A risk appetite model of seaport-fulcrum supply chain risk – the case of Indonesia stakeholders Open Access

Organizations today face a dynamic and competitive business environment that constantly balances risk management and revenue maximization. The risk appetite model has become a crucial tool that helps businesses optimize acceptable risk levels and minimize potential revenue losses (Zainuddin et al., 2022; Elahi, 2013). Existing supply chain risk management (SCRM) frameworks have paid limited attention to the risk preferences of decision-makers (Gan et al., 2023; Azmi et al., 2021; Mauro et al., 2020; Bin and Zhang, 2014). To the authors' knowledge, an SCRM framework accounting for the decision-maker’s risk appetite in the context of interdependent risks within a network has not been explored in the literature. A recent concept proposes integrating utility indifference curves into the risk matrix, dividing it into zones: negligible, acceptable, controllable, critical and unacceptable (Ruan et al., 2015).

However, it remains unclear whether the utility indifference curves-based risk matrix, designed for independent risks, can effectively address interdependent risks. While recent studies have explored probabilistic supply chain risks to assess and manage interdependencies, the selection of optimal risk mitigation strategies has received limited attention in both the broader risk management literature and within SCRM (Gao et al., 2021; Griffis and Whipple, 2012). The central research question is how to develop an SCRM process that integrates the systemic interaction between risks and the decision-maker’s risk appetite while considering risk correlations.

Hence, we proposed a comprehensive risk appetite model that considers the correlation between various risks and their related potential revenue loss, based on the utility preferences of key stakeholders. The risk appetite model, developed using a mixed-integer linear programming approach, helps to understand the risk tolerance of conditional seaport risk attributes that stakeholders should consider in their decision-making process. This model accounts for different types of risk events, such as sporadic and repetitive risks and provides a framework for evaluating the complex interdependencies within the seaport supply chain network. By integrating the decision-makers' risk preferences, this model supports the formulation of tailored risk management strategies that align with the organization’s overall risk tolerance and strategic objectives.

We selected Indonesia as a case study due to several factors. First, data from the Indonesian Ministry of Transportation indicate numerous supply chain disruptions, with at least 9,755 reported cases (Kementerian Perhubungan, 2020). One such study, conducted in Indonesia, identified the primary causes of accidents in port waterfront areas as related to ships, the environment, human factors and management issues (Dewanto and Faturachman, 2018). In this context, understanding the perspectives and preferences of diverse stakeholders, such as shipping agencies, freight forwarders, logistics companies, exporters, importers and government regulatory bodies, is crucial for developing effective risk mitigation strategies and enhancing the overall resilience of the seaport-fulcrum supply chain (Mutombo and Ölçer, 2016; Ridwan and Sunaryo, 2019; Sen et al., 2020; Bijaksana et al., 2020).

Furthermore, the role of seaports as critical supply chain fulcrums has become increasingly prominent. Ports face a myriad of uncertainties in the dynamic and interconnected landscape of global trade, from rapidly changing technologies and evolving competition to security threats and budgetary constraints (Taneja et al., 2010). Indonesia, as an archipelagic nation, is particularly reliant on its maritime logistics network, making the performance and resilience of its ports a crucial factor in the country’s economic development.

On the other hand, existing research has highlighted several key strategies for enhancing the competitive advantage of the container shipping industry in Indonesia. These include ensuring demand sustainability, increasing sustainable supply chain performance and securing government support through appropriate regulations (Ardhi et al., 2021; Bijaksana et al., 2020; Saputra and Rijanto, 2021; Silambi et al., 2022). Additionally, studies have emphasized the importance of assessing port navigation safety and implementing improvement strategies to minimize logistics costs and maximize port efficiency (Ridwan and Sunaryo, 2019).

Therefore, the implementation of the comprehensive risk appetite model in Indonesia is expected to provide valuable insights into the management of seaport-fulcrum supply chain risk (SSCR) in a complex and dynamic environment. By addressing the gaps in current research, this work contributes to a more holistic and effective approach to supply chain risk management, supporting decision-makers in creating resilient and sustainable supply chain operations. The remainder of this paper is structured as follows. Section 2 provides a literature review as the foundation for this research. Section 3 formulates a risk appetite model for the SSCR. Section 4 outlines the solution method for the risk appetite model problem. Section 5 presents the initial data used in this research. Section 6 offers a discussion and analysis of the risk appetite model. Finally, Section 7 concludes with key findings and limitations that will inform the future direction of this research.

Supply chain networks operate in a tightly integrated environment, where interdependent organizations and their risks are closely intertwined, leading to complex interactions even at the individual firm level (Faisal, 2009a, b; Guertler and Spinler, 2014; Yu et al., 2015; Wang et al., 2017). Research has identified distinct risk categories, aiding the risk identification phase. However, to capture the interdependent relationships across the supply network, diverse stakeholder involvement in the risk identification process is necessary. Current approaches focusing on the optimal treatment of individual risks may be suboptimal if correlations exist between risks and mitigation strategies. As suggested by Guertler and Spinler (2014), examining the combined impact of risks can enhance supply chain management compared with addressing each risk type in isolation. Nevertheless, empirical research quantifying the correlations between risk factors and types or the probability of specific risk types, remains limited (Hou and Zhao, 2020).

