In recent years the issue of supply chain risk has been pushed to the fore, initially by fears related to possible disruptions from the much publicised “millennium bug”. Y2K passed seemingly without incident, though the widespread disruptions caused by fuel protests and then Foot and Mouth Disease in the UK, and by terrorist attacks on the USA have underlined the vulnerability of modern supply chains. Despite increasing awareness among practitioners, the concepts of supply chain vulnerability and its managerial counterpart supply chain risk management are still in their infancy. This paper seeks to identify an agenda for future research and to that end the authors go on to clarify the concept of supply chain risk management and to provide a working definition. The existing literature on supply chain vulnerability and risk management is reviewed and compared with findings from exploratory interviews undertaken to discover practitioners' perceptions of supply chain risk and current supply chain risk management strategies.