A tool to address Enterprise Risk Management in Supply Chain Vendor Selection

1
A tool to addressEnterprise Risk Managementin
Supply Chain Vendor Selection

• Shanghai University of Finance Economics
• David L. Olson
• University of Nebraska
• Desheng Wu
• University of Toronto
• Joseph L. Rotman School of Business
• RiskLab

2
ERM!!!

• Enterprise Risk Management
• Not just insurance, auditing, risk analysis
• A philosophy A way of business

3
Definition

• Systematic, integrated approach
• Manage all risks facing organization
• External
• Economic (market - price, demand change)
• Financial (insurance, currency exchange)
• Political/Legal
• Technological
• Demographic
• Internal
• Human error
• Fraud
• Systems failure
• Disrupted production
• Means to anticipate, measure, control risk

4
DIFFERENCES
5
Risk Business

• Taking risk is fundamental to doing business
• Insurance
• Lloyds of London
• Hedging
• Risk exchange swaps
• Derivatives/options
• Catastrophe equity puts (cat-e-puts)
• ERM seeks to rationally manage these risks

6
Types of RiskStroh 2005

• External environment
• Competitors Legal Medical Markets
• Business strategies policies
• Capital allocation Product portfolio Policies
• Business process execution
• Planning Technology Resources
• People
• Leadership Skills Accountability Fraud
• Analysis reporting
• Performance Budgeting Accounting Disclosure
• Technology data
• Architecture Integrity Security Recovery

7
Means to Control Enterprise Risk

• Honeywell (1997)
• Multi-year contract combining property,
  liability, option hedging risks against adverse
  currency exchange rates
• Dickinson 2001
• Holistic approach
• Extend contingency planning with comprehensive
  internal risk management systems
• CRO / CEA
• Chief Risk Officer / Chief Auditing Executive

8
COSOCommittee of Sponsoring OrganizationsTreadwa
y Committee 1990sSmiechewicz 2001

• Assign responsibility
• Board of directors
• Establish organizations risk appetite
• establish audit risk management policies
• Executives assume ownership
• Policies express position on integrity, ethics
• Responsibilities for insurance, auditing, loan
  review, credit, legal compliance, quality,
  security
• Common language
• Risk definitions specific to organization
• Value-adding framework

9
Risk Management Tools

• Simulation (Beneda 2005)
• Monte Carlo Crystal Ball
• Multiple criteria optimization (Dash Kajiji
  2005)
• Goal programming - tradeoffs
• SYSTEMS FAILURE METHOD
• Information Systems Project Management

10
ERM SoftwareRhoden 2006

• Penny 2002
• Algorithmics Incorporated ERM software, global
  financial institutions
• Janes Defence Industry 2005
• Strategic Thought Active Risk Manager defence
  industry
• Rhoden 2006
• Q5AIMS
• From Q5 Systems Ltd
• Safety audit corrective action tracking
• Mobile devices, Web-link
• Preceptor
• Learning management system
• Regulatory compliance, technical training
• PicketdynaQ
• Workplace audit assessment management
• Regulatory references built in

11
Experiences with ERM

• Walker 2003
• FirstEnergy Corp auditing, problem-solving
• Wal-Mart best auditing practices, governance
• Unoval auditing to consultation
• Canada Post auditing efficiency
• GM corporate governance
• Kleffner et al. 2003
• Canadian risk insurance
• 31 adopted ERM

12
UnitedHealth ManagementStroh 2005
13
UHM Lessons Learned

• ERM value must be apparent to executive sponsors
  in a timely fashion
• Begin the process by focusing on the most
  important risks, thus avoiding swamping the
  organization with all possible risks, which would
  likely discourage participation
• Obtain sponsorship, and assign accountability for
  specific risks to responsible organizational
  members
• Standardize approaches where possible, setting
  minimum thresholds of execution
• Develop a diverse set of ERM team members
• Keep ERM implementation simple

14
Stochastic Models for Risk Management

• Multiple criteria analysis
• Simulation
• Chance constrained programming
• Data envelopment analysis

