RISK STUDY OF SUPPLY CHAIN OF LEARNING MODULE PROCUREMENT PROJECT (CASE STUDY: PT. XYZ)

Modern era has an impact on the industry. Relate to technology to turn raw goods into finished goods. Look at competitive in competition between companies that are required to customer demand. PT. XYZ is a publishing and printing company, constructing and concocting books and learning modules. Currently PT. XYZ does not yet have structured risk management to identify and mitigate risks that occur primarily in supply chain functions. Therefore, research is needed that aims to identify possible risks in PT. XYZ supply chain activities. Determine the cause of risk that must be prioritized to be mitigated in the supply chain PT. XYZ and determine mitigation strategies that must be prioritized to address the causes of risks in the supply chain PT. XYZ. The method used in this study is by the House of Risk method. HOR is used to identify risk events, risk agents in the supply chain and design mitigation strategies for risk agents based on ARP (Aggregate Risk Potential) value. The results of this study show that there are 10 risk events and 15 risk agents that become supply chain risks as well as recommendations for tackling priority risk agents.


Introduction
The development of the times towards the industrial era has an impact on industrial processes. The company is on the production of raw goods into finished goods. Technology that impacts daily activities will make it an efficient factor and effectiveness in all elements of the activity. Impact on the implications of a company, meet all customer demand. The company is obliged to pay attention to effective and efficient production flow and other supporting facilities to suit customers wishes with the aim of making good and timely output.
Procurement is a series of processes that concern the provision of goods or services needed, with the appropriate quantity and quality, from the appropriate source, delivered to the right place at the right price (Bailey, 2015). The large influence of procurement on the sustainability of the company's business also makes the procurement process requires good risk control. Without structured risk management, the impact on the company's performance will be great. Risk management can minimize the possible impacts of these risks (Hanafi, 2014).
PT. XYZ is a publishing and printing company, constructing and concocting books and learning modules. Currently PT. XYZ does not yet have structured risk management to identify and mitigate risks that occur primarily in supply chain functions. Therefore, research needs to be conducted to identify, analyze the risks that may arise in the supply chain PT. XYZ at the same time to mitigate these risks with the application of the House of Risk (HOR) method.
Thus, identification and risk analysis are required to know the form of improvement. Risk posed by all business activities may have a good or preferably impact, disrupting business processes until losses are incurred. It is important to know the risks that occur to see opportunities for decision making because it impacts the activities that will be carried out next. Thus, recommendations can be given for improvements to the measurement of previous work systems. Risk identification is done through Failure Mode and Effect Analysis (FMEA) method.
Then, with the House of Risk (HOR) approach can be analyzed the potential risks in the company when producing and see the level of probability of risk and impact that occurs. To reduce the probability of the appearance of risks that have a negative impact as well as provide proposed preventive measures from risk agents. Look at the impact of risk as well as the provision of recommendations to reduce the impact of the probability of causing the failure that occurred.
House of Risk (HOR) model based on the idea of supply chain risk management that focuses on preventive measures, reducing the possibility of a risk agent occurring. Reducing the occurrence of risk agents *Penulis Korespondensi. E-Mail: rhezaauliaramadhan@students.undip.ac.id, anandavaniaap@students.undip.ac.id, bambangpurwanggono@lecturer.undip.ac.id will usually prevent the occurrence of a risk (risk event) as well (Tikson, 2005). Usually, a risk agent causes more than one risk. According to Immawan and Putri (2018), the factors causing the risk of supply chain activity is a very complex supply chain network, high dependence on suppliers, the existence of organizational interactions within the supply chain, the short life cycle of a product. Performance of a supply chain process becomes a focus to design systems that can minimize time and cost (Ratnasari et al, 2018). Risk in supply chain can be a series of negative outcomes in various areas of the supply chain, including supply, operations, marketing, sales, and customer service (Wong & Ma, 2018).

Supply Chain Management
According to Pujawan (2005), the supply chain is a network of companies that jointly work to create and deliver a product into the hands of the end user. These companies usually include suppliers, factories, distributors, stores, or retailers, as well as supporting companies such as logistics services companies. Supply Chain Management (SCM) is an integrated application that provides information system support to management in terms of procurement of goods and services for the company while managing relationships between partners to maintain the level of willingness of products and services needed by the company optimally (Slamet, 2007). SCM integrates order delivery and processing, raw goods procurement, order tracking, information dissemination, collaborative planning, performance measurement, after-sales service, and new product development.