Understanding risk factors, their impacts and the decision-maker’s risk appetite is essential for effective SCRM. An organization’s risk appetite, the amount and type of risk it is willing to take to achieve its objectives, is a critical factor in shaping risk management strategies (Merna and Merna, 2004; Damodaran, 2010; Aven, 2012; Ganiyu et al., 2020). Assessing and managing supply chain risks necessitates consideration of the decision-maker’s risk appetite, as this influences the selection and implementation of appropriate risk mitigation strategies. As demonstrated by Gupta and Hashmi (2023), supply chain risk assessment has become an active area of research, with a focus on developing robust methods to support decision-making.

By incorporating the decision-maker’s risk appetite into the supply chain risk assessment process, organizations can formulate tailored risk management strategies that align with their overall risk tolerance. The level of tolerance for accepting risks is significantly influenced by the decision maker’s risk appetite, highlighting the need to integrate risk appetite into the decision-making framework (Ricciardi and Rice, 2023). According to Gheibi and Fay (2020), the decision-maker’s risk appetite influences their tolerance for the degradation of target values in supply chain management. Risk-averse managers are inclined to accept only minor deviations from efficiency-based goals, preferring adherence to or improvement in effectiveness-oriented objectives. Conversely, risk-seeking decision makers are willing to accept higher degrees of value degradation for a specific goal in exchange for progress on a competing objective. In contrast, risk-neutral supply chain managers do not exhibit a strong preference toward either type of goal (Ricciardi and Rice, 2023; Gheibi and Fay, 2020). For instance, risk-averse decision-makers in supply chain management are willing to accept lower expected profits in exchange for lower variability in outcomes (Mauro et al., 2020). This implies that supply chain managers may choose to hold higher inventory levels or accept higher procurement costs to reduce the potential for stockouts and lost sales. This preference for stability over profitability maximization can have significant consequences for supply chain performance. Incorporating the decision-maker’s risk appetite into supply chain risk assessment and optimization models can lead to more robust and practical solutions (Namdar et al., 2017; Mauro et al., 2020; Mzougui et al., 2020; Kamar, 2021).

In a scenario where a network of interdependent seaport risks is encountered instead of a set of independent risks, the risks often display positive or negative correlations with each other (Tsetlin and Winkler, 2005; Olba et al., 2019; Guerra and Moura, 2020; Kuang et al., 2021; Embrechts et al., 2023). This means that the occurrence or severity of one risk can be influenced by the presence or magnitude of another risk within the interconnected network (Do. Bagus and Hanaoka, 2023). Additionally, a mitigation strategy targeting one particular risk may have downstream effects on multiple other risks, either exacerbating or alleviating their impact (Pescaroli and Alexander, 2018; Qazi et al., 2021). Conversely, multiple risk mitigation strategies may need to be employed to effectively address a single, highly complex risk that is influenced by various factors within the seaport supply chain system.

Existing frameworks of risk matrix often fall short in assessing and managing the complexities of interconnected networks of risks (Nagi and Kersten, 2022). To address the challenge of interdependent risks, it becomes necessary to marginalize probability values by assigning conditional probabilities to the risks. However, the criticality of these interdependent risks is not effectively articulated by current risk matrix-based tools. Furthermore, established criteria for performing cost-benefit analyses within the risk network and potential strategies are lacking, particularly in relation to the decision-makers’ risk appetite and the performance of individual risks on the risk matrix. This limitation hinders the ability to develop comprehensive risk management strategies that account for the intricate relationships between risks and the risk preferences of key stakeholders (Ruan et al., 2015; Befekadu and Pasiliao, 2016; Liu et al., 2017; Dillon et al., 2018; Syed and Lawryshyn, 2020; Pascarella et al., 2021; Anthony and Cox, 2023).

In the realm of risk analysis, simple mathematical operations are often found to be inadequate (Cox, 2008). Each potential strategy or combination of strategies must be intricately connected to the risk network, leading to the re-evaluation of marginal probability values and the subsequent mapping of resulting risks onto a new dataset (Dexter et al., 2007; Reveíz and León, 2009). This process thus becomes iterative rather than sequential. While expected utility theory (EUT) is widely used in decision-making under uncertainty, applying it to a network with even a small number of risks and strategies with binary states requires the elicitation of a large number of values from decision makers regarding the utility of different risk and strategy combinations (Abbas, 2010; Safari et al., 2016; Hanea and Nane, 2022).

This complexity can make the application of expected utility theory challenging, particularly for networks with a larger number of interdependent risks and potential mitigation strategies. Addressing these challenges requires the development of more sophisticated analytical frameworks that can effectively capture the nuances of the risk network and the decision-maker’s risk appetite. Additionally, practitioners often rely on risk matrix-based tools to prioritize risks, such as Pascarella et al. (2021), Syed and Lawryshyn (2020), Dillon et al. (2018) and Ruan et al. (2015). These risk matrix-based tools provide a simple and intuitive way for decision-makers to assess and rank risks based on their likelihood and potential impact. However, as highlighted in their problem description, these frameworks often fall short in effectively capturing the complexities of interdependent risks within a network. The shortcomings of risk matrix-based tools highlight the need for more advanced analytical frameworks capable of effectively capturing the intricacies of risk relationships and the decision-maker’s risk preferences.

