Business Continuity Management and Supply Chain Risk Management and its Interdependency in Praxis

It is reality that BCM (=disaster recovery) and SCRM are typically established as separate practices. The existence of either one doesn’t necessarily require the existence of the other one.

  • Nevertheless the Enterprise Risk Management is incomplete because either one is missing!

Statement of Interdependency between BCM and SCRM

Under the umbrella of ERM:

  • The SCRM deals with detection, analysis, scoring and mitigation of risks in the supply chain processes.
  • The BCM deals with the recovery of the risk affected supply chain processes.
  • In order to provide a profound solution for both components as parts of an integer ERM strategy an interdisciplinary cooperation between the responsible people in the parties of BCM, SCRM, SCM and ERM is a prerequisite.

Following the statement the ideal strategy and structure becomes obvious. The entire Risk Management activities in an organization should become a “Central Management Institution” (CMI), headed by a Manager who reports directly to the board or might be part of the board. Positions as Chief Risk Manager, Chief Risk- and Performance Manager, Chief Enterprise Risk Manager come to mind.

In consequence all Risk Management and Risk Management related activities, e.g. BCM, Quality Management etc. become part of the CMI.

Risk Management in its pure sense has become significant in any organization of any size and in any industry. Admittedly the importance of Risk Management might vary in the various industrial sectors and in its correlation to the size of an organization.

Risk Management in its pure sense has also become significant in all Business- or functional Units of an organization, e.g. in Procurement, HR, IT, Research and Development, Production, Marketing & Sales etc.. Regarding to its importance Risk Management became quite equally valid for any of those Units.

Since our focus is on Supply Chain Risk Management a look at a typical supply chain and the experience of risk potential along a supply chain explains quite simple that in case of occurring risk events Business Continuity Management could be executed immediately. It becomes obvious:

  • Risk events in the supply chain impact all processes of an organization.
  • The interdependency between SCRM and BCM proves itself.
  • BCM is the logical and pragmatic complement to SCRM.
Fig1: Supply Chain Scenario

Fig1: Supply Chain Scenario


In such a supply chain process an alert should be send from the SCRM-System to the BCM-System at the earliest time possible in order to get the responsible people at the BCM-Team alerted and getting ready to act. This earliest moment is whenever a relevant risk event occurs and is captured from the SCRM-System and becomes visible on the Risk Radar (Monitor). From this early moment on the BCM-Team can use further information from the SCRM-System.

The team members of a BCM-Team have mandatory to be users of the SCRM-System!

Components of BCM

A solid BCM solution is based on best practices, a state of the art methodology and supported by state of the art software. A BCM solution includes the following components:

  1. Development of strategy and determination of responsibilities.
  2. Establishment of a central repository for all relevant business processes.
  3. Performance of a holistic Business Impact Analysis (considering each single process).
  4. Development of a business continuity and disaster recovery plan.
  5. Documentation, reporting, reviewing and communication.
  6. Establishment of workshops for resolving and recovery activities.
  7. Integration with ERM and SCRM.
Fig2: BCM Process Cycle

Fig2: BCM Process Cycle


Components of SCRM

A solid SCRM solution is based on best practices, a state of the art methodology and supported by state of the art software. A SCRM solution includes the following components:

  1. Development of strategy and determination of responsibilities.
  2. Capture of structured and unstructured data from different sources, e.g. Internet, News Media of all kinds, Info Services about financial-, compliance-, sanction-, social responsibility etc. data.
  3. Research and analysis of captured data.
  4. Scoring the data related to risk tolerance / risk appetite.
  5. Alert mechanism sending alerts to assigned users.
  6. Reporting, documentation of analyzed results, reviewing and communication.
  7. Action planning and –management
  8. Simulation of scenarios
  9. Predictive analytics
  10. Integration with ERM and BCM
Fig3: SCRM Cycle

Fig3: SCRM Cycle


SCRM and BCM integrated

SCRM and BCM as an integrated process finally provide a significant complex in Enterprise Risk Management. The integration of SCRM and BCM completes the Risk Management from:

  • Detection of risk to
  • Validation of Risk to
  • Mitigation of risk to
  • Recovery of processes in any organization
Fig4: Interaction BCM & SCRM Cycle

Fig4: Interaction BCM & SCRM Cycle

Read more about The interdependency of Supply Chain Risk Management and Business Continuity Management – Part 1

After Studies of Engineering and Business Administration in his Engineering Career Mr. Raue held managing positions in Companies such as Du Pont, Dillinger Stahlbau, Grillo AG. In his Career in Marketing and Sales Mr. Raue has held leader ship positions in Companies like Xerox, General Dynamics, Beta Systems, Lockheed, Oracle and SeeBeyond. Mr. Raue founded Global Business Partners, a Mergers & Acquisition Company, mainly focusing on the axis Europe – Asia Pacific. He also founded Beta Systems S. E., Worldwide Marketing of System Software to the IBM Mainframe community.

Since 2001 Mr. Raue is focusing as an Interims Manager at Business Development in the field of “Enterprise Risk- and Performance Management” by working jointly with leading and entrepreneurial organizations providing software products, solutions and services in that field. Products and solutions cover areas such as Enterprise Risk Management, Supply Chain Risk Management, Operational Risk Management, Data Warehousing, Business Intelligence, Analytics, Business Process Management and Change Management.

Leave a Reply