subscribe: Posts | Comments | Email

SAP Supplier InfoNet- An Impressive Application with Lots of Potential to Mitigate Supply Chain Risk


This posting is an update to our previous Supply Chain Matters commentary regarding Ariba, an SAP Company and its announced availability of a new application targeted for supply chain risk management.  As we indicated in that original posting, Supply Chain Matters does not elect to echo technology vendor announcements unless we believe it should capture the attention of our readers, and we get the opportunity to drill down on the specifics and functionality. Ariba teamed up with SAP Supplier InfoNet, an internal incubation business unit to provide availability of this cloud-based application. We have since received a detailed briefing on the functionality of this application, and candidly, we were impressed, for a number of reasons.

First, the application itself is not solely targeted to just a sourcing and procurement user base, but other cross-functional users that have responsibility related to broad-based supply chain disruption and risk mitigation. Supply Chain Matters has always advocated that supply chain risk mitigation cannot solely be owned by an individual function such as procurement, but rather cross-functional or cross-business leadership and accountability. SAP Senior Vice president David Charpie who provided our briefing, indicated that this application’s focus includes Director and C-level as well as cross-functional supply chain and operations management users. Bravo for that decision.

Charpie’s prior background was with supply intelligence vendor Open Ratings, and SAP Supplier InfoNet takes that application to much broader and deeper capabilities. After its internal development within SAP, the decision was made to re-cast Supplier InfoNet on the Ariba B2B platform, powered by the SAP HANA database. While this transition is still a work-in-progress, by our lens, there is powerful potential for the ability to gather early-warning and insights on pending and actual supply chain disruption.

What especially stood out for us was:

  • A stated ability to provide multi-tier value-chain information visibility and insights. When fully married to the Ariba B2B network, that could prove powerful. When integrated with supply chain response management and planning information, it could provide even more noteworthy potential to manage and respond to major supply disruption.
  • Support to allow users to capture many forms of structured and unstructured information to develop a risk profiles among key suppliers. It includes language processing, text analysis as well as social and community-based intelligence capabilities.
  • A user-friendly interface that appeared to be rather intuitive with abundant visualization, data summation and heat mapping techniques.
  • The ability to currently capture upwards of 160,000 external data sources including industry, government, third-party and other sources.  Data can be time and/or supplier weighted.  The application supports pre-screening of data and the ability to gather a lot of hidden supplier intelligence, more than a single individual could capture in a normal work week. We even joked that in order to maintain this blog for our readers, this application would quadruple our productivity. Supplier InfoNet can even tap postings of Supply Chain Matters related to risk events.
  • A Facebook like data model with the ability of firms to control what data actually gets displaced, along with community management of this data, which could prove beneficial when a major supply disruption is occurring.
  • A broader definition of cross-functional performance metrics tied to financial objectives and context.
  • The ability to conduct what-if analysis. Supplier InfoNet’s leveraged use of the SAP HANA platform provides for additional capabilities for predictive analytics to be layered across these combined information streams, allowing for a form of machine learning relative to patterns of information that would correlate with expected outcomes
  • Configuration for industry-specific requirements with eight industry sectors already configured or in-process and SAP Supplier InfoNet is initially targeted to industries with a complex manufacturing and value-chain profiles.

The issue of pricing of the application is not as clear, and as we suspected, customers will have to sign-up for a separate subscription to utilize SAP Supplier InfoNet. We were not provided pricing specifics other than the subscription model may be predicated on the size of the network. We are certainly interested in hearing from SAP and Ariba customers on their impressions of pricing. We will continue to seek out that information since that may be the Achilles heel to wide-scale adoption.

An open question is obviously how timely all of the functionality of SAP Supplier InfoNet can be eventually incorporated within and on the Ariba Network along with a critical mass of industry-specific supply and value-chain intelligence that firms are willing to share.

Bottom-line- SAP Supplier InfoNet on the Ariba B2B Network has tremendous potential for customers and prospects in the ability to provide early-warning to major supply disruption, to manage all pertinent information when that disruption occurs and to provide more predictive capabilities in supply chain risk mitigation. Let us hope that the SAP bureaucracy does not stymie that attractiveness with elongated milestones and unattractive pricing.

Bob Ferrari

© 2014, The Ferrari Consulting and Research Group LLC and the Supply Chain Matters Blog, All Rights Reserved

A Sobering Report on the Target Credit Card Hack


A lot has been written and spoken by general media regarding the massive credit card data breach that occurred within retailer Target’s IT systems.  Many have labeled this incident as one of the largest retail data breaches in history as personal information concerning upwards of 40 million shoppers was breached by hackers. Would such a massive breach cause consumers real concerns in their online buying patterns?