15
Data SetMoskowitz, Tang Lam, 2000, Decision
Sciences 31, 327-360

• 9 Vendors
• 12 Criteria
• Quality personnel
• Quality procedure
• Concern for quality
• Company history
• Price-quality
• Actual price
• Financial ability
• Technical performance

16
Data SetMoskowitz, Tang Lam, 2000, Decision
Sciences 31, 327-360
17
Multiple Criteria Methods

• Many exist
• Olson 1996
• Multiattribute Utility Theory
• Simple Multiattribute Rating Theory Edwards
• Analytic Hierarchy Process
• Outranking methods Saaty
• ELECTRE Roy
• PROMETHEE Brans
• Many others

18
Simulation

• Crystal Ball
• Spreadsheet model of value function
• Randomly generate normal variates
• Score for each vendor on each criterion
• Moskowitz et al. data
• Run 1000 cases
• Identify option with highest score
• Probability count of wins/1000

19
Chance Constrained ProgrammingCharnes Cooper

• Optimization
• Constrain by probability of satisfying
  constraints
• Penalize each constraint
• More variance, more penalty
• Once was difficult to solve
• Now spreadsheets fairly easy if convex
• Usually convex

20
Data Envelopment AnalysisCharnes, Cooper,
Rhodes

• EFFICIENCY
• Multiple attributes
• Maximize each function subject to constraints on
  other attributes
• For combining incommensurate attributes
• Obtain relative efficiency

21
Simulated 2 sets of weights

• Equal weights
• Useful to identify dominated solutions
• There is no set of weights that would yield this
  vendor
• V2 0.03, V4 0.08, V6 0.36, V8 0.53
• Ordinal weights
• Reflect decision maker preference
• More useful to make decision
• Will only select nondominated solutions
• Used centroid weights Olson Dorai
• V2 0.71, V4 0.22, V6 0.07, V8 0

22
Stochastic DEA

• Adjusted probability 0 aj 1
• 0.05, 0.1, 0.2
• Adjusted RHSs with ßj
• 0.85, 0.90

23
Different Methods, Different Results

• Classical DEA Stochastic efficiency without
  weight restrictions
• V1 gt V6 , V7
• V4 gt V8
• V8 gt V3 , V9
• Classical DEA Stochastic efficiency with ordinal
  weights
• V2 gt V1 , V3 , V6 , V7, V9

24
Rankings Classical DEA

• Stochastic efficiency without weight restriction
• Diagonal
• V4 gt V5 gt V8 gt V2 gt V1 gt V3 gt V7 gt V9 gt V6
• Using averages
• V8 gt V4 gt V9 gt V7 gt V3 gt V6 gt V2 gt V1 gt V5
• Stochastic efficiency with weight restriction
• Diagonal
• V8 gt V5 gt V4 gt V2 gt V3 gt V7 gt V1 gt V6 gt V9
• Using averages
• V2 gt V8 gt V3 gt V7 gt V5 gt V4 gt V6 gt V1 gt V9

25
Stochastic DEA Results

• CCR
• Without weight restriction
• All 1.000
• With weight restriction
• V2 V3 V4 V5 V7 V8 gt V6 gt V9 gt V1
• Super CCR
• Without weight restriction
• V5 gt V6 gt V3 gt V4 gt V8 gt V7 gt V2 gt V1 gt V9
• With weight restriction
• V2 gt V3 gt V8 gt V4 gt V7 gt V5 gt V6 gt V1 gt V9

26
Implications Classical DEA, Super CCR fail

• First Order Stochastic Nondominated
• V2 V4 V6 V8
• Classical DEA with weight restriction
• V2 V3 V4 V5 V7 V8
• Super CCR without weight restriction
• V5 gt V6 gt V3 gt V4 gt V8 gt V7 gt V2 gt V1 gt V9
• Super CCR without weight restriction
• V2 gt V3 gt V8 gt V4 gt V7 gt V5 gt V6 gt V1 gt V9

27
Conclusions

• Risk management of growing importance
• Models can help
• Fast, dynamic situations
• Large quantities of data
• Stochastic dominance requires complex, accurate
  data
• More than can be expected
• DEA methods can deal with high levels of
  complexity
• Suggest useful solutions in real time