripple. Explanation: Quantifies how a primary event (e.g., raw‑material shortage) propagates through downstream processes, potentially amplifying total loss. Example: A steel shortage leads to delayed car production, which in turn causes dealership inventory shortages and reduced sales. Practical application: highlights the need for buffer strategies beyond the immediate cause. Challenge: modelling complex interdependencies across multiple tiers.
Lagging Indicator Review – concept #
analysis of post‑event metrics that confirm risk outcomes. Related terms: After‑Action Review, Performance Measurement. Explanation: Metrics such as “actual downtime” or “financial loss” are examined after an event to validate risk assessments. Example: After a port closure, a firm reviews the 3‑day delay versus the predicted 2‑day impact, adjusting future models accordingly. Practical application: refines risk models and improves future predictions. Challenge: data collection may be delayed, reducing timeliness of insights.
Log‑Normal Distribution for Lead‑Time Modeling – concept #
probability distribution often used to represent positively‑skewed lead‑time data. Related terms: Statistical Fitting, Supply‑Chain Variability. Explanation: Parameters µ and σ are estimated from historical lead‑time observations; the distribution captures the long tail of extreme delays. Example: A supplier’s lead time follows a log‑normal distribution with a mean of 12 days and a 95 % percentile of 22 days. Practical application: informs safety‑stock calculations and service‑level targets. Challenge: outliers can distort parameter estimates; robust fitting techniques may be required.
Loss Expectancy (ALE & SLE) – concept #
quantitative measure of expected loss from a risk, combining severity and likelihood. Related terms: Annualized Loss Expectancy, Single Loss Expectancy. Explanation: SLE = Asset Value × Exposure Factor; ALE = SLE × Annual Rate of Occurrence. Example: A $500 k warehouse with a 20 % exposure factor yields an SLE of $100 k; if the annual occurrence rate is 0.1, ALE = $10 k. Practical application: prioritises mitigation investments based on expected monetary impact. Challenge: accurate estimation of exposure factors and occurrence rates is often subjective.
Monte Carlo Simulation – concept #
computational technique that uses random sampling to estimate the distribution of outcomes. Related terms: Stochastic Modeling, Probability Distribution. Explanation: Repeatedly draws random values for uncertain inputs (e.g., demand, lead time) to generate a spectrum of possible results. Example: Running 10,000 iterations of a supply‑chain cost model yields a 95 % confidence interval of $1.2‑$1.5 million. Practical application: quantifies uncertainty and supports risk‑based decision making. Challenge: requires high‑quality input distributions and sufficient computational resources.
Multi‑Criteria Decision Analysis (MCDA) – concept #
framework for evaluating alternatives against several weighted criteria. Related terms: Analytic Hierarchy Process, Scoring Model. Explanation: Criteria may include cost, risk, sustainability, and flexibility; each is assigned a weight reflecting strategic importance. Example: Selecting a logistics partner using MCDA yields scores that rank providers based on a 40 % cost weight, 30 % risk weight, and 30 % sustainability weight. Practical application: balances trade‑offs and enhances transparency. Challenge: weight assignment can be contentious; sensitivity analysis is advisable.
Network Centrality Analysis – concept #
measurement of node importance within a supply‑chain network using graph theory. Related terms: Degree Centrality, Betweenness. Explanation: Nodes with high centrality (e.g., a hub supplier) may represent critical points of failure. Example: A single component supplier exhibits high betweenness, indicating many shortest paths traverse it. Practical application: informs prioritisation of monitoring and redundancy planning. Challenge: dynamic network changes require frequent recalculation.
Operational Risk Assessment (ORA) – concept #
evaluation of risks arising from internal processes, people, and systems. Related terms: Process Risk, Control Environment. Explanation: Focuses on day‑to‑day activities such as order processing, warehousing, and transportation. Example: An ORA identifies “manual data entry errors” as a moderate risk, recommending automation. Practical application: improves efficiency and reduces error‑related losses. Challenge: distinguishing operational risk from strategic or compliance risk may be ambiguous.
Outlier Detection Techniques – concept #
statistical methods to identify data points that deviate markedly from the norm. Related terms: Box‑Plot, Z‑Score. Explanation: Techniques such as the Tukey method or robust Mahalanobis distance flag unusual observations. Example: A sudden 150 % surge in a supplier’s lead time is flagged as an outlier, prompting investigation. Practical application: early identification of emerging disruptions. Challenge: high variability in supply‑chain data can generate false positives.
