Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 SCRLC Metrics / Quantifying Risk (Track #4) Edward Erickson Track Co-leader.

Published byMelvyn Farmer Modified over 9 years ago

Similar presentations

Presentation on theme: "© 2007 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 SCRLC Metrics / Quantifying Risk (Track #4) Edward Erickson Track Co-leader."— Presentation transcript:

1 © 2007 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 SCRLC Metrics / Quantifying Risk (Track #4) Edward Erickson Track Co-leader June 7, 2007

2 © 2007 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 2 Agenda  Overview  Scope  Deliverables  Schedule / Milestones  What we need from the Council  Case Study

3 © 2007 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 3 Overview  Participation Excellent from thought leaders – lacking from practitioners TrackTrack LeadersTrack Members to Date* 4Quantifying Risk / Metrics Feryal Erhun, Stanford Edward Erickson, Cisco Hau Lee, Stanford Ely Kahn, TSA Andrew Cox, TSA Tim Astley, Zurich Lance Solomon, Cisco  Survey Response Rate Poor 3 companies (P&G, Boeing, Cisco) + TSA 2 thought leaders (Stanford, Zurich)  Despite this track members believe that: this is a critical focus area it will lag the other tracks and will have a longer payoff time frame  Research members will lead the effort in the early phases

4 © 2007 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 4 Scope  In Scope How to portray SC risk modeling & analysis results in an impactful way Methods for quantifying SC risk to support decision making & measuring the impact of actions Methods for modeling SC risk & identifying potential improvement actions Tools & techniques for determining important risk events and the scope of models How to ground SC risk data in reality  Out of Scope Standards definitions Tool/Modeling development Industry specific methods

5 © 2007 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 5 Deliverables – To Date Survey practitioners to understand current SC risk metric practices Survey thought leaders to determine Best Known Methods (BKMs)

6 © 2007 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 6 Metrics/Quantifying Researcher Risk Survey Who:All SCRLC research organizations – 1 survey per organization Why: Get a good sample of all of the metrics/quantifying risk best practices from a research/theoretical point of view. Questions: 1.What is the best way known way to quantify SC risk? 2.What is the best way you’ve seen in practice to measure SC risk? 3.What are the major gaps you see between the best methods and what you’ve seen in practice? 4.What are your current area of expertise and interest in measuring SC risk?

7 © 2007 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 7 Integrated view of supply chain risk Utilize distributions for occurrence and intensity Driven by historical loss/occurrence data Application of expert knowledge to address gaps in data Integrated view of supply chain risk Utilize distributions for occurrence and intensity Driven by historical loss/occurrence data Application of expert knowledge to address gaps in data Independent focus on supplier, disaster and IT risks Focus on easy to measure risks Lack of data Limited to analysis of the averages Independent focus on supplier, disaster and IT risks Focus on easy to measure risks Lack of data Limited to analysis of the averages Where We Are Where We Need to Be Summary of Researcher Survey Results (2 out 5 Responded) Lack of data-driven analysis on key areas of supply chain risk Lack of understanding for all risks affecting the supply chain Focus on consequences rather than vulnerabilities and triggers Focus narrowly on cost – should include customer impact Focus only on most recent disruptions Minimal use of stochastic modeling

8 © 2007 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 8 Metrics/Quantifying Practitioner Risk Survey Who:All SCRLC companies & government agency members – 1 survey per organization Why: Get a good sample of all of the metrics/quantifying risk practices across all member companies Questions: 1.To what degree is SC risk management driven at your company (e.g. not at all, a strategic program, an ongoing part of the business, etc)? 2.Where do you want see your company in 2 years with respect to SC risk measurement and metrics 3.Do you use metrics/measurement as part of your SC risk management organization? If you don't, what metrics/measurements could you envision as part of an effective process for managing risk? If you do, what metrics/measurements do you currently use? 4.What data do you use to manage SC risk and manage your SC risk programs? 5.How do you use these data to manage SC risk and manage your SC risk programs? 6.What tools do you use to drive SC risk management decisions?

