ARTICLE IN PRESS

Int. J. Production Economics 90 (2004) 47–58

Risk management processes in supplier networks

Jukka Hallikasa,*, Iris Karvonenb, Urho Pulkkinenb, Veli-Matti Virolainenc,
Markku Tuominena
a
Department of Industrial Engineering and Management, Lappeenranta University of Technology, P.O. Box 20,
FIN-53851 Lappeenranta, Finland
b
VTT Industrial Systems, P.O. Box 1301, FIN-02044 VTT, Finland
c
Department of Business Administration, Lappeenranta University of Technology, P.O. Box 20, FIN-53851 Lappeenranta, Finland

Received 11 April 2002; accepted 6 February 2004

Abstract

This paper deals with risk management in supplier networks. The primary aim is to illustrate challenges that network
co-operation brings to risk management. The paper outlines the general structure of the risk management process and
presents methods for risk management in a complex network environment. The results indicate that risk management is
an important development target in the studied supplier networks. When the dependency between companies increases,
they become more exposed to the risks of other companies. The presented processes facilitate understanding and
managing of uncertainties and risks in supplier networks. Empirical evidence is offered on the basis of case studies.
r 2004 Elsevier B.V. All rights reserved.

Keywords: Supplier networks; Supply chain management; Risk management

1. Introduction transactions costs, ability to concentrate on core

skills, access to key technologies, and risk sharing
1.1. Background among partners give direction for the development
process. Even though a lot of research has been
In many business environments, networking is conducted in the field of industrial networking and
almost an inevitable solution to help companies supply chain management in recent years, only
respond fast to market changes. In network some of it has dealt with the risk management
collaboration companies deepen their relationship associated to these topics. In the years 1999–2001 a
with partners and thus become more dependent on large study has been conducted with several
each other. The key success factors in networking, industrial and academic partners. This paper has
and the motives for entering into a partnership or partially resulted from that research project (see
alliance form the basis for the development of also Hallikas et al., 2001, 2002).
network arrangements. Opportunities like reduced
1.2. Objectives
*Corresponding author. Tel.: +358-5-621-2671; fax: +358-
5-621-2667. The purpose of this paper is to contribute and
E-mail address: [Link]@lut.fi (J. Hallikas). provide a more complete understanding of risk
0925-5273/$ - see front matter r 2004 Elsevier B.V. All rights reserved.
doi:10.1016/[Link].2004.02.007
 ARTICLE IN PRESS

48 J. Hallikas et al. / Int. J. Production Economics 90 (2004) 47–58

management in supplier networks. The paper 2. Business networks

seeks to express the risk management process
approach in order to provide a more holistic 2.1. What is it all about?
view on the subject. We have formulated the
following two general research questions for the According to the strategic network definition by
study: Jarillo (1988), strategic networks are long-term,
purposeful arrangements among organizations
(1) What kinds of risks arise from network
that allow the operating organizations to get
collaboration?
long-term sustainable competitive advantage. In
(2) How do the risk management processes
strategic networks a lot of weight is put on the
operate in network collaboration?
reciprocity of the relations. The individual com-
Additional research objectives include answer- panies operating in the network are dependent on
ing the question of how risks can be identified and the resources of the other network companies, and
assessed, and what kind of options there are for the possibilities of the individual organization to
controlling and managing risks. Furthermore, we utilize these resources are determined by their
will discuss special features that networking brings place in the network. Network arrangements result
to business risk management. We will use these from strategic collaboration between more than
objectives and research questions to develop the two independent companies with the aim of
outline of the study. pursuing economic advantages. A network can
We have used the qualitative case study research be defined as a specific type of relation linking a
methodology (Yin, 1994) in the study because defined set of persons, objects or events (Harland,
the nature of the subject calls for deeper under- 1996). For example, Nishiguchi (1994) has re-
standing of the topic. Information has been ported how Japanese companies have organized
gathered through in-depth interviews with their suppliers into hierarchies: first-tier or primary
managers and chief executives from both, suppliers provide systems rather than components.
suppliers’ and buying companies’ side. Eleven This trend reduces the number of first-tier
companies from two industrial fields, electronics suppliers and also makes the buying company
and metal industry have been involved in the more dependent on the suppliers. The primary tool
study. employed by the Japanese to implement closer
supplier co-ordination and individual supplier
1.3. Outline of the study development is cross-exchange of staff between
buyers and suppliers. On the basis of a procure-
The paper outlines the general structure of the ment related literature review it can be concluded
risk management process and presents methods that the integrated procurement strategy should
for managing risk in the network environment. include such issues as: value chain positioning,
After the theoretical background, we present the environmental analysis, objective setting, organi-
general characteristics of the studied networks. zation structuring, strategic make or outsource
The nature of the risk management process is decisions (which should include the strategic
explained from the point of view of business assessment of what is a firm’s core competency),
networks. The phases and special characteristics of choice of different strategies (when to use compe-
the risk management process are presented. titive, partnership or network strategy) and the
After outlining the risk management process, links between company level strategy and other
we deepen our approach and demonstrate functional strategies (Virolainen, 1998).
some special features of risk management in Generally speaking, through networking, com-
terms of dynamics and feedback. Finally we panies aim at reducing financial and technological
discuss the main findings, draw a conclusion of risks and improving their competitive advantage
the study, and discuss future research challenges in through deeper specialization. Further challenges
the topic. are caused by e.g. shortening turnaround times,
 ARTICLE IN PRESS

