Drivers of Supply Chain Vulnerability- An Integrated Framework

Drivers of supply chainvulnerability: an integrated

frameworkHelen Peck

The Resilience Centre, Cranfield University, Cranfield, UK, andThe Royal Military College of Science, Shrivenham, UK

Abstract

Purpose This paper aims to report on findings of a cross-sector empirical study of the sources anddrivers of supply chain vulnerability.

Design/methodology/approach The research was undertaken in accordance with the realisttradition. It begins with a descriptive exploratory stage involving an in-depth exploratory case studyof aerospace industry supply chains, validated through in-depth interviews with managersrepresenting other critical sectors of the UK economy. This is followed by an explanatory theoreticalstage. The work is supported throughout with reference to relevant literature sources.

Findings The findings highlight the absence of any widespread understanding of the scope of anddynamic nature of the problem, which should be considered from multiple perspectives and at fourlevels of analysis: value stream/product or process; asset and infrastructure dependencies;organisations and inter-organisational networks; and social and natural environment.

Research limitations/implications The paper is normative rather than positive, so focuses onunderstanding why supply chains are vulnerable to disruption, rather than presenting itself as aprescription for management. The paper does not investigate academic definitions or existingtaxonomies of risk.

Practical implications The work provides some useful insights for practising managers andpolicy makers.

Originality/value The paper reports on empirical research, then draws as appropriate on networktheory and complex systems perspectives to produce a conceptual model of a supply chain as ininteractive adaptive system.

Keywords Supply chain management, Risk management, United Kingdom

Paper type Research paper

IntroductionSupply chain vulnerability is a relatively new and unexplored area of managementresearch, though one that is in the ascendancy (Svensson, 2002). In the UK, the economicimpact of fuel protests in 2000, followed by the outbreak of Foot and Mouth Diseaseearly the following year, focused the minds of policy makers on the need to understandmore about the vulnerability of commercial supply chains. As a result, the UKGovernment commissioned a programme of research, sponsored by the Department forTransport to investigate the phenomena. The ultimate aim of the research is to providethe insight by which to improve the resilience of the nations supply chain networks.This paper draws on the findings of a significant portion of the work.

The term supply chain can be interpreted in many ways, but is defined here in itsbroadest sense, as the network of organisations that are involved, through upstream

The Emerald Research Register for this journal is available at The current issue and full text archive of this journal is available at

www.emeraldinsight.com/researchregister www.emeraldinsight.com/0960-0035.htm

IJPDLM35,4

210

Received August 2003Revised December 2004Accepted February 2005

International Journal of PhysicalDistribution & Logistics ManagementVol. 35 No. 4, 2005pp. 210-232q Emerald Group Publishing Limited0960-0035DOI 10.1108/09600030510599904

and downstream linkages, in the different processes and activities that produce valuein the form of products and services in the hands of the ultimate consumer(Christopher, 1998). The work involves an exploratory, empirically grounded, study ofsupply chain risk and resilience, so common usage dictionary-based definitions wereadopted for other key terms. Academic definitions of risk and resilience werepurposefully avoided because grounded research of this sort necessarily begins withlay definitions before moving to technical descriptions (Blaikie, 1993). The term riskis therefore used here in the sense that something a product, process, organisationetc. is at risk i.e. vulnerable; likely to be lost or damaged (Collins EnglishDictionary, 2000). Resilience is defined as the ability of a system to return to itsoriginal [or desired] state after being disturbed. The definition is rooted in ecology (thestudy of the relationships between living organisms and their environment) and wasadopted because it sits comfortably with the view of supply chains as interactingnetworks. The notion of flexibility is inherent in the definition and, given that thedesired state may be different from the original, adaptability is also implied.

MethodologyThe research presented here was undertaken in accordance with the realist tradition(Bhasker, 1979; Blaikie, 1993), beginning with a descriptive exploratory stage usingempirical data. This is followed by an explanatory theoretical stage involving theconstruction of hypothetical models, to produce a rational explanation of the patternsfound in the empirical study. Further research is then advised to check critically whatis thought to be known. The intertwined literature review presented in this paperrepresents part of this latter phase.

The core of the research was an in-depth exploratory case study of commercialsupply chains engaged in the manufacture and assembly of high performance militaryaircraft (Haywood, 2002). The case method was used because it is recommended forstudies of contemporary phenomena in real-life contexts (Yin, 1989), and in particularfor exploratory research into industrial networks (Easton, 1995).

The context for the case procurement and production of military aircraft represents an extreme risk environment, with national security as well as commercialsensitivities, which pre-9/11 had been inaccessible to the research team. It is acommercial environment characterised by extreme levels of technological, financial,product safety and political risk. As such it met the criteria set by Yin for a single casestudy i.e. it represented a unique, extreme or revelatory situation.

Few grounded studies of supply chain risk/vulnerability have been published todate. Those that have tend to follow the design of more general supply chainmanagement research, constraining the scope of the problem by adopting either avertical or horizontal design. Horizontal studies usually examine a given issue eitherwithin the bounds of a single firm or between a focal firm and adjacent organisations.These would typically survey perceptions of supply chain related risk in anorganisations purchasing department or its first tier supplier base (e.g. Svensson,2000, 2001, 2002). In contrast, vertical studies (e.g. Harland and Brenchley, 2001) arelikely to involve the mapping and analysis of one or more representative productlines or value streams through a series of consecutive activities and/or organisations.While both approaches have yielded useful insights, it was felt that there was a dangerthat designs of this sort may reduce the scope of the research to the point where the

Drivers ofsupply chainvulnerability

211

very phenomena that could be undermining resilience may be excluded. Consequentlythis research used a design that was both horizontal and vertical in scope.

To guide the researcher and ensure the reliability of the research and its viabilityas the basis for further work careful consideration was given to data collectionmethods and handling procedures (see case study protocol in the Appendix, Figure A1).Data collection involved semi-structured interviews with 47 managers, representingfive tiers of the network involved in the production of four distinct aircraft types.Interviewees were selected using snowball sampling (Jankowicz, 1995). The managersconcerned performed a range of supply chain management related roles, as shown inTable I. They were drawn from across the aircraft programs (product lines/families) ofthe prime contractor (the assembler), its first- and second-tier suppliers, industryassociations including one representing small and medium sized enterprises andcustomers in the UK Ministry of Defence.

