Supply Chain

Securing Global Supply Chains: Seven Reasons Why
“Getting It Done” Is So Hard
Ralph Welborn and Vince Kasten
© 2007 Wiley Periodicals, Inc.
Published online in Wiley InterScience (www.interscience.wiley.com). DOI 10.1002/ert.20123
The relationship between a global supply
chain and your people is vital. After all,
what is a supply chain but a series of activities supported by people, processes, and technology that move products and services
around? It all sounds so simple—if only it
were. But, far too often, that “people thing”—
and more specifically, the knowledge and
expertise they have that underlie all of the
activities and are embedded in the business
rules and specific technology applications
used to support those activities—is
ignored . . . to the peril of getting done what
needs to get done.
There a lot of challenges that come with
“getting done what needs to get done” around
global supply chains. Most, if not all, of these
challenges stem from ignoring what people do
and how their knowledge and expertise are
used, captured, and expressed. So much of the
supply chain remains invisible, undocumented,
the results of workarounds and exceptions or
activities and technologies that evolve or
mutate over time in response to changing
needs and requirements. Making visible what
is far too often invisible is critical to making
global supply chains effective and secure.
We all know that a company’s global supply chain is a potent strategic weapon, economically speaking. Unfortunately, it can
also be a potentially fatal area of vulnerability. Consider the hundreds of millions of
shipping containers that move among the
world’s seaports—about 80 percent of the
world’s cargo, which adds up to 5.8 billion
tons per year. When you consider the many
different people who will be in charge of
the cargo at different times in the chain,
you can see that there is a lot of room for
error. Cargo could be lost, stolen, or, most
alarmingly, compromised by terrorists. Two
incidents from 2004 underscore this frightening reality.
In early 2004, Italian authorities found a
suspected al-Qaeda member inside a sealed
container headed for Canada. And in March
2004, following a double suicide attack in
which ten port workers lost their lives, an
Israeli security official at the Ashdod Port
discovered a secret compartment in an
incoming shipping container that had already
passed inspection. Israeli security experts
suspected the container was used to smuggle
the two suicide bombers into the heavily
secured Ashdod Port.
The bottom line is that companies must
aggressively address this issue. If your company’s supply chain is breached and used for
a terrorist act, the resulting aftermath could
be devastating. This we all know.
We also all know that securing global
trade lanes is an enormously complex business problem that doesn’t admit simple
answers. U.S. ports can’t possibly inspect
every one of the seven million containers
they handle each year, and with 200 million
1
Employment Relations Today
containers shipped globally each year, the
ports of the world won’t be inspecting 100
percent of their shipments either.
Why companies must secure their supply
chains is obvious: one of our clients, a senior
executive in a Fortune 500 company, commented, “. . . if an act of terrorism were
committed using one of our containers, we
believe it would be a company-ending event.”
How they should do so is much trickier. And
here is where it gets interesting.
Regarding global supply chains today, companies have two often-conflicting objectives:
first, to get stuff through their supply chain
faster and faster, and second, to do so in a
way that is ever more secure. Yet, they’re
faced with a tough question: How do you
secure what you can’t see?
One answer to the question of securing
what you can’t see came via Operation
Safe Commerce. A key goal for this U.S.
government–sponsored initiative is to
make it so hard to put the wrong things into
the supply chain that the likelihood of
being able to introduce a weapon of mass
destruction, a terrorist, or, for that matter,
counterfeit consumer goods into a shipping
container becomes significantly smaller.
While the government is doing its part to
protect supply chains, businesses are necessarily getting in on the game as well. They
are finding that securing a supply chain is a
complex, time-consuming task. And that
being successful starts with those who work
on the supply chains—from those who plan
its execution to those who are checking and
loading containers.
Ralph Welborn and Vince Kasten
Employment Relations Today DOI 10.1002/ert
2
With so many hands in the cookie jar at so
many different points in the chain, it is no
wonder that many companies have trouble
managing the ever-increasing tension
between agility and security in their supply
chains. Here are some of the reasons why
“getting it done” on the supply chain can be
so difficult.
WHAT HAPPENS AT SEA, STAYS AT SEA
Companies often find it difficult to monitor
their cargo on every leg of the trip. Consider
the following real example of a typical
inbound supply chain to the United States, in
which men’s shirts manufactured in Karachi,
Pakistan, take around 75 days to get to a
retail store in Ohio. The shirts pass through a
number of warehouses, ports, and modes of
shipping along the way, on average passing
through 25 sets of hands in 75 days. The ship
container with these shirts in it was, according to corporate executives, “at sea” from
days 40 through 59 with “not much” happening. Makes sense, right? After all, it takes a
long time to get from one ocean to another.
In reality, the ship actually docked in the
Maldives—not for long, but long enough to
pick up some additional cargo from smaller
ships passing through. It’s common enough
for a ship to make a quick stop like this,
reflecting the “you scratch my back and I’ll
scratch yours” attitude of the seafaring fraternity. But common enough does not equate
to secure enough. And it certainly does not
meet the requirements of a Fortune 500 company attempting to optimize and secure its
supply chain.
