“Right Products. Great Price. Goals Met.”

Free Shipping Provided in your Shopping Cart Upon Checkout on Select Products

Avoid Disaster through Supply Chain Risk Management

A tsunami in Japan and floods in Thailand in 2011 disrupted the electronics supply chain. Original equipment manufacturers (OEMs) were not able to get the electronic parts to produce products as planned. Many were taken by surprise. Any OEM and or supplier that take a reactive approach rather than proactive to dealing with natural disaster disruptions are taking a big gamble.


Labor unrest, electrical/nuclear blackouts, and counterfeit parts sneaked into ad hoc electronics supply chains. Some OEMs were not able to quickly identify their deep tier suppliers after the disruptions.  In at least one instance, a third-tier supplier was discovered as the single source for multiple suppliers in the second-tier.

To better prepare for similar disruptions, many OEMs have turned to enterprise risk management (ERM) to proactively detect, prevent and mitigate risks in the supply chain with a focus on deep tier suppliers.  While business continuity planning is an important part of ERM, it can also help to increase the globalization of electronics supply chain with alternate locations and transportation routes.  The larger the globalization is, the more information flows though the supply chain and the more it is vulnerable to cyber attacks.

Progress has been made in standardizing ERM to allow OEMs to collaborate one another.  ERM includes ISO 28000, the standard for security risk management system for supply chain, as well as other related ISO standards.

While different vendors have different strategies on implementing actionable electronics supply chain risk management plan, the best strategy is dynamic risk assessment plan. For example, LockPath’s Keylight platform lets administrators conduct dynamic assessments to gain greater visibility into the risk and compliance landscape.  The administrators can include questions, link assessments to controls, and configure follow-up or remediation tasks based on user responses.

Risk management plan consists of four key elements:  assets, vulnerabilities, risks and safeguards/remediation.

Location is the most important asset. The organization should ascertain whether it is located in an industrial cluster. Contacts of OEM’s emergency personnel should be readily available. Audit reports, disaster recovery and business continuity plans, Service Level Agreements and charts of how multi-tier suppliers are related to one another should also be considered important resources.

All electronics supply chain assets come with vulnerabilities. In many organizations, through growth or acquisition, supply chain warehouses have merged. Too often, single source n-tier suppliers are discovered only after a disaster or catastrophe. OEMs should also avoid using second sources within an single industrial cluster in a high-prone disaster area. Organizations should also consider its cyber vulnerability. Today’s jackers are more sophisticated with biometric frauds and new types of attacks.

A dynamic risk assessment approach is more flexible than a static approach. Lockpath’s Keylight platform, for example, contains Risk Manager, Audit Manager and Compliance Manager and four other applications.  “The seven applications of the Keylight Platform are designed to be used individually or their power can be magnified by using them in combination with each other,” said Sam Abadir, director of product management at LockPath, adding that “having an integrated view of risk across the supply chain will make OEM’s business more resilient to risks and interruptions.”

When safeguards cannot be implemented cost effectively, consider three ways of handling of residual (remaining) risks.  First, get property insurance (from providers such as FM Global) that can be customized to the supply chain enterprise’s business needs. Consider supply chain intelligence analytics (a wide variety of platforms such asFusionOps are on offer) to reduce the number of residual risks. Third, consider Electronic Industry Citizenship Coalition (EICC). This industry organization requires members to take an annual self-assessment to help identify the social, environmental, and ethical risks in their supply chains.

How has your risk management planning evolved over time?

*Article originally posted at Ebnonline.com*

Leave a Reply

Shipping Policy:

  • Standard Ground Shipping:  Most items will arrive within 2-5 business days. Due to the fact that there may be times when orders take a bit longer to process, we ask that you please allow 7 – 10 business days for your package to arrive.
  • Shipping Cost: Shipping is based on weight and ship to destination. Most orders will ship from our warehouse distribution center located in St. Louis, Missouri USA.
  • Free Shipping: Applies to all purchases over $25.00 (after discounts and offers are applied). Offer not valid for International Customers.
  • Sales Tax: The sales tax for a purchase is based upon the zipcode where the merchandise is shipped. Sales taxes always apply to Missouri residents.
  • International Shipping: HEC Distribution will only ship to the registered Billing Addresses of ALL international customers. If an international customer elects PayPal as their form of payment for orders placed with us, HEC Distribution will only ship to PayPal confirmed ship to addresses. Import duties, taxes, and charges are not included in the item price or shipping cost. Your shipping carrier will be determined at checkout. Delivery may take up to 18 business days (depending on the country in which you reside).

Return Policy:

  • Product Returns are acceptable within 14 days of delivery, and may be subject a restocking fee for select brands.
  • For qualifying returns, the restocking fee may be up to 20%, and if the return is used or damaged, the restocking fee could be higher. The buyer is also responsible for returning items to our warehouse for return order processing.

Check Product Availability

Send us a message!