Among the issues each manager was invited to discuss was: What are the sourcesor consequences of risks affecting your supply chain?. Owing to commercialsensitivities, interviews were conducted on a one-to-one basis with assurances given toinformants that their anonymity would be protected. Where possible the interviewswere supplemented by archival evidence and published sources. The conversationswere recorded with the interviewees permission. The tapes were later transcribed andsummarised for analysis using thematic coding. In many instances verbatim quoteswere retained to preserve their richness and meaning. The results of subsequentanalysis were validated through a return to the literature, academic peer andpractitioner reviews[1]. To ascertain whether the findings were transferable to othercontexts (Lincoln and Guba, 1985) or simply industry-specific, two-hour longinterviews were conducted with 27 senior supply chain managers. The intervieweeswere drawn from leading companies or public sector agencies with manufacturing,distribution or retailing expertise in critical sectors of the UK economy (see Table II).

The findings of this latter phase of the research provided the impetus for thedevelopment of a multi-level framework, which allows managers and policy makers to

Number ofinterviewees

Number oforganisations/business units

Intervieweeroles/responsibilities

MoD (customer) 4 2 Supply chain managementPrimecontractor

31 8 Business developmentProgramme managementRisk managementSupply chain managementSupply chain planning

Tier 1 suppliers 6 4 Business developmentManaging directorOperations managementSupply chain management

Tier 2 suppliers 3 2 Supply chain managementIndustryassociations

3 2 National/regional associationrepresentative

Total 47 18

Source: Adapted from Haywood (2002)

Table I.Aerospace case study interviewee profiles

IJPDLM35,4

212

break out the issues of supply chain vulnerability in a relatively simple and structuredway. Given the desire to produce grounded research, an extensive literature reviewfollowed rather than preceded the development of the framework. It draws on thesupply chain management literature and as Stock (1997) suggests, appropriate workfrom related disciplines.

The usefulness and relevance of the framework has since been validated through focusgroup discussions and workshops involving groups of practitioners drawn from thedefence industry, the armed forces, cross-sector commercial industry associations,national emergency planning committees, and international humanitarian relief agencies.

Interim findings aerospaceSeveral clear themes emerged from the initial case study. First, when asked about thesources of risk in their supply chains, the aerospace managers did not refer to specific

SectorNumber of

interviewees

Number oforganisations/business units Interviewees roles/responsibilities

Food and drink 5 2 Director of distributionBusiness cont. managerSupply chain strategySupply chain operationsSupply chain planning

Personal care and cleaningproducts

3 2 Supply chain strategySupply chain planningSupply chain operations

Health care andpharmaceuticals

2 2 Process evaluation managerPortfolio (purchasing) manager

Automotive spares 3 1 Purchasing managerInternational distribution managerDistribution operations manager

Electrical and electronics 1 1 ConsultantOil and petrochemicals 8 2 Business continuity manager

Director of distributionSupply chain business analystsChange design leaderSupply chain integrationSales and operations planning

Transport and logistics 4 3 Managing directorDistribution operations managerAssistant director (policy)International distribution manager

Packaging 5 1 Head of purchasingSupply chain managerEuropean logistics managerVice president supply chainMaterials and inventory controllerOEM parts supply

Total 27a 10a

Note: a Some individuals and their organisations are active in more than one sector

Table II.Critical sector validation

interviewee profiles


213

high profile events such as earthquakes or 9/11, nor did they refer to generictaxonomies used by some academics, e.g. accidents, intentional acts or nature(Helferich and Cook, 2002). Instead they referred to often unanticipated side-effects orconsequential risks to supply chain processes, arising from specific managerialdecisions, requirements or industry trends. Demands for shorter lead-times,outsourcing and increasing use of global sourcing and supply, as well as off-set(politically determined counter trade agreements) were among the legitimate andwell-intentioned measures identified by interviewees as sources of risk to supply chainperformance. The constraints imposed by the safety-critical nature of the products,supply chain complexity and industry structure were also identified as contributoryfactors:

An example of relationship risks, complexity and loyalty occurred with one of the RoyalOrdnance factories, which had supplied components to us for 50 years. They used to beMinistry of Defence until they were privatised and [the prime contractor] bought them. Thenthree years ago [the prime contractor] did a deal with the South Africans for aircraft and allsorts of other stuff. Somewhere inside that deal was a deal to transfer the prime contractorscontracts to South Africa, which made this particular Royal Ordnance factory an unviableproposition, so they shut it. Well of course buried in the factory, about 10 per cent of theirturnover probably, was this 50-year-old component supply business that was critical to us. Theprime was completely oblivious to this link and when we pointed the fact out, and that it woulddisrupt our deliveries to them, they couldnt have been more surprised (Tier 1 supplier).

The network relationship risks get worse where supplier loyalty is divided. For example,were buying a piece of equipment from a major US organisation and we are actually a verysmall part of that particular area of business they have some pretty big US aerospacecustomers as well you see. Its clear that theyre not very interested in the relationship andconsequently were having issues with kit in the field. Theyre not investing in the softwarechanges that need to be done and when they do make software changes it encompasses lots ofother customers changes as well, which has a knock on effect on how the kit works on theaircraft (Customer, UK Ministry of Defence).

Second, interviewees frequently described how efforts to improve performance againstone measure (e.g. cost or quality) often inadvertently reduced performance andincreased risk associated with one or more of the others (e.g. schedule adherence orrelationship management):

An aero engine manufacturer had a requirement for repair work to a very old engine. Thismaterial had to conform to their quality approvals, as did the original melt source. We had tobuy 20,000 of raw material, the minimum order quantity for the mill, just so the companycould have 100 components from us. In the end we made 500 for them, but it took four to sixmonths to do it all. Although there was something similar in use by another aero enginemanufacturer, they werent completely sure it would be right and they couldnt take the risk.So paying the 20,000 became cheaper than doing the research into the compatibility of thisalternative source (Tier 2 supplier).

The collective impact of all these factors irregular demand patterns, measuresintroduced to reduce costs, changes and upgrades to product specifications, customerdetermined network reconfigurations meant that even the supply chains forestablished products were characterised by high levels of uncertainty and constantchange[2].

IJPDLM35,4

214

Findings from cross-sector validationManagers from the other sectors studied were invited to consider the same questionsregarding the vulnerabilities and sources (or drivers) of risk affecting their own supplychains. These interviewees readily offered opinions on when and why their supplychains (as they understood them) were most vulnerable. They also highlightedproblems of conflicting performance measures. For example:

There is no common language other than cost . . . I see evidence of this at least once a week,particularly with material brought in from the Far East. Purchasers go for the lower unitcosts, which usually mean bigger order quantities, longer lead times, lower responsivenessand worse customer service (Automotive parts manufacturer and 4th party logisticscompany).

