270 likes | 277 Views
Learn about process-centered companies, business continuity management, risk management, and process resource planning to enhance competitiveness. Explore standards and recommendations for managing risks in supply chain management.
E N D
Process Security, ProcessResourcePlanning Pál MICHELBERGER Ph.D. Institute of Management and Organization Keleti Faculty of Bussiness and Management Óbuda University, Budapest, Hungary
Agenda • Process Centered Companies (bases of process management) • Business Continuity Management (from the IT management) • Process and Competitiveness • Risk Management (+ an interesting standard) • Risks in Supply Chain Management • Process Resource Planning; Instead of Manufacturing Resource Planning (a good idea?) 2 /27
Process Centred Companies 1. „Process is one or more tasks that add value by transforming a set of inputs into a specific set of outputs (goods or services) for another person (customer) by a combination of people, methods, and tools.” Tenner – DeToro, 1996 „Process security can be defined as a state in which, with all required inputs given, the organizational units responsible to fulfil process-related tasks will produce outputs in adequate quantity and quality in due time. Upon any disturbance, normal operation of the process can be restored with the lowest possible use of resources within the shortest possible time.” Michelberger, 2014 3 / 27
Process Centred Companies 2. (Porter, 1985) 4/27
Elements of process • Input • Output • Activity • Organizational unit (orperson) • Data carrier • Information and data • Logicalorderinactivities Business processcan be categorizedbyresourcesused: material-, management & control-, and evaluatingprocesses… 5/27
The usualprocedure of sales(an exampletoillustrate business process) • receiving an inquiry, • making an business offer, • receiving an order, • confirming the order, • placing finished products on the storage, • notifying the costumer, • making out notes of discharges and deliver, • making out an invoice on the basis of the delivery note returned, • receiving counter-value for the goods (as shown in the invoice), • closing the order. 6/27
An interesting standard (ISO/IEC 33002, InformationTechnology – ProcessAssesment - RequirementsforPerformingProcessAssessment)… Processqualitylevels: • Level1 – Incompleteprocess • Level2 – Performedprocess • Level3 – Managedprocess • Level4 – Establishedprocess • Level5 – Predictableprocess • Level6 – Optimizingprocess 7/27
Business Continuity Business continuity implies that all processes of the organization function smoothly and faultlessly. All necessary resources are available in the right place and right time. A business continuity plan is designed to ensure timely and functional availability of (IT) resources to support organizational processes, and minimize damage as may be caused by unexpected events. It identifies potential threats to processes, estimating probability of occurrence and any potential damage as may result from the loss of a process, while offering backup options for use until the process is restored and restarted. The business continuity has role not only in the information security… 8/27
Business ContinuityPlan (BCP) and DisasterRecoveryPlan (DRP) • The BCP ensurestheavailability of business process backup IT resourcesatgiven and functionallevelsaswellastheminimalisation of damagecausedunexpectedevents. • The DRP containssubstitutesolutionsforthecase of major damage and eventsresultinginthebreakdown of informationtechnology service. The aim is tofacilitatethemnimalisation of negativeeffects and thefastrestoration of originalcircumstancesatacceptablecosts. 9/27
A definition about competitiveness... „A company will be competitive if, while complying with socially accepted standards, it can convert its resources into the highest possible profits, and detect, and adapt itself to, such external and internal changes as may affect its operations, in order to remain steadily functional. „ (Chikán et.al. 2002) 11/27
and a competitiveness model… (Szerb – Ulbert, 2009) 12/27
Example from Nature… During the summer season, worker bees alive for 6 or 7 weeks… Gathering nectar, pollen and propolisduring the 4th and 5th weeks… One-third of all workers fit for collection, always keep staying in the hive… They perform movements (special dance) to communicate information to their fellows about the whereabouts nectar one can find within a collection area ( ~30 km2 ) 13/27
Risk Management forProcesses(onthebase ISO 31000:2009 standard) Riskassessment (thedegree of potential damage and likelihoodof a negative consequence…) Possibilities of risktreatment: • Accept (risk is tolerablewithoutreduction…) • Regularcontroll and reducingtheprobability of occurenceoftheriskormitigatingtheimpactofitsconsequences • Transferorshare(e.g. primecontractorat an investment project, insurance) • Avoid(unacceptableregion, riskcannot be justified) 14/27
