You are here

BONUS: Questions Manufacturers can use when assessing ERM

Use these question to help you consider how your manufacturing organization will address your Enterprise Risk Management.

Third Party/Supply Chain Risk

  1. What is your product’s distribution channel? For example, if labor relations at a distributor are strained or temporarily unavailable, do you have redundancy of supply built into your contracts? What do those contract clauses say you can do to keep your product in the hands of customers?
  2. How quickly do you need critical supplies?  Should you have suppliers in close physical proximity, or do you need to maintain reserves enough to meet production in instances of supply delays?
  3. Are you aware of the ways your suppliers impact your business continuity or information technology footprint? Have you gone through a Business Impact Analysis to identify areas of vulnerability?

Technology & Security Risk

  1. Have you identified all items that connect to the internet?
  2. Do your patching procedures extend to all these items to ensure that vulnerabilities are not left open as an entry point for an attacker?
  3. Is appropriate training conducted to prevent social engineering from hackers or industrial espionage?

Business Continuity Risk

  1. Have you communicated the BCP to all employees? How recently and how often? When was the last time you tested the plan in a tabletop exercise?
  2. Has documentation backup been created and made available at offsite locations?
  3. In the case of a regional weather impact, have you considered how you will get your people into the facility or your product out? Do you plan to use alternate production locations? If so, how?

Transaction Risk/Operational Risk

  1. Do employment contracts protect trade secrets and maintain a competitive advantage?
  2. How confident are you in integrating an acquisition? Are you prepared to on-board new employees in new regions while integrating different processes and technologies?
  3. How are you evolving your production procedures to stay current in the market? How confident are you that you can keep ahead of competition?

Regulatory Compliance Risk

  1. How do the personnel responsible for your compliance stay informed of the compliance requirements? How does the Board of Directors monitor compliance?
  2. Have you invested enough in professional development to ensure your compliance personnel are staying on top of regulations?
  3. Do you have the expertise in-house, or relationships in place with outside expertise, to respond to compliance issues quickly and effectively?

Market Risk

  1. What are you doing in terms of research and development to ensure relevance in the future?
  2. How have you differentiated the product you are offering to minimize market fluctuation?
  3. Can you truly call the differentiation a competitive advantage?

Foreign Exchange Risk

  1. Have you identified which global markets have material impact to your business?
  2. What monitoring programs do you have to assess changes in those markets?
  3. Have you evaluated if hedging programs are needed to offset risk? If so, how?

Strategic Risk

  1. How do you assess strategic initiatives to ensure they are delivering the returns you envisioned?
  2. Do you conduct debrief sessions to identify what went well and areas of improvement?
  3. Are retention or succession plans sufficient for key personnel or executives who are important to the company’s competitive advantage?

Reputational Risk

  1. How do you currently evaluate the magnitude an event must be to impact your reputation?
  2. How do you ensure you respond to potential events in a timely manner to minimize impact? Have you considered this as a part of your Business Continuity Plan?
  3. How will you address the media when you have an event that could impact your reputation? Who will be responsible for doing so?