The practitioners also confirmed that higher-level strategic choices and many of theother extraneous factors previously identified by aerospace managers were presentwithin their own sectors. With the exception of one industry (oil refining), intervieweesreported that their own supply chains were longer than ever before. All were becomingleaner.

Furthermore, managers from each sector echoed the beliefs of their aerospaceindustry counterparts, who claimed that their supply chains never reached a balancedstable steady state, where mature products and information flowed throughoptimised channels, supported by reliable systems, allowing inputs to be balanced withdemand:

Issues of supply chain maturity are poorly understood. The supply chains we support rarelyget the chance to mature into a mid-lifecycle steady state . . . 15 years after the [foodretailers] last network reorganisation, suppliers are still shaking out problems and dealingwith the successive shock waves (Transport and 4th party logistics company).

Changes in product specifications, continuous improvement initiatives, outsourcing,internal network redesigns, IT upgrades, changing process technology, supplierrationalisations and industry consolidations all contributed to the uncertainty ofoperations:

Its when the supply chain is supposed to be in the established steady state that it is mostvulnerable, because thats the point when its most susceptible to external effects. Thatswhen most people are trying to optimise and reduce control limits to reduce the variability ofthe process, but external risks may have changed the original scenario...The model of supplychain management in academia is one that we need to get away from, we need to think aboutfuzzy limited time interlocking networks (Consultant, electronics manufacturing).

Ongoing regulatory changes and the practicalities of managing across different legal,cultural and environmental settings made supply chain management a far morecomplex set of activities than some felt was recognised elsewhere within their ownorganisations[3]. The complexity of the task also left managers struggling to findappropriate ways to tackle supply chain risk management:

We know supply chain vulnerability is important, we know that, but its such an amorphousmass that we dont know how to break it down . . . we have to break it down so we can start todeal with it (Manager, food and personal care products manufacturer).


215

The remaining sections of this paper address the problem of breaking down supplychain risk into its constituent parts, without losing the contextual dynamic of causeand effect.

Supply chain risk in a networked worldSome aspects of supply chain management, such as just in time (JIT), have been widelyresearched, but the conceptual basis for supply chain risk in the sense that it is appliedhere i.e. vulnerability is immature (Svensson, 2002). Academics striving toimprove conceptual clarity in the study of supply chain risk have latterly sought tomake distinctions between sources, drivers and outcomes or consequences ofrisk (Juttner et al., 2003). However the managers interviewed for this research did notmake such distinctions. They responded with tales of cause and effect. In this respectthe findings concur with Zsidisin (2003). In his endeavor to establish a groundeddefinition of supply risk Zsidisin also found risk to be perceived by practitioners asa multi-dimensional construct.

The wider findings of this research suggest that the issues identified by thepractitioners interviewed are symptomatic of conflicts between the process-basedsupply chain goals and performance measures and the realities of complexinter-organisational networks.

In the supply chain management literature, writers take quite differing positions onthe most appropriate way to address supply chain risk. For example, Towill (1999)focused on process design. He drew on the principles of cybernetics when identifyingthe removal of complexity as a central pillar of supply chain (re)engineering and as anexplicit risk management objective.

Christopher and Lee (2001) acknowledge the inherent complexity ofinter-organisational supply chain networks, promoting the virtues of visibility,velocity and control as key elements of risk management. They argue that greatervisibility and control improves quality and allows managers to make their supplychains more responsive and manageable, thus preventing an undesirable accumulationof slack in the form of inventory buffers or additional safety time built into logisticslead-times. More specifically, Christopher and Lee advocated careful monitoring of thesupply chain for deviations from schedules or business plans to allow appropriateparties to be alerted and corrective actions to be taken. In this sense risk managementhas parallels to statistical process control and contemporary lean Six Sigmamethodologies (George, 2002).

Simons (1999) also favoured interactive control systems, which force managers toengage in conversations about strategic uncertainties i.e. enforced cooperation,visibility and awareness. However, Braithwaite and Hall (1999) pointed out thatinter-organisational networks are so complex that monitoring them is beyond thecapabilities of any single organisation and control is far from complete.

Drawing on systems theoryBraithwaite and Halls observations in turn reflect the central theme of a long-standingdebate within management science. In particular it represents a fault-line thatseparates proponents of engineering-derived hard systems managerial approaches,and those who argue the case for effectiveness based on open, social or soft systems

IJPDLM35,4

216

perspectives (Checkland, 1994). Checkland (1994, p. 80) makes the following intellectualdistinction between the two:

Hard systems thinking assumes that the world is a set of systems (i.e. is systemic) and thatthese can be systematically engineered to achieve objectives. In the soft tradition, the world isassumed to be problematic, but it is also assumed that the process of inquiry into theproblematic situations that make up the world can be organised into a system.

The hard systems perspective advances with the action-orientated aim to improvereal-world problematic situations. The latter is a methodology for inquiry that strivestowards understanding of those situations and why they occur.

Systems thinking, in both guises, has made significant in-roads into organisationaltheory, including the study of inter-organisational networks (Morel and Ramanujam,1999). Soft systems views underpin the largely descriptive studies by members of theInternational Marketing and Purchasing (IMP) Group (e.g. Hakansson and Snehota,1989; Axelsson and Easton, 1992). The studies analyse the structures, processes andinteractions of markets-as-networks including industry and macro economicgovernance forms (Williamson, 1985; Thorelli, 1986; Moller and Halinen, 1999). Incontrast, the managerially-oriented, normative organisations-as-networksperspective found in much of the strategic management literature (e.g. Miles andSnow, 1986; Byrne et al., 1993) errs in the direction of scientific management and thehard systems view.

Supply chain management draws on both branches of systems theory (Naim et al.,2003). However the emphasis on process (re)engineering and the search for optimised(often technology-enabled) least-cost solutions, to predetermined goals, suggests thatthe hard systems view remains the dominant paradigm. It is reflected in the prevalenceof positivist supply chain management research and a tendency to focus on solvingnarrowly defined problems, as indicated by the gap between performance andrequirement, within what is often assumed to be a closed system or stable steadystate environment.

Other systems theorists working in branches of the natural sciences (e.g. vonBertalanffy, 1973) and social sciences (Rittel and Webber, 1973) have long arguedagainst the reductionist tendencies of engineering and scientific management research.They have urged researchers to adopt holistic, interdisciplinary perspectivesaddressing problems in context. Together with more recent proponents of openadaptive complex systems thinking, working in the fields of economics (Arthur et al.,1997) and social policy (Allen, 1997), they reject the very idea that open systemsoperate in an equilibrium steady state. By implication, they also reject the notion of auniversal optimised solution. The multiple choices available to each individual ororganisation within the system, together with the results of interactions with the widerenvironment mean that predetermined solutions are always likely to fail. Taking thisline of logic into the supply chain arena, Demchak (1996) writing in the context of warfighting and military logistics, made the same point.