Therefore, this study proposes an EUT framework based on the methods of Do. Bagus and Hanaoka (2022b). This framework modifies the utility indifference curves-based threat-utility approach and utilizes cost-benefit analysis to prioritize supply chain risk mitigation strategies, all while considering the risk appetite of decision-makers. This approach aims to more effectively capture the nuances of risk relationships and decision-maker preferences within a network of interdependent risks.

Establishing causal risk networks or pathways related to the risk appetite model has been an underexplored area of research (Lotfi et al., 2024). It goes beyond only identifying hazards and their sources to include potential techniques for risk reduction inside the network. Depending on the use of certain risk mitigation measures, the analysis of the risk network entails determining conditional probability values and loss values associated with hazards. Instead of examining seaport risks individually, we introduce a new approach by establishing a conditional seaport risk network.

This process starts with defining the context, setting the boundaries of seaport risks related to the supply chain/network and identifying the stakeholders involved in the risk management process. First, we developed an interdependency model using a rough set-based genetic algorithm proposed by Do. Bagus and Hanaoka (2022a) to compute the strength of conditional seaport risk correlations. Second, we used conjoint analysis to develop the expected utility value proposed by Do. Bagus and Hanaoka (2022b). The interdependency strength from the rough set and weighted aggregated sum product assessment is used to generate the threat utility function and value for each decision-maker in the conjoint scheme. Third, we calculate the decision-makers’ risk tolerance toward their preference of potential revenue loss using mixed-integer linear programming. The risk tolerance reflects their risk appetite, which can be used to determine risk mitigation and risk resilience strategies.

New risk measures that are simply computed, able to capture the network-wide effect of hazards and take risk appetite into account are needed to be explored throughout the risk network’s review stage. In addition to determining how risks affect the network as a whole, it is important to show how each risk affects it and make sure that all risks have been reduced to the necessary extent.

As the aim of our research is to introduce a risk management process for interdependent risks, the focus is placed on techniques for establishing the risk appetite of a decision-maker. The procedure proposed by Ruan et al. (2015) can be employed for the implementation of the proposed process. Additionally, the risk tolerance and loss values are derived from the estimation according to Equation (1). Thus, the model is based on the following assumption:

1. The SSCR attributes, corresponding source of risk data and potential mitigation strategies are given from Do. Bagus and Hanaoka (2022a). These can be modeled as a directed acyclic graph according to rough set theory.

2. All conditional seaport risk variables and risk mitigation strategies from the potential threat are represented by binary states.

3. The probability risk values of the conditional seaport and associated losses can be elicited from the stakeholders and the resulting network represents a close approximation to the actual perceived risks and interdependency between different risks. This data is given from Do. Bagus and Hanaoka (2022b).

Thus, the SSCR network for this section is identified by the five-tuple (5-tuples) S = {U, A, V_a, f, S}, consisting of

1. U is a finite set of decision-makers evaluation, A = {a₁, a₂, …, a_n} is a finite set of attributes (seaport risk), V_a is the value set of attribute a, where V = 1, 2, …, 5 indicates the highest to the lowest evaluation, V = ∪_a ∈ A V_a and

2. A link is defined as a total function of f: U × A → V such that f(x,a) ∈ V_a for each a ∈ A, and x ∈ U is called the information function. A string vector describes each object x of U. Thus, the description of x is expressed in terms of the evaluation of the attributes from A. It represents the available information about x.

3. S is a set of utility functions. S(x) with respect x of U.

Referring to the assumption in Subsection 3.1, the notations used in the risk appetite model are shown in Table 1 as follows:

The risk appetite risk model formulation starts with the problem from Ruszczyński (2013). Considering we have the set of conditional seaport risk attributes in relation to the supply chain threat and the set of the stakeholder, the risk appetite model is a static optimization model in which the “revenue” Z(x, a_ij) is given and depends on decision variables x in space χ = Rⁿ as well as on an elementary conditional seaport risk event a_ij in some probability space (C, D, S).

According to that, let A = {A₁, A₂, …, A_n} be a given set of potential threats of the seaport-fulcrum supply chain (SSC) stakeholders E = {e₁, e₂, …, e_q} and the set of the condition seaport risk variables C = {C₁, C₂, …, C_m}. The identification of a minimal subset of the conditional seaport risk attributes, C_a $⊂$⁠, C referring to the experts (decision-makers), is important because it implies minimizing the potential loss of the potential threat. Moreover, all potential threats can be perfectly distinguished from each other according to the levels of conditional seaport risk attributes in C_a.

The main problem is to minimize the potential loss of revenue. The Z(x, a_ij) with respect to x ∈ U and x ∈ E is a feasible set. Due to the characteristic of Z(x) is random, the risk appetite model deal also has random constraints. Hence, the objective in this model is expected value, and risk aversion is represented by a system of constraints. In addition, the stochastic parameters are represented in integers; thus, a mixed-integer linear programming is used to minimize potential loss of revenue from the minimum set under some rules.

The risk appetite model is presented as follows:

subject to,

Equation (1) is an objective function to minimize total loss from the threat-utility and estimation of predicted cost referring to the SSC stakeholders. By minimizing Z, we try to reduce the impact of potential threats by possibly adjusting factors like the probability P_qj|s and the severity S(a_ijq). The inclusion of the sampling fraction F scales this loss calculation based on the sample size, making the result representative of the full population or scenario. The entities of this supply chain model are divided into port authorities (PA) as q₁ – including seaport operators – and seaport users (SU) as q₂.