Somestandards and recommendationsforspecialriskmanagements 1. • ISO 14001 Environmental management systems - Requirements with guidance for use • BS OHSAS 18001 Occupational Health and Safety Management • ISO/IEC 27001 Information technology - Security techniques - Information security management systems – Requirements • ISO/IEC 27005 Information technology - Security techniques - Information security risk management • ISO/IEC 20000-1 Information technology - Service management - Part 1: Service management system requirements • ISO/IEC 20000-2 Information technology - Service management - Part 2: Guidance on the application of service management systems • ISO 22301 Societal security -Business continuity management systems - Requirements 16/27
Somestandards and recommendationsforspecialriskmanagements 2. • ISO 9001 - Quality management systems - Requirements • ALARP – As Low As Reasonable Practicable (principle for achieving of suitable risk level…) • COSO – Comitte of Sponsoring Organisations of Treadway Comission – Enterprise Risk Management System • SCOR – Supply Chain Operations Reference model • CPFR – Collaborative Planninig, Forecasting and Replenishment (process)model • CRAMM model – CCTA Risk Analysis and Management Method in Information Security • FMEA – Failure Mode and Effect Analysis in Quality Management 17/27
The Management of SupplyChains The supply chain is a joint system of value added processes and of resources, which involves several companies, starting with the purchase of raw materials and finishing with the delivery of the final product to the consumer. Its various elements comprise suppliers, producers, logistics service organisations, warehouses and other participants of the distribution processes. The operation of the supply chain is primarily determined by the final consumers, which creates common interests for the participants of the chain… The five major processes determining the supply chain are (SCOR model); • planning, • sourcing, • making, • delivery, • returning. 18/28
ManufacturingResourcePlanning „Manufacturing Resource Planning (MRP II.) is a tool for identifying resources, such as base materials and production capacities, necessary for the manufacture of products against actual customer orders either received or forecast, using established corporate databases called Bills of Materials or BOMs”(Landvater ̶ Gray, 1989). Elements of MRP II.: • Master ProductionScheduling • MaterialRequirementsPlanning (MRP I.) • CapacityRequirementsPlanning • Procurement • Shop FlorControl • Technical Data Management (for design of product and scheduling of manufacturing) • Inventory- and Store Management 20/27
Resources-Productsmatrix 21/27
ManufacturingResourcePlanning and LinearProgramming (onbase of previousmatrix…) • Limits of resources: x1aj1 + x2aj2 + … + xkajk + … + xnajn ≤ bj • Limits of market: MPk-min ≤ xk ≤ MPk-max • Maximizing contribution margins: Z = MAX (x1CMP1 + … + xkCMPk +… + xnCMPn) 22/27
Processresources • materials, • manpower, • information, • financial sources, • infrastructural resources (e.g. energy, machine capacities, etc), • other processes. 23/27
Risktreatment in production (an example and rankfrommachineindustry…) • Do the production job using alternative technological steps, that is to say, select an alternative technological process even though it is likely to be more expensive and/or slower than the one it will substitute for. • Increase the cumulative work time allocation (i.e. make a demand for overtime work or an additional shift). • Outsource the production job to a business partner with adequate resources (co-operation). • Re-design the product. • Increase production capacities (by purchasing additional means of production and/or hiring additional labour). 24/27
„New” risk management; ProcessResourcePlanning (?) 3 opportunity; • Spreading of material- and capacityrequirementsplanningtoprocess management. • Processorientationinstead of organizationcentredthinking. • Development and form of substitutingprocesses (orprocesselements). 25/27
ProcessSecurity (again…) Process Security can be defined as a state in wich all required inputs, the organizational units responsible to fulfil process-related tasks will produce outputs in adequate quantity and quality in due time. Upon any disturbance, normal operation of the process can be restored with lowest possible use of resources within the shortest possible time. 26/27
ThankYouforYourAttention! michelberger.pal@kgk.uni-obuda.hu