Demchak (1996) argued that those promoting the vision of efficient and reliableoutcomes, through technology enabled monitoring and control, tend to overlook a widevariety of organisational and environmental issues. Furthermore, she emphasises how,under the lean paradigm, slack has become waste. Yet slack, in the form of physicalresources and particularly the specialist knowledge of individuals, is essential ifcomplex systems (engineered or organisational) are to remain effective. Without the


217

slack of redundant capability and capacity, supply chains struggle to cope with theunpredictable effects of consequential problems.

Consequential problems or risks have no definitive solutions. They are by theirnature unknown before they emerge. Nevertheless, managers should strive tounderstand why and how they might arise. To that end Rittel and Webber (1973)suggested that more questions should be asked about the likely impacts or outputs ofactions. They go on to suggest that problems should be considered within valuativeframeworks, where multiple and differing perceptions are retained. Such frameworksrecognise problems as the links tying open systems into large and interconnectednetworks of systems, and that the outputs from one become the inputs from another.This paper draws on that advice.

The findings of the initial case study, and the results of the subsequent interviewswith managers from each of the other critical sectors were analysed by thematiccoding, based initially on the component parts of Christophers (1998) broad definitionof supply chain. Other categories were added as required until each component of thesupply chain and each source of vulnerability identified by interviewees could bepositioned within the framework.

A multi-level framework for analysisThe findings of this research suggest that the sources and drivers of supply chain riskoperate at several different levels as shown in Figure 1. These are inextricably linkedas elements of a system, but for the purpose of clarity are described here within fourdiscrete levels of analysis:

(1) Level 1 value stream/product or process.

(2) Level 2 assets and infrastructure dependencies.

(3) Level 3 organisations and inter-organisational networks.

(4) Level 4 the environment.

Together these levels cover elements of a supply chain and the environment withinwhich they are embedded, though each level reflects quite different perspectives.

Figure 1.An integrated model of asupply chain as anadaptive system

IJPDLM35,4

218

Each is discussed here with reference to relevant sources in the supply chainmanagement literature.

Level 1 value stream/product or processAt level 1 supply chain vulnerability is examined from the prevailing processengineering-based supply chain management perspective. It is a view that is in keepingwith lean manufacturing and demand-driven logistics concepts. The approachaspires to a perfect flow of information and materials facilitated by all supply chainpartners thinking and acting as one (Geary et al., 2002). Supply chains are thereforeseen in terms of the contents of a logistics pipeline flowing through and betweenorganisations in the network. The emphasis is on the efficient, value-based, design andmanagement of processes relating to workflows and their accompanying information(usually by product or product class). Supply chains carry one or more of these valuestreams (Childerhouse and Towill, 2003).

Risks are principally the financial or commercial consequences of inefficiencies orsub-optimal supply chain performance, including the inability to react swiftly tovolatility in demand and the changing needs of the market place. Christopher and Lee(2001) refer to the latter as market risk i.e. the risk of inertia. The agile paradigm,with its roots in short-life cycle products has explicitly sought to address market risk(Christopher and Towill, 2001).

The availability of credible and reliable information is central to this processmanagement perspective and is in turn dependent on the willingness of the parties toshare demand and process monitoring data. It is widely acknowledged that thisrequires a high level of trust and cooperation between adjacent organisations; itselfevidence of a heightened sense of shared enterprise and shared risk.

Geary et al.s (2002) analogy of a supply chain as a perfect seamless logisticspipeline represents the supply chain process management ideal. It is a usefulmetaphor, but in the context of supply chain vulnerability it can be a deceptivelyseductive one. It reinforces the notion of simplicity by promoting the vision of a stable,controllable, linear, self-transporting flow, hermetically sealed from disruptiveenvironmental forces. In reality supply chains are rarely fixed, discrete,self-propelling or self-protecting. Moreover, the adoption of lean and agile practices(particularly JIT delivery) has made them increasingly reliant on the existence of areliable, secure and efficient communication, transport and distribution infrastructure.Level 2 represents supply chains in terms of these asset and infrastructuredependencies.

Level 2 asset and infrastructure dependenciesLevel 2 represents supply chains in terms of the assets and infrastructure needed toproduce and carry the goods and information flows in level 1. The nodes are fixedcommercial assets, sites or facilities (e.g. fields, factories, distribution centres, retailoutlets or perhaps hospitals). The same facilities may house IT assets (hardware,processing, and communications/service centres), which are nodes in communicationsnetworks. These are in turn connected through the nodes and links of national andinternational communications infrastructure (e.g. cables, radio masts and satellites).They are also connected through the links and nodes of the transportation/distributioninfrastructures. Here the links are pipelines, power grids, roads, rail and waterways,


219

shipping lanes and flight paths. The nodes themselves may also be railtermini/stations, ports and airports. Then there are the mobile assets that must notbe overlooked (the trucks, trains, boats and planes, etc.) that ply the links intransportation networks.

At level 2 the resilience of the network should be assessed in terms of theimplications of the loss of links, nodes and other essential operating assets not leastskilled workers. Maintaining or retaining them is likely to be the responsibility offunctional managers, in manufacturing operations, IT, logistics and personnel. It isalso the territory of business continuity planning and disaster recovery specialists.

The threat of Y2K did much to raise awareness of business continuity issues. Lossof IT, site and skills as well as product or service-related health and safety scares (somewith implications for reverse logistics) may all fall within its remit. A 2002 survey(Chartered Institute of Management, 2002) showed that loss of IT capacity was themost widely recognised threat to business continuity, followed by loss of site. However,loss of skills ranked first in the list of actual problems experienced by companies in theprevious year. Clearly each of these scenarios could disrupt supply chain operations.Nevertheless, other recent research linked to this study suggests that organisationscontinue to undertake business continuity planning on the basis of a single site orsingle firm (Peck and Juttner, 2002; Starr et al., 2003). The managers interviewed forthis study focused on risks to manufacturing and retail sites, others on transport andinfrastructure related risks. The emphasis tended to reflect the profile of theirorganisations own assets and activities.

Despite supply chain managements emphasis on the substitution of information forinventory, and business continuity managements preoccupation with IT, physicaldistribution remains an essential element of effective integrated supply chainmanagement. Transport disruption is therefore a potential source of vulnerability to all(McKinnon, 2004). In terms of impact on level 1 performance, it can be classified intothree broad groups: damage, loss and delay (Christopher et al., 2002). All can have asignificant impact on service levels, with the first two also causing discrepancies indemand and stock availability data.

