Those of us who have an interest in supply-chain risk management closely follow news items that may have impacts on supply chains, such as the March 11, 2011 tsunami hitting Japan, the fall 2011 floods in Thailand, a fire and a labor dispute at Foxconn, a tornado in Wichita, Kansas, etc.
Since companies are so often secretive about their suppliers, it is rare to get the kind of glimpse at the supply chain of a major company such as Apple provided per the article “Apple Lists Its Suppliers for the 1st time” by Nick Wingfield and Charles Duhigg in the January 14, 2012 issue of The New York Times.
Granted that the release of the information was precipitated by reports of troubling labor practices, and that other firms, such as HP, Intel and Nike have also provided similar lists, but it’s still interesting to see how widely spread out the reported suppliers are. It gives risk managers some additional insight into the extent of networks of suppliers.
Apple produced a list of 156 companies, apparently accounting for 97 percent by dollar volume of the total. However, what also stands out is that secondary suppliers, even those as large as Corning, are not included.
So here’s the issue. As I discussed in my paper, “Risks of Unrecognized Commonalities in Information Technology Supply Chains ,” upon which my presentation at the 2010 IEEE Homeland Security Technology Conference was based, it is what we don’t know about our networks of suppliers that can hurt us. And as the above-mentioned NYT article makes very clear, not only are companies very reluctant to disclose their supply chains, but they will generally only provide the names of primary suppliers, with secondary suppliers, subcontractors, and the like remaining a mystery.