9 © 2007 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 9 Summary of Practitioner Survey Results (4 out 10 Responded) QuestionP&GBoeingTSACisco 1. To what degree is SC risk management driven at your company (e.g. not at all, a strategic program, an ongoing part of the business, etc)? On-going component of several business functions Varies by subject and the division within the company. Mature in strategic planning and materials Current - by each mode of transportation Future - “systems” focused approach to risk management. Subset of enterprise risk management group 2. Where do you want see your company in 2 years with respect to SC risk measurement and metrics Continuing to use existing metrics in organizations that have risk responsibilities; will add other metrics as identified by the SCRLC if we believe they will add value More focused, capable, and armed with more facts and data to more effectively guide SC risk management. Accurately identify critical vulnerabilities and propose/develop countermeasures Better quantification of the “ROI” for risk management activities. SC risk part of the DNA within the business and operations groups 3. Do you use metrics/measurement as part of your SC risk management organization? If you don't, what metrics / measurements could you envision as part of an effective process for managing risk? If you do, what metrics / measurements do you currently use? Identification and assessment, Audit Scores, Site risk assessment (risk identified, likelihood, business impact, risk rating) and plan against high risk rated scenarios Volume of imports by supplier, country risk ratings based on a variety of criteria, metrics showing anticipated increases or decreases in supplier shipments. Proxy metrics to determine effectiveness of risk management efforts Risk scores/maps Time to recover, probabilistic revenue at risk 4. What data do you use to manage SC risk and manage your SC risk programs? Data from the programs mentioned in question #3 & new ideas from industry leaders, consultants, academia, daily news Individual Procurement Agents manage risk but higher level org. might oversee a collective SC risk program. Classified intelligence information. Industry supplied transportation data. Natural Hazard data, Geopolitical data, expert opinion 5. How do you use these data to manage SC risk and manage your SC risk programs? Typically Scorecards & Leadership Reviews N/AProxy measures to estimate the effectiveness of various regulations or security programs. Metrics drive SC risk priorities 6. What tools do you use to drive SC risk management decisions? Internal standards, culture and business unit financial accountability and agreement at the right level of management N/AChecklist tools in the field. Moving toward more advanced simulation models @ HQ. Macroeconomic models for costing. Scorecards, Risk Ratings and Simulation

10 © 2007 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 10 Deliverables - Planned  BKMs for portraying SC risk modeling & analysis results in an impactful way  BKMs for measuring SC risk and deciding what mitigation actions to pursue  BKMs and tools used for modeling risk and how to manage scope of these models  BKMs on SC risk data collection  BKMs for how to measure risk improvement based on supply chain improvements

11 © 2007 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 11 Schedule / Milestones Monthly teleconference except for months with core team meeting (9 meetings/yr) May’07 Kickoff & Agreement on Scope/Deliverables/Milestones/Meeting Schedule Complete survey on Metrics/Quantifying metrics Session to review survey results and prepare for June core team update June’07 Session on post core team update, change scope, etc  July’07 Session on Best Known Methods (BKMs) for measuring risk & deciding what mitigation actions to pursue  August’07 BKMs & tools used for modeling risk & how to manage scope of these models  September’07 BKMs on event probability data collection  November’07 BKMs for how to measure risk improvement based on supply chain improvements

12 © 2007 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 12 What we need from the Council 1.Are you supportive of the longer term view required? 2.Are you supportive of the defined deliverables? 3.Fill out the survey 4.Join the team

13 © 2007 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 13 Cisco Case Study

14 © 2007 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 14 Supply Chain Risk Mgmt. (SCRM x ) The Challenge Strategic Process / DNA Foundational Tactical Responsive Risk Strategy Risk Tolerance Risk Measures & Processes Business Continuity Plans (BCP) - Partner Business Continuity Mgmt. (BCM) - Process Focus & Governance Risk Budget Pandemic Plan Risk Map & Modeling Crisis Mgmt. Plan Quantify Risks Crisis Drills Comparative Risk Mitigation Partner Site Risk Mgmt (PSRM) Transformation Trans. & Logistics Components Customers

15 © 2007 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 15 High Level Process  Iterative process combining metrics and probabilistic modeling  Use exposure and recovery metrics to assess and determine focus areas  Use probabilistic modeling to quantify and measure the impact to the business and pareto key drivers Assess Quantify Measure

16 © 2007 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 16 Probability of an Event Occurring (%) Probabilistic Revenue Impact Site Revenue ($/Wk) Time to Recover (Wks) X Revenue Impact ($) Probabilistic Revenue Impact ($) Probability of an Catastrophic Site Fire = %.01 Prod. X Company Y $50 Mil /Qtr 52 Week Time to Recover (TTR) X $2.6 Bil Revenue Impact Probabilistic Revenue Impact = $26 Mil

17 © 2007 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 17 Exec. Mgmt. / Finance Manufacturing OperationsProduct Operations What products should I be most concerned about? Risk Map Rev. vs Risk (Prod. View) What are the most critical components? TTR (Product View) What is their impact & likelihood? Rev @ Risk (Prod. View) What are the drivers? Pareto of Drivers What will be my ROI? ROI Are my partners resilient? BCP What are the most critical issues? TTR (Site View) What is the impact & likelihood? Rev @ Risk (Site View) What are the drivers? Pareto of Drivers What will be my ROI? ROI Are my partners resilient? BCP What sites should I be most concerned about? Risk Map Rev vs Risk (Site View) Cisco Case Study – Key Metrics What should I be most concerned about? Risk Map Rev. vs Risk (Event) What is the impact to my customer? TTR (Top Product) What is my Risk? How has it changed? Rev @ Risk (E2E) What are my costed options? What has it cost me? ROI

