While pursuing his MBA degree at Tulane University in New Orleans in 2008, Chonchol Gupta got a firsthand, double-barreled look at how disasters impact communities, as the area was still recovering from Hurricane Katrina three years earlier when the global financial crisis hit.
He wondered: What if there was a way to see these kinds of disruptions coming? That question was the genesis of Rebirth Analytics, a Spokane, Washington-based risk analysis technology firm founded by Gupta, who believes that, just as procurement organizations can’t exist in silos, neither can risk-management data and information.
In “Risk 2.0: Recognizing the Interconnectivity of Risk and How to Make Risk a Part of Your Past,” a session on Tuesday at UPMG2020, the annual conference of Institute for Supply Management®’s (ISM®) Utility Purchasing Management Group, Gupta said that many risk-mitigation plans are insufficient because they fail to account for how risk metrics work together. In an era with an unprecedented number of supply chain threats — even without a once-in-a-century pandemic — such synergy has never been more critical.
“How do most organizations monitor risk?” he said. “Most companies probably have a financial report, health and safety information and insurance and certifications on their (Tier-1) suppliers, but they’re all separate reports. If they’re lucky, they might know where their suppliers’ warehouses are located, and their shipping methods. If they’re really lucky, they might have information on (lower-tier) suppliers. … But, for 98 percent of companies, each of those reports exists in isolation.”
Chonchol Gupta at UPMG2020
Gupta likened risk-management data correlation to the story of Robert FitzRoy, the British scientist who in the 1850s and ’60s pioneered daily weather reports through a process he gave a name: forecasting. His first forecasts were compiled from data reported from various ships and inland stations, and the primary goal was risk mitigation — ensuring that fishermen would have safe waters on which to ply their trade.
Risk-analytics technology driven by artificial intelligence (AI) can help, Gupta said, but most companies already have the tools to start a Risk 2.0 process. One such tool, he added, “is that one we love to hate: Microsoft Excel.”
The process has three steps:
1) Use data already available, including information pertaining to these risks: financial health; supply chain; health and safety; geopolitical; insurance and intellectual property; and fraud/sanctions.
An Altman-Z score is a more reliable predictor of bankruptcy than a credit score, Gupta said. Also: “The more intelligence (a company) has about the increasing impact of climate change on its suppliers of climate change, the better,” he said.
2) Determine the risks to prioritize.
3) Build correlations. “This is an understanding of how different risks impact one another,” Gupta said. “One event can and does impact other risk arenas critical to a supply chain. It’s a butterfly effect, and it’s real.” For example, a port closure can impact a lower-tier supplier, so a company should know if its Tier-1 supplier can source parts from elsewhere.
“Correlating data is the secret sauce that explains how one event impacts other areas, and how risk (silos) speak to each other, providing a holistic view of a company’s supply chain and its interdependencies,” Gupta said. “That is risk 2.0.”