We urge our Supply Chain Matters readership to take the time to read the published Bloomberg Businessweek artcle: Missed Alarms and 40 Million Stolen Credit Card Numbers: How Target Blew It 

By our lens, the article is a superior example of journalism directed at seeking out what might have occurred, especially since this incident is one that many of the impacted parties are reluctant to publicly speak about. The authors spoke to more than 10 former Target employees and outline a set of events leading-up to the breach, and shortly after this breach. Upon reading the article, one can get the impression that incident appears to have been very preventable. It reports that while the data breach occurred around the November 30th timeframe, the data did not actually move out of Target’s network until two days later, instead being stored on an internal server. Once more, security systems alerted to a potential data breach.

Six months prior to the incident, Target installed a $1.6 million malware detection system from FireWire, along with engagement of a security systems monitoring firm out of Bangalore India. The technology reportedly performed the way it was designed to perform, alerting Target’s IT and security staffers of a potential intrusion among the retailer’s systems. According to the authors, nothing happened. The article states: “Target has said that is was only after the U.S. Department of Justice notified the retailer about the breach in mid-December that company investigators went back to figure out what happened.” Once more the article concludes: “Not only should those alarms have been impossible to miss, they went off early enough that the hackers hadn’t begun transmitting the stolen credit card data out of Target’s network.

Obviously, what actually occurred and why mitigation and response efforts were not initiated after technology alerted to the breach, is a matter that Target and its internal investigation will no doubt uncover.  Earlier this month, Target’s Chief Information Officer voluntarily resigned allegedly as a result of this incident.

We wanted to call reader attention to the events outlined in the BusinessWeek article because they are events that retail and manufacturing supply chain operational teams can well relate to.  During critical periods of customer fulfillment such as the holiday buying surge when so much of a company’s revenue and profitability results are at-stake, management leaders are often reluctant to be receptive to bad news, especially when such news implies communicating that mission critical systems may need to be temporarily brought to an offline condition to deal with a major problem.  Supply chain and B2B/B2C focused IT teams know darn well the adage “if it ain’t broke, don’t’t fix-it” often applies, especially when it implies shutting down customer fulfillment to fix a problem. According to the BusinessWeek article, Target had information security staff numbering 300 people, and that the breach could have been stopped without any human intervention. According to the report, Target staffers had elected to turn-off auto deletion of malware in favor of a human decision. That could be understandable if there were processes in-place to quickly assess, upwardly communicate and deal with such a threat and make the appropriate management decisions for how to both deal with an information security threat while continuing to maintain customer fulfillment.  Target’s internal investigation should hone in to this very area,

Reports indicate that Target has already incurred upwards of $60 million in expenses directly related to the retailers response to the credit card information breach. The retailer if now reported to be considering an investment of upwards of $100 million in new point-of-sale and other technology, perhaps RFID enabled, to manage the security of customer credit cards.  That is an incredible amount of money coming from an incident that reportedly could well have been avoidable.

There are many lessons to be garnered from the incident at Target, lessons that will reverberate further in the weeks and months to come. We urge supply chain and B2B fulfillment teams to harvest the lessons of the Target incident, especially in the context of management response systems.

Bob Ferrari

SAP Ariba Announces Application Supporting Supply Chain Risk Mitigation


Supply Chain Matters does not elect to echo technology vendor announcements unless we feel such announcements should capture the attention of our readers. This week, B2B procurement platform Ariba an SAP Companyprovider Ariba, now an SAP company made a rather noteworthy announcement in conjunction with this provider’s annual Ariba LIVE customers’ conference being held this week. 

The announced application is targeted at managing supply chain risk, and adds predictive analytics capabilities that extend beyond typical B2B supplier management or procurement spend analysis applications. Ariba developers teamed up with Supplier InfoNet, another SAP company to allow users to capture many forms of structured and unstructured information to develop a risk profile among key suppliers.  All of the data and information is captured on an SAP HANA© database platform.

Such information is that currently provided on the Ariba platform that includes structured vendor master data, supplier key performance indicator data, along with financial profile data from external sources. Augmented additional support for capturing unstructured data related to specific suppliers is provided by Supplier InfoNet. That would include news filters involving 160,000 news wires along with social media extracted and other focused unstructured information.  Supplier InfoNet’s leveraged use of the SAP HANA platform provides additional for additional capabilities for predictive analytics to be layered across these combined information streams, allowing for a form of machine learning relative to patterns of information that would correlate with expected outcomes, such a supplier major disruption or failure.  The important benefit for Ariba and SAP centric procurement teams is the ability to capture a much broader array of data and information across multiple systems landscapes with the ability to be more proactively alerted to risk conditions among multiple tiers of the supply and value-chain.