Pareto Analysis – concept #
application of the 80/20 rule to identify the few causes that generate most problems. Related terms: ABC Analysis, Root‑Cause Prioritisation. Explanation: By ranking risks or defects, the top 20 % typically account for 80 % of impact. Example: 15 % of suppliers generate 85 % of delivery delays. Practical application: directs focus to high‑impact risk mitigations. Challenge: oversimplification may overlook emerging low‑frequency high‑impact risks.
Probability Distribution Fitting – concept #
statistical process of selecting a mathematical distribution that best describes observed data. Related terms: Goodness‑of‑Fit Test, Maximum Likelihood Estimation. Explanation: Common choices include Normal, Log‑Normal, Weibull, and Poisson. Example: Lead‑time data fit a Weibull distribution with shape parameter 1.5, indicating increasing failure rate over time. Practical application: improves accuracy of stochastic models. Challenge: limited data may make discrimination between similar distributions difficult.
Probabilistic Risk Assessment (PRA) – concept #
systematic evaluation of risk using probability theory to quantify likelihood and consequence. Related terms: Fault Tree Analysis, Monte Carlo Simulation. Explanation: Combines event probabilities with impact models to generate risk metrics such as expected loss. Example: A PRA for a critical component yields a 0.02 probability of failure per year, with an associated $2 million impact. Practical application: supports risk‑based capital allocation. Challenge: requires comprehensive data and expert judgement for rare events.
Qualitative Risk Ranking – concept #
non‑numeric assessment that orders risks based on descriptive criteria. Related terms: Risk Matrix, Expert Judgment. Explanation: Uses categories like High, Medium, Low for likelihood and impact, often visualised in a heat map. Example: A “political instability” risk is rated High‑Impact/Medium‑Likelihood, placing it in a priority zone. Practical application: quick, low‑cost method suitable for early‑stage assessments. Challenge: subjectivity can lead to inconsistent rankings across assessors.
Quantitative Risk Modelling (QRM) – concept #
numeric approach that assigns probability distributions to risk variables and computes expected outcomes. Related terms: Monte Carlo Simulation, Stochastic Programming. Explanation: Models produce metrics such as expected loss, variance, and confidence intervals. Example: A QRM estimates a 5 % chance of a $10 million supply‑chain disruption. Practical application: enables cost‑benefit analysis of mitigation measures. Challenge: data intensity and model complexity may limit adoption in smaller firms.
Reliability Engineering for Supply Chains – concept #
application of reliability concepts (MTBF, MTTR) to evaluate component and process dependability. Related terms: Mean Time Between Failure, Redundancy. Explanation: Calculates expected uptime and identifies failure modes that affect supply continuity. Example: A critical pump has an MTBF of 2,000 hours; its failure probability during a 500‑hour production run is 0.25. Practical application: informs preventive maintenance schedules and spare‑part stocking. Challenge: data collection on equipment failures may be fragmented across suppliers.
Risk Appetite Statement – concept #
formal declaration of the level of risk an organisation is willing to accept to achieve objectives. Related terms: Risk Tolerance, Governance. Explanation: Articulates boundaries (e.g., no more than 5 % annual revenue loss from supply‑chain disruptions). Example: A consumer‑goods company adopts a “low‑to‑moderate” risk appetite for supplier financial stability. Practical application: guides decision‑makers in evaluating mitigation options. Challenge: translating high‑level statements into operational thresholds.
Risk Assessment Matrix – concept #
grid that combines likelihood and impact scores to produce a risk rating. Related terms: Heat Map, Prioritisation. Explanation: Each axis is typically scored 1‑5; the product determines risk level (e.g., 4 × 5 = 20 = High). Example: A “cyber‑attack” risk receives a Likelihood 3 and Impact 5, yielding a rating of 15 (Medium‑High). Practical application: standardises risk evaluation across functions. Challenge: matrix may oversimplify nuanced risk profiles; supplementary analysis is often required.
Risk Control Effectiveness (RCE) – concept #
metric evaluating how well a mitigation measure reduces risk exposure. Related terms: Control Gap, Residual Risk. Explanation: Calculated as (Pre‑Control Risk – Post‑Control Risk) ÷ Pre‑Control Risk. Example: Implementing dual‑sourcing reduces a supplier‑failure risk from 0.3 to 0.1, yielding an RCE of 66 %. Practical application: justifies investment in controls and identifies under‑performing measures. Challenge: accurate measurement of pre‑ and post‑control risk levels can be difficult.
Risk Dashboard – concept #
integrated visual platform summarising key risk metrics, trends, and alerts. Related terms: Key Risk