J. Hallikas et al. / Int. J. Production Economics 90 (2004) 47–58 49

fast developing technologies and the globalization asymmetry) determinants. Asset specificity refers
trend. to the ease with which an asset can be redeployed
The network-related risks are connected for to alternative uses. The more dependent a com-
example to the networks’ resistance towards pany is on its buyer/supplier, the higher are the
changes, new technologies, practices and members, TC’s and vice versa. The original idea of Coase
as well as to problems and risks that may arise in was that without transaction costs the market
network management or the setting up of appro- solution (i.e. outsourcing) should be preferred,
priate development activities. Increasing require- because it would make it easier to exploit the
ments for communication and co-operation economies of scale and scope (i.e. the fruits of
activities also add claims for more efficient specialization) and to use more efficient high-
information systems, openness, trust and produc- powered incentives.
tion systems. There may also arise problems with Later Teece (1986, 1998) took into account
information transfer. technology-related transaction cost determinants
Few studies have integrated risk management which are relevant in the industrial context. To
into networking. Although some studies have make sense of his ideas it is useful to interpret a
reported the special features of network or supply firm as a Porterian value chain of adjacent
risk management. These studies are related to transactions (activities). They can be put together
outsourcing (Lonsdale, 1999) and purchasing through different governance systems (i.e. by using
(Smelzer and Siferd, 1998). There are also studies outsourcing, different sorts of networks or insour-
which deal with the opportunities and risks among cing). The strategic problem is to find out the
small and large firms in the supply chain (Zanger, governance structure which economizes on the
1997) and the problems associated to the common sum of transaction and management costs.
goals and insufficient information sharing in Teece has launched two new TC determinants
supply chains (Akkermans et al., 1999). which are related to the appropriability regime and
the role of complementary competencies. The
2.2. Transaction cost-based explanation on the former refers to the factors that make it possible
emergence of business networks to profit from innovation. The most important
factors are the nature of technological knowledge
This section relates our general network discus- (from tacit to fully codified) and the legal
sion to a more exact transaction cost economics mechanisms of protection (i.e. patents, trade
(TCE) context. The concept of transaction cost has marks, copyrights). The more tacit (or legally
been used in explaining the range of the activities effectively protected) the new knowledge is, the
(transactions) in which the company engages itself. lower the associated transaction costs and the
TCE offers us an analytical device which makes it better the outsourcing or loose networking option
possible to understand why a company insources, and vice versa.
outsources or networks when acquiring necessary The latter concept refers to the competitive
competencies (capabilities) needed for the efficient nature of the complementary competencies neces-
supply chain organization (more about these sarily needed for the emergence of supply net-
issues, see [Link] (1999)). According to Coase works. The more competitive the markets of
(1937), when the marginal costs of using markets complementary competencies, the lower are the
(i.e. transaction costs) are higher than the costs of transaction costs related to them and the better
using the company (i.e. management costs), a option is the outsourcing or loose networking
transaction should be organized within the com- strategy and vice versa.
pany and vice versa. Williamson (1991) regards In the light of the basic categories launched
transaction costs as organizational failures due to above we can now introduce the conditions under
environmental (uncertainty, asset specificity, small which (i) outsourcing, (ii) insourcing, and (iii)
number of potential trading partners) and human networking are the best governance options. Out-
(bounded rationality, opportunism, information sourcing should be preferred, if uncertainty and
 ARTICLE IN PRESS

