VIDEO TRANSCRIPT
We'll now start with question number one and question number one is going to come to you sean and the question is what is the difference between supply chain risk management versus supplier risk management
Okay thank you jonathan probably the easiest way of explaining it is um you know supply risk management around an individual supplier and that supplier could be part of a wider supply chain or across more or multiple supply chains versus the supply chain which is effectively going to be the you know the end-to-end use of internal external suppliers third parties um to process and to dispute goods and services to the market so looking at supplier suppliers like a link supply chain is the chain itself that combines all those together and the important aspect there is when you think about risk management it's looking at what are the risks to the individual supplier which can come across a lot of you know different areas what are the risks to the supply chain and they're always going to follow a similar format where you go identifying the risk identifying the causes the consequences and the likelihood following the traditional iso 31000 mismanagement and looking at basically measuring those against your risk appetite and that will help you to identify where your your key vulnerabilities will lie
Okay so that's a good first answer so uh jason
Hey thanks robin uh yeah that was a good answer and i totally agree supply risk management is around the individual business that might be supplying you a service as part of your supply chain um you know you take the pandemic for instance it affected not only individual suppliers but entire supply chains you know and your supply chain is only as strong as its weakest link so you need to make sure that you've got you know continuity capabilities in order to ensure that that supply chain can continue to flow and provide those services or products or or people or technology to you um so that you can go about your business um so yeah i think i think that was a pretty good answer
All right mark
Um yeah sean sort of took the steam out of that out of that whole question well done um to my mind the supplier risk is probably a lot easier for a company to manage and you're looking at your immediate reports and your immediate suppliers and risk and balancing the risk to you supply chain risk is a bit of a can of worms probably a good example that at the moment is is ford is shutting down manufacturing plants in the states because they can't get cpu chips out of taiwan and nobody no one i'm sure it's taiwan nobody really saw that there was a drought in taiwan and they were using fresh water to clean the chips when they're manufacturing them they can't supply enough chips to the world at the moment and now there's a shortage on laptops and cars and all sorts of bits and pieces um yeah i think supply chain risk is probably um it's it's much harder to manage all right i don't know don't worry i'm there sorry
That's all right um
Yeah well you know when you're the fourth person to answer a question it's it's um you haven't got much to add because uh i agree with with most of the comments uh made by sean and jason um one of the other comments that i would also make was in relation to the supplier risk management because you know when you look at it from an email landscape perspective um it could be through impersonation of that supplier that somebody sending a threat into your environment pretending to be supplier abc or it could be actually you know an email or compromise so somebody not pretending to be that supplier but actually being that supplier so from a risk profile from supplier risks the threat vectors are quite huge