Information sharing in supply chains: a review of risks and opportunities using the Systematic Literature Network Analysis (SLNA)

Purpose – The purpose of this paper is to identify and discuss the most important research areas on information sharing in supply chains and related risks, taking into account their evolution over time. This paper sheds light on what is happening today and what the trajectories for the future are, with particular respect to the implications for supply chain management. Design/Methodology/Approach – The dynamic literature review method called Systematic Literature Network Analysis (SLNA) was adopted. It combines the Systematic Literature Review approach and bibliographic network analyses, and it relies on objective measures and algorithms to perform quantitative literature-based detection of emerging topics. Findings-The focus of the literature seems to be on threats internal to the extended supply chain rather than external attacks, such as viruses, traditionally related to information technology (IT). The main arising risk appears to be the intentional or non-intentional leakage of information. Also, papers analyse the implications for information sharing coming from " soft " factors such as trust and collaboration among supply chain partners. Opportunities are also highlighted and include how information sharing can be leveraged to confront disruptions and increase resilience. Research limitations/implications – The adopted methodology allows providing an original perspective on the investigated topic, i.e. how information sharing in supply chains and related risks are evolving over time due to the turbulent advances in technology. Practical implications-Emergent and highly critical risks related to information sharing are highlighted to support the design of supply chain risks strategies. Also, critical areas to the development of " beyond-the-dyad " initiatives to manage information sharing risks emerge. Opportunities coming from information sharing that are less known and exploited by companies are provided. Originality/value – This study focuses on the supply chain perspective rather than the traditional IT-based view of information sharing. According to this perspective, this study provides a dynamic representation of the literature on the investigated topic. This is an important contribution to the topic of information sharing in supply chains, which is continuously evolving and shaping new supply chain models

Managing cyber risk in supply chains:A review and research agenda

Purpose: Despite growing research interest in cyber security, inter-firm based cyber risk studies are rare. Therefore, this study investigates cyber risk management in supply chain contexts. Methodology: Adapting a systematic literature review process, papers from interdisciplinary areas published between 1990 and 2017 were selected. Different typologies, developed for conducting descriptive and thematic analysis were established using data mining techniques to conduct a comprehensive, replicable and transparent review. Findings: The review identifies multiple future research directions for cyber security/resilience in supply chains. A conceptual model is developed, which indicates a strong link between IT, organisational and supply chain security systems. The human/behavioural elements within cyber security risk are found to be critical; however, behavioural risks have attracted less attention due to a perceived bias towards technical (data, application and network) risks. There is a need for raising risk awareness, standardised policies, collaborative strategies and empirical models for creating supply chain cyber-resilience. Research implications: Different type of cyber risks and their points of penetration, propagation levels, consequences and mitigation measures are identified. The conceptual model developed in this study drives an agenda for future research on supply chain cyber security/resilience. Practical implications: A multi-perspective, systematic study provides a holistic guide for practitioners in understanding cyber-physical systems. The cyber risk challenges and the mitigation strategies identified support supply chain managers in making informed decisions. Originality: This is the first systematic literature review on managing cyber risks in supply chains. The review defines supply chain cyber risk and develops a conceptual model for supply chain cyber security systems and an agenda for future studies

Information and knowledge leakage in supply chain

The current world of post industrial value generation sees companies increasingly analyzing their internal operations against their external organizations to identify supply/demand fluctuations along the supply chain. Within these integrated relationships between internal and external parties in the supply chain, knowledge and information have become very important production resources. The existence and success of an increasing number of organizations strongly depend on their capabilities to utilize knowledge and information for profit generation. By managing more efficient information sharing, the volume of company confidential information passing through the supply chain increases, and this brings about more incidences of knowledge leakage and information leakage. A survey by PricewaterhouseCoopers in 2014 shows information security spending over the next 12 months would increase 60.27 % in Asia and 48.98 % in all regions. This emphasizes the importance of information privacy and therefore the necessity to study the information and knowledge leakage in integrated supply chain. The objectives of this study are to investigate the factors triggering information and knowledge leakage and create a mitigation framework to soften the impact of leakages on performance. The above objectives will be met by formulating and examining several hypotheses of a conceptualized information leakage (IL) and knowledge leakage (KL) framework. A case study derived from a structured interview is adopted as a methodology in this research. As a result, this paper contributes a novel theoretical model that characterizes information and knowledge leakage in an integrated supply chain. Therefore, it also adds new knowledge of managing information and knowledge leakage to supply chain management

Modeling and evaluating information leakage caused by inferences in supply chains