There are four constraints subject to the objective function. Firstly, constraints in Equations (2) and (3) are measurement of the discrepancy between potential threat TF_i and TF_k in terms of the conditional seaport risk attributes. This can be interpreted as a minimum required level of distinctiveness between each pair of threats. In other words, for the risk assessment to be considered valid, the threats need to be sufficiently different in their risk profile as defined by the attributes. For decision-makers (from set e), this objective function could represent a requirement to ensure that each threat factor i is sufficiently distinct from each other threat factor k in terms of conditional seaport risk attributes. This distinctiveness is essential for prioritizing or categorizing threat responses effectively. If two threats were too similar (i.e. their discrepancy falls below α), it could imply a need to adjust the criteria for assessing threats.

Secondly, the constraint in Equation (4) enforces a controlled range of discrepancy between pairs of threat factors, ensuring that there is a minimum amount of difference (at least 1) between any two threat factors and that there is also an upper limit (no more than 5) to prevent extreme values that might skew the analysis. Furthermore, the constraint ensures that the total discrepancy between any two threat factors, i and k, across all relevant attributes falls within a balanced range. This balanced range prevents the threat factors from being too similar (lower bound) or too divergent (upper bound), likely supporting a more standardized or manageable assessment framework for decision-makers.

Lastly, the constraint in Equation (5) is the level of discrepancy we set up. This constraint has a relation with Equation (2). In this case, it coincides with the number of conditional seaport risk attributes in C₀ that take different levels for the threat factors related to revenue loss TF_i and TF_k, and α is the corresponding minimum number, for any pair (TF_i, TF_k) of threat factors that are required to have an acceptable subset C_α. This means that α − 1 conditional risk attributes can be missing, and we still can differentiate any pair of threat factors (TF_i, TF_k).

The estimation of the threat-utility function (part-worth function) can be used to answer various “what if” questions, such as how will the revenue loss change for an existing policy of SSC stakeholders if its competing entities change their policy? What will be the change in market share? And which conditional seaport risk attributes have big implications for the change? Hence, the aim of this model is to predict the conditional probability of seaport risk factors leading to the loss of revenue and getting acceptable risk from each conditional seaport risk attribute.

Therefore, the predicting revenue loss is defined as the probability of choice of seaport risk factors under some rules for each decision-maker in the sample. This probability is based on the predicted utility computed according to the conjoint model based on Do. Bagus and Hanaoka (2022b). According to Rao (2014), there are two rules that are used as constraint in this model as follows:

The constraint in Equation (6) is used to check non-routine risk or sporadic risk, while Equation (7) is used to check repetitive risk. Therefore, the additional constraint in Equations (6) and (7) are used differently with an aim to check the acceptable risk of conditional seaport risk attributes under the risk characteristic. The sporadic and repetitive rule cases in Equations (6) and (7) depict the heterogeneous risk event. The characteristic of sporadic risk events is the conditional seaport risk attributes occurring at irregular intervals or only in a few places: scattered or isolated. While, the repetitive risk event is the conditional seaport risk attributes occurring repeatedly, especially when tiresome and lacking in variety. The model formulation in this chapter is built on Matlab 2022.

The expected utility is given from the threat-utility function according to Do. Bagus and Hanaoka (2022b). Within the context of decision-making under uncertainty, risk can be related to a utility function that reflects the preferences of a decision-maker with regard to various possible consequences of a decision. EUT posits that a decision-makers preference over an outcome x can be represented by a utility function s(x), and if there are i = 1, …, n potential threat to the supply chain which occurs with probability p_i and for which the outcome is x_i, then the decision-maker (experts) cares about their expected utility $∑i=1npis(xi)$⁠.

When presented with a range of options, a decision-maker will opt for the alternative that provides the maximum expected utility. The configuration of the utility function reflects the risk attitude of the decision maker: it is concave for a risk-averse individual, convex for a risk-seeking individual and linear for a risk-neutral individual. Risk-averse decision makers would consistently prefer a certain option over a risky one with an equivalent expected value; conversely, risk-seeking individuals would reject a certain option in favor of a risky one with the same expected value. In essence, risk-averse individuals require compensation for undertaking risk.

The utility value of the risk attribute can be generated from the hybrid conjoint model as follows (Do. Bagus and Hanaoka, 2022b):

We define the dummy variables D_mn = J – 1 for the ten threat to as follows:

The individual hybrid conjoint model then is:

The parameters a, b and B_ml are regression parameters. The estimation method in this model is iterative least squares regression, and the associated characteristic equations for the individualized conjoint model are as follows:

where

$εml$ and $δJ$ are independent and identically distributed random variables N(0, σ²).

The estimation steps for this model are based on Hagerty and Srinivasan (1991) and are provided as follows:

• Step 1: Set μ = 0 and τ = 1 based on Do. Bagus and Hanaoka (2022b) – Q_l + J observation, estimate u_ml.

• Step 2: Regress s_DR on the predicted score using Equation (13). The intercept and slope of this regression will yield estimates of μ and τ.

• Step 3: Repeat Step 1 with the estimated values of μ and τ in Step 2.

Repeat Steps 2 and 3 until the change (reduction) in the error sum of squares is no more than a prespecified number or the number of iterations is exceeded.

The basic idea is to estimate the threat-utility function of conditional risk factors that are considered by an individual and use certain rules to translate these utilities into threat probabilities. Rules (scenarios) of the predicted probabilities (P_qj|s) for each dimensional threat under some scenarios as mentioned in Equations (6) and (7).

