Tuesday’s ERM (enterprise risk management) Forum in London saw the release of Airmic’s respective reports on supply chains and risk management.
The supply chains guide, which was produced in association with boutique specialist (re)insurance broker McGill and Partners, answers the following 12 questions:
- How can I gain confidence, when I ask internally about supply chain exposures for the organisation, that there is a common understanding of the breadth of the issues raised among those responsible within the organisation for addressing it?
- Are the risks to the supply chain considered at a macro level based both on external factors as well as on the organisation’s own suppliers?
- How do I identify the elements of the supply chain which, if they were to fail, would have the most severe impact on the organisation’s ability to continue to deliver its core products or services?
- How do I satisfy myself that appropriate contingency plans are in place should there be a critical failure in the organisation’s supply chain?
- How does the organisation decide, with respect to key suppliers, how far down their supply chain to assess the supply chain risks faced by them? Is it necessary to look all the way back to the relevant raw materials?
- To what extent, if at all, does the organisation consider supply chain risk collaboratively with its key suppliers? Or is this purely an internal-facing exercise?
- How is the risk assessment of IT outage, cyberattack, and data breach integrated with the organisation’s approach to supply chain?
- How do I gain an understanding in those jurisdictions in which the organisation operates of the extent to which it may be held legally accountable for the behaviours of its suppliers and subcontractors?
- To what extent do the organisation’s statements and commitments on ESG (environmental, social, and governance) match those of its key suppliers of goods and services?
- What are the organisation’s responsibilities under the Modern Slavery Act, with regard to its supply chains?
- What other forms of insurance could be relevant to supply chain risk?
- To what extent can business interruption insurance provide effective mitigation of the supply chain risk?
With the theme “keeping up with the pace,” the 19-page paper aims to provide a toolkit to assist directors in understanding and keeping pace with supply chain challenges, while also considering how well the insurance industry is responding to them.
Francis Kean, financial lines partner at McGill and Partners, said: “The challenge faced by directors in discharging their non-delegable duty to supervise a company’s affairs is especially acute when it comes to mission-critical elements of the supply chain.
“That is due to a web of increasingly complex and unpredictable risks including geopolitical, cyber-related, and reputational. This guide offers directors an opportunity to stand back and re-examine some basic but important questions.”
Airmic chief executive Julia Graham, meanwhile, cited the “fast-changing and volatile world we operate in,” amid which supply chains are adapting and reshaping.
“Boards are considering the risks associated with their supply chains and closely examining the cost benefits of current practice and changes which might be required to meet the purpose and strategic objectives of the organisations they govern,” stated Graham.
As for the risk management guide that was circulated during the ERM Forum, the 16-page document takes a deep dive into risk management, risk assessment, risk analysis, risk evaluation, risk reporting & communication, and risk treatment.
The resource also has sections on monitoring and review of the risk management process, as well as the structure and administration of risk management.
“Risk management continues to be a rapidly developing discipline, and there are many and varied views and descriptions of what risk management involves, how it should be conducted, and what it is for,” wrote Airmic in the report.
“Some form of guides and standards are needed to ensure that there is an agreed: terminology related to the words used; process by which risk management can be carried out; organisation structure for risk management; [and] objective for risk management.”