risk paper
TRANSCRIPT
1. Title of the Paper: Risk management in Outsourcing, AMD Nasik
2. Author(s) Details:
Name (1): Ashutosh Chandorkar
PB.No:105129
Designation: Manager-outsourcing
Division: AMD,Nasik
Contact No(landline): 02550-277147
Contact No. (mobile):9158900231
Email id:105129
Fax no:
Name ( 2): Avinash Kombde
PB.No:16810
Designation: Senior Manger-Outsourcing
Division: AMD,Nasik
Contact No.( landline): 02550-277147
Contact No. (mobile):8308600399
Email id: Mgr-OS2
Fax no:
Name (3): Devendra Lokhande
PB.No:16444
Designation: Senior Manger-Outsourcing
Division: AMD,Nasik
Contact No(landline): 02550-271963
Contact No. (mobile): 9767359737
Email id: SM_OSP
Fax no:
3. Abstract / Summary: Outsourcing in AMD; Nasik for SU30 project has been exemplary in
terms of both SMH and parts. During this journey of outsourcing, many new ideas emerged which were
applied successfully, at the same time, some ideas were not so successful. Over a period of 7 to 8 years,
novel ideas in sourcing of assemblies and detail parts have been maturing and are being established as
norms for the future. Incidentally some case studies in the course of sourcing activity have become good
examples of risk management. In this paper we wish to present strategies which are bench marks for risk
management.
4. Keywords/Tags: 1.Outsourcing 2.Packages 3.Educating
suppliers 4.Parallel suppliers
1
Index
Sr no Topic Page No
1 Executive Summary 3
2 Overview of Supply chain risk management 4
3 Identifying internal and external environment 6
4 Risk Identification 8
5 Risk Analysis and Prioritization 9
6 Conclusion 11
7 Annexure I 12
8 Annexure II 13
9 Annexure III 16
2
Executive Summary
In our day to working in we are to deal with situations where there is a shortage of capacities &
manpower, tighter deadlines and policy guidelines which favour sourcing of workloads. With the current
stress on outsourcing and subcontracting of allied activities, the organization is being increasingly
exposed to risk of operational failure or non performance of a particular function. We are increasingly
relying on other for our success.
Historically, enterprises have spent less than a third of their budgets on purchased goods and services,
having relied on internal sources for these. Today, many enterprises spend most of their budget on
purchased goods and services. This is in large part because of the advantages enterprises have found in
strategies such as globalization, outsourcing, supply-base rationalization, just-in-time deliveries, and
lean inventories. In addition, many companies have consolidated operations both internally and
externally to achieve economies of scale.
While globalization, extended supply chains, and supplier consolidation offer many benefits in efficiency
and effectiveness, they can also make supply chains more brittle and can increase risks of supply-chain
disruption.
In this document we wish to outline current strategies on supply chain risk management being followed
in the industry .Also we wish to share cases in risk management during the course of outsourcing activity
in HAL, AMD Nasik. The strategies and methods presented in the cases are not fully conceived by the
authors. But the authors have played a significant role and devising and implementation of the same.
We do not claim originality of the ideas presented in the paper, but we do claim originality of
presentation in such a forum and for the benefit of the organization at large.
3
Overview of Supply chain risk management
“Supply-chain risk “can be defined as the as the likelihood and consequence of events at any point in the
end-to-end supply chain, from sources of raw materials to end use of customers. Whereas “supply-chain
risk management” can be defined as the as the coordination of activities to direct and control an
enterprise’s end-to-end supply chain with regard to supply-chain risks.
Supply-chain risk management integrates several previous or ongoing initiatives, including those for
business continuity and supply-chain security. Such events may not only be intentional acts such as
sabotage but also unintentional acts such as a hurricane. They may be both events anticipated, such as
political unrest, or unanticipated, such as an earthquake.
As per ISO 31000 approach to risk management is outlined as indicated in the figure below
4
Com
mun
icati
on a
nd c
onsu
ltatio
n
Mon
itorin
g an
d re
view
Risk identification
Risk analysis
Risk evaluation
Risk treatment
Indentifying internal and external environment
Risk assessment
The process begins with identifying internal and external environments. Enterprises may inadvertently
overlook internal risks. These may include those posed by a rogue employee, as well as those posed by
inadequate policies, strategies, or 5 organizational structures. The external environment in which an
enterprise, and its suppliers, must work will also pose differing risks. For example, some suppliers will
face meteorological risks, while others, because of their distance, may have greater transportation risks.
