Gartner’s annual list of the Top 25 Supply Chains is out. 

Just like every year since 2010, there isn’t a single business focused on the government as a customer listed.  Is it selection bias, or are organizations operating in the government space really that bad?  As far as I can tell, the last supply chain with a government focus to make the list was Lockheed Martin in 2010, coming in at number twenty-five.

Over 95% of the population of the United States gets water from a municipal supply.  That’s a government supply chain.

We have the United States Postal Service, a prodigious capability that operates as an independent agency of the federal government.  The USPS even handles some of Amazon’s Sunday deliveries.  That’s a government supply chain.

And, of course, we have the military industrial complex.  That slice of American commerce includes highly competent companies like Lockheed Martin, Boeing, Raytheon, General Dynamics, Northrop Grumman, United Technologies, L-3 Communications, and BAE Systems.  These are just the biggest; there are lots of others.

I don’t think twice about drinking water out of a tap in any office building in America.  Making that happen requires world class supply chain chops, and those organizations are not on the Gartner list. 

I’ve received mail in towns in truly isolated US locations, simply addressed to me, General Delivery, but I don’t see the USPS on the list.

I’ve eaten fresh coffee cake sent by my wife using the US Mail in combat-zone in Southwest Asia – what the military calls an austere non-permissive environment - while at the same time eating three hot meals a day prepared for me by government contractors.  I don’t see any aspect of that supply chain reflected on the list.

Why are none of the government-centric operations or players on the Gartner list?  Are the supply chain capabilities in the government space really as mediocre as Gartner seems to imply?  Or is there some sort of unintended selection bias taking place?

Supply Chain Risk Management (SCRM) is complicated.   But sometimes, the complexity resolves down to a single event.  And that event can be tragic.

The supply chain for agricultural products in the United States is really complex.  Somehow, that integrated set of capabilities brings fresh lettuce from Yuma, Arizona to my home outside of Boston, Massachusetts.  The supply chain network has a lot of players running an interwoven network that moves fresh produce through echelons from coast to coast.

According to the Washington Post on May 2, “The nationwide food poisoning outbreak from E. coli-contaminated romaine lettuce has claimed its first fatality, an unidentified person in California, and the infections have sickened a total of 121 people in 25 states, the U.S. Centers for Disease Control and Prevention announced Wednesday.”

That lettuce is believed to have come from the Yuma area.  There are no simple supply chains.  A head of lettuce may be simple, but the associated supply chain processes are complex.  That complexity brings risk and danger.  Just ask the family in California.

The Defense Acquisition University defines SCRM as “a systematic process for managing supply chain risk by identifying susceptibilities, vulnerabilities and threats throughout DoD’s “supply chain” and developing mitigation strategies to combat those threats whether presented by the supplier, the supplied product and its subcomponents, or the supply chain.”

Supply Chain Risk Management includes more than cyber threats, so it isn’t just an IT problem.  Risk touches all functions in the supply chain, and it needs to be addressed by the operators, too.  The next time somebody tells you that supply chain risk is an IT problem and tries to kick the can down the hall, remember that family in California.