In a brief briefing by Ariba and Supplier InfoNet executives, Supply Chain Matters ascertained that to gain this new supply chain risk mitigation capability, customers will have to incrementally license Supplier InfoNet if they have not already done so.  We were additionally informed that no separate licensing of HANA is required for this functionality. Further, the widely speculated transition of the majority of Ariba functionality to the SAP HANA platform will take far more additional time, with Ariba reluctant to commit to hard timelines. That is not surprising given that a significant amount of existing customers support the Ariba Network with non-SAP databases such as Oracle. However, it seems clear that Ariba’s strategy is committed to gradually transition its data and informational compute functionality to SAP HANA, starting with Ariba Spend Visibility.

Ariba further announced today that AribaPay, a cloud-based B2B payments application, jointly unveiled last year with Discover Financial Services will be offered for general availability in the United States during the second quarter of 2014. The application combines Ariba pre-settlement business collaboration with Discover’s global payments infrastructure to effect supplier payments.  Arlington Computer Products is featured as a lighthouse go-live customer.

The Effects of Asset Management Strategies- Who Really Owns Accountability for Overall Risk Management?


Industry supply chains have constantly had to respond to business needs for overall cost reduction.  This author can recall numerous supply chain executive surveys dating back to the early part of this decade, all pointing to supply chain cost reduction as one of any top three organizational challenges. While the severity of such pressures tended to vary, the extreme being the global of recession that began in 2008-2009, they have since established numerous structural supply chain changes. These changes included transferring more cost risk into lower tiers of the supply or value-chain as well as the shedding of assets.  The consul of CFO’s was to avoid, as much as possible, the ownership of hard assets. A clear byproduct of the implications of shedding assets or outsourcing asset management was who owns overall accountability for risk management.

This relentless pressure to improve return-on-assets has, as this community well knows, led to far different industry supply chain structures.  Shedding of capital-intensive manufacturing related assets led to the resurgence of the contract manufacturing model.  Today’s dominant contract manufacturers hold production plants in multitudes of countries and regions. In semiconductor related manufacturing, the termed fabless model emerged where many semiconductor suppliers shed their super highly expensive capital intensive chip manufacturing plants into today’s smaller concentration of global fabricators such as TSMC. Fabless semiconductor firms’ in-turn, outsourced chip assembly and test to other lower-cost Asian locations.

Similar asset transfer trends occurred in logistics and transportation.  Manufacturers and retailers shed transportation assets to third-party logistics providers (3PL’s), and have since added technology and services augmentation which are the basis of termed fourth-party logistics providers (4PL).  Each of these providers themselves discovered enhanced opportunities for profitability growth by transferring transportation assets to mega-carriers or IT infrastructure to leasing or IT hosting firms. 

Like any game, the unwritten gaming rules seem to be, hold no assets.

In this specific commentary, we want to focus on a current development capturing the attention of general and business media that being the U.S. railroad industry. By its nature, this industry is completely capital-intensive and ROA driven and must further adhere to continual regulatory standards and practices. 

In April of 2011, a Supply Chain Matters commentary focused on how U.S. railroads were attempting to bounce back from years of industry setbacks as well as severe recession across the economy.  A previous decade or so of asset transfer and outsourced maintenance strategies had the bulk of railcars, especially those related to the transport of bulk cargo, under the ownership of leasing, financial services or bulk shippers themselves. In essence, the railroads served as service providers to ship customers’ bulk cargo, utilizing primarily non-owned bulk transport railcars.  In 2009, railroad shipments had declined by a whopping 64 percent, the worst year since 1988. An estimated 28 percent of rail fleets were parked and idle storage on unused track, some stretching as much as 30 miles in places. The crisis of asset management was acute and leasing companies and railroads jointly bore the brunt of that crisis. Another reality was that a large percentage of the bulk transport railcar fleet remained dated and proper maintenance did not appear to be financially viable in times of severe downturn.

That brings us to today and in particular the current manufacturing and energy boom occurring across the United States.  The U.S. economy is rebounding and utilization of bulk transport railcars has now increased significantly to the point of periodic lack of availability. The massive new discoveries of shale oil deposits and the new technologies of fracking have led to today’s oil exploration boom, but with a certain bulk transportation challenge.  The existing north to south oil pipeline networks existing across the United States did not account for current booming sources of crude oil production such as the Bakken region in North Dakota. That region alone is producing what is estimated to be 1 million barrels of crude production per day. In December alone, rail transport accounted for nearly three-fourths of crude production stemming from the Bakken region. With the lack of pipeline infrastructure, and with new options for higher profitability depending upon which refinery or which port ultimately receives such crude, energy companies have now re-discovered rail as the preferred shipment mode.

