Skip to content
Search AI Powered

Latest Stories

thought leaders

Assessing and managing risk: interview with IBM's Louis R. Ferretti

Five years ago, IBM went in search of a tool to help it better assess the vulnerabilities of its vast global pool of suppliers. When the company couldn't find what it needed, Lou Ferretti and his team built their own.

Assessing and managing risk: interview with IBM's Louis R. Ferretti

As supply chains have become more global, the complexities of managing risk across vast and varied physical and political geographies arguably have grown by orders of magnitude. That's a lesson that IBM, one of the world's largest technology companies, has taken to heart. Beginning in 2009, the company undertook the task of building a complex supply chain risk management tool, now deployed globally, that provides managers with a way to examine supply risk in a much more robust fashion than ever before.

The team that developed the tool was headed by Louis R. Ferretti, the project executive who leads global and strategic programs within IBM's Integrated Supply Chain business unit and across its global supplier network on environmental compliance, supply chain social responsibility, conflict minerals, business continuity planning, and sustainability as well as risk management. He is also a member of IBM's corporate crisis management team.


Ferretti recently spoke to Editorial Director Peter Bradley about the development and rollout of the supply chain risk management tool.

Louis R. Ferretti

Q: Companies have been talking about risk management for a long time. What led IBM to develop a supply chain risk tool?
A: IBM, like others, has always assessed supply chain risk. Typically, we would look at whether our supplier was a single or sole source supplier and whether there was a financial risk associated with that supplier, and maybe we'd look at some logistics aspects. That was the sum total of what was done for our suppliers across the board.

But our supply chain has become global in nature. We are sourcing in probably 80 countries, and we are sourcing many times in countries where the risks are much higher. So our senior leaders asked our [chief procurement officer] what we were doing. Quickly, our CPO responded that we would work to address supplier and supply chain risk in a much broader, holistic fashion. We would cover political, financial, economic, logistics, and climatic factors. Our CPO listed probably a dozen factors that we would consider in a newer approach to risk. That was the mission that was handed over to me in 2009.

Q: Give me a sense of the timeline of the process to make that happen.
A: I needed to step back. I thought that there was a supply chain risk industry, and what I would do is go find a subscription and get someone to provide me with all the information I was looking for as far as disruptions to the supply chain. After interviewing large companies and even small companies, they told us at the time that this was interesting but that nobody else was asking for it.

I figured that if they didn't have it and would have to build it, that we could probably do an equally good or better job of building it for ourselves and customizing it to our specific risk profile. We had a small core team, maybe a half-dozen people, and we started examining how we would put this together. It probably took us a little bit over a year to put our concept in place, to develop the requirements, and actually do the coding. The end result is what's known as our "Total Risk Assessment Tool and Process."

When I got this assignment, I wasn't told to build a tool. I was told to put a process in place that would assess supplier and supply chain risk and all these factors. Once we started examining the scope of risk and then looking at the data that we would need, we realized very quickly that this was not a spreadsheet tool, but it really had to be a much more sophisticated database and analytic tool [for] developing an algorithm that would look at this information and produce, as a result, the level of risk. But that is not where I started out.

Q: Prior to developing this tool, how did you assess supply risk?
A: Our procurement councils—what most companies call category management groups—would look at their suppliers, and they would make a determination of the level of risk, typically based upon one or two factors: single source and financial risk. Now, the interesting thing is that comparing council to council, there was really no definition of risk. There were no criteria. Each council—we had dozens of councils—would make, I want to say, a subjective call. They really didn't have a benchmark in order to compare one with another.

Q: Let's go back to the development of the tool. What did it take to build and get this tool in place?
A: We assembled a small team from procurement, engineering, GBS [IBM's Global Business Services consulting division], business integration and transformation, and the CIO's office. We determined what risks we needed to consider, what data we would need to evaluate the risks, an algorithm to assess the impact versus likelihood of an event occurring, who the users would be, what kind of training they would need, and how often to run the tool. We had to develop thresholds and metrics as well as a management system around the process. Gathering the tool requirements, tool development, and testing took about a year.

Q: Tell me a little bit about the rollout.
A: Prior to the actual rollout, we built a prototype and then ran a pilot with several users. We got excellent feedback and made changes. The CPO was a very strong proponent of using the tool. And within just about a year from the initial deployment, the Fukushima earthquake and tsunami struck Japan. The teams found the tool invaluable in gaining insight as to which suppliers we had in Japan, what commodities were made there, etc. Then later that year came the Thailand floods. After those two events, all of the procurement team members were in.

Now, this is clearly extra work for the sourcing team. We did a couple of things to ease into this. We had extensive education on not just why we were doing this but also on how the tool works; the purpose of the questions; why we would look at the country, region, suppliers, supplier sites, and the commodity—and why we chose those particular things; and then how the algorithm would take that information, weigh it, and produce a result. Then, when we had a result, what we would do with it.