50 J. Hallikas et al. / Int. J. Production Economics 90 (2004) 47–58

the danger for opportunism are minor, asset 2.3. Views to the risks of networks
specificity is low, there are many alternative
trading partners, the appropriability regime is To be able to discuss the risks of networks, it is
tight due to tacitness or legal protection, and the necessary to review briefly the definition of risk.
markets for complementary competencies are Dictionaries define it as a possibility of losses or
fairly competitive. Insourcing is the best alter- harmful consequences. Already this common sense
native in the opposite case. definition reveals the two essential components of
On the basis of the above discussion we can risks: losses and uncertainty about their occur-
introduce the conditions under which the network rence and amount. The assessment and manage-
option should be preferred. Networking always ment of risks require also measurement of risks. A
includes elements typical of both the pro-market utility theoretic approach measures uncertainties
outsourcing and anti-market insourcing solution. by probability distributions, and losses by their
Networks are useful when market and/or techno- utility (i.e. utility function). The utility function
logical uncertainty is fairly high, knowledge is also describes the decision maker’s risk attitude.
fairly generic or codified (e.g. science-based) From the utility theoretic point of view, risk can be
and, hence, hard to appropriate, there are econo- defined as the expected loss of utility (see e.g.
mies of scale due to specialization, and the markets Keeney et al., 1993; Clemen, 1995). For the
for complementary competencies are not very purposes of this study, i.e. the identification of
competitive. It is often found that high-powered risks and preliminary prioritization of risk man-
incentives are badly needed. Under these condi- agement options, it is not necessary to take into
tions it is very likely that the firms will network account the decision maker’s risk attitude and to
together. assess exactly the losses and their probability
Compared to the pure market solution net- distributions. More importantly, it is essential
works, it makes it possible to improve co-ordina- that both the probability of risky events and the
tion of interrelated competencies and reduce the losses are understood and identified, and com-
risk of being trapped by the monopolistic holders pared by applying a semi-quantitative scale (see
of complementary competencies. In addition, net- Section 4.2).
works give partners more strategic decision mak- Functions which generate the possibility of
ing power without the fear for opportunism. In beneficial effects or profit often include risks. This
relation to the option of insourcing, networks is also the case with business activities. As
make it possible to share financial risks of sunken companies develop networking with other compa-
costs, exploit economies of scale and scope, utilize nies, this also affects their risks. The tighter
more high-powered incentives and reduce com- relationships may mean more dependencies be-
plexity and uncertainty through common routines tween the companies, which contributes to dis-
and competencies. Moreover, some of the tradi- turbance propagation in the network. However,
tional advantages of vertical integration can be the disturbances or unexpected events have differ-
obtained with closer co-ordination and a large ent consequences to different companies in the
common knowledge pool, which makes its easier network. Thus the network does not only have one
to cross-learn and internalize external competen- common risk, but the risks must be studied from
cies ([Link] et al., 1999). The transaction different perspectives.
cost and resource-based view explanations of The original equipment manufacturer (OEM)
inter-firm collaboration have recently received which operates as the responsible company to-
some criticism as well. The main arguments are wards the customer may use the network to attain
related to the view that these explanations are flexibility against demand fluctuations. It may thus
typically static and based on cost-based compar- transfer part of the demand risk to the suppliers.
ison of existing organizational and technological In addition focusing on the core competence and
capabilities and competencies (see Blomqvist et al., using outside resources for other parts may help to
2002). make the operations more effective. Thus the risks
 ARTICLE IN PRESS

