A Case Study Report
On
Cisco Systems Risk Strategies

Submitted to,
Amy vuong
Submitted by,
Marut shah
Vishal Dave
Manthan Shekhadia
Keyur Patel
Rudraksh Gaikwad
Imran Siddique
Mohammad Faisal

Contents

1. Introduction ............................................................. 4
1. Executive summary .............................................. 4
2. Issue identification .................................................. 5
1. Challenge & Issues ............................................... 5
3. Alternatives & Options: .......................................... 6
4. Recommendations ................................................... 9
5. Implementation of strategies & results: .................. 9
6. Monitor & Control: ............................................... 10
7. Lessons Learned..... Error! Bookmark not defined.

1.

Introduction

Cisco, the global information and communication technology provider, has put in place a supply chain resiliency program that any company facing possible risk from supply chain disruption should study. Cisco's program for SCRM combines tools, policies, practices and management support into a comprehensive system that enables the company to truly understand and manage the risks associated with the supply of most of its products. Beginning with new product design and introduction, and continuing through to current product manufacturing and fulfillment, Cisco can predict potential risk points and work with members of its supply chain to manage and minimize those risks. Further, Cisco can recover from external disruptions quickly to minimize the impact on its customers. Other companies should study what Cisco has done and, as appropriate, implement SCRM programs that allow them to manage supply chain disruptions as effectively as Cisco does. Note that a supply chain resiliency program does not negate the need for proper demand planning, which can lead to product shortages in the market.
1.

Executive summary

This Case Study documents a presentation made at Gartner's Security and Risk
Management Summit conference in 2010 on how Cisco manages the risks associated with supply chain disruptions. Gartner assesses Cisco's supply chain resiliency program as one of the better-executed programs we have seen, and recommends other clients study it to understand how they might "derisk" their own supply chains.
Key Findings
• A product-centric approach provides more business value than an incident-centric approach to risk assessment for most businesses.
• Transparency is critical to both internal and external support for supply chain resiliency.
• Objective metrics contribute to transparency.
As with any significant business endeavor, senior management support is critical to success. When senior managers care, everyone cares.

2.

Issue identification

Supply chain risk management (SCRM) is a critical discipline within business continuity management (BCM) that many companies, particularly manufacturing firms, fail to perform well. This Case Study (which Cisco presented at Gartner's Security and Risk Management Summit conference in
June 2010) highlights the tools, policies and practices that Cisco has implemented to support its SCRM process. Gartner believes it is these investments that make Cisco's SCRM system among the most evolved in the field. 1.

Challenge & Issues

Cisco's business model is complicated, relying extensively on outsourced manufacturing for more than 95% of the >12,000 products it delivers, most of which are configure-to-order. Cisco sells to a broad range of customers from the private and public sector, and as Cisco expands its
Presence in the consumer sector (with products such as the Linksys line), it is seeing a growing presence of make-to-stock products. The company's growth strategy includes being highly acquisitive. It has made more than 140 acquisitions since its founding and is presently making three to four acquisitions per quarter. In general, Cisco migrates the supply