The decision variables in the problem as stated in Section 3.3 is integer, which a_ij is defined as the level of risk that stakeholder q is willing to either accept or mitigate in response to the combination of threat i factor and its associated conditional seaport risk attributes j. a_ij  = 1: Stakeholder q completely mitigates the risk related to threat i and conditional risk attribute j. While a_ij = 0: Stakeholder q fully accepts the risk without taking any mitigation action. Hence, the objective of the model is to minimize the total expected loss due to the conditional seaport risk attributes.

Moreover, the problem as stated above allows us to determine a minimal subset C₀, associated with a = 0, of conditional seaport risk attributes of the set C, which allows identification of the potential threat factors in the set TF. However, if the TF is to be identified with some missing information, the set C₀ can become useless. Hence, we normally use a > 0. By selecting relevant conditional seaport risk attributes, we can determine the potential revenue loss and its risk tolerance related to the relevant risk attributes associated with the threat factors. In other words, we find the minimal subset of Ca_i ⊆ C such that the threat factor i has different conditional risk attributes when compared with all other threat factors. Thus, we used mixed-integer linear programming (MILP) to tackle this problem. The selection instance problem is depicted in Table 2.

The problem of “minimizing” in Equation (1) is based on Ruszczyński (2013). The risk appetite model adopts the random outcome Z(x), which is related to another random outcome in constraints. Hence, the optimizing risk appetite model is based on the expected utility functionals as follows:

Considering the model in Equation (14) with the usual stochastic order $≼(1)$ and with the increasing convex order $≼(icx)$⁠. We focus on the latter because it is most convenient for modeling risk-averse preferences. Models with first-order constraints are nonconvex, in general, and frequently involve combinatorial considerations (Luedtke, 2008; Noyan and Ruszczyński, 2008; Noyan et al., 2006; Dentcheva and Ruszczyński, 2004a). Hence, the problem in Equation (14), considering our model, can be rewritten as follows:

subject to,

in which the random function S(.) is convex, and the set X is convex and closed.

This model (15) is a “cost/revenue loss” version of the model (14) with second-order stochastic dominance constraints of Dentcheva and Ruszczynski (2004b). Under suitable regularity conditions, Ruszczyński (2013) can prove that $xˆ$ is an optimal solution of this problem if and only if a convex nondecreasing utility function $uˆ(.)$ exists such that $xˆ$ is also a solution of the following expected utility problem:

The function above plays the role of a Lagrangian, with the utility function $uˆ(.)$ playing the role of the Lagrange multiplier. Corresponding duality relations can be developed as well. The EUT and the dual utility theory (Ruszczyński, 2013) provide dual objects for stochastic order constraints. For problems with first-order constraints, local optimality conditions can be derived with the use of the Largangian Equation (17), but with utility functions s(.) and rank-dependent utility functions u(.), which are not necessarily convex.

The stakeholder preferences and risk considerations in the SSC of Indonesia are multifaceted, as mentioned in Section 1, reflecting the diverse interests and priorities of various actors. Crafting effective policies and strategies to enhance the resilience and competitiveness of Indonesia’s maritime logistics ecosystem will require a deep understanding of these stakeholder perspectives as well as a holistic approach to addressing the complex web of challenges facing the industry (Bijaksana et al., 2020; Rumaji and Adiliya, 2019; Ridwan and Sunaryo, 2019). The disruptions in Indonesia’s seaports provide an example to illustrate the interdependence among risk attributes in the SSC – such as the stakeholder preferences and risk considerations, demand sustainability, increasing sustainable supply chain performance and securing government support through appropriate regulations, which is particularly relevant for other archipelagic countries (Bijaksana et al., 2020; Lee, 2021; Do. Bagus and Hanaoka, 2022a, b, 2023).

This study investigated the roles of different supply chain entities to understand their interdependencies. The researchers used secondary data from Do. Bagus and Hanaoka (2022a) to develop the model. The risk appetite model was developed based on input from two key stakeholder groups: PA and SU. The PA group included seaport managers, such as the Indonesian harbor master and Pelindo as well as seaport operators like Pelindo Multi Terminal. The SU group consisted of entities such as PT. Kalla Lines, PT. Temas Lines, PT. Samudera Indonesia and PT. Trans Power Marine, which are involved in bulk cargo transportation and handling. The responses from these stakeholders are depicted in Table 3:

Accordingly, 61 risk attributes divided by ten-dimensional threats were identified, referring to Do. Bagus and Hanaoka (2022a) and discussions with some experts. We sent an audience letter and asked ten experts from PT. Pelindo III, five experts from PT. Temas Line and nine experts from PT. Kalla Lines virtually to identify potential supply chain threats and their conditional seaport risk attributes. All the experts have positions in their organization with a percentage of 11% director, 55% manager/division head, 15% supervisor and 19% others. Moreover, the percentage of work duration for these experts is as follows: below five years is 4%, between 5 and 10 years is 39% and over 10 years is 57%. Thus, we categorized the ten-dimensional threats in Figure 1, which were sourced from 61 conditional seaport risks according to the four abovementioned studies. We then identified several indices to capture the different perspectives of domain stakeholders. However, the potential threat factors have different conditional seaport risk attributes as seaport risk criteria. Thus, we created this threat categorization index to represent the degree/level of reaction to the danger in terms of port monitoring as well as to describe the breadth of measures that may be taken in Table 4. Additionally, each attribute is coded and assigned to the appropriate numerical value in Table 4 and is estimated from the data of management disruption in the Indonesia seaport context based on Kementerian Perhubungan (2020).