The choice of transport mode will automatically determine immediatetransportation asset related risks, e.g. shortages of heavy goods vehicle drivers inthe UK, or world-wide seasonal shortages of shipping capacity. It will also determineinfrastructure dependencies. As with everything else in this networked world,elements of infrastructure are interconnected through commercial and technologicallinks. Back in May 1998 a malfunction in a satellite cut off 90 per cent of all US pagers,affecting business transactions and emergency services (Robinson et al., 1998). Thesame authors reported that the frequency and impact of events of this kind isincreasing. In the summer of 2003 a localised power cut knocked out British Airwaysbaggage handling system, preventing the airline from meeting security requirements.The failure effectively closed Heathrow Airport, disrupting flights for days. A strike byaggrieved check-in staff had a similar effect.

Level 3 organisations and inter-organisational networksLevel 3 steps back further to view supply chains as inter-organisational networks. Itmoves supply chain vulnerability up to the level of corporate risk management,business strategy and microeconomics. Here the nodes in the networks are the

IJPDLM35,4

220

organisations commercial and public sector that own or manage the assets andinfrastructure, through which the physical goods and information flow. The linksbecome trading relationships, particularly the power dependencies betweenorganisations.

The principles of integrated approaches to supply chain management (as set out inlevel 1) rely on the premise that strong organisations will not abuse their position ofpower vis-a`-vis weaker ones. Additionally, that information and risk will be sharedselflessly for the good of all. While supply chain managers may work tirelessly toachieve this objective, other higher-level factors can work against them.

The expectation that a host of organisations can be harnessed to act as one, for asingle common good has been criticised in the literature for two reasons (Lonsdale,2001). First because the paradigm was put forward by proponents of leanmanufacturing, who borrowed practices from Japanese motor manufacturing,transplanting them to the West without due regard for cultural, behavioural andcontextual differences. Second, that integrated supply chain management draws on theidealised view of market behaviour as set out by classical economists. Williamson(1985) and numerous others studying transaction cost economics have challenged thisassumption. A review of the recent supply chain risk literature suggests thatWilliamson is right and that opportunism is alive and well in the Western businessenvironment. Examples abound of powerful customers using contractual means topush risk associated with inventory management, technology or new productdevelopment back up the chain to weaker suppliers who are less able to shoulder theburden (e.g. Cook, 2001; Burtonshaw-Gunn, 2002).

Where dominant organisations have the power, capabilities, and the will to managetheir supply chains in an open and collaborative way, we have seen the emergence ofextended enterprises. However, establishing and monitoring close cooperativepartnering relationships is resource-intensive. Consequently, large sophisticatedcustomers have reduced the number of direct suppliers, often opting for single sourcing(usually by product line) as the lowest cost way to develop, manage and monitor theirsupplier base. The downside of this is that it has given rise to one of the most widelyrecognised causes of supply chain disruptions; the failure of a single source supplier(Latour, 2001; Houghton et al., 2003). All of the commercial organisations involved inthis research were rationalising the number of suppliers and increasingly movingtowards single sourcing. Some, including healthcare and packaging manufacturerswere aware that this would increase their supply-side vulnerability to supply chaindisruptions, but were content to trade the risks associated with occasional supply-sidedisruptions for the benefits of reduced inventory, better quality control andcollaborative forecasting.

Suppliers may of course choose to improve their own strategic position vis-a`-viscompetitors, customers or their own suppliers through mergers, acquisitions orstrategic alliances. These high level consolidations increasingly operating on aglobal scale can change the balance of power in customer-supplier relationshipsovernight. They can leave customers with fewer switching options. Worse still, anorganisation may suddenly find that a sole supplier is now the property of acompetitor.

Consolidations whether horizontal or vertical, can herald further networkreconfigurations and disruptions at level 2. The likely post-merger removal of


221

excess capacity may subsequently improve suppliers margins, but it can also reduceits ability to cope with unexpected surges in demand. This was apparent in thefindings of the research, for example when a healthcare company manager describedhow vaccine production had been constrained by a shortage of packaging materials.Demand for vaccine was surging at the time as armed forces prepared for the 2003invasion of Iraq. The cause was a shortage of high quality glass, caused by aproduction failure at the only suppliers plant. The healthcare company is one of thelargest in the world, but is only a small volume customer of the glassmaker, which wasobliged to supply its high volume and high value customers including severalbrewers first.

Managers representing several sectors involved in this study including groceryretailing, food processing, pharmaceuticals, transportation as well as aerospace also provided examples of supply chain networks being reconfigured at the request ofpowerful customers. The customers were demanding the reconfigurations to enablecost savings to be made in their own operations. The danger here is that byattempting to optimise part of the system for their own interests, customers canunwittingly strip vital volume out from existing suppliers networks, underminingtheir viability.

Unlike many of the scenarios above, strategic outsourcing is likely to be an electivereconfiguration determined by the organisation itself. From a level 1 perspective, lossof visibility and control are the most obvious risks. However, in the strategicmanagement literature the outsourcing debate has been dominated by the corecompetence concept, encouraging organisations to focus on their core value addingactivities. High on the list of non-strategic activities ripe for divestment or outsourcinghave been transport and information systems management (Anderson and Delattre,2002). While these activities may not be seen as core activities by business strategistsin manufacturing and retailing, they are nevertheless the backbone of integratedsupply chain management.

Similarly, from a corporate governance perspective, outsourcing may beundertaken as a risk mitigation strategy. Indeed the transfer of responsibility fora known risk (e.g. labour disputes) is an acknowledged method of risk management.In practice though outsourcing may exchange liability for known risks for exposureto a host of unknown ones. When an event or near miss then highlights apreviously unrecognised or consequential risk, responsibility for managing it maynot be clearly defined. The lack of role clarity and fragmentation of ownership canin turn lead to a situation where serious risks are orphaned. The refusal of anyorganisation to accept responsibility for failures in rail safety following thepiecemeal privatisation of the British Rail network (a level 2 disruption) is one suchexample.

The issue of role clarity for commercially owned infrastructure had however beenrecognised by a US presidential commission in 1998 (The White House, 1998). Theresearch highlighted the need for greater clarity between public agencies and privatesector organisations if infrastructure vulnerabilities were to be managed effectively. Atthe time 85 per cent of the USAs national infrastructure was under private ownership.The same report concluded that private industrys investment in protecting it could bejustified only from a business perspective (Robinson et al., 1998).