18 © 2007 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 18 Cisco Case Study - Probabilistic Modeling Methodology InputsIntegrated Model Outputs Site/Region Events & Frequency Time to Recover Expected Capacity Loss Supply chain redundancies Site Revenue Disruption Capacity Impact Financial Impact Revenue @ Risk (Prod) Revenue @ Risk (Horiz.) Revenue @ Risk (E2E.) Objective: Quantify drivers of risk and potential improvement from mitigations Excel Based Monte Carlo Crystal Ball Engine Direct Data Links Excel Based Monte Carlo Crystal Ball Engine Direct Data Links Sensitivity Analysis identifying risk drivers What-if Analysis Revenue @ Risk (Event)

Download ppt "© 2007 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 SCRLC Metrics / Quantifying Risk (Track #4) Edward Erickson Track Co-leader."

Similar presentations

Implementing a Behavior Based Safety Process at Rockwell Automation

Implementing a Behavior Based Safety Process at Rockwell Automation
Museum Presentation Intermuseum Conservation Association.

Museum Presentation Intermuseum Conservation Association.
Business Continuity Planning DavisLogicDavisLogic & All Hands ConsultingAll Hands Consulting.

Business Continuity Planning DavisLogicDavisLogic & All Hands ConsultingAll Hands Consulting.
Strategic Meetings Management 101

Strategic Meetings Management 101
PROJECT RISK MANAGEMENT

PROJECT RISK MANAGEMENT
Reliability of the electrical service Business Continuity Management Business Impact Analysis (BIA) Critical ITC Services Minimum Business Continuity Objective.

Reliability of the electrical service Business Continuity Management Business Impact Analysis (BIA) Critical ITC Services Minimum Business Continuity Objective.
“High Performing Financial Institutions and the Keys to Success in an Uncertain Environment”

“High Performing Financial Institutions and the Keys to Success in an Uncertain Environment”
Project Management Gaafar 2007 / 1 This Presentation is uses information from PMBOK Guide 2000 Project Management Risk Management* Dr. Lotfi Gaafar.

Project Management Gaafar 2007 / 1 This Presentation is uses information from PMBOK Guide 2000 Project Management Risk Management* Dr. Lotfi Gaafar.
Supply Chain Risk Management

Supply Chain Risk Management
Delivery Methodology.

Delivery Methodology.
Managing Project Risk.

Managing Project Risk.
COMP8130 and 4130Adrian Marshall 8130 and 4130 Test Management Adrian Marshall.

COMP8130 and 4130Adrian Marshall 8130 and 4130 Test Management Adrian Marshall.
Annex I: Methods & Tools prepared by some members of the ICH Q9 EWG for example only; not an official policy/guidance July 2006, slide 1 ICH Q9 QUALITY.

Annex I: Methods & Tools prepared by some members of the ICH Q9 EWG for example only; not an official policy/guidance July 2006, slide 1 ICH Q9 QUALITY.
Don Cole Risk Assessment and Mitigation Project Management for ARA Engineers and Scientists.

Don Cole Risk Assessment and Mitigation Project Management for ARA Engineers and Scientists.
Crisis Management Planning Employee Health Safety and Security Expertise Panel · Presenter Name · 2008.

Crisis Management Planning Employee Health Safety and Security Expertise Panel · Presenter Name · 2008.
Charting a course PROCESS.

Charting a course PROCESS.
What is Business Analysis Planning & Monitoring?

What is Business Analysis Planning & Monitoring?
Nick Wildgoose 8 March 2012 BCI Workshop DELETE THIS TEXT AND PUT COMPANY LOGO IN THIS WHITE SPACE Understanding Risk within your Supply Chain SC1(V1)Jul/05/10GC/ZCA.

Nick Wildgoose 8 March 2012 BCI Workshop DELETE THIS TEXT AND PUT COMPANY LOGO IN THIS WHITE SPACE Understanding Risk within your Supply Chain SC1(V1)Jul/05/10GC/ZCA.
McGraw-Hill/Irwin © 2008 The McGraw-Hill Companies, All Rights Reserved Business Plug-In B15 Project Management.

McGraw-Hill/Irwin © 2008 The McGraw-Hill Companies, All Rights Reserved Business Plug-In B15 Project Management.
Aon Global Risk Consulting – Alex van den Doel / Rubert Nieuwenhuis VimpelCom – Ramon Tolk DACT 8 November 2013 Business Continuity Management Do you know.

Aon Global Risk Consulting – Alex van den Doel / Rubert Nieuwenhuis VimpelCom – Ramon Tolk DACT 8 November 2013 Business Continuity Management Do you know.

Similar presentations

Ads by Google