We use the novel approach by Do. Bagus and Hanaoka (2022b) for assessing expected utility value considering interconnected risks within a network. Additionally, we employ MILP to minimize potential revenue loss in alignment with the principles of EUT. Moreover, numerical illustration aims at demonstrating the utility and relevance of the risk appetite model and solution methodology described above in the real context of Indonesian SSCR disruption.

There are ten-dimensional threats related to average revenue loss in percent depicted in Table 5 that were identified to diagnose the probability of potential revenue loss. Instead of following the top-down approach, we developed a correlation network that utilizes a bottom-up approach. The correlation network was developed and explained in Do. Bagus and Hanaoka (2022a), and the expected utility value is generated from Do. Bagus and Hanaoka (2022b). Additionally, whole decision-makers were asked to estimate potential revenue loss associated with threat factors. The average of this estimation is shown in Table 5 as follows:

Furthermore, the threat utility refers to Do. Bagus and Hanaoka (2022b), and Table 5 are used to get the risk appetite model in Equation (1). The model was computed for each possible combination of potential revenue loss and the expected utility value was evaluated for each instance. Table 5 shows the percentage of average potential revenue loss, that we asked the respondents to evaluate for potential revenue loss due to potential supply chain threat factors.

Additionally, Figures A1 and A2 in the appendix as input S in Equation (1) depict the expected utility value according to PA and SU towards the conditional seaport risk attributes. If a decision maker was targeting a particular cost to minimize revenue loss, they should choose the conditional seaport risk attributes that give the highest expected utility for that cost. The distribution of expected utility value of conditional seaport risk attributes also is shown in Figures A1 and A2 in Appendix. Thus, using MILP, we got maximum potential revenue loss according to their expected utility value.

The disruption in Indonesia’s seaport operations can result in significant financial losses for supply chain entities. Based on the data from the Indonesia Ministry of Transportation, the average cost of disruption in Indonesia’s seaports is estimated at approximately USD 50 m per incident, with a range of USD 20 m to USD 100 m, depending on the scale and duration of the disruption (Gurning et al., 2011; Zen, 2018; Palupi, 2019; Anwar et al., 2020; Barata, 2020). These financial losses can manifest through various channels, such as delayed shipments, increased logistic costs and lost sales opportunities (Do. Bagus and Hanaoka (2023).

This study try to understand the Indonesian seaport stakeholders’ attitude toward several potential threat factors and their conditional seaport risk attributes that can harm supply chain continuity, e.g. SSCR disruption. In order to know Indonesia stakeholders’ attitude on the potential threat factors and their risk attributes, we proposed a risk appetite model for PA and SU in condition sporadic risk and repetitive risk cases as mentioned in Equations (6) and (7).

Using the concept of EUT as mentioned in the literature review of this model, this study serves some insight into utility, preferences and stakeholder behavior. Hence, preferences relate to the ordering of different risky alternatives based on stakeholders’ advantages and disadvantages concerning the potential outcomes (potential supply chain threat factors – TF) and associated conditional seaport risk attributes. In terms of important values referring to the utility score, we found that PA considers the potential threat factors on supply chain continuity more deeply than SU. This finding is depicted in Figure 2 as follows:

In a case of potential revenue loss in Table 6, there are two different scenarios showing the potential loss from two different perspectives, such as sporadic risk event and repetitive risk event. We compare both rules to get a percentage of revenue losses for PA and SU behaviors. The negative sign in both rules indicates the sign for revenue loss. The sporadic risk event in Equation (6) shows that the maximum risk value among the evaluation of expected utility is selected based on their maximum value. This reflects the characteristics of sporadic risk events. Whereas, the repetitive risk event in Equation (7) shows that the risk value is selected among the evaluations referring to their normalization value by considering prioritization α. If α > 1, attributes with higher s_j are given greater weight S_ij. If α < 1, the distribution is more uniform, giving less emphasis to larger values of s_j.

Furthermore, the result shows that the PA is more reluctant to experience with revenue loss rather than the SU. The potential revenue loss is affected by different conditional seaport risk attributes. This is clearly depicted in Figures 3 and 4. Both figures give information on risk tolerance for certain conditional seaport risk attributes.

If we assume that the percentage of highest risk is between 0 and 20%, then every decrease in the degree of risk accepted is reduced 20% from the utility value. Lack of distribution risk planning (a₁₈), deficiency of berth allocation risk planning (a₁₉), less timeliness of port customs clearance (a₄₃) and less cash flow (a₆₅) are considered high risk to be acceptable risk until risk level 4 by PA either in sporadic risk case and the repetitive risk case. They indicate that the degree of risk accepted by the PA should not exceed 40% of 100% of their utility value. Meanwhile, whatever the risk case for SU, the shortage of IT and advanced technology (a₃₉) should not exceed 60% of their utility value. Moreover, the highest unacceptable risk is the less efficient cost in the feeder link (a₇₃) for PA in repetitive cases, which should be below 20%.