J. Hallikas et al. / Int. J. Production Economics 90 (2004) 47–58 51

that the increased networking causes to the OEM responsibilities for confidential information. An
originate mainly from the deliveries to customers, additional uncertainty are the future requirements;
though also other items, like preservation of the how the current orientation, knowledge and
information and sufficient competence exist. resources should be maintained and modified to
A business network is comprised of several tiers succeed in the future. In a study of two example
of suppliers. The first tier suppliers, which work networks we found it useful and illustrative to
for the OEM company, have again their suppliers. analyze the risks as grouped in four types, the risks
Thus, like the buying companies, they need to take coming from:
the responsibility of the work of the suppliers (1) Too low or inappropriate demand: The
against that of their customer, the OEM. The demand problems may be caused by a decreased
difference is the scale of deliveries. The relation- demand of end products due to economical trends
ship between the primary suppliers and the OEM or change of product generation. It is also possible
is often more constant than what the OEM has that the universal demand does not decrease but
with its customers. As the suppliers make invest- the OEM loses its position in the market.
ments to satisfy the main contractor’s anticipated Furthermore, the success of the OEM does not
demand they also carry part of the demand risk of guarantee the success of the supplier; it may
the main contractor. The main factor affecting the become replaced by competitors in their market
risks of the supplier is being strongly dependable place if the competitors can offer better services to
on one customer or operating in many networks. the OEM.
(2) Problems in fulfilling customer deliveries: In
hierarchic network delivery, each acting company
3. Types of risks in studied networks is responsible of its deliveries to the customer at
the next hierarchy level. Thus each company must
Increased co-operation of companies in a control not only their own work but also the work
manufacturing network causes transfer of risks of their subcontractors. As the price is most often
between the companies; it may decrease some risks fixed before the delivery, the main items to be
and increase others. As this is always dependent on managed are quality and the time. As the
the circumstances of each network, company, development of networking has led to an increase
branch and even on the economical status or in the size of the responsibilities of the primary
cycle, no generic and complete assessment can be suppliers, they quite often have to face new
given. Thus each company should analyze its management challenges as well. These challenges
status from its own perspective. are related for example to the demand fluctuations
Risks of the companies are related to their and flexibility of supply. Too high demand may
objectives. The main objective of the owners is also be risky, if companies are not able to adapt
usually that the company should be profit-making. their operations to the growth.
In addition the company may have other objec- (3) Cost management and pricing: Having
tives, like growth or future position, and the time demand and fulfilling deliveries is not enough for
range viewed may be different for different a company to be profitable. It must also be able to
companies. However, management of profitability manage its costs; both fixed and variable. The
is usually also needed to survive and to achieve increasing responsibilities in many cases also
possible other objectives. require growing investments; thus risks of invest-
The risks initiate from uncertainty. The main ments often increase. In high demand business
uncertainties for companies come from two cycles companies may endanger their ability to
sources: customer demand and customer deliv- control their cost structures and investments.
eries. The demand of the end customer does not (4) Weaknesses in resources, development and
guarantee the business for a supplier. Delivery flexibility: The products and markets are changing
uncertainties are connected to the ability to and new competitors appear all the time. If the
manage the costs, time and quality as well as the company wants to remain in the network, it must
 ARTICLE IN PRESS

52 J. Hallikas et al. / Int. J. Production Economics 90 (2004) 47–58

follow the trends, developing and creating new dependent events often create additional chal-
knowledge if needed. Many OEMs consider the lenges for risk identification.
ability to development as one important criterion One objective of the Finnish research project
when prioritizing suppliers. It must, however, be discussed in Section 1 was to develop methods and
remembered that the company will itself carry the tools for enterprises to understand and manage
risk of investing in changes or development. Thus their risks in an enterprise network. For this
the investments should be based on careful reason- objective, qualitative models and practical identi-
ing of the company’s own future vision and fication methods to be used by suppliers were
objectives, not only on the desires of the OEM. developed. The risks were categorized in four
groups as described in Section 2 (demand pro-
blems, problems in fulfilling customer deliveries,
4. Risk management process problems of cost management and pricing, and
weaknesses in resources, development and flex-
A typical risk management process of an ibility). The potential causes of these groups of
enterprise consists of risks were then described as a hierarchic, tree-like
model. Though the special characteristics of
* risk identification, networking are not visible on the highest level of
* risk assessment, the four groups, they emerge on the lower levels.
* decision and implementation of risk manage- In addition to internal and external causes, inter-
ment actions, organizational effects are emphasized.
* risk monitoring. To integrate the risk assessment to the identifi-
cation, the tree model of risks was further
Basically, the risk management process in a developed to a checklist of risk factors or risk
network environment has the same phases. Each events of networked enterprises. The objective of
enterprise operates at its own risk and should the checklist is to evoke questions, recognize
manage the risks itself. As the interconnections of beliefs, and question truths and trends about
the enterprises in the network make them depen- networking. What-if scenarios can also be used.
dent on each other, it can be useful to share Information gathering, transmission and filtering
partially the risk management process and to are important features of risk identification.
develop collaborative means to manage the risks. As every company is responsible for its own
In the following, the risk management process in a risks, it must identify the risks from its own
network environment is discussed briefly. viewpoint. This does not exclude the potential
benefits of sharing information, opinions and
4.1. Risk identification visions with network partners. In a networked
environment, where business relationships are
Risk identification is a fundamental phase in the largely based on partnerships between organiza-
risk management practice. By identifying the risks, tions, effective information sharing is the key
a decision-maker or a group of decision-makers factor to decrease external and internal uncer-
become conscious about events or phenomena that tainty. As the enterprises often belong to several,
cause uncertainty. The main focus of risk identi- even competing networks, it is clear that there are
fication is to recognize future uncertainties to be often restrictions for information sharing, and the
able to manage these scenarios proactively. visions presented in the collaboration may be
In a networked environment, risk identification overstated or underestimated.
must take into account the dependencies on other
organizations. Interruptions, quality failures and 4.2. Risk assessment
delivery fluctuations are common strong signals of
risks in production systems. However, not all risks Risk assessment and prioritization are needed to
are easy to identify. Feedback loops and chains of be able to choose suitable management actions for
 ARTICLE IN PRESS