Mapping its supply chain can help an enterprise identify the risks it faces and how best to prioritize and
address them. To prioritize and address risks, firms will need to identify criteria for determining what
may pose a risk to its operations. One potential starting point is the supply chains for the products most
affecting firm profitability.
Once a firm understands how to identify risks, it may undertake risk identification and assessment,
which includes risk identification, risk analysis, and risk evaluation. Risk identification may entail using a
list of common risks including external risks such as natural disasters, accidents, sabotage, or labor
uncertainty; supplier risks such as production problems, financial issues, or subcontractor problems;
distribution risks such as cargo damage, warehouse inadequacies, or supply pipeline constrictions; and
internal risks such as personnel availability or facility unavailability. (See Appendix 2.1 for a list of sample
risks by category.) Such process will also involve prioritizing risks by the threat (as measured by
likelihood and consequence) they can pose to a firm’s operations.
Once a firm has identified and prioritized the risks that it faces, it can devise risk treatment plans. This
includes measures to protect the supply chain from risks, plans to respond to events that these risks
may cause, and plans to continue operations in the face of disruptions and fully recovering from them.
This may also involve determining ways to measure risks and the effectiveness of plans to limit them or
to respond to disruptions.
Enterprises must also undertake continual communication and consultation as well as monitoring and
review throughout this process. Monitoring and review entails not only evaluating the effects of risk
treatment but also maintaining the plan and responding to changes in suppliers, processes, and
regulation affecting elements of the supply
5
Identifying internal and external environment
Enterprises must identify, own, and manage risks at the level they exist. Enterprises must also aggregate
and report risks across the organization and vertically through business reporting structures. Enterprises
should give risks that exist within multiple entities common, coordinated treatments.
When lower-level risks are identified at higher levels of the enterprise but not owned at those levels, it
may be necessary to implement governance controls to assure that risks are managed throughout the
enterprise and supply chain. Such risks may arise when franchises make for local consumption a final
product whose performance will affect reputation of a more widely used corporate brand. They may
also arise when performance of a lower-tier supplier disproportionately affects the reputation of a large
manufacturer as has happened, for example, in the use of lead paint by lower-tier suppliers on toys
ultimately assembled and sold by large firms with strong brand-name recognition. Governance controls
to manage such risks may include corporate leadership setting policies, procedures, and standards for
lower levels to follow, with governance supported by compliance activities such as auditing.
The presence of differing risks at differing levels of an enterprise underscores the importance of defining
the context within which a risk-management program is implemented. This includes suppliers,
manufacturing, logistics (e.g., warehousing and distribution), customers, and other elements that can
affect the supply chain. These elements will vary by industry, as will the efforts an organization can make
to address them. For example, a manufacturing plant may have more control over assembly risks than a
higher-level business unit, while a business unit may be better able to address supply-chain risks posed
by legislative and regulatory issues and to coordinate efforts to mitigate some procurement risks.
A key decision in developing an SCRM program is the scope of the supply chain to include. Enterprises
may initially focus on Tier 1 suppliers, or even prioritize among Tier 1 suppliers. In most cases, the scope
should include all tier 1 suppliers and customers. In determining how much of the supply chain to
include beyond the first tier, managers may wish to characterize inputs by the number of suppliers and
number of customers. For example, at one extreme, for commodities with a large number of suppliers, it
is likely not necessary to go beyond the first tier in considering supply-chain risks. At another extreme,
for materials with few suppliers or only one, it is necessary to consider risks among second-tier
suppliers. Between these two extremes firms need to assess how critical a particular component is or
how easily a supplier can be replaced and, if necessary, consider supply risks in the second tier for
critical components or suppliers.
6
By repeating this process for increasing numbers of tiers of suppliers and customers, enterprises can
capture the portions of the supply chain that have the greatest risks to operations. Such an approach is
only a guideline; specific knowledge of an organization and its industry is necessary to guide decisions.
7
Risk Identification
Developing an initial risk register, which is a one-time effort, is necessary to identify baseline risks. A
wrong identification may result in too much focus on protecting against the wrong threats or too little
protecting against threats that matter. Worse, they may fail to anticipate important threats, or fail to
recognize the consequence an apparently minor threat may have.