Stakeholders’ utility and risk preferences influence their risk attitude or risk appetite and decision-making (Chowdhury et al., 2022). Risk-averse stakeholders, for example, are more likely to place a higher value on avoiding losses than seeking gains. On the other hand, risk-seeking stakeholders might be willing to accept higher risks for the possibility of higher returns (Ricciardi and Rice, 2023). Stakeholders’ risk preferences play a significant role in determining their risk management strategies. Stakeholder utility assessments of potential supply chain threats, along with associated conditional seaport risks, can drive their behavior in risk management. If a stakeholder perceives a particular risk as having severe consequences and low utility, they are more likely to take action to mitigate or avoid that risk. Conversely, if a risk is perceived as less critical or the potential rewards are high, stakeholders may be more willing to accept the risk (Kwak and LaPlace, 2003; Ricciardi, 2008).

This study presents a model to depict the potential revenue loss in Table 6 as a starting point. It then explores the acceptable risk according to the time of risk that the SSC entities should anticipate. Additionally, the study examines the characteristics of risk-occurrence-related time, such as sporadic and repetitive risks. Sporadic risks occur irregularly and unpredictably, characterized by infrequency, irregular intervals and lack of clear patterns. These unexpected risks can be challenging to anticipate and manage effectively. In contrast, repetitive risks, also known as recurring or continuous risks, occur repeatedly and consistently over time, displaying clear and identifiable patterns, making them more predictable and manageable.

According to Table 6, PA and SU face potential revenue losses of up to 8.67 and 7.12%, respectively, in sporadic risk events. For repetitive risks, both stakeholders have similar potential revenue losses of 0.2%. This suggests that PA and SU can collaborate more closely under repetitive risk scenarios, while their cooperation is more challenging when facing sporadic risks. By working together, these supply chain stakeholders can share risks and enhance productivity for effective and efficient supply chain continuity. However, such collaboration is less beneficial when dealing with sporadic risks, as the conditional seaport risk attributes have a greater impact. Therefore, each stakeholder must put extra effort into managing the specific risk attributes that pose the greatest threat to their business operations.

This study suggests that attempts to control all conditional seaport risk attributes are not practical, as risk is inherent in every business process. Instead, it proposes an analysis to calculate acceptable risk levels that can guide decision-makers among SSC stakeholders. For sporadic risk, the study finds that PA can tolerate certain risks, such as lack of distribution planning, deficient berth allocation planning, less timely customs clearance and cash flow issues, up to risk level 4. However, the risk of pandemics/epidemics is only acceptable up to level 3. The remaining conditional seaport risks should not exceed levels 2 and 1, as presented in Figure 3.

The SU has a higher tolerance for risks related to shortage of IT and advanced technology, which they can accept up to risk level 3. However, the user has a lower tolerance for other risks, which should not exceed risk levels 2 and 1. In the case of repetitive risks, the PA can accept higher risk levels for certain factors, such as lack of distribution risk planning, deficiency of berth allocation planning, less timely port customs clearance and less cash flow – up to risk level 4. They can also accept higher risk levels for less efficient costs in the feeder link – up to risk level 5. The SU acceptable risk levels for repetitive risks are similar to the sporadic risk case.

Accordingly, the PA exhibits a more risk-seeking attitude compared to the risk-averse SU. Risk-averse stakeholders may opt for conservative risk management approaches, like buying insurance or implementing strict safety measures. Conversely, risk-seeking stakeholders may be willing to take on higher risks and invest in projects with potentially higher returns.

The study found that PA and SU have different priorities when it comes to supply chain threats, as shown in Figure 2. PAs are more concerned with environmental factors, while SU focus more on issues related to seaport service processes. The importance values measured in the study indicate the relative significance of these different threat factors for the stakeholders. These values quantify the weight and priority that stakeholders assign to each factor when making decisions and trade-offs.

The analysis of SSCR in Indonesia underscores critical disparities in risk appetite between PA and SU. Specifically, PAs exhibit a more risk-tolerant posture, whereas SUs tend to be risk-averse. These differential risk perspectives hold significant policy and industry implications, particularly regarding enhancing supply chain resilience, financial stability, regulatory frameworks, sustainability and competitive positioning. By delineating acceptable risk thresholds and prioritizing risk factors, the study enables the development of targeted risk mitigation strategies aligned with stakeholder needs and expectations. Notably, the research reveals that sporadic risks cases, such as inadequate distribution risk planning (a₁₈), deficient berth allocation risk planning (a₁₉), delayed port customs clearance (a₄₃) and cash flow issues (a₆₅), pose a greater financial threat than repetitive risks. This is evidenced by the potential revenue losses of up to 8.67% for PAs and 7.12% for SUs in the face of sporadic disruptions.

Recognizing the disparities in risk appetite between PA and SU, this study proposes the establishment of collaborative risk mitigation frameworks. Through these frameworks, the stakeholders can jointly develop contingency plans to address high-impact disruptions. For instance, implementing standardized protocols for cargo handling during custom bottlenecks could help reduce delays, while real-time data-sharing platforms could improve coordination during irregular disruptions. From an industry perspective, the authors recommend that seaports invest in digital transformation initiatives, such as adopting AI-driven logistics management and IoT-enabled cargo tracking, to enhance their ability to mitigate sporadic risks. Additionally, we emphasize the importance of regular simulation exercises for seaport staff and logistic operators to ensure their preparedness for unexpected disruptions. By aligning their operational strategies with the risk tolerance levels presented in Figures 3 and 4, the stakeholders can minimize operational downtime and maintain the continuity of supply chain flows, even during periods of crisis.