The rest of this story has occupied general and business media headlines, namely a tragic series of tanker car explosions and fires endangering property and human life.  There have been revelations that Bakkan crude is far more volatile and unstable than allegedly believed. The railroads have been finger-pointing toward tank car owners for holding liability for such accidents. Two major railroads have filed lawsuits against asset maintenance contractors over who is liable for derailments caused by broken axles.  Of further contention is which entity is responsible for proper safety inspections and which is responsible for necessary safety modifications to strengthen railcar axles and to contain a potential tank car explosion from spreading to other cars.  Maintenance contractors claim the railroads are far exceeding weight limits and overlooking the hazardous nature of today’s crude oil shipments. Both are balking at who will pay the overall expense, with the implication being which party is accountable for risk?

This entire situation has resulted in an oil safety deal reached in mid-January when federal regulators were forced to step-in and demand railroads and energy companies agree to forms of voluntary changes to improve the safety of tanker rail cars.  Railroads must now take more proactive steps to avoid derailments, reduce speeds and reroute tanker laden trains around high risk areas such as major cities.  Both parties agreed to come up with recommendations for improved safety of tank car fleets.

One railroad is going a step further. The BNSF railroad is seeking bids for investing in 5000 next-generation tank cars that will meet higher safety and cargo load standards. However, for the current remainder of the rail industry, and perhaps many industry supply chains, is an open question of which party holds ultimate risk when the bulk of assets and asset management services are outsourced. We believe it is a timely and rather important question, one that will occupy the mindshare of CFO’s, insurance providers and industry supply chain leaders in the months to come.

What’s your view?  Does outsourcing of assets and asset management include the outsourcing of risk accountability? Is the current trend sustainable?

Bob Ferrari

Ranking of 2014 U.S. Business Risks Points Squarely at Supply Chain Disruption

1 comment

We call Supply Chain Matters reader attention to a recent posting on Insurance Networking News regarding the Top 10 U.S. Business Risks for 2014.  The report highlights findings from insurance provider Allianz and its Allianz Risk Barometer report, a survey among 400 corporate insurance experts from 33 countries.

Readers will recall that in Prediction Seven of our 2014 Predictions for Global Supply Chains, we stated that increased dimensions of supply chain risk and major disruption will further impact product sourcing strategies. This latest Allianz survey provides added evidence of both the increased dimensions of risk as well as the interdependencies of a disruption on the other important aspects of business including the value of the brand. It specifically calls attention to the increasing complexity and interdependence of business risks adding broader systemic threats for businesses. While the report highlights is a ranking business risks from a U.S. perspective, it further notes that notes that globally, business interruption and supply chain losses provide the greatest risks to businesses. That finding should be of little surprise to readers of Supply Chain Matters.

In its top ten rankings of U.S. business risks, business interruption caused in the supply chain was ranked as the number one risk by 61 percent of respondents. Rounding out the top five risks were natural catastrophe as number 2, fire/explosion at number three, and cyber-crime and IT failure as number five.  Loss of brand reputation joined this list for the first time, and was ranked as the number four risk.  That ranking, by our view is long overdue. While 2013 losses associated with natural catastrophe were considerably down from the levels of 2012, they were more costly in terms of business interruption.

Strategic sourcing and procurement teams need to continue to calibrate with their insurance and corporate risk colleagues as to the implications of these ongoing trends and the increased exposures that major supply chain disruption can present to any business. This is an area that can no longer be viewed as a passing trend.


Supply Chain Matters 2014 Predictions for Global Supply Chains- Part Six

Comments Off

Once a year, just before the start of the New Year, the Ferrari Consulting and Research Group and the Supply Chain Matters Blog provide our series of predictions for the coming year.  These predictions are provided in the spirit of advising supply chain organizations in setting management agenda for the year ahead, as well as helping our readers and clients to prepare their supply chain management teams in establishing programs, initiatives and educational agendas for the upcoming New Year.

In Part One of this series, we unveiled the methodology and complete listing of our 2014 predictions.

Part Two of this series summarized Prediction One related on what to expect in the global economy and Prediction Two, what to expect in procurement costs.

Part Three of the series summarized Predictions Three, continued momentum associated with the resurgence in U.S. and North America production, and Prediction Four, talent recruitment and retention as a continued challenge.

Part Four addressed some unique industry specific supply chain challenges in 2014.

Part Five predicted increased implications regarding current supply chain social responsibility strategies and practices.