While information sharing can benefit supply chains significantly, it may also have a "side effect", namely, information leakage. A limitation common to many existing solutions for preventing information leakage in supply chains is that they rely, either implicitly or explicitly, upon two unrealistic assumptions. First, what information is confidential is well known. Second, confidential information will not be revealed, if only it is not shared, regardless of how much other information is being shared. As it shall be shown in this thesis, those assumptions are not always true due to potential information leakage caused by inferences. Specifically, a conceptual model of such information leakage is proposed in this thesis. The model will enable companies in a supply chain to better understand how their confidential information may be leaked through inferences. On the basis of the proposed conceptual model, a quantitative approach is devised to evaluate the risk of information leakage caused by inferences when a given amount of information is shared. The quantitative approach will allow companies in a supply chain to measure and consequently to mitigate the risk of information leakage. Finally, a case study is discussed to illustrate how the proposed approaches work in practice

Introducing Risk Considerations into the Supply Chain Network Design

Supply chains (SC) aim to provide products to the final customer at a certain service level. However, unforeseen events occur that impede supply chain objectives. SC Risk has been studied in the literature, providing frameworks and methodologies to manage SC failures. Nevertheless, more efforts are needed to prevent hazardous and disruptive risks and their consequences. These risks must be considered during the process of designing a supply chain. Somemethodological contributions concerning risk in the supply chain network design (SCND) are conceptual frameworks formitigating SC disruptions, which suggest strategies andmeasures for designing robust and resilient SCs. Although such contributions are valuable, they do not indicate how to cope with risk when designing a SC. The main objective of this research is to describe amethodology aimed at including risk considerations into the SCND. Our proposal aims to be, on the one hand, a comprehensive approach that includes a risk identification and assessment procedure in each of the stages of the SCND process and, on the other hand, a tool for decision-making in SC design or redesign processes when SC risks need to be considered. The methodology proposed is an extension of a SCND methodology including risk considerations in order to improve the performance of the supply chains. A case study illustrates how the proposed methodological works, achieving the identification of SC risks already observed in previous works.Peer ReviewedPostprint (published version

Preventing confidential information leakage in supply chains through trust-based heuristic supplier selection

In today's global economy, outsourcing has become increasingly popular in design and production. Manufacturers need to share massive information with their suppliers during an outsourcing activity. In the meantime, the manufacturers need to protect confidential information related to the product for the purpose of intellectual property (IP) protection. In such a context, secure collaboration has become an emerging research topic in global supply chain management. A number of methods were proposed to select secure and eligible suppliers among all potential suppliers involved in a supply chain system to satisfy security requirements and to minimize the cost at the same time. The selection can be performed by assessing suppliers' ability, risk assessment of information leakage, and cost analysis. However, depending on given security requirements, a valid selection of suppliers to meet such requirements may not always be possible to obtain. Moreover, such a selection process is usually very expensive with existing risk assessment algorithms. This thesis addresses both issues by proposing a method which is both secure and efficient for generating optimal selections of suppliers for a supply chain system. First, we introduce a multi-level trust model of suppliers to address the cases where existing approaches based on a flat trust model will fail to generate any valid supplier selection. To our best knowledge this is the first work on formally modeling the level of trust in suppliers. Second, we propose efficient heuristic algorithms for eliminating insecure selections of suppliers as early as possible in the process such that the need for expensive risk assessment on such selections is avoided. The effectiveness and efficiency of proposed approaches were analyzed and validated through a case study

Introducing Risk Considerations into the Supply Chain Network Design

Supply chains (SC) aim to provide products to the final customer at a certain service level. However, unforeseen events occur that impede supply chain objectives. SC Risk has been studied in the literature, providing frameworks and methodologies to manage SC failures. Nevertheless, more efforts are needed to prevent hazardous and disruptive risks and their consequences. These risks must be considered during the process of designing a supply chain. Somemethodological contributions concerning risk in the supply chain network design (SCND) are conceptual frameworks formitigating SC disruptions, which suggest strategies andmeasures for designing robust and resilient SCs. Although such contributions are valuable, they do not indicate how to cope with risk when designing a SC. The main objective of this research is to describe amethodology aimed at including risk considerations into the SCND. Our proposal aims to be, on the one hand, a comprehensive approach that includes a risk identification and assessment procedure in each of the stages of the SCND process and, on the other hand, a tool for decision-making in SC design or redesign processes when SC risks need to be considered. The methodology proposed is an extension of a SCND methodology including risk considerations in order to improve the performance of the supply chains. A case study illustrates how the proposed methodological works, achieving the identification of SC risks already observed in previous works.Peer ReviewedPostprint (published version

Predicting supply chain risks using machine learning: The trade-off between performance and interpretability