Risk identification might begin with brainstorming sessions, previous risk assessments, surveys, or still
other efforts to identify and list potential risks within supply-chain processes.Spend analysis is a potent
method of identifying risk.
Spend analysis is the process of determining what is being spent, with whom, and for what. While spend
analysis is primarily used to identify and implement cost saving opportunities by rationalizing the supply
base or reducing maverick spend, it also provides the essential information needed to identify sources of
supply risk. Using valuable information from spend analysis, a purchasing manager quickly identifies
components that would pose a high degree of supply risk if a certain supplier, region or lane is
experiencing disruption. Spend analysis not only helps identify sources of risk, but it also provides the
context needed for prioritization of risk, such as amount being spent, criticality of component and other
sources of supply for that component. Following is partial lists of potential sources of supply risk that
procurement managers have identified through spend analysis:
Components sourced from suppliers that are at a financial risk
Components that are sole sourced or sourced from a specific region
Suppliers of commodity or components, when prices fluctuate due to exchange rate issues and
the currency risk from them
Suppliers of very specialized components or a service, which reduces the potential supplier pool
and increases dependency on them
Component segments when the technology is changing fast and the suppliers of those
components (for example, risk that they might not be investing in research and development to
keep up with the changes)
Key suppliers that have a monopoly or oligopoly position, which reduces leverage with them and
increases supply risk
Suppliers that disproportionately impact product costs or customer service, which can
potentially increase supply risk
8
Risk Analysis and Prioritization
Once spend analysis provides purchasing executives visibility into total purchase volume of components
facing supply risk and their criticality in the product portfolio, they are able to perform what-if analysis
and quantify the impact of supply risk for that component. For example, with a clear visibility into
purchase volume and forward price contracts, purchasing managers are able to perform cost sensitivity
analysis for components they deem to be at price volatility risk and measure their impact on product
profitability.
Similarly, purchasing managers are now able to perform what-if-analysis on the components being
sourced from geopolitically sensitive areas and quantify their impact on customer shipments and
revenue. Armed with such detailed analysis, they are now able to prioritize acting on those components
or commodities when supply risk has the greatest impact on their business.
Take action on prioritized risk: Once the list of various components is prioritized, based on the supply
risks they pose to the company, the next step for purchasing managers is to decide what action to take.
Their options are:
• Avoid or eliminate the risk: This is typically done by employing techniques such as finding a second
source of supply, reengineering the supply chain to enable a rapid shift to “Plan B”, or creating forward
pricing contracts to reduce the price fluctuation risk. However, these strategies take longer to deploy
and the organization still will have to live with the risk in the short term.
• Mitigate the risk: When the cost of elimination of supply risk far exceeds the probability and cost of
downside, purchasing managers implement techniques that reduce the risk to the level when they can
live with it. This is one of the most popular strategies used to manage supply risk. More details of such
techniques are provided in the section below.
• Share the risk: Sometimes when the probability of risk is very low, but the impact on business is high
(or sometimes even debilitating), it is strategically better to share the risk with a third party partner.
Such a situation might occur if an earthquake or fire disrupts a major supply channel. Examples of risk
sharing approach include either buying insurance for supply disruption (financial approach) or 9
outsourcing the relevant part of the supply chain to a large contract Manufacturer (operational
approach)
Retain the risk: In certain situations, especially when the probability of risk is low and its impact on
business is low, purchasing managers accept the supply risk, choosing to live with it, and planning and
budgeting for it internally and with shareholders.
There are a number of techniques procurement organizations can implement to tactically reduce or
mitigate their supply risk. For example, some organizations create safety margins by producing slightly
more units than in their sales forecast in order to create finished goods buffers in their supply chain.
Many choose to marginally increase their inventory costs by implementing just-in-case inventory, when
they maintain extra inventory of virtually all of the raw materials or component parts used in
production. Another popular approach among operations executives is to retain the option to expedite
orders by paying for a faster shipping method at the last minute.
Some go a bit further and reserve additional capacity either in their production line or with their
contract manufacturer or distributor to rapidly catch-up after a disruption by allowing for rapid
production of additional units. Some also implement a dual-sourcing strategy and source from two
different suppliers, preferably in two different locations. In such a model, they create allocation rules to
engage new suppliers in their supply chain. Alternatively, instead of implementing a dual sourcing
strategy, they source from a supplier with multiple, geographically dispersed plant locations and either
use materials and products from both locations or help ensure that production can be moved to a
second location in a very short time frame should a disruption occur.
