Volume 20, Number 1 Article by Mohd Nishat Faisal, D K Banwet & Ravi Shankar March, 2008
Virtual Integration and Information Risks: A Supply Chain Perspective :
Virtual integration, whereby supply chain partners exchange information in real time, is the answer to the problem of uncertainty in supply chains. But along with its numerous advantages, virtual integration of supply chains also poses the challenge of managing information risks. This study seeks to provide an understanding of information risks in the context of supply chains, assess these risks and relate them to the level of virtual integration of the supply chain. The study uses the multiple case study approach, which provides the basis for greater transferability of the findings to other contexts. Various information risks that could impact the supply chains were studied for three clusters of small and medium enterprises (SMEs) in India. In many cases, this segment forms the crucial link in the supply chains of large enterprises.
Information risks can be broadly categorised as information security risks, information distortion and bullwhip risks, intellectual property rights risks, IT/IS outsourcing risks, and information system breakdown risks. The case studies show that as supply chains become virtually integrated, the risks of information distortion and bullwhip are reduced. But the benefits of virtual integration can be fully realised only if proper strategies to manage other information risks are in place. The findings also indicate that from the point of view of information risks, SMEs may be the Achilles heel for the whole supply chain network. They pose serious threats to supply chain performance, as generally they do not have any strategy to manage information risks and are easy targets for those looking out for security breaches in the information linkages of the supply chain. The study suggests that information risks could be handled by addressing the SMEs’ lack of knowledge about information risks, lack of supply chain wide policies to manage information risks, lack of resources, lack of commitment, lack of trust, and lack of IT expertise.
Reprint No 08105