In this Part Six commentary, we move on to the implications of increased supply chain risk.


Prediction Seven: Increased Dimensions of Supply Chain Risk and Major Disruption will Further Impact Global Sourcing Strategies

Since our inception in 2008 as both a supply chain social media based educational forum and industry analyst anchored consulting firm, we have continually raised awareness to the increased occurrence of major supply chain disruption and risk. Industry supply chains encountered the brute reality of such risks in the year 2011, with the industry supply chain effects of both the devastating earthquake and tsunami that struck areas of Northern Japan and the widespread floods in Thailand that impacted multiple production facilities.

Supply Chain Matters has moved to many other post 2011 commentaries addressing areas of increased risk and their potential implications to business performance. In the area of extraordinary climatic events, each passing year brings an unfortunate new meaning definition of historic magnitudes of storms. In 2013 alone, the world witnessed one of the largest and most destructive typhoons, which struck the Philippines. Across the U.S. Midwest, records were shattered in regards to the most powerful tornadoes ever recorded that brought associated destruction and loss of life.  Risk also escalated in the occurrence of natural disasters including more powerful and frequent earthquake events, some of which have occurred in key component supply regions such as Taiwan.

In our previous publishing of annual predictions, we raised awareness to increasing threats and exposures. In 2012, we modified our prediction in this area to include effects of liability insurance costs as a new consideration factor in major sourcing decisions.  Since that time, the voices echoing increased disruption risk across global supply chains has magnified with multiple consulting firms, insurance providers and corporate liability firms joining in the chorus of concern.  Yet, we live in a world of shortened sound bites and in the moment memories.  Recent surveys of supply chain executives indicate a lowered priority on risk management, probably because there are so many other challenges and priorities on the minds of industry supply chain executives.

Government and industry groups look to escalating climatic events as uncontrollable acts of nature which are the new normal. However, we have again added the challenge of major supply chain risk to our 2014 predictions primarily because of the implications of the various events that are occurring.

For a number of valid business reasons, major amounts of product design, test, and component and volume production are sourced across coastal regions of Asia.  We all know these areas well: China, Singapore, Malaysia, Thailand, Taiwan and the Philippines to name just a few. Major customer service and support operations also stem from areas of Asia and Oceania.  The countries that they are located within are today the most fragile in terms of extraordinary climatic events, natural disasters and flooding.  Insurance providers and the re-insurance brokers that finance global risk threats are well attuned to these trends, and price liability or business recovery insurance rates based on risk probability. If you need reinforcement, read their global risk summaries and reports.  A preliminary analysis of natural disasters in the first-half of 2013, performed by global re-insurance firm Swiss-Re, estimated $56 billion in economic losses from disasters. According to the Swiss Re analysis, flooding was a main-driver of natural catastrophe related losses accounting for nearly $8 billion in global insurance claims. Global insurance covered upwards of 35 percent of these losses, amounting to $20 billion.

Many corporations self-insure to some extent, under the guise of the probabilities of extraordinary events that would impact the business.  Recent history of events, their impacts on the supply chain, and consequent impacts on revenues and profits have additional new meaning for corporate finance executives.

We believe that in 2014, the ongoing cumulative effects of increased financial and business disruption liabilities will compel more manufacturers, retailers and service supply chains to once again revisit global sourcing strategies, especially in the light of risk among strategic suppliers, both in upper and lower tiers of the value-chain.  Dual or alternative sourcing strategies among strategic suppliers will become ever more important and will drive some new sourcing patterns that include different or diverse geographies to balance risk. Product development, sourcing and procurement teams must be proactive to implications of these developments and will need to depend on more sophisticated analysis tools to identify component risks in relation to overall revenue dependence and weighted risks for disruption in supply.

Suppliers that provide strategic components, products and/or services for key customers may well be fielding requests for considering the locating of facilities in different geographic areas that offset risk and provide contingency back-up to a major disruption.  We believe the days of sourcing based on one-dimensional cost and labor dimensions are over and 2014 will bring new dimensions of analytical analysis, advanced information technology and consequent sourcing actions that balance as much as possible, global risk. This will be a far different dimension of supply chain risk management and mitigation and firms had best be prepared for the new shift.


This concludes Part Six of our 2014 Predictions series.

Keep your browser focused on Supply Chain Matters as in an upcoming posting, we will move on to Prediction Eight, which predicts further turbulence in global transportation carrier networks.

As always, readers are encouraged to add individual or their own organizational perspectives to these predictions in the Comments section associated to each of the postings in this series.


© 2013 The Ferrari Consulting and Research Group LLC,  and the Supply Chain Matters Blog.  All rights reserved


« Previous Entries