Virtually regardless of the approach to mitigation, in order to manage supply risk, the first step is to
identify and prioritize the sources of supply risk. Spend analysis is the right starting point for such an
analysis and provides the rich context needed to identify the sources of supply risk. Once the sources of
supply risk are identified and prioritized, specific actions can be taken to eliminate, mitigate, share or
retain those risks.
10
Conclusion:
Risk management has not been a separate function in HAL nor there is a separate committee assessing
risk in functional areas. However recent emphasis on outsourcing and subcontracting has exposed us to
higher risks and the need to cope up with uncertainties arising there from.
Risk management is being handled at a higher levels in HAL (department heads).In this regard the
authors suggest that evaluation of risk should also be carried out at functional level by managers using
their work experience. It is also suggested that departments generate SOP/checklist to whet their
projects for risk.
11
Annexure I: Retendering when L1 has been significantly lower than HAL estimate
In many cases a practice of retendering enquiries where quotations received are too less as compared to
HAL estimate
Following is an example:
Enquiry no : NK/M/XXX/S30/XXX , dated : 02/01/2012
Due on : 24/01/2012 at 1300 hrs
Enquiry was floated to five suppliers out of which 4 quoted and L1 was lower than Hal estimate by
nearly 80%
Hal estimate was 340.54 lakh, while offer received was 64.68 lakh.
The supplier was informed that that his offer was under consideration for order placement provided he
reconfirms his willingness to execute the same. The supplier again visited HAL, Nasik and revisited his
offer. After a brief deliberation the supplier regretted that a calculation mistake on his part has made
him quote such a low offer.
The enquiry was again floated as follows:
Enquiry no: NK/M/XXX/S30/XXX /1, dated: 016/02/2012
Due on: 10/03/2012 at 1300 hrs
Enquiry was floated to seven suppliers out of which three quoted and three suppliers were L1 within
+/- 3% of HAL estimate
Result: All eight parts have been streamlined from three suppliers and are much ahead of the required
production schedule.
12
Annexure II: Placing Purchase orders on two different suppliers for the same part (frames)
There are four frames which have been outsourced for machining operations namely frame 31, frame
38, frame 42 and frame 45.
During tendering one supplier was L1 for all the four frames. Placing order for all the four frames on the
same supplier was inviting bottleneck risk for the production line. To reduce the risk, supplier L2 was
offered the price quoted by supplier L1 (Clause 7.14.6 of Purchase manual).The L2 supplier accepted the
L1 price and order was placed on the second supplier.
During repeat order placement, the prominent supplier of the two was given major share of the order
(70%) by taking prior approval from competent authority.
The detail working is given the following two pages.
13
FRAMES STATUS
SR NO
VENDOR NAME PO NO PART NO
PO QTY
Qty receive
d
PO can be
placed
Vendor For Addl 42 Contract
Frame #31
1ALPHA - TOCOL(initial L1)
52052dated
25.02.11
R0631.025.1021-1 6 1
PO -52618 -18.01.2014- 24 sets on
M/s Forward (Tocol
regretted this
time)Enquiry issued under DOP Clause
2(d)I , Annexure III
E, of Amendment
no. 3 off DOP2012
R0631.025.1022-1 6 1R0631.025.1023-1 6 1R0631.025.1024-1 6 0
2
FORWARD (initial L2 offered L1 cost)
52139dated
01.06.11
R0631.025.1021-1 6 6R0631.025.1022-1 6 6R0631.025.1023-1 6 6R0631.025.1024-1 6 6
3FORWARD (repeat orderwith 70% qty)
52359dated
16.05.12
R0631.025.1021-1 23 23 10 Alpha-TocolNote Sheet apprved by GM, MSRR & MSR to be made to place order
R0631.025.1022-1 23 22 10R0631.025.1023-1 23 21 10