Managing supply chain risks has received increased attention in recent years, aiming to shield supply chains from disruptions by predicting their occurrence and mitigating their adverse effects. At the same time, the resurgence of Artificial Intelligence (AI) has led to the investigation of machine learning techniques and their applicability in supply chain risk management. However, most works focus on prediction performance and neglect the importance of interpretability so that results can be understood by supply chain practitioners, helping them make decisions that can mitigate or prevent risks from occurring. In this work, we first propose a supply chain risk prediction framework using data-driven AI techniques and relying on the synergy between AI and supply chain experts. We then explore the trade-off between prediction performance and interpretability by implementing and applying the framework on the case of predicting delivery delays in a real-world multi-tier manufacturing supply chain. Experiment results show that prioritising interpretability over performance may require a level of compromise, especially with regard to average precision scores

Strategies for Preventing and Mitigating the Effects of Agro-food Supply Chain Disruptions

Supply chain disruptions are detrimental to the performance of companies due to the associated loss of profitability and reduced sustainability. In 2016, organizations lost at least $1.2 million in a single supply chain disruption. Guided by the contingency theory of fit, the purpose of this exploratory multiple case study was to explore the strategies agribusiness managers use to prevent and mitigate the effects of disruptions in the agro-food supply chains. A total of 5 purposefully-selected agribusiness managers from Harare, Zimbabwe participated in semistructured interviews. Participants were senior agribusiness managers who implemented successful strategies for preventing and mitigating the effects of disruptions in agro-food supply chains. Three themes emerged from the thematic analysis of interview data and review of organizational documents: collaboration among supply chain partners, business continuity management, and the use of a multiple supplier base. Agribusiness managers must first understand the sources of disruption risk, assess the impact of the risk, and then select an appropriate strategy based on the level of uncertainty and risk. By managing the risks effectively, managers can improve the performance and competitiveness of their businesses. The implications for positive social change may include a reduction in supply chain costs, provision of better services and products to consumers, and lower prices of agro-food products to consumers which could lead to an improvement in the lives of consumers

Global supply chain risk management: an approach on how global firms manage the complexity of their worldwide operations

JEL Classification: M11 e L22The global supply chain risk management field is crucial for the supply chain sustainability, however, it is yet poorly explored, especially when it comes to matching the literature studies with empirical observations. The complexity inherent to these supply chains turn the studies and analyzes of risk-related issues, such as risk exposure, perception and its management strategies, time-to-time more significant to building a resilient and sustainable chain. In order to develop a coherent and relevant contribution for the literature, this dissertation provides three case studies of three companies from different industries. These case studies provide a qualitative approach of the firms’ risk perception and their management strategies. After the exposure of each of the three firms supply chain scenario, it is developed an analysis of the case studies, taking into account what is suggested and advised by former researchers in this field. The findings of this research indicate that the three companies do not dominate the existing supply chain risk management theoretical framework, nor fully apply risk management dynamics and strategies proposed by researchers. Instead, on average, they know in detail what are the risk-related events likely to have impacts onto their supply chains; moreover, their risk management strategies seem to be effective on both avoiding impacts and overcoming barriers and disruptions. On the other hand, the researchers’ and companies’ mindset converge on betting on cooperation/collaboration and communication/information sharing as builders of visibility, flexibility and agility into a supply chain, finally improving its resilience and reducing its risk exposure.O campo da gestão do risco na cadeia global de abastecimento é fundamental para a sua sustentabilidade, entretanto, ainda figura um campo pouco explorado, principalmente quando se trata de avaliar se a teoria se adequa à prática. A complexidade inerente a essas cadeias faz com que o estudo dos seus riscos seja cada vez mais significante para construir uma cadeia de abastecimento resiliente e sustentável. A fim de desenvolver uma contribuição relevante para a literatura, este trabalho apresenta três estudos de caso de três empresas de diferentes indústrias. Para esta metodologia foi utilizada uma abordagem qualitativa para compreender a perceção do risco por parte das empresas, e suas respetivas estratégias para os gerir. Segue-se à exposição do cenário da cadeia de abastecimento das três empresas uma análise dos estudos de caso, com base no que é aconselhado pelos pesquisadores desta área. Por fim, os resultados deste trabalho indicam que as três empresas não dominam o arcabouço teórico do campo da gestão do risco na cadeia de abastecimento, nem mesmo aplicam a fundo as estratégias propostas pelos pesquisadores. Todavia, as empresas parecem conhecer detalhadamente os riscos aos quais estão expostas e, ainda, as estratégias adotadas para gerir estes riscos mostram-se eficientes tanto em evitar disrupções quanto em superar barreiras e dificuldades. Contudo, a mentalidade dos pesquisadores e empresas convergem em apostar na cooperação e comunicação como pontos chave para desenvolver a visibilidade, flexibilidade e agilidade numa cadeia de abastecimento, aprimorando, em última instância, sua resiliência e diminuindo sua exposição aos riscos