J. Hallikas et al. / Int. J. Production Economics 90 (2004) 47–58 53

the identified risk factors according to the situa- considered are also immaterial consequences such
tion at both company and network level. In the as trust, reputation and degradation of knowledge,
Finnish project the assessment is incorporated into which are hard to convert into monetary value, but
the identification method. Here the two compo- which may cause financial losses in the long run. In
nents of risk, the probability and the consequences a network environment a special consequence may
of a risk event, are assessed separately on a five- be that the company loses its position in the
class scale. Tables 1 and 2 present the assessment network.
scales for the consequence and probability of risk While the main purpose of the semi-quantitative
events. assessment is to gain more profound understand-
When assessing the subjective probability of a ing of the environment and to support the
risk event, the company’s own experience and enterprise management, it may also reveal needs
other companies’ performance are utilized. Also for further investigation and acquisition of in-
the effect of the network must be taken into formation. In an enterprise network this typically
account. For some factors it may mean higher means that an enterprise becomes aware that it
probability of disturbance and for some others should know more about some of its partners.
lower. The potential consequences should be When the identified risks have been assessed, it
assessed from the viewpoint of the enterprise: is useful to present them as a risk diagram (see
what kind of impacts it may face. That is because Fig. 1). The risk diagram gives an overall view
an event or change which is harmful to one upon all risks, and makes the most important risks
company in a network, may have no or positive requiring the most attention visible. Furthermore,
effects to another company in the same network. it indicates whether the risks can be reduced by
Often the essential loss factors from the decreasing their probability or their consequences.
company’s point of view are financial conse- In a network the risk diagram can also be used
quences like costs. Important factors to be as a method for information exchange inside and
between the enterprises. It depends on the relation-
ships between the companies, how openly they are
Table 1 willing to expose their risks to partners. In a multi-
Impact assessment scale network environment the companies may in some
Rank Subjective estimate Description situations co-operate and in others compete. This
opens up the possibility to utilize the knowledge of
1 No impact Insignificant in terms of the
whole company
2 Minor impact Single small losses
3 Medium impact Causes short-term
Very Probable

difficulties
4 Serious impact Causes long-term difficulties Probability ProbabilityAt Least Moderate
5 Catastrophic impact Discontinue business At Least Moderate
Probable

Impact At Least Medium

Low Impact

Table 2
Probability assessment scale
Moderate

Rank Subjective estimate Description

1 Very unlikely Very rare event

Improbable

2 Improbable There is indirect evidence of

Low Probability Low probability
event
3 Moderate There is direct evidence of
Very Unlikely

Low Impact Impact At Least Medium

event
4 Probable There is strong direct
evidence of event No impact Minor impact Medium impact Serious impact Catastrophic impact
5 Very probable Event recurs frequently
Fig. 1. Risk diagram.
 ARTICLE IN PRESS

