Time-to-time security and quality management in global supply chains are considered to be of similar nature – but are they really?

Since the year 2001, it has been a common argument in academic articles – and time to time in practitioner presentations and papers – that security and quality management have a lot in common when it comes to management philosophies, and even management practices, in global supply chains. Professor Hau Lee of the Stanford University has presented an ´analogy table´ between the two disciplines (in 2005), arguing for example that source inspection is a preferred approach for both security and quality management, alongside with seven other arguments which highlight similarities between the two functions. Professor Chwen Sheu from the Kansas State University emphasizes the importance of prevention and process control both for security and quality management (2006). A feasibility study on European Supply Chain Security (SCS) standards (CEN, 2009) carried out by the Cross-border Research Association, CBRA, illustrates an optimization graph for minimizing prevention plus recovery costs in security and in quality management. According to CBRA research, this applies also to safety, environmental and health management functions; to most regulatory compliance management functions; and possibly even to corporate social responsibility and ´business ethics´, at least to some extent.

Now, how and why security and quality related challenges and responses are actually different by nature? Below are seven view points on this interesting topic:

1. Security problems in supply chains are driven by intentional acts by humans aiming to benefit from the supply chain system, in a variety of criminal ways. Quality problems are driven by a variety of issues with human resources, process control, even ´laws of nature´. The role of humans in causing quality problems is normally of unintentional nature, basic reasoning being that they do not benefit from achieving lower quality production, service levels etc. Of course, some grey areas exist – for example gross-negligence leading to an industrial accident, happening unintentionally without any benefits attached to it, but recorded as a criminal act; or, motivation of revenge leads to intentional damaging of product quality – but in majority of cases the role of humans differs regarding security versus quality
2. The dynamics related to fixing a problem somewhere in the supply chain, and another problem appearing somewhere else in the chain, is different between security and quality. In security, the criminal actors can decide to shift to another point in the chain, after previous targets have been hardened ´too much´ from their perspective – for example from warehouse theft to roadside hijackings. In quality it is common that new problems appear elsewhere in the chain once the most visible problem has been fixed. There the explanation behind the ´problem dynamics´ or ´problem displacement´ is often straightforward: the second quality problem existed already before, but fixing the ´bigger problem´ made the second problem visible. Even though in some rare cases improving quality at some point in the chain could actually trigger totally new problems in another spot, the ´normal dynamics´ is quite different between the two disciplines
3. Next, looking at reporting and statistics creation challenges within security and quality, one can instantly note that a big part of security problems, including counterfeit production and sales; customs law violations; and human trafficking cannot have accurate measurement and statistics attached to them – as by definition, these acts go unreported. Of course law enforcement and some other institutes create estimates on the frequency and size of the problems, but they are just educated guesses at the best. Even with cargo theft parts of it do not become properly reported. As the opposite, in quality majority of the problems can be measured and statistics can and should be created
4. A certain level of secrecy can be beneficial for supply chain security for example regarding intelligence gathering and risk analysis, in order to avoid revealing sources and vulnerabilities; specifications of security devices and other measures, in order not to ease circumvention by criminal actors; and security incidents and failures, in order not to worsen consumer confidence in a specific company or product etc. Quality management, in the controversy, should be open and transparent by nature. Even though hiding quality problems can sometimes take place, ´secrecy in security´ can be seen as a much more serious management issue than ´secrecy in quality´
5. ´Who guards the guardians´ is an ancient challenge in security, considered already by the Roman poet Juvenal almost 2000 years ago. It becomes public information every now and then that people working for security companies or for government agencies are either doing their jobs in a low-quality manner, due for example to laziness or “don’t-care” –attitude; or are even participating in criminal activities, either for their direct personal benefit or as part of organized crime. Various forms of corruption are also a big problem in security field. Laziness and “don’t-care” –attitude can certainly happen in the world of quality – but the major challenge of having to guard the guardians does exists only in the security context
6. The worst case scenarios can be horrifying in both disciplines, security as well as quality: lives of hundreds or even thousands of people can be jeopardized by counterfeit products, e.g. pharmaceuticals or aircraft spare parts, as well as by quality errors for example in car break systems. However, the worst nightmare security breaches can lead to instant death of 100.000´s of people, or even in millions, for example in a case of biological or nuclear mega-incident. Thus, once can state the worst cases with security, at least in terms of potential lives lost, is few orders of magnitude higher than in quality
7. Lastly, quality, due to its long history and publicity, as well as overall positive reputation, is a much more mature discipline than security, at least when it comes to global supply chain management. This implies more stable approaches to solve quality problems and to stabilize processes. Security in supply chains is still in its infancy, lacking widely accepted and exploited standard approaches, both for practitioners and academics alike.

Just like with most of our blogs, we welcome the readers to send their own view points, including critics, linked to our writings – either on blog comment field or by email ( cbra@cross-border.org ). In the meanwhile, we wish a great weekend to everyone. Cheers, Juha.

PS. This blog entry is built on my doctoral thesis (2011) ´future research topics` -section; and has been published before in CASSANDRA Compendium.