Purpose: To review the extant literature on supply chain risk management (SCRM, including risk identification, assessment, treatment, and monitoring), developing a comprehensive definition and conceptual framework; to evaluate prior theory use; and to identify future research directions. Design/methodology/approach: A systematic literature review of 354 articles (published 2000-2016) based on descriptive, thematic, and content analysis.Findings: There has been a considerable focus on identifying risk types and proposing risk mitigation strategies. Research has emphasised organisational responses to supply chain risks and made only limited use of theory. Ten key future research directions are identified.
Research implications:A broad, contemporary understanding of SCRM is provided; and a new, comprehensive definition is presented covering the process, pathway, and objectives of SCRM, leading to a conceptual framework. The research agenda guides future work towards maturation of the discipline.
Practical implications:Managers are encouraged to adopt a holistic approach to SCRM.Guidance is provided on how to select appropriate risk treatment actions according to the probability and impact of a risk.Originality/value: The first review to consider theory use in SCRM research and to use four SCRM stages to structure the review.