54 J. Hallikas et al. / Int. J. Production Economics 90 (2004) 47–58

the weaknesses of a partner, for example while probability or consequences. In addition new
making contracts. significant risk factors may appear. To identify
these, it is necessary to monitor the changes in the
4.3. Risk management actions network, customer needs, technology, partner
strategies and competitors and to update the risk
The generally used strategies for risk manage- assessment correspondingly.
ment include
4.5. Risk management process in the network
* risk transfer,
environment
* risk taking,
* risk elimination,
The phases of the risk management process
* risk reduction,
discussed above remain basically the same also in
* further analysis of individual risks.
the context of the network environment. In order
In a network environment, risks can be mana- to implement the ‘‘network risk management
ged generally by developing a common network process’’ it is necessary that the partners of the
strategy, best practice modes of action and network have assessed their own risks and
contract policies. Risk identification and assess- implemented appropriate risk management activ-
ment give a more specific indication on where to ities. However, to manage the risks due to the
focus the actions. Some of the risks can be reduced network relations and to find a common risk
by collaborative development in the network, management that will become possible due to
others must be managed by each company network co-operation, it is important that the
themselves. In a multi-network environment the individual risk management processes are com-
objectives of different networks may cause contra- pleted by a collaborative process. A suggestion
dictions for an enterprise. The assessment of risks for such a risk management process is given
helps the enterprise to decide how to operate in in Fig. 2.
these situations. Mutual risk identification and assessment can be
The network relationships often include trans- seen as tools for creating the risk profile of the
ferring risks from one company to another. This network on the basis of the partners’ risk profiles.
may reduce the total risk if the company taking the They identify and prioritize the risks that may
risk can cope with it better than the company have impact on the success of the operation of the
transferring it. Taking the risk of an investment whole network. It is necessary to identify risks that
can be considered as an example. If the supplier is may be unimportant for an individual partner but
able to utilize an investment in several networks or will affect significantly the whole network or other
customer relationships, the probability that the partners’ operational capability. Identification and
investment will not pay itself back may decrease. implementation of mutual means for risk reduc-
In some cases the impact of transferred risk can, tion help to find out risk management actions that
however, be larger for the risk-taking suppliers may be too expensive to be implemented by a
than for the OEM. In network-wide analysis the single partner, but cheap to be implemented by
basic idea is to find the optimal risk management collaboration. Further, mutual risk reduction
strategies to share and balance risks at network means may include co-operative sharing of risks.
level. Mutual risk monitoring includes a common
analysis of risks that have occurred earlier or, an
4.4. Risk monitoring analysis of changes in the common environment.
The mutual risk management process requires
The company and its environment are not static, the identification and evaluation of common goals.
and thus also the risk status changes. The This is also as a basis for a common network risk
recognized risk factors can be monitored to management strategy, which makes it possible to
identify the potential increasing trends in their develop principles for auditing, reducing and
 ARTICLE IN PRESS

J. Hallikas et al. / Int. J. Production Economics 90 (2004) 47–58 55

Operational Environment

Partner
Means for
Identification Assessment Implementation
Risk Reduction

Mutual Mutual Mutual Means for Mutual

Monitoring
Identification Assessment Risk Reduction Implementation

Means for
Identification Assessment Implementation
Risk Reduction
Partner

Fig. 2. Risk management process in network environment.

sharing the risks. With the aid of a common audit, 5. Deepening of the approach
it is possible to identify and reduce environmental
uncertainty. Interorganizational risk analysis helps It is not likely that the presented simple method
companies to compare and share knowledge on is appropriate and sufficient for a deeper analysis
the causes and effects of risks and uncertainties. of all risks. Therefore, we need to reconsider the
After identification, assessment and comparison, nature of risk more profoundly to be able to assess
some of the identified risks and uncertainties may risks that involve dynamic complexity and the
require common action or they may be involved in mechanism of feedback. There is empirical evi-
the company’s own planning and decision making .
dence (Dorner, 1996) that the heuristics we use to
processes. judge causal relationships are likely to ignore
One important aspect of risk management is the feedback loops and other elements of complexity
timing of management actions. In principle, the like time delays. It follows that in a dynamic
company’s or the network’s risk management environment there is danger of making a decision
process should be continuous. Companies observe based on cognitive models that are static, narrow,
their operational environment and business pro- and reductionist (Sterman, 2001).
cesses, and carry out decisions and planning The system theory (Forrester, 1961; Senge, 1990;
procedures that have an effect on the risks. This Sterman, 2001) defines that cause and effect
may be difficult in practice, and it is advantageous relationships in the system are composed of
to restrict the process to certain situations. Some positive (reinforcing) and negative (balancing)
examples of such situations are regular company- feedback loops. Positive loops seek to reinforce
or network-wide risk audits, selection and assess- the behavior in the system. Negative loops tend
ment of business partners and launching of large to balance or oppose the change in the system.
projects. Furthermore, a common risk assessment It follows that dynamics arise from the intera-
could be performed when there are indications or ction between these two types of behavior.
signals of changes in the business environment The elements in the system are connected to
(e.g. financial or possession arrangements) or each other with positive or negative causal
when some risks have already occurred. relationships.
 ARTICLE IN PRESS