The task of managing such a large number
of containers passing through so many different hands is daunting. Too many companies
simply assume that their supply chains are
While the government is doing its part to protect
supply chains, businesses are necessarily getting
in on the game as well.
Winter 2007
staying secure throughout the whole journey.
Unfortunately, when making assumptions
about your supply-chain security, you endanger your employees, port employees, your customers, and the security of your country in
the process. And that is unacceptable. In
order to ensure that their supply chains are
secure, companies should incorporate a system of checks and balances to make sure all
parties in the chain know what they should
be doing and when they should be doing it.
Also, because so many different groups are
charged with the task of working together to
keep supply chains secure, communication
must be open and honest between every level.
THE SUPPLY-CHAIN JUGGLING ACT
The juggling act of coordinating people,
tracking assets, securing information, and
keeping up with changing regulations was
once a lot less complex. A company had stuff
to get somewhere, and everyone involved had
a motivation to get the stuff there as quickly
as possible. Today, increased regulations
bring new people to the table, people with
other objectives than “getting stuff somewhere fast.” Their main focus is security, and
making all of the necessary security checks
can slow down the process. The extra
requirement of end-to-end security means
more people are paying attention to the process by which the container gets delivered,
validated (along with its driver), stuffed, verified, sealed, and documented. That’s a lot of
coordination—and a lot of friction added to
the supply chain.
TOO MANY CONNECTIONS
Inevitably, questions of who is responsible for
what, where, when, how, and how much will
Securing Global Supply Chains: Seven Reasons Why “Getting It Done” Is So Hard
Employment Relations Today DOI 10.1002/ert
3
come up. But often, these questions are impossible to answer even within a firm, much less
across firms. This lack of visibility into what
really happens—who really does what and
where, when, and how they do it—leads to
surprises and risks. The point here is simple:
the goods; the containers the goods are in; and
the trucks, trains, airplanes, and ships that
may be used to move the containers are open
to disruption at every step along the way.
Understanding the interlocking dependencies
that your company’s future rests on, and making sure that you understand the risk factors
and how to mitigate them, is not just a cost
issue; it is a survival issue. It is vital that organizations close the gaps in execution and
communication between the different levels of
workers on their supply chain. Vulnerabilities
often include:
❏ Multiple participants and breakpoints. The
securing of physical assets and information flow typically involves 25 different
entities. At each point, there are many
opportunities for security breaches, not
only within each entity, but also during
the exchange of both physical assets and
information.
❏ Isolated security solutions. Today’s infrastructure and solutions have potentially
fatal gaps because they are focused on the
isolated “nodes” (specific in-transit places)
rather than on integrated “in-process
places and processes”—with robust and
effective security demands.
❏ Fragmented supply chains. Fatal gaps result
from fragmented views of problems and
The juggling act of coordinating people, tracking
assets, securing information, and keeping up with
changing regulations was once a lot less complex.
Employment Relations Today
their solutions. Supply-chain views are
fragmented because they are created one
company at a time, with little or no common approach to codifying and sharing
between those companies. The days of
loosely coupled processes held together by
ad hoc information flows are over, as
commercial needs and regulatory requirements force more intimate integration of
information.
To overcome these vulnerabilities, extra
process steps, extra people (or at least additional roles), and special skills are needed at
various places along the way.
AGREEMENT AMONG DIVERSE AREAS
OF THE WORKFORCE
For supply chains to be truly secure, people
from all walks of life must work together.
The fact is, operations people, marketing
people, and management all speak different
languages. Each group of people may use the
same words and nod at the same set of
supply-chain objectives, and yet they often,
if not always, mean fundamentally different
things by them. It makes sense. Each group
has fundamentally different sets of metrics,
perspectives, and backgrounds—all of which
are necessary—but they’re all so different
that alignment across their differences is an
enormous challenge.
The fundamental disconnect between
diverse people within a company can make it
very difficult to work together effectively. If
you multiply this “disconnect” within your
Ralph Welborn and Vince Kasten
Employment Relations Today DOI 10.1002/ert
4
company by the many companies you work
with that make up your supply chain, you
can begin to understand how getting people
to “make sense” and “take action” on the
same set of objectives becomes mindbogglingly difficult. You end up with what
we have all experienced: big morale problems, management mistrust, dysfunctional
organizational behavior, and erratic decision
making, just simply on a broader scale.
THE UNDETERMINABLE COST OF
COMPLIANCE
The cost of compliance is difficult to calculate. Specific security initiatives and their
costs change frequently and will continue to
change as the nature of threats evolves and
as new technologies become available. The
question of who will bear the cost is an
obstacle to global implementation of supplychain security measures. According to Gerald
Woolever, a former 35-year veteran of the
U.S. Coast Guard, “The question is creating
significant tension between the people in the
ports, the carriers and transporters, who
don’t necessarily want to bear the expense of
buying the technology and putting these procedures in place, and the government, which
is trying to pass the cost down to the people
in the supply chain.”1
THE “INVISIBLES”
It’s easy to say “Let’s redesign our supply
chain to make it more cost-effective and
more responsive to customer, supplier, and
regulatory needs,” but it’s not so easy to do.