IJPDLM35,4

222

Level 4 the environmentThe fourth and final level is the wider macroeconomic and natural environment withinwhich organisations do business, assets and infrastructure are positioned and valuestreams flow.

Factors for consideration are the political, economic, social, and technologicalelements of the operating environment (including legal and regulatory issues), as wellas natural phenomenon geological, meteorological and pathological. All can affect asupply chain at each of the first three levels of the framework. Disruptions emanatingat this level are likely to be beyond the direct control of supply chain managers andbusiness strategists. Nevertheless the susceptibility of the networks to knownphenomena can often be assessed in advance, thus enabling informed decision to bemade regarding the merits of specific risk avoidance or mitigation strategies.

Technological developments have already been addressed indirectly in this paper.They can affect demand for existing products, cause uncertainty with the launch ofnew ones, or facilitate better supply chain cooperation and visibility, as well as openingup new channels or business models. They are creating new or increased dependenciesbetween supply chains, organisations and their supporting infrastructures.

Socio-political disruptions e.g. protests, strikes or regulatory changes rarelyhappen without warning, so routine scanning of industry and general news servicesshould identify threats of this kind. For example, in 2003 drinks manufacturers andpackaging suppliers were well aware of scheduled changes to environmentallegislation affecting soft drink containers in Germany. Nevertheless, the packagingmanufacturer who participated in this study described how its customers (and theirretail customers) ignored the likelihood that whole categories of products would haveto be withdrawn if the legislation could not be derailed. Delaying tactics failed, theproducts had to be removed from the shelves until new packaging was developed.

The collapse of the former Soviet Union, consolidation and expansion of theEuropean Union, and the rapid emergence of China as an economic superpower afteryears of isolationism, continue to have a profound effect on international trade. Thegeopolitical changes behind them have opened the way for truly global sourcing andsupply. Supply chains are being redesigned accordingly. However, the emergence of apost-communist new world order has brought many new uncertainties. The terroristattacks of September 11, 2001 have done more than anything to raise awareness ofsupply chain vulnerabilities (Sheffi, 2001; Aichlmayr, 2002; Harrington, 2003).Subsequent military action in the Middle East, raised uncertainty over oil prices andsome uncomfortable questions about the future cost-effectiveness of global supplychains (New, 2003).

Macroeconomic vacillations whether due to war worries, currency fluctuations orother cyclical downturns have far reaching consequences for levels of demand,pricing, and purchasing policies. As New (2003) points out, contemporary patterns ofpurchasing and procurement policies have been established on the premise of lowinflation and macroeconomic stability. If conditions change possibly due as a resultof another 1970-style oil crisis two elements of purchasing and procurement policywould become increasingly difficult to manage: the design of robust contracts and themeasurement of purchasing performance. Purchasing practices such as target costing,applied in situations of high inflation or economic volatility, could mean morebankruptcies and swift shifts in power-dependencies.


223

Moving on finally to the forces of nature, the great tsunami of 2004 remindedeveryone how devastating they can be. There were already numerous well-documentedexamples of how natural phenomena such as earthquakes, hurricanes, floods, etc. havedisrupted JIT supply chains (McGillivray, 2000; Helferich and Cook, 2002).Meteorological and geological susceptibilities are identifiable, though exactly whenand where disruptive events occur is less predictable. Pathological phenomena aredifferent. They are perhaps the most difficult to predict of all, and potentially the mostdisruptive because they are mobile. Threats of this kind, whether Foot and MouthDisease, SARS, or the man-made computer viruses that mimic them, highlight howefficient consolidated seamless distributions systems can becomes victims of their ownsuccess.

This point brings the discussion back to the events that triggered this research the fuel protests of 2000 and the UK Foot and Mouth epidemic. Both provoked anational crisis affecting many of organisations involved in this research, but theeconomic disruptions they caused were not due to ineffective supply chainmanagement, quite the reverse. The UK livestock and fuel supply chains exhibitedall of the characteristics of efficient lean distribution systems. It was the very efficiencyand the reliability of the fuel distribution system, plus the fact that the UK is so heavilydependent on road transport that made the effects of the industrial action so rapid andfar reaching.

The Foot and Mouth outbreak tells a similar story. The UKs livestock rearingindustry has gone through the same process of vertical disaggregation andspecialisation as almost every other business sector, simultaneously moving from alocal to a regional and international industry. Bovine Spongiform Encephalopathy(BSE), also known as Mad Cow Disease, had previously surfaced as a threat to thelivestock and meat processing industries; so new regulations were introduced. Bettervisibility (British cattle became traceable), and tighter process controls inslaughterhouses were brought in to manage this known risk. The measures addedcost into the slaughtering process, which together with retail-driven demands fortighter quality controls led to a consolidation of the livestock supply chain networks.What become apparent later was that these same measures had increased thevulnerability of the system to another risk, Foot and Mouth. Foot and Mouth had beenknown in the UK, but the disease is not endemic. Decades had passed betweenoutbreaks. Over the years, expertise was lost indeed the very success of the stateveterinary service in disease suppression arguably led to its own dismantling. So wheninfected sheep (exhibiting no visible symptoms) entered the system, the newlyconsolidated livestock network together with the velocity of the distribution systemspread the disease more rapidly and efficiently than anyone presently working in thefield had anticipated.

Summary and conclusionsThis paper has taken the findings of exploratory research into sources and drivers ofsupply chain vulnerability and, drawing on systems theory, developed a multi-levelframework for analysis, providing the basis of a model (Figure 1) to explain the scopeand dynamic nature of supply chain risk. The paper emphasises the point that aresilient network involves much more than the design and management of robustsupply chain processes. It concludes that if we accept the notion of supply chains as

IJPDLM35,4

224

inter-organisational networks, embedded within an environment characterised bymany uncontrollable forces, then we must also accept that complexity and limitedmanagerial control are facts of life for supply chain managers. Nevertheless themanagers and the organisation that employ them are contractually, morally and oftenlegally obliged to identify, manage or mitigate the effects of known or knowablerisks. It is therefore important for managers to recognise that in taking action to reduceknown risks, they are changing the risk profile for that organisation and for others inthe network. This in turn highlights a second major finding from this research, afrequent disconnection between the functional goals of supply chain management andhigher-level changes in organisational structure and business strategy. Feworganisations have supply chain management specialists in their boardrooms;consequently, the supply chain implications of strategic decisions are often notrecognised until serious problems emerge.