56 J. Hallikas et al. / Int. J. Production Economics 90 (2004) 47–58

The following case illustrates a simplified amount of potential partners. The growing depen-
example, to help understand and analyze the dency and higher market share of the customer
feedback in terms a decision making and un- increases the degree of asymmetry in the relation-
certainty. It is also easier to understand the ship, and decreases the negotiation power of the
meaning of time delays and counterintuitive company. This is likely to cause a risk of
behavior in the complex system through the use opportunistic behavior in the opposite side, and
of this example. makes the company vulnerable to the uncertainties
Fig. 3 depicts a case example of the feedback arising from downward market trends, or changes
mechanism in a network relationship. The ele- in the customer company’s strategies. This in-
ments in the diagram are connected with arrows creasing uncertainty decreases the company’s
indicating causal relationships. A clean arrow future reward potential.
shows the positive relationship with cause and This simple case example shows the complexity
effect. It follows that in the diagram, when of the dynamic feedback mechanism in the system.
dependency to a single partner increases, the Time delays and complexity between cause and
degree of asymmetry in the relationship also effect may lead to counterintuitive decisions and
increases. A negative arrow (-) refers to a counter- situations with high uncertainty. Influence dia-
acting relationship; e.g. increase in partner specific grams provide a powerful method for the assess-
investments decreases the amount of potential ment of complex structures in the system, and
partners. hence assist in making better decisions in the
In the diagram, the case company operates in network relationships.
very fast growing markets as a subcontractor to a The systems approach offers an alternative way
global manufacturer. Customer demand for its for risk analysis. It helps to identify interconnec-
products is in fast growth and the company tions between the elements and thus recognize
decides to concentrate on this single customer those connections which are likely to cause major
because of very attractive reward potential. To uncertainty and vulnerability in the system. It is a
improve effectiveness, the company needs to make useful method for the understanding of the
partner specific investments in technology, pro- linkages between actors’ perception, action, and
cesses and skills. This, however, increases the the outcome of those elements to the system as a
dependency to this single customer and reduces the whole. As the companies in a network relationship

Amount of potential
partners
-

Partner specific
investments

Focus on single
- partner
Uncertainty/risk of
opportunistic
behavior
- Dependency to single
- Reward potential partner

Degree of asymmetry
Recession
Changes in -
partnership Negotiation power
strategies

Fig. 3. Dynamic complexity in the system.

