How to Improve Vendor Management for CIOs

By David England

The ability to effectively manage complex, multi-vendor sourcing arrangements is becoming increasingly important in today’s business enterprises. In many cases, however, vendor management capabilities aren’t adequate to the challenge. As a result, business value erodes, service quality suffers and enterprises are exposed to operational and financial risk.

As a discipline, Vendor Management and Governance (VMG) is gaining boardroom attention for a number of reasons. At a high level, achieving more value from outsourcing is becoming a top priority. A sourcing strategy based on cost reduction alone is no longer sufficient, and executives are recognizing that an effective VMG function can enable the operational transparency and process consistency needed to drive business benefits such as enhanced data analytics and customer insight. 

More specifically, the continued growth of complex multi-vendor outsourcing agreements is underscoring the need for effective VMG. As delivery models constantly evolve, and as providers become more numerous and more specialized, the ability to oversee constant change and track multiple moving parts is essential. 

Finally, industries such as banking and pharmaceuticals face increasingly stringent regulatory scrutiny around third-party relationship management, and seek to bolster their VMG capabilities to ensure compliance with industry standards.

Despite the fact that VMG is gaining increased attention, many enterprises are failing to develop the capabilities required to achieve the necessary level of transparency and oversight. For one thing, the field is still relatively immature – many businesses have established dedicated VMG functions only in the last year or so. Moreover, responsibility for vendor management still often defaults to the procurement function, which tends to take a tactical, “contract cop” approach to oversight rather than assume a more strategic, business-focused role.  

Effective vendor management tips

An ineffective VMG function can lead to a variety of problems. The most basic is a lack of consistency and process standardization, which undermines the entire foundation of a governance strategy. At a high level, standardization is needed to ensure that multiple internal and external stakeholders are aligned and coordinated and able to track constantly moving parts. 

Achieving true standardization, meanwhile, requires addressing the “devil in the details” challenge of ensuring alignment between multiple providers.  Consider ITIL standards: while they prescribe what is to be done in terms of incident and change management, they don’t specify how those functions are executed. As a result, different service providers can introduce nuanced variations in their interpretation of ITIL standards. This can compromise the quality of the operational data that the governance model relies on. A mature VMG function recognizes the need for standardization at a granular level, and ensures that all providers adhere to a uniform interpretation of ITIL.

Another mistake that organizations frequently make is to underestimate the change management effort needed to drive best practices in general and standardization and consistency in particular. In response to regulatory pressure around third-party risk management, the banking and financial services are investing heavily in change management capabilities and are making progress in this area.

For CIOs seeking to improve vendor management effectiveness, knowing where to begin is often a key challenge.  “Governance” comprises an extremely broad range of activity, making it difficult to prioritize or even articulate clearly what the function involves.

Enterprises in this predicament can benefit from a self-assessment of their vendor management maturity levels.  By gauging the existing level of process maturity, such an exercise can provide a starting point for vendor management teams seeking to identify areas of strength, expose gaps and chart an actionable improvement plan.

A first step is to break out specific vendor management categories. These can be defined as: Contract, Financial, Performance, Relationship and Risk Management, as well as a broader category of General Strategy. A set of criteria or questions related to each category can then be assessed on a sliding scale of 1 to 5. In many cases, organizations conducting such an assessment find that they are strong in certain categories such as Relationship Management, but have significant gaps in other areas such as Risk.

Identifying gaps in a specific area enables prioritization and a focus on that area. If, for example, contract oversight is lacking, an organization can focus on that area and then leverage improvements in Contract Management across other categories.  Once the gaps between the current state and desired state are defined, the organization can prioritize and initiate actions to close the gaps.  Ongoing assessments allow organizations to monitor progress towards their desired maturity and capability levels.

Once an enterprise gauges its level of maturity, it can more effectively determine which parts to retain and which parts to outsource. As with any sourcing decision, a strategy to outsource the management of an outsourcer must make a distinction between strategic, value-add activities on the one hand, and routine, administrative and tactical activities on the other. Generally speaking, the former should be retained, while the latter are ideal candidates to hand off to a third-party provider.

While the VMG function has traditionally been retained by the client organization, mature enterprises are exploring the potential benefits of engaging third-party specialists to manage the day-to-day oversight of transactional activity and collection of operational data. This approach can reduce costs by an average of 30 percent by leveraging offshore resources. The outsourced model is also more scalable, since a high proportion of additional workload can be offshored. While a retained VMG function can effectively replicate standards and process discipline across multiple contracts, an increased volume of work requires the hiring of additional retained – and more expensive – staff.

Businesses are recognizing that effective vendor management and governance capabilities enable a solid foundation of information around key business processes and functions. Access to fact-based information, meanwhile, is essential to building the trust that transforms a client/vendor relationship into a true, mutually beneficial partnership.

Dave England is a director with Alsbridge, a sourcing advisory and consulting firm.

CIO Insight Staff
CIO Insight Staff
CIO Insight offers thought leadership and best practices in the IT security and management industry while providing expert recommendations on software solutions for IT leaders. It is the trusted resource for security professionals who need network monitoring technology and solutions to maintain regulatory compliance for their teams and organizations.

Get the Free Newsletter!

Subscribe to Daily Tech Insider for top news, trends, and analysis.

Latest Articles