Top ten threats to logistics: unexpected incidents

Top ten threats to logistics: unexpected incidents

Continuing with our ‘Top 10 biggest threats to logistics’ as given by industry experts, this week we’re focussing on unexpected incidents.

Within the supply chain, unexpected incidents can disrupt your operations. There are two main types of unexpected incidents, internal and external.

Internal supply chain incidents can include:

  • manufacturing risks - caused by disruptions of internal operations or processes
  • business risks - caused by changes in key personnel, management, reporting structures or business processes, such as the way purchasers communicate to suppliers and customers
  • planning and control risks - caused by inadequate assessment and planning, which amount to ineffective management
  • mitigation and contingency risks - caused by not putting contingencies (or alternative solutions) in place in case something goes wrong
  • cultural risks - caused by a business's cultural tendency to hide or delay negative information. Such businesses are generally slower to react when impacted by unexpected events.

Whilst external supply chain incidents can include:

  • demand risks - caused by unpredictable or misunderstood customer or end-customer demand
  • supply risks - caused by any interruptions to the flow of product, whether raw material or parts, within your supply chain
  • environmental risks - from outside the supply chain; usually related to economic, social, governmental, and climate factors, including the threat of terrorism
  • business risks - caused by factors such as a supplier's financial or management stability, or purchase and sale of supplier companies
  • physical plant risks - caused by the condition of a supplier's physical facility and regulatory compliance. 

To manage unexpected incidents, it is important for businesses to develop effective business resilience strategies, one of which is Integrated Emergency Management (IEM).

Integrated Emergency Management (IEM) 

The aim of IEM is to develop flexible and adaptable arrangements for dealing with emergencies, whether foreseen or unforeseen. Resilience goes far beyond just organisations. The wider approach to the concept of resilience will ensure that you make use of all talents and resources at your disposal.

IEM consists of five inextricably linked principals. It should be an integral part of how an organisation functions as opposed to being a discrete function within that organisation.


Risk assessment is both an integral component of risk management and a key activity in the emergency planning process.

The initial aspects of assessment are based around the concept of anticipation. The aim, at this stage, is for responders to systematically identify new or changing hazards and threats from both local and wider environments. This process, sometimes known as horizon-scanning, may include many of the threats and risks being discussed in this report. 


A large part of business continuity management is concerned with developing recovery strategies and plans that would come into play in the event of a disaster or major incident.
However, a point that is often overlooked is that prevention is usually better than cure. Clearly not all disasters can be prevented, and there is still a need for recovery strategies and plans. But by managing our risks we can lessen the probability of a disaster occurring in the first place or reduce the impact of an incident to "non-disaster" proportions.
Business continuity management is about risk management and contingency planning, not just one or the other. A sound business continuity programme will address both of these key issues. An effective risk management programme will go a long way towards making your business more resilient and lessening the possibility of having to invoke your recovery plans.


Preparation is a key aspect of efforts to protect the business. It encompasses planning, training and exercising activities.

A robust assessment process ensures that any subsequent planning is based on a sound foundation. Plans can be specific or generic in nature as well as being either single or multi-agency. Wherever possible, plans should be simple and should offer flexibility and adaptability. They should include business continuity considerations to ensure that the critical functions of an organisation can be maintained during the emergency.

To ensure their effectiveness, plans should be tested by being regularly and robustly exercised. Thereafter, an effective process should be put into place to ensure that lessons identified from exercises are incorporated into the next generation of plans. Lessons identified from incidents should, of course, be similarly incorporated.


An effective response will, in large part, reflect the preparedness of an organisation prior to an emergency. An organisation which has committed itself to a programme of preparation is much more likely to respond in an effective manner.

Resilience is not simply the domain of emergency planners but should be seen as an integral part of corporate governance and business planning at all levels.

The decisions made by those giving direction are likely to be the subject of scrutiny in any post-incident phase. A decision log and, where appropriate, the rationale behind them is an effective way to assess the suitability of plans and identify learning points. Accurate record-keeping in this regard will assist all those involved. 


The speed and effectiveness of any recovery plan will be dependent on the business continuity planning that has been undertaken in preparation of an event. Having effective preparation and response phases will make recovery easier, quicker and reduce the overall impact of the event. The temptation once the event has been dealt with is to relax thinking that the worst is over. Unfortunately, if the recovery process is not managed with the same levels of commitment, the lasting effects on the business can be fatal as customers lose confidence and look to competitors for a more dependable service. The critical recovery time will vary dependant on the business, some may be able to last days before critical service levels have been restored, for some it may be a matter of hours.

By prioritising which areas of the business are most critical teams can focus on their specialist areas in order that the business begins to function as soon as possible or if alternative locations, suppliers or warehousing are needed someone has been tasked with that function and workarounds where necessary are in place when needed. 

If you’d like to find out more on how to protect your logistics business, learn about how Secure Supply Chain Scotland can help by clicking here. 

Top Ten Threats to Logistics

Threat 1 – Insider Threat

Threat 2 - Theft

Threat 3 – Unexpected Incidents

Threat 4 – Terrorism

Related News

Member Log-In

Welcome to the SBRC Members Lounge, login details will be issued to members in due course.

Forgot password?