There are many invisible factors and activities that company executives don’t know
about—and often don’t know they don’t
know—when they kick off these “improveThe fundamental disconnect between diverse people
within a company can make it very difficult to
work together effectively.
Winter 2007
ment” initiatives. After all, what are supply
chains but sets of activities, workarounds,
and exceptions that, over time, have evolved
into the ways things get done, including technology “patches,” “features,” and “modifications” added to support those processes? And
many of these things are undocumented,
existing only in the heads of your employees—
or embedded in the code of the added-to
applications. For instance:
❏ The “exceptions” that have to be handled
by, let’s say, Betty and Michael, because
the computer application can’t understand them: a signature is illegible, or
the customs regulation has changed in
Hong Kong and Betty is aware of this
and usually handles it manually, or the
readings of a particular set of radio frequency identification (RFID) tags from a
particular vendor requires additional
work, and only Betty and Michael have
dealt with it before;
❏ The “workarounds” that were added or
new features that were never documented
but are now part of the computer application; and
❏ The “we’ve-always-done-it-this-waybecause-it-works-better” activities that
only Betty and Michael know about
because they’ve been here for 20 years.
These “invisible” things keep the processes
and applications running, yet they’re hard to
identify when you’re making a change—
particularly if Betty and Michael are no
longer with you. Companies discover these
unseen factors after it’s too late—after customers complain, after frustrations have built
up, and when the gap between what management wants to get done and what actually
gets done gets wider and wider.
Securing Global Supply Chains: Seven Reasons Why “Getting It Done” Is So Hard
Employment Relations Today DOI 10.1002/ert
5
FOCUSING ON A MOVING TARGET
In any supply chain, a lot of “stuff” has to
get done. Execution involves making sense,
then taking action. Making sense of this
sprawling, pervasive thing requires understanding (1) processes that can stretch from a
factory in Karachi, Pakistan, to a rack of
shirts at a retailer in Peoria, Illinois; (2) data
making these processes work that passes
through, on average, 25 different organizations along the way; and (3) the physical
goods that are packed, unpacked, repacked,
shipped, stored, inspected, and used multiple
times by multiple companies. It also means
understanding what parts of the processes
and technology support the strategic goals of
supply-chain efficiency, the goals of security,
and the regulations guiding behavior—which
are always changing.
Thus, creating a supply chain that works
efficiently and securely can be a tall order for
many organizations. The challenge, as Trevor
Davis, the chief implementation officer of an
effort to put a large company back on profitable footing, puts it, “It’s like hitting the
bull’s-eye with parallel darts thrown with
both hands.” And if that’s not troublesome
enough, if one thing goes wrong, it has a “cascading effect” on other things. If you don’t
have the right data for a manifest, you don’t
get the goods loaded on the ship. If you don’t
get the goods loaded, you don’t meet your
time deadlines. If you don’t meet your time
deadlines, you miss the market opportunity.
With enhanced security come additional
responsibilities adding costs and time—
Creating a supply chain that works efficiently and
securely can be a tall order for many organizations.
Employment Relations Today
precisely what supply chains are designed to
eliminate. The result? Increasing tension
between the need for speed and the requirements for security and the groups associated
with each. How a company balances these
tensions will affect its competitive relevance
and capability to take advantage of global
commerce. Creating a system so that employees on every level can play nicely together is
the first step in creating a secure supply chain.
Blueprint your business processes to get
visibility into what’s really going on. You
need to know what connects with what,
where, when, how, and how much. And always
know who is running these operations at
each level. There are far too many potential
Ralph Welborn and Vince Kasten
Employment Relations Today DOI 10.1002/ert
6
pitfalls and risks as well as real jewels and
opportunities for you to not have this type of
organization and clarity in your supply
chains.
Working to bridge the “execution gap” is
no longer optional. It has become a competitive necessity to make sense of the tensions
between an agile yet secured supply chain
and then to take action to ensure these tensions don’t cause problems for your company.
NOTE
1. Andrew K. Reese, Building the secure supply chain, Supply & Demand-Chain Executive, http://sdcexec.com/
article_arch.asp?article_id=5287.
Ralph Welborn, PhD, is managing partner of the global Unisys Business Transformation
team; he has held similar strategy and transformation roles at other global services firms.
Vince Kasten is managing partner of the North America Business Transformation team
at Unisys; he also has held managing director roles of systems integration at other global
services firms. Welborn and Kasten have nearly 40 years of combined experience focused
on business transformation, performance analysis, collaborative strategies, business and
IT partnership, systems integration and management, and solution deployment. They
coauthored Get It Done! A Blueprint for Business Execution (Wiley, 2006) and also The
Jericho Principle: How Companies Use Strategic Collaboration to Find New Sources of
Value (Wiley, 2003), as well as a number of articles on different business and technology
topics. The authors may be contacted via e-mail at ralph.welborn@unisys.com or
vincent.kasten@unisys.com.