Confidential 1 Risk assessment in the supply chain Supply Chain Risk Leadership Council Developments in Insurance January Confidential – Do Not Forward Outside SCRLC

Confidential 2 Survey (What capability we shall focus on)  Top 3 risks (supply chain complexity, supplier capability, recovery capability) have high-linkage to 7 key capabilities, but no one has full capability score on “Supplier Business Interruption Risk Insurance” Why might that be?

Confidential 3 Outline ~ 30 minutes  Objectives of session  Review traditional versus new perspective  New challenges – illustration from Katrina  Risk assessment process  Loss database  Cross-matching opportunities

Confidential 4  To share current thinking on SCR assessment in context of developing a new risk transfer tool (SCBI)  To consider lessons from the SCRLC Supplier Reliability track Objectives of session

Confidential 5 From the traditional to a new world  Historical focus on protecting physical assets  BI becomes more important – Katrina ratio of BI:PD claims (70:30)  The journey from -traditional Business Interruption (BI) insurance to Contingent BI to Supply Chain BI  Global risks and the ‘Over-Optimised Supply Chain’ (WEF 2008)

Confidential 6 The concept of supply chain networks* * Derived from Cranfield University – Supply Chain Risk study Physical flow (logistics) LEVEL 2 Infrastructure LEVEL 3 Organisation networks Strategic (partnerships ) Value creation (production) LEVEL 1 Process LEVEL 4 External environment LEVEL 0 People E.G Employees Regulatory, Exchange rates, Country, region issues

Confidential 7 SCBI Risk Assessment Process Risk factor assessment Workshop 1 (Controls). + input from - benchmarking - BI Surveys - BCM assessments 2 Basic data input Form (Exposures) 1 Pricing Tool Data/Info to define supply & customer risk Risk modifiers that either increase or decrease rate % rate to be applied to limits SCBI Insurance premium pricing 6 7 EML and Profit Impact Analysis Workshop 2. Agreed Loss Calculation EMLs and limits Capacity Accumulation db

Confidential 8 Supply chain risk factors 1.Commodity Shortages / Price Fluctuations 2.Supplier Reliability 3.General Availability, Cost, Quality Of Labour 4.Internal Supply 5.Accidents / Errors 6.Malicious Intervention 7.Supply Chain Infrastructure 8.Customer Demand 9.Obsolescence Of Product / Inventory / Technology 10.Product Quality 11.Incidents / Natural Disasters 12.Regulatory Concerns 13.War, Terrorism, Other Geopolitical 14.Other External Influences ExposuresControls (Cross-match with SCRLC Supplier Reliability factors)

Confidential 9 Supply chain risk framework Control ActivitiesRisk Assessment PHYSICAL PROCESS INSTITUTIONAL X-Tier 1st-Tier Your company Primary customer Downstream customer Commodity Shortages / Price Fluctuations Supplier Reliability General Availability, Cost, Quality Of Labour Internal Supply Accidents / Errors Malicious Intervention Supply Chain Infrastructure Customer Demand Obsolescence Of Product / Inventory / Technology Product Quality Incidents / Natural Disasters Regulatory Concerns War, Terrorism, Other Geopolitical Other External Influences ExposuresControls? Cross-match with SCRLC Supplier Reliability factors

Confidential 10 Supplier reliability - Controls Supplier business continuity plan Internal material contingency plan Industry analysis Sustainability / Regulatory Capacity analysis Inventory target setting Strategic material planning / RCCP / Materials at Risk Material change management process Initiative management process Lane risk assessment Supply network visibility Suppler capability assessments Internal capability assessments Supplier BI risk insurance Supplier relationship / partnership Crisis management / response Risk analysis (data modelling, measurement, etc)

Confidential 11 Visualising revenue dependencies

Confidential 12 Risk grading

Confidential 13 Opportunities  Building a rich source of data  Benchmarking  Best practice  Loss evaluations and risk quantification

Confidential 14 Questions?