Q: There must be some way for the tool to adjust to changing conditions.
A: The factors that are considered in the tool are not ones where you would typically see dramatic changes from week to week, month to month, and so forth, and we don't run the tool that frequently, though we could. What really changes are situations, whether it be the Thailand floods, issues with Ukraine, the protests in Hong Kong. Those things are real time. To augment the tool's calculation on the high-risk, medium-risk, low-risk slider, you rely quite heavily on the real-time alerts. So we have a system in which we collect information around the clock, and we look at the data, the alerts, and we make a determination very quickly whether or not we think it is going to impact the supply chain only in the short term or if it is a fundamental issue that is going to change the supply chain for the longer term.

Q: What has the tool done for IBM?
A: Well, overall it has raised the level of risk awareness and sensitivity. Sourcing people around the world understand that sourcing the product and getting the best price and getting it delivered on time are all necessary, but understanding the level of risk that the supplier brings as well as the part's supply chain is something that is equal to the other items.

In the Japan situation, the tool immediately told us how many suppliers we had in Japan, whether they were tier one or two, what commodities they provided, etc. The executive team could reach out to the suppliers right away and determine if the factories would be up and running and if not now, when. We had an abundance of information at our fingertips that we eventually would have gotten to, but the sooner you get this information, the more options you have to deal with the crisis because for the most part, competitors are going to the same suppliers, the same manufacturing lines, the same capacity.

Q: Do you have plans to expand the tool's scope and features?
A: There are really a couple of things here. It would sure be nice if we could see a picture of the factory when our executive is talking to that top executive in Japan. Actually, we developed what we call a risk app and tested it, and we have it in play now. We are going to be using it for other aspects of IBM, so this gives us the ability to communicate on the spot.

The next thing that we have done is [a result of] the Thailand flooding. About 50 percent of the hard drive business is in Thailand, so that situation was very, very acute. We were asked to look at supply clustering. So we looked around, and we found that we do have suppliers in several sites around the world that are clustered in different geographies. So we started to look at the potential of flooding. We actually have this now; we've got a prototype that is up and running, and we are using it.

The Latest

More Stories

Logistics gives back: October 2024

For the past seven years, third-party service provider ODW Logistics has provided logistics support for the Pelotonia Ride Weekend, a campaign to raise funds for cancer research at The Ohio State University’s Comprehensive Cancer Center–Arthur G. James Cancer Hospital and Richard J. Solove Research Institute. As in the past, ODW provided inventory management services and transportation for the riders’ bicycles at this year’s event. In all, some 7,000 riders and 3,000 volunteers participated in the ride weekend.


Keep ReadingShow less

Featured

siemens logistics airport buggage

Vanderlande to acquire Siemens Logistics for $325 million

The logistics process automation provider Vanderlande has agreed to acquire Siemens Logistics for $325 million, saying its specialty in providing value-added baggage and cargo handling and digital solutions for airport operations will complement Netherlands-based Vanderlande’s business in the warehousing, airports, and parcel sectors.

The acquisition has received approval from the Supervisory and Management Boards of both Vanderlande and its parent company Toyota Industries Corporation (TICO) as well as the Management Board of parent company Siemens AG.

Keep ReadingShow less

Resilience is a daily fight

I recently came across a report showing that 86% of CEOs around the world see resiliency problems in their supply chains, and that business leaders are spending more time than ever tackling supply chain-related challenges. Initially I was surprised, thinking that the lessons learned from the Covid-19 pandemic surely prepared industry leaders for just about anything, helping to bake risk and resiliency planning into corporate strategies for companies of all sizes.

But then I thought about the growing number of issues that can affect supply chains today—more frequent severe weather events, accelerating cybersecurity threats, and the tangle of emerging demands and regulations around decarbonization, to name just a few. The level of potential problems seems to be increasing at lightning speed, making it difficult, if not impossible, to plan for every imaginable scenario.

Keep ReadingShow less
AI tops digital supply chain investment priorities

AI tops digital supply chain investment priorities

Investing in artificial intelligence (AI) is a top priority for supply chain leaders as they develop their organization’s technology roadmap, according to data from research and consulting firm Gartner.

AI—including machine learning—and Generative AI (GenAI) ranked as the top two priorities for digital supply chain investments globally among more than 400 supply chain leaders surveyed earlier this year. But key differences apply regionally and by job responsibility, according to the research.

Keep ReadingShow less
voting stickers for election results analysis

Report: Manufacturing leaders should think beyond November election

U.S. manufacturing leaders should think beyond November and focus on responsiveness for building long-term success regardless of who occupies the Oval Office in 2025, according to a report from Propel Software about uncertainty on business conditions as the presidential election approaches.

Regardless of the elected administration, the future likely holds significant changes for trade, taxes, and regulatory compliance. As a result, it’s crucial that U.S. businesses avoid making decisions contingent on election outcomes, and instead focus on resilience, agility, and growth, according to California-based Propel, which provides a product value management (PVM) platform for manufacturing, medical device, and consumer electronics industries.

Keep ReadingShow less