Supply chain vulnerability and indeed resilience is wider in scope than integratedsupply chain management, business continuity planning, commercial corporate riskmanagement or an amalgamation of all of these disciplines. There are political andpublic policy dimensions too. In the UK and elsewhere, governments are increasinglylooking to the private sector to reduce costs and deliver efficiency improvements in themanagement of national infrastructure and public services. In doing so they areintroducing new commercial pressures, often without an explicit understanding of thelikely impact on network resilience. Even when there is recognition, they and theirprivate sector counterparts may choose to accept the risks as they see them, decidingthat the perceived benefits of the proposed changes outweigh the potential costs ofmanaging or mitigating the effects of a disruption if and when it occurs.

Of course truly informed judgments can only be made for known risks, not hithertounrecognised ones hence the need for greater understanding of why consequentialproblems and risks can emerge at any or all of the levels identified in this paper.Related to this is the case for the de-vilification of slack. Least cost optimization is allwell and good, in a stable and controllable environment, but in an uncertain worldsatisficing may a better way forward. The dynamic and evolving nature of supplychain risks means that no supply chain strategy is ever likely to be risk-free, and nosystem, however well managed, is invulnerable. Therefore, it seems that slack in thesystem, whether in the form of inventory, capacity, capability and even time, plusconstant awareness and vigilance are needed if supply chains are to become andremain truly resilient.

Limitations and further researchIt would have been desirable to conduct in-depth multi-tier case studies in each of thesectors used to validate the findings of the aerospace case study, immediately after theinitial study was undertaken. Unfortunately this was not possible due to time andresource limitations. However two other UK government departments have expressedan interest in extending the study further in the defence and food sectors. Similarstudies undertaken in these and other industries by scholars in other parts of the worldwould clearly provide useful comparators.

In relation to the academic debate on the integration of supply chain risk andconventional risk management concepts and taxonomies, this is an area ripe for further


225

development. Further research is underway to position established definitions andtaxonomies of risk in relation to respective units or levels of analysis.

Finally, the work presented here is normative in nature, leaning towards the softsystems agenda. It focuses on understanding why supply chains are vulnerable todisruption rather, then the hard systems how to agenda of procedural action plans.Nevertheless, it provides a starting point for skilled complex systems modellers who, ifgiven access to appropriate data, can begin the task of developing more completepredictive simulations of the likely effects of specific actions on dynamic supply chainnetworks. These models would provide more positive assistance for managers andpolicy makers at all levels.

Notes

1. For additional examples of verbatim extracts from the interviews, along with further detailsof the case methodology, including interviewee profiles, processes employed for datacollection, analysis and validation see Haywood (2002).

2. For further details and discussion of the issue of constant change in the aerospace networkssee Haywood (2002); or Haywood and Peck (2003)

3. Detailed summaries of the findings from each of the critical sectors, including examples ofsupply chain failures are presented in Peck et al. (2003).

References

Aichlmayr, M. (2002), Mission critical: closing security gaps, Transportation and Distribution,May, pp. 28-32.

Allen, P. (1997), Cities and Regions as Self-organizing Systems: Models of Complexity, Gordon &Breach, London.

Anderson, D.L. and Delattre, A.J. (2002), Five predictions that will make you rethink yoursupply chain, Supply Chain Management Review, September/October, pp. 25-30.

Arthur, W.B., Durlauf, S.N. and Lane, D. (1997), The Economy as an Evolving Complex System II,Addison-Wesley, Reading, MA.

Axelsson, B. and Easton, G. (Eds) (1992), Industrial Networks: A New View of Reality, Gower,London.

Bhasker, R. (1979), The Possibility of Naturalism, Harvester Press, Brighton.

Blaikie, N. (1993), Approaches to Social Enquiry, Polity Press, Cambridge.

Braithwaite, A. and Hall, D. (1999), Risky business? Critical decisions in supply chainmanagement: part 1, Supply Chain Practice, Vol. 1 No. 2, pp. 40-57.

Burtonshaw-Gunn, S.A. (2002), Examining risk and supply chain collaborative working in theUK construction industry, Proceedings of 2nd International Research Seminar on Riskand the Supply Chain, Lund Institute of Technology, Lund, 14-16 October.

Byrne, J.A., Brandt, R. and Port, O. (1993), The virtual corporation, Business Week, 8 February,pp. 36-40.

Chartered Institute of Management (2002), Business continuity and supply chain management,available at: www.inst-mgt.org.uk

Checkland, P. (1994), Systems theory and management thinking, American BehavioralScientist, Vol. 38 No. 1, September, pp. 75-91.

Childerhouse, P. and Towill, D.R. (2003), Simplified material flow holds the key to supply chainintegration, Omega, Vol. 31 No. 1, pp. 17-27.

IJPDLM35,4

226

Christopher, M. (1998), Logistics and Supply Chain Management, Pitman Publishing, London.

Christopher, M. and Lee, H.L. (2001), Supply chain confidence: the key to effective supply chainsthrough improved visibility and reliability, Global Trade Management.

Christopher, M. and Towill, D.R. (2001), An integrated model for the design of agile supplychains, International Journal of Physical Distribution & Logistics Management, Vol. 31No. 4, pp. 235-46.

Christopher, M. et al. (2002), Supply Chain Vulnerability, final report on behalf of DTLR, DTi andHome Office, Cranfield University, Cranfield.

Collins English Dictionary (2000), HarperCollins, Glasgow.

Cook, N. (2001), Lower-tier suppliers in the front line, Interavia, Vol. 56 No. 658, November,pp. 21-2.

Demchak, C. (1996), Tailored precision armies in fully networked battlespace: high reliabilityorganizational dilemmas in the information age, Journal of Contingencies and CrisisManagement, Vol. 4 No. 2, pp. 93-103.

Easton, G. (1995), Case research as a methodology for industrial networks: a realist approach,Interaction, Relationships and Networks: Proceedings of the 11th International Conferenceof the IMP Group, Vol. 1, 7-9 September, pp. 369-88.

Geary, S., Childerhouse, P. and Towill, D. (2002), Uncertainty and the seamless supply chain,Supply Chain Management Review, July/August, pp. 52-61.

George, M.L. (2002), Lean Six Sigma: Combining Six Sigma Quality with Lean Production Speed,McGraw-Hill, New York, NY.

Hakansson, H. and Snehota, I. (1989), No business is an island: the network concept of businessstrategy, Scandinavian Journal of Management, Vol. 5 No. 3, pp. 187-200.

Harland, C. and Brenchley, R. (2001), Risk in supply networks, Proceedings of the 8thInternational Conference of the European Operations Management Association, Vol. 1,Bath, pp. 306-7.