R0631.025.1024-1 23 21 10
Total 35 10 FRAME # 38
4
ADITYA (Initial L2 offered L1 cost)
52140dated
01.06.11
R0638.025.1025-1 6 2
PO-52605-04/12/2013-
24 SETS M/S ALPHA
TOCOL (enquiry issued to
both vendors,
Aditya quoted
higher and PO placed on Tocol)
R0638.025.1026-1 6 2R0638.025.1027-1 6 2R0638.025.1028-1 6 1R0638.025.1029-1 6 2R0638.025.1030-1 6 2
5ALPHA - TOCOL (Initial L1)
52112dated
26.03.11
R0638.025.1025-1 6 4R0638.025.1026-1 6 4R0638.025.1027-1 6 6R0638.025.1028-1 6 6R0638.025.1029-1 6 6R0638.025.1030-1 6 6
6
ALPHA - TOCOL (repeat order with 70% qty)
52374dated
23.05.12
R0638.025.1025-1 19 10 12Aditya -direct
order can be
placed(PP approved)
R0638.025.1026-1 19 7 12R0638.025.1027-1 21 21 14R0638.025.1028-1 21 20 14R0638.025.1029-1 21 19 14R0638.025.1030-1 21 19 12
Total
SR NO
VENDOR NAME PO NO PART NO PO
QTYQty
received
PO can be placed
Vendor For Addl 42 Contract
14
FRAME # 42
7 ALPHA - TOCOL
52053dated
25.02.11
R0642.025.1031-1 6 5
Proposal for 24 sets on M/s Alpha
tocol- Under PNC
Approval
R0642.025.1032-1 6 5R0642.025.1033-1 6 6R0642.025.1034-1 6 6R0642.025.1035-1 6 6R0642.025.1036-1 6 6
8 ALPHA - TOCOL
52379dated
01.06.12
R0642.025.1031-1 37 12 -
-
R0642.025.1032-1 37 9 -R0642.025.1033-1 41 23 -R0642.025.1034-1 41 24 -R0642.025.1035-1 41 23 -R0642.025.1036-1 41 23 -
Total FRAME # 45
9ALPHA - TOCOL (Initial L1)
52060dated
04.03.11
11.0645.3.010.903-1 6 6
PO-52614-28/12/2013-
24 SETS M/S ALPHA
TOCOL
11.0645.3.010.904-1 6 511.0645.3.805.003-1 6 511.0645.3.805.004-1 6 2
R0645.025.1037-1 6 6R0645.025.1038-1 6 6
10
ADITYA (Initial L2 offered L1 cost)
52142dated
01.06.11
11.0645.3.010.903-1 6 011.0645.3.010.904-1 6 011.0645.3.805.003-1 6 511.0645.3.805.004-1 6 4
R0645.025.1037-1 6 1R0645.025.1038-1 6 1
11
ALPHA - TOCOL (repeat order with 70% qty)
52375dated
23.05.12
11.0645.3.010.903-1 21 21 14Aditya -direct
order can be
placed(PP approved)
11.0645.3.010.904-1 21 21 1411.0645.3.805.003-1 19 7 1211.0645.3.805.004-1 19 12 12
R0645.025.1037-1 21 20 14R0645.025.1038-1 21 20 14
Total
Result: The supply for frames from the respective suppliers has been streamlined
Annexure III: Outsourcing of new assembly packages
15
During the tendering of 13 new assembly packages for structural assemblies the methodology adopted
minimized the risk of failure.
Sr no Area Old tendering New tendering Remark
on risk
1 Scope definition
Generic approach. Categorization based on Sheet metal, machined
and CNC
Detailed approach. Categorization based on
criticality such as facilities available with prospective
supplier, sourced components and other special processes
Minimum ambiguity
and surprises
2 Transfer of technology
Tool try out carried out at suppliers’ end directly
TTO carried out HAL, Nasik and later taken for outsourcing
First 12 assemblies
will be carried out using HAL supplied
kits
Learning based TOT Experience based TOTReduced
chances of failure
3 Tooling
Manufacturing commissioning and erection of jigs/tooling was in suppliers’ scope. High time for
TTO
Only detailed manufacturing in suppliers’ scope, commissioning
and erection n HAL scopeReduction in TTO (upto 50%)
Reduction upto 50% in mfg of
jigs
4 Kit based supply
Supply of HAL support part from Manufacturing to OS.(multiple
suppliers)
Supply of HAL support part from user shop to OS (single supplier)
Sharing of risk with
production engg
6Specialized
process/Assemblies
Only special processes were in HAL scope leading to multiple
movement from Supplier end to HAL and return
Parts involving special processes are retained in HAL scope
Risk mitigation
Statistics
No of parts involved: 3000 (approx)
No of parts to be fabricated by vendor after 12 sets: 670
Special operation retained by HAL: 185.
Result: Three packages have been proved from the new assembly packages order
16