The financial impact of supply chain disruptions is substantial, particularly for sporadic risks. To address this, policymakers should consider risk-pooling mechanisms, such as shared insurance funds or government-backed guarantees, to help stakeholders absorb sudden financial shocks. Tax incentives for companies investing in risk-mitigation technologies could further encourage resilience-building measures. For maritime industry players, conducting cost-benefit analyses of risk mitigation investments will be crucial. While upgrading port infrastructure may require significant capital, the long-term reduction in revenue losses justifies the expenditure. Moreover, dynamic pricing models that adjust logistic costs based on real-time risk exposure could help companies maintain profitability during disruptions. Developing financial resilience should be a core component of corporate strategy, ensuring that both PA and SU can withstand volatility without severe economic repercussions.

Regulatory reforms are needed to improve risk governance and compliance. The study indicates that SU heavily depends on policies set by PA, suggesting a need for more decentralized and adaptive regulatory frameworks. Regional PAs should be empowered to tailor risk management strategies to local conditions, such as addressing environmental risks in coastal areas versus cybersecurity threats in major trade hubs. Furthermore, mandatory risk disclosure requirements could enhance transparency, compelling both PA and SU to publish annual risk assessments and mitigation plans. From an industry standpoint, compliance should not be seen as a burden but as a driver of innovation and efficiency. For instance, adopting blockchain for cargo documentation could simultaneously meet regulatory demands and reduce fraud risks. Establishing permanent stakeholder councils – comprising PA, SU and government representatives – would facilitate ongoing dialogue, ensuring that regulations evolve alongside emerging risks. A proactive regulatory approach will be essential in maintaining Indonesia’s position as a reliable maritime trade hub.

Sustainability, including environmental, social and governance factors, is crucial for seaport operations to mitigate long-term risks and ensure responsible growth. The study identifies that risk-tolerant PAs can leverage risk management to differentiate themselves by positioning their facilities as high-reliability hubs. Policy initiatives, such as a national seaport modernization fund, could finance smart port technologies, including automation and AI-driven logistic optimization. Designating high-efficiency export–import corridors for compliant businesses would further enhance competitiveness by reducing delays and improving predictability. For SU, addressing critical vulnerabilities – such as IT and advancement technology shortages – through public–private partnerships can improve operational efficiency. Companies that proactively invest in resilience can market themselves as low-risk logistics providers, attracting premium clients. Collaboration between PA and SU on infrastructure projects will ensure that Indonesia’s ports remain competitive in an increasingly digital and risk-sensitive global trade environment.

This study’s risk appetite model reveals critical distinctions in how PAs and SUs perceive and manage sporadic (irregular and high-impact) and repetitive (predictable and recurring) risks in Indonesian SSCs. The findings underscore that sporadic risks demand proactive collaboration, and PAs exhibit higher risk tolerance (8.67% potential revenue loss) than SUs (7.12%) for sporadic disruptions (e.g. customs delays and IT failures). However, SUs’ risk-averse stance highlights reliance on PA policies, signaling a need for joint contingency frameworks to mitigate irregular disruptions. Policy action is needed to establish real-time risk-sharing platforms and mandatory drills for sporadic scenarios (e.g. cyberattacks and natural disasters).

Repetitive risks require standardized mitigation; both PAs and SUs face lower but persistent losses (0.2%) from repetitive risks (e.g. inefficient feeder links and cash flow gaps). PAs’ risk-seeking behavior allows for long-term infrastructure investments, while SUs prioritize short-term fixes (e.g. IT upgrades). In terms of policy action, implementing automated systems (e.g. AI for berth allocation) and financial hedging mechanisms help to reduce recurring costs.

Hence, we suggest strategic recommendations for stakeholders. PAs should lead systemic reforms (e.g. green port certifications and smart technologies) to address sporadic and repetitive risks holistically. While SUs must adopt adaptive risk thresholds, aligning with PA policies while investing in resilience (e.g. predictive analytics and diversified logistic routes). Regulators can bridge gaps by incentivizing public–private partnerships and risk-disclosure standards.

The risk appetite model demonstrates that sporadic risks necessitate collaborative, agile responses, whereas repetitive risks call for institutionalized solutions. By aligning PA leadership with SU operational needs, Indonesia can transform its seaports into resilient, competitive hubs. Therefore, fostering a shared risk culture – where PA and SU jointly prioritize resilience – will be crucial for Indonesia’s economic stability and its role in global trade. Policymakers and industry leaders must act decisively to implement these recommendations, ensuring that the country’s seaports remain robust in the face of evolving disruptions.

This study elaborates on the risk appetite-related potential revenue loss from the SSC stakeholders’ preferences using mixed-integer linear programming. To better understand the maximum preferences of stakeholders that can absorb the magnitude of risk, a comparison with maximum utility is needed in future research. Moreover, incorporating financial data such as balance sheets, cash flow statements and profit margins would make the risk appetite model more comprehensive in the future. Furthermore, sensitivity analysis of these financial metrics will provide a more holistic view of the stakeholders' financial position and their ability to withstand various risk scenarios, allowing for a more informed assessment of their risk appetite and the development of appropriate risk management strategies.

The supplementary material for this article can be found online.