 ARTICLE IN PRESS

J. Hallikas et al. / Int. J. Production Economics 90 (2004) 47–58 57

become more dependent on each other, it is not identify the areas of risk management that require
sufficient to consider risks merely at the company joint effort.
level. The risks in the network are dependent on Risk identification is an essential part of the risk
the behavior of the interconnected systems of management process because in networks risks
companies. may arise from complex chains that are difficult to
perceive. The dynamics of relationship develop-
ment causes an additional difficulty. Companies in
6. Discussion and conclusions networks should therefore communicate and share
their views on risks, because different views help in
The purpose of this paper was to contribute to a recognizing and understanding common opportu-
more complete understanding of risk management nities and threats in a more holistic way. As a
in supplier networks. The paper described the result, the improved understanding helps to make
challenges that network co-operation brings to better decisions and decreases the risks of both a
risk management. The aim was also to explore the single organization and a whole network.
process approach in order to provide a more A lot of research remains to be done. Inter-
holistic view on the subject. organizational information sharing and knowledge
One objective of the study was to find out what transfer cause a great deal of uncertainty and risk.
kinds of risks arise from network co-operation. The development of information and knowledge
Most companies operate in many networks and systems is therefore a great challenge and also a
every company also perceives its risks differently. potential means to manage risks. A challenging
It can be generalized that companies become issue is also how risks and rewards should be
more dependent on each other and thus risk shared in network collaboration.
transfer and sharing occur in networks. The
primary purpose of network co-operation is to
bring benefits to both the original equipment References
manufacturer (OEM) and the suppliers. This
is, however, likely to increase dependency Akkermans, H., Bogerd, P., Vos, B., 1999. Virtuous and vicious
between the organizations. When the dependency cycles on the road towards international supply chain
between companies increases, they become more management. International Journal of Operations and
exposed to the risks of other companies. Network- Production Management 19 (5/6), 566–581.
Blomqvist, K., [Link], K., Virolainen, V.-M., 2002. Filling
ing also increases the supplier responsibilities and a gap in traditional transaction cost economics: Towards
sometimes investment risks may be transferred to transaction benefit-based analysis. International Journal of
the suppliers. The optimal strategy is to aim at Production Economics 79 (1), 1–14.
share and balance rewards and risks between Clemen, R.T., 1995. Making Hard Decisions. An Introduction
to Decision Analysis. Duxbury Press, Belmont, CA.
organizations. Companies should also avoid
Coase, R., 1937. The nature of the firm. Economica 4, 386–406.
being too dependent on a single network or .
Dorner, D., 1996. The Logic of Failure: Recognizing and
organization. Avoiding Error in Complex Situations. Perseus Books,
The presented general risk management pro- Reading, MA.
cesses explain the phases and principles for Forrester, J.W., 1961. Industrial Dynamics. MIT Press, Cam-
managing risk in network relationships. Basically, bridge, MA.
Hallikas, J., Karvonen, I., Lehtinen, E., Ojala, M., Pulkkinen,
a company first analyzes its network-related risks U., Tuominen, M., Uusi-Rauva, E., Virolainen, V.-M.,
internally. In a study of two example networks we 2001. Risk Management in Business Networks (in Finnish).
found it useful and illustrative to analyze the risks 14/2001, Metalliteollisuuden Kustannus Oy, Helsinki.
as grouped in four types; risks resulting from: Hallikas, J., Virolainen, V.-M., Tuominen, M., 2002. Risk
demand problems, problems in fulfilling customer analysis and assessment in network environments. Interna-
tional Journal of Production Economics 78 (1), 45–55.
deliveries, cost management and pricing, and Harland, C., 1996. Supply chain management: Relationship,
weaknesses in resources, development and flex- chains and networks. British Journal of Management
ibility. In the second phase the partners should (March), 63–80.
 ARTICLE IN PRESS

58 J. Hallikas et al. / Int. J. Production Economics 90 (2004) 47–58

Jarillo, J.C., 1988. On strategic networks. Strategic Manage- Smelzer, L.R., Siferd, S.P., 1998. Proactive supply manage-
ment Journal 9 (1), 31–41. ment: The management of risk. International Journal of
Keeney, R.L., Raiffa, H., Meyer, R., 1993. Decisions with Purchasing and Materials Management 34 (1), 38–45.
multiple objectives. Preferences and value tradeoffs. Cam- Sterman, J.D., 2001. System dynamics modelling: Tools for
bridge University Press, Cambridge, UK. learning in a complex world. California Management
[Link], K., 1999. Strategic management of technology: An Review 43 (4), 8–25.
economist’s view. In: Ichimura, T., Tuominen, M., Piippo, Teece, D., 1986. Profiting from technological innovation:
P. (Eds.), New Methods, Theories and Practices for Implications for integration, collaboration, licensing and
Management of Technology. Lappeenranta University of public policy. Research Policy 15 (6), 285–305.
Technology, Studies in Industrial Engineering and Manage- Teece, D., 1998. Capturing value from knowledge assets.
ment No. 3, Lappeenranta. California Management Review 40 (3), 55–79.
[Link], K., Tuominen, M., Virolainen, V.-M., 1999. Virolainen, V.-M., 1998. A survey of procurement strategy
Emergence of the supply network in Finnish industry: development in industrial companies. International Journal
Attempt to theoretical reconstruction. Proceedings of the of Production Economics 56–57, 677–688.
12th ISPIM International Conference, Tokyo, Japan. Williamson, O., 1991. Strategizing, economizing, and econo-
Lonsdale, C., 1999. Effective managing vertical supply relation- mic organization. Strategic Management Journal 12,
ships: A risk management model for outsourcing. 75–94.
Supply Chain Management: An international Journal 4 Yin, R.K., 1994. Case Study Research—Design and Methods.
(4), 176–183. Sage Publications, Thousand Oaks, CA.
Nishiguchi, T., 1994. Strategic Industrial Sourcing. Oxford Zanger, C., 1997. Opportunities and risks of network arrange-
University Press, Oxford. ments among small and large firms within supply chain.
Senge, P.M., 1990. The Fifth Discipline: The Art and Practice Paper presented in the Sixth International Annual IPSERA
of The Learning Organization. Doubleday, New York. Conference, Naples.