Harrington, L.H. (2003), Welcome to the front line, Transportation and Distribution, January,p. 4.

Haywood, M. (2002), An investigation into supply chain vulnerability management within UKaerospace manufacturing supply chains, MSc thesis, Cranfield Centre for Logistics andSupply Chain Management, Cranfield University, Cranfield.

Haywood, M. and Peck, H. (2003), An investigation into the management of supply chainvulnerability in UK aerospace manufacturing, Proceedings of the EUROMA/POMSConference, Vol. 2, Cernobbio, Lake Como, 16-18 June, pp. 121-30.

Helferich, O.K. and Cook, R.L. (2002), Securing the Supply Chain, Council of LogisticsManagement, Oak Brook, IL.

Houghton, T., Markham, B. and Tevelson, B. (2003), Thinking strategically about supplymanagement, Supply Chain Management Review, September/October, pp. 32-8.

Jankowicz, A.D. (1995), Business Research Projects, 2nd ed., Chapman & Hall, London.

Juttner, U., Peck, H. and Christopher, M. (2003), Supply chain risk management: outlining anagenda for future research, International Journal of Logistics: Research and Applications,Vol. 6 No. 4, pp. 199-213.

Latour, A. (2001), Was SISU the difference?, Wall Street Journal, 29 January.

Lincoln, Y.S. and Guba, E. (1985), Naturalistic Inquiry, Sage, Beverly Hills, CA.

Lonsdale, C. (2001), Locked-in to supplier dominance: on the dangers of asset specificity for theoutsourcing decision, Journal of Supply Chain Management, Vol. 7 No. 2, Spring, pp. 22-7.


227

McGillivray, G. (2000), Commercial risk under JIT, Canadian Underwriter, Vol. 67 No. 1,January, pp. 26-30.

McKinnon, A. (2004), Life without Lorries: The Impact of a Temporary Disruption of RoadFreight Transport in the UK, report prepared for Commercial Motors, Logistics ResearchCentre, Heriot-Watt University, Edinburgh.

Miles, R. and Snow, C. (1986), Organizations: new concepts for new forms, CaliforniaManagement Review, Vol. 28 No. 3, pp. 62-73.

Moller, K. and Halinen, A. (1999), Business relationships and networks: managerial challenge ofnetwork era, Industrial Marketing Management, Vol. 28 No. 5, pp. 413-27.

Morel, B. and Ramanujam, R. (1999), Through the looking-glass of complexity: the dynamics oforganizations as adaptive and evolving systems, Organization Science, Vol. 10 No. 3,May-June, pp. 278-93.

Naim, M.N., Holweg, M. and Towill, D. (2003), On systems thinking, engineering and dynamics their influence on modern logistics management, Logistics and Networked Organisations:Proceedings of the 8th International Symposium on Logistics, University of Sevilla, Sevilla,6-8 July, pp. 549-64.

New, S. (2003), There may be troubles, Supply Management, 2 January, pp. 16-19.

Peck, H. and Juttner, U. (2002), Risk management in the supply chain, Logistics and TransportFocus, Vol. 4 No. 11, December, pp. 17-22.

Peck, H., Christopher, M., Rutherford, C., Abley, J. and Saw, R. (2003), Supply Chain Resilience,final report on behalf of the Department for Transport, Cranfield University, Cranfield.

Rittel, H.W. and Webber, M.M. (1973), Dilemmas in a general theory of planning, PolicySciences, Vol. 4 No. 2, pp. 155-69.

Robinson, C.P., Woodard, J.B. and Varnado, S.G. (1998), Critical infrastructure: interlinked andvulnerable, Issues in Science and Technology Online, No. Fall.

Sheffi, Y. (2001), Supply chain management under threat of international terrorism,International Journal of Logistics Management, Vol. 12 No. 2, pp. 1-11.

Simons, R. (1999), How risky is your company?, Harvard Business Review, Vol. 77 No. 3,pp. 85-94.

Starr, R., Newfrock, J. and Delurey, M. (2003), Enterprise resilience: managing risk in thenetworked economy, Strategy and Business, Vol. 30.

Stock, J.R. (1997), Applying theories from other disciplines to logistics, International Journal ofPhysical Distribution & Logistics Management, Vol. 37 No. 9/10, pp. 515-39.

Svensson, G. (2000), A conceptual framework for the analysis of vulnerability in supply chains,International Journal of Physical Distribution & Logistics Management, Vol. 30 No. 9,pp. 731-49.

Svensson, G. (2001), A conceptual framework of vulnerability in firms inbound and outboundlogistics flows, International Journal of Physical Distribution & Logistics Management,Vol. 32 No. 2, pp. 110-34.

Svensson, G. (2002), Vulnerability scenarios in marketing channels, Supply ChainManagement: An International Journal, Vol. 7 No. 5, pp. 322-33.

Thorelli, H.B. (1986), Networks: between markets and hierarchies, Strategic ManagementJournal, Vol. 7 No. 1, pp. 27-31.

Towill, D.R. (1999), Simplicity wins: 12 rules for designing effective supply chains, Control,Vol. 25 No. 2, pp. 9-13.

IJPDLM35,4

228

von Bertalanffy, L. (1973), General Systems Theory Foundations, Development, Applications,Penguin Books, Harmondsworth.

(The) White House (1998), Presidential Decision Directive/NDC-63 Subject: Critical InfrastructureDirective, The White House, Washington, DC, 22 May.

Williamson, O.E. (1985), The Economic Institutions of Capitalism: Firms, Markets, RelationalContracting, The Free Press, New York, NY.

Yin, R.K. (1989), Case Study Research, Sage, Beverly Hills, CA.

Zsidisin, G.A. (2003), Managerial perceptions of risk, Journal of Supply Chain Management,Vol. 39 No. 1, pp. 14-25.

Further reading

Fink, A. (1998), Conducting Research Literature Reviews, Sage, Thousand Oaks, CA.

Iansiti, M. and Levien, R. (2004), Strategy as ecology, Harvard Business Review, March,pp. 69-78.

Lee, H.L. and Wolfe, M. (2003), Supply chain security without tears, Supply Chain ManagementReview, January/February, pp. 12-20.

Martha, J. and Subbakrishna, S. (2002), Targeting a just-in-case supply chain for the inevitablenext disaster, Supply Chain Management Review, September/October, pp. 18-24.

(The Appendix follows on the next page.)


229

Appendix

Figure A1.

IJPDLM35,4

230

Figure A1.


231

Figure A1.

IJPDLM35,4

232

Documents

Drivers of Supply Chain Vulnerability- An Integrated Framework