The primary objective of conducting a supply-chain analysis from a risk management perspective is to systematically identify and assess potential vulnerabilities. These vulnerabilities are weaknesses or points of failure within the supply chain—such as over-reliance on a single supplier, geopolitical instability, logistical bottlenecks, or lack of visibility—that could be exploited by a threat or trigger a disruption. By identifying these vulnerabilities, an organization can understand its risk exposure and develop appropriate strategies to mitigate, transfer, or accept the risks, thereby enhancing its resilience and ability to achieve its objectives. This process is a core component of risk identification as outlined in the ISO 31000 framework.

A. contingent business interruption coverage. This is a form of risk treatment (insurance) that an organization might purchase after identifying a vulnerability; it is not the purpose of the analysis itself.

B. customer technology needs. Identifying customer needs is typically the function of market research, sales, or product development, not a supply-chain risk analysis, which focuses on operational continuity.

C. international regulatory requirements. While regulatory non-compliance is a potential risk, it is only one of many vulnerabilities a supply-chain analysis seeks to identify. This answer is too narrow.

1. ISO 31000:2018, Risk management — Guidelines. Clause 6.4.2, "Risk identification," states that the purpose is to "find, recognize and describe risks that might help or prevent an organization achieving its objectives." It further suggests that this process should consider a wide range of factors, including the organization's "relationships with, and perceptions and values of, external stakeholders," which directly encompasses the supply chain. The analysis of the supply chain is a method to fulfill this requirement by identifying potential disruptions (vulnerabilities).

2. Sheffi, Y. (2005). The Resilient Enterprise: Overcoming Vulnerability for Competitive Advantage. MIT Press. In Chapter 2, "The Nature of Disruptions," Sheffi emphasizes that the first step in building resilience is understanding and identifying vulnerabilities throughout the supply chain. The book, a foundational text from a leading academic institution, frames supply-chain analysis as a critical tool for discovering these hidden weaknesses before they lead to a crisis.

3. Jüttner, U., Peck, H., & Christopher, M. (2003). Supply chain vulnerability: An investigation of the sources and drivers. International Journal of Logistics Management, 14(1), 1-18. This peer-reviewed article defines supply chain vulnerability as an organization's exposure to serious disturbances. The authors argue that a key management task is to conduct analyses to identify the sources of risk and drivers of vulnerability within the supply network and its external environment (p. 12). DOI: https://doi.org/10.1108/09574090310806479