U7

The IUP Journal of Operations Management, Vol. XVI, No. 2, 201736Towards a Value-Based Methodfor Risk Assessmentin Supply Chain OperationsLingzhe Liu* and Hennie Daniels**© 2017 IUP. All Rights Reserved.*Ph.D. Candidate, Department of Decision and Information Sciences, Rotterdam School ofManagement, Erasmus University, Rotterdam, Netherlands; and is the corresponding author.E-mail: [email protected]**Professor of Knowledge Management, Department of Information Management, Tilburg Schoolof Economics and Management, Tilburg University, Netherlands. E-mail: [email protected] supply chain risk management is emerging to be a new research area, as themarket place is becoming more and more globalized and the business is increasinglysusceptible to various vulnerabilities, which range from supply chain disruption,organized crime, to terrorists attack. This paper addresses the problem of riskmanagement in supply chain operations from the perspectives of the business and thegovernment, and proposes a research road-map.On the business perspective, a supply chain company is usually affected by theoperation of other related organizations in its business network, as its business modelhas to be built on cooperation with the other organizations. The cooperation is bolsteredby economy reciprocity, i.e., for all the economy value or value object (service or product)that one organization provides to another, the former organization should get in returnan object of equal value (Weigand et al., 2006). Otherwise, at least one party in theexchange runs the risk of economic losses and the cooperation is then unsustainable.This gives rise to the requirements of controlling the value exchange and monitoringthe operations in the related organizations for managing the operational risks(Kartseva, 2008). Moreover, business operations have to comply with the legalThis paper proposes a risk assessment framework as a research road-map, withthe aim of developing a protocol that integrates the risk managementrequirements from the perspectives of the business and the government. Thepaper considers the viewpoint of value modeling and interprets the riskmanagement problem as a control problem. Four steps of risk assessment areidentified in the framework, forming the risk management cycle.

3 7Towards a Value-Based Method for Risk Assessment in Supply Chain Operationsregulations enforced by the government authorities (the change of regulation mayalso imply business disruption).On the government perspective, the supply chain-related authorities (like customs,police, and quality inspection agencies) have their specific responsibilities of riskcontrolling and monitoring by means of inspection and supervision, so as to minimizethe potential hazards in the border-crossing supply chain and to ensure the publicsafety. Meanwhile, they need to maximize the detection hit rate with minimuminspection activities, so that both the inspection costs and the interruption to the normalsupply chain operations are minimized.The distinction in these two objectives of risk management is obvious, but still itwould be beneficial to integrate them into the same risk management framework: inthat, in either the business-to-business relationship or the business-to-governmentrelationship, one party can have confidence in the counterparty when it is able tomonitor the counterparty’s operation according to the norm of economy reciprocityand to control (or to coordinate) the counterparty’s relevant behavior.In the case of regulation compliance, mutual trust between the government and thebusiness can be established, when the government has more confidence in theinformation quality of the declaration from the business, and when its risk assessmentbehavior is (to certain extent) transparent to the business. In this way, the businesswould have better cooperation with its business partner and with the government,while the government could be more effective in the inspection tasks.The risk assessment framework, proposed in this paper, aims at developing suchan integrated risk management protocol. We take the viewpoint of value modeling. Asthe first step, we try to identify the risk sources from a ‘map’ of the supply chainsystem with the value constellation, value exchange events and processes, and thecontrol mechanism in the system. The risk level of these sources can be further evaluatedwith certain computation methods, like Dempster-Shafer theory and Bayesian belieffunction.Risk Assessment ProblemGiven the complexity of the supply chain operations, there has not been a generallyagreed definition of supply chain risk management (Sodhi et al., 2011), yet we considerthat effective management is based on proper assessment. Supply chain risk managementis for the moment interpreted as a control problem in this paper (Leeuw, 1979).The term risk is generally defined as “the effect of uncertainty on an organization’sobjectives” in the standard ISO 31000:2009. In supply chain operations, risk ariseswhen physical or human factors make it hard to expect whether the execution of activitiesin transaction cycles deviates from the operation plan.For analyzing risks in the supply chain system, we are interested in the risk level(or ‘trustworthiness’) of an organization, i.e., whether the organization under question