Model Supply Chain Operation Reference (SCOR)
The SCOR model has developed Supply Chain Risk Management; SCRM). This model presents business process frameworks, work indicators, best practices, and technologies to support communication and collaboration between supply chain partners, thereby improving the effectiveness of supply chain management and the effectiveness of supply chain improvement (Paul, 2014). SCOR is structured into five different management processes: Plan, Source, Make, Deliver, Return; from suppliers to consumers. The approach to building SCOR consists of Human Resource Processes, Practices, Performance, and Skills. The implementation of the SCOR model effectively contributes to an efficient logistics in supply chain operations (Salazar et al., 2012).

Risk Management
Risk is a form of uncertainty about the future circumstances, with decisions taken based on various considerations at this time. Risk is divided into pure risk and speculative risk. Pure risk is a risk accompanied by possible losses and the absence of possible profits, for example physical asset risk, employee risk, and legal risk. Speculative risk is a risk where losses and profits are expected, for example market risk, credit risk, liquidity risk, and operational risk. Risk management is a field of science on how organizations apply measures in mapping various problems by placing various management approaches comprehensively and systematically (Fahmi, 2010).
Risk management is the art of decision-making in a world full of uncertainty. House of Risk is the development of QFD (Quality Function Deployment) and FMEA (Failure Mode and Effect Analysis) methods used to develop a framework for managing risk. This method aims not only to counter the risk but also to counter the causes of risk or risk agent. HOR has two phases, the first is risk identification, the output is a priority rating risk agent. The second phase is risk management, the output is in the form of a plan of preventive measures for the occurrence of risk agents.

House of Risk (HOR)
House of Risk is a renewable method of analyzing risk. Its application uses the principle of FMEA (Failure Mode and Error Analysis) to quantitatively measure risks combined with the House of Quality (HOQ) model to prioritize risk agents that must be prioritized first to then select the most effective measures to reduce the potential risks posed by risk agents.
The HOR model underlies risk management in the focus of prevention, which is to reduce the likelihood of risk agents happening. Then the earliest stage is to identify risk events and risk agents. Usually, one agent can cause more than one risk event. Adapting from the FMEA method, the risk assessment applied is a Risk Priority Number (RPN) consisting of 3 factors, namely the probability of occurrence, the severity of the impact that arises, and detection. The HOR method only establishes probability for risk agents and the severity of risk events. Because of the possibility of one risk agent causing more than one risk event, it is necessary to quantity the aggregate risk potential of the risk agent.
Adapting the House of Quality (HOQ) model to determine risk agents should be given priority as a precaution. An A rating is assigned to each risk agent based on the magnitude of the ARPj value for each j risk agent. Therefore, if there are many risk agents, the company can first select an agent that has the potential to pose a risk event.
The model with these two deployments is called House of Risk (HOR) which is a modification of the HOQ model (Pujawan and Geraldin, 2009

Methods
Research aims to find out what risk factors are related if production is carried out and the largest value in the supply chain in the company in identifying the risks that occur.

Supply Chain Management Activity Mapping
SCM Activity mapping is done using score method. This mapping is done with the aim of identifying activities from suppliers to the end consumer. The use of this method in designing the measurement of supply chain performance in the process carried out, allows the company to evaluate the performance of the supply chain so that from the evaluation results can be monitored, and can know the potential risks of activity activities carried out by supplier groups to consumers.

Risk Identification
The initial stages for identification of problems are basically done by direct observation in the company. According to Landquist (2013) that Supply Chain Management is an overall approach to the material management process, such as providing, producing, and distributing products to consumers.
Risk identification with Failure Mode and Effects Analysis (FMEA) method focuses on 2 variables, namely possible occurrence, and severity. In determining the severity, it can be determined how serious the damage it. The severity rank value is between 1 to 10, where a scale of 1 indicates no impact and a scale of 10 indicates a hazard impact. In determining the occurrence can be determined how much interference can cause risk. Occurrence values between 1 and 10, where a scale value of 1 indicates almost the risk never occurs and a scale of 10 indicates that the risk is almost certain to occur.

Risk Calculation
The purpose of The House of Risk (HOR), which is to identify risks and design risk mitigation based on the results of risk assessment calculations to reduce the probability of risk agents occurring through prevention efforts in accordance with the priority level of risk agents. HOR management stage is divided into 2 phases, namely identifying risks and handling risks after identifying risks. HOR phase 1 serves in determining the source of the risk prioritized to take precautions and HOR phase 2 serves to provide special measures for consideration of resources with effective cost selection.
HOR phase 1 to determine severity and occurrence assessment and correlation of risk event and risk agent, obtained from direct observation through interviews with related parties. Then, evaluating the results of data processing and conducting the next stage, namely HOR in phase 2, further identification is carried out on priority risk agents who will be given mitigation action, serving to minimize the impact of the risk agent.

Data Collection
Mapping the activities in the supply chain of PT. XYZ uses a SCOR model consisting of plan, source, make, deliver, and return which are the major processes of the business process in the supply chain. The mapping process will facilitate the identification of risk agents and risk events that occur in business activities in interviews and observations with an expert.
In the preliminary research conducted brainstorming activities with the PT. XYZ. Interviews are conducted to identify what risk events and risk agents may arise in the company's procurement activities. The incidence of risk that has been identified and assessed as severity of risk (Si) can be seen in Table  1.
The risk agent (Aj) that has been identified and Waste from raw materials due to excess 2 E4 Availability of raw material stock in empty suppliers 5 E5 Out of stock in the warehouse 5 E6 The number of orders of raw materials is not appropriate 3 E7 Supplier withholds supply 4 E8 Cancellation of cooperation with suppliers 5 E9 Planning of the company's internal communication system is not good 3 E10 Natural disaster occurs at the time of delivery 3 assessed its occurrence level (O j ) is listed in Table 2. A j and Oj value is based on interviews with procurement managers. Risk event is possible occurrence of risk and risk agent is the cause of the risk event.

House of Risk Phase 1
House of Risk (HOR) phase 1 is an early stage that aims to identify risk events as well as risk agents that cause them. Next will be discussed about the measurement of correlation value (Rij) and calculation of risk priority index value/ Aggregate Risk Potential (ARP). This value will be used as a consideration to determine the priority of risk management that will be the input for HOR Phase 2.
After all risk agents are calculated the ARP value, then the next stage is to group the agents -risk agents that would otherwise be the main ingredients for countermeasures. The determination of the risk agent uses Pareto law. The measurement of correlation values and ARP calculations can be seen in Table 3.
Pareto's law states that 80% of problems are caused by 20% critical risk. By focusing counter measures on 20% of these risks, it is expected that 80% of the company's risk impact can be minimized or even resolved. Table 4 is the pareto calculation of risk agents. From Table 4 it is claimed that 20% of the causes of risk come from two risk agents, namely the absence of contracts with suppliers (A4) and labor negligence (A12).
After processing in HOR phase 1 and obtaining ARP value, then the next stage of risk mitigation by using HOR phase 2 is to handle (risk treatment). The identified risk agent has the largest ARP value determined by pareto diagram will be the input in HOR phase 2, namely the priority risk agent that will be mitigated. Based on aggregate risk potential calculation in HOR 1, Pareto Diagram is created to find out the risk agent that causes risk to the system. The percentage of 20% entry in A12 with cumulative up to 30.04% so that A12 is included in the risk agent that must be addressed.
Here is a list of risk agents that will be mitigated based on ARP values by using pareto diagram. Pareto Diagram can be seen in Figure 1. Not possible to open other suppliers 2 A3 Absence of procurement SOP applied 4 A4 Absence of contract with suppliers 5 A5 Minimal resource competency 4 A6 Information systems at suppliers that are not appropriate 3 A7 Lack of oversight from superiors 3 A8 Lack of employee engagement 2 A9 Erratic weather conditions 3 A10 Hampered disbursement of funds 5 A11 Human error in workers 3 A12 Labor negligence 5 A13 Damage to raw materials during the delivery process 4 A14 Inaccuracy in planning 2 A15 Transport problems and disasters 2

House of Risk Phase 2
At this stage, follow-up on priority risk agent will be given mitigation action to minimize the impact of the risk agent. The next step is to identify the ideal mitigation action to address priority risk agents. This identification is obtained through brainstorming activities. Here Table 5 is a mitigation action to address each risk agent.
After the identification of mitigation actions, the measurement of correlation value between mitigation action and priority risk agent is carried out. The correlation value is still the same scale of value as the correlation value between the risk agent and the risk event. Furthermore, the measurement of the degree of difficulty (Dk). this degree of difficulty is as an overview of the difficulty level of the implementation of mitigation actions. The value scale used is based on a value scale of 3 weights for easy-to-implement mitigation actions, 4 for mitigation actions that are somewhat difficult to implement and 5 weights for mitigation actions that are difficult to implement. The next step is to calculate the total effectiveness (Tek) by summing the results of matching values with the ARP of each priority risk agent. After that calculate the value effectiveness to difficulty ratio (ETD) by dividing the value (Tek) by the degree of difficulty (Dk). Etd value is the benchmark or parameter of mitigation action based on the order of ease of implementation, so the higher the value of ETD, the more ideal mitigation action to be implemented.