I have enjoyed the opportunity to write numerous blogs over the last year on the topic of Contract Lifecycle Management (CLM). This blog will focus on the important issue of Contract Lifecycle Management Risk. Many people may overlook this important area of risk but as a I learned from a legal colleague the contractual document must be used to appropriately balance and assign the risk between the two parties in any legally recognized relationship.
When exploring Contract Lifecycle Management Risk, I will assess it across each stage of the Contract Lifecycle including:
- Requests
- Authoring/Negotiations/Approvals/Execution
- Performance & Compliance
- Renewals & Closeout
Below are more details on the risk associated with each of the Contract Lifecycle stages:
Request
Of course, the contracting process begins when a procurement or other stakeholder is interested in securing a relationship with a new or existing vendor. What is often times overlooked is how risk can be identified and mitigated at the very beginning of the process.
Key risk mitigation factors to consider:
- Make sure your contracting process aligns with your third-party risk management policy and process
- Ensure you have the controls in place to begin identifying and mitigating risk before the contracting process gets underway
- Identify risk ‘deal-breakers’ early in the process so you don’t waste time working on a contract that ultimately doesn’t get executed
As I often say, “Time is the Currency of our Life” so any wasted time does present a risk and cost to your organization.
Authoring/Negotiations/Approvals/Execution
If your team has done their job during the request stage, then this next phase is where you have the ultimate responsibility and influence over how you can mitigate your risk within the contract you author, negotiate, approve and execute.
Key risk mitigation factors to consider:
- Ensure you have a comprehensive set of contracting standards
- Once the agreement is signed, it is more difficult to deal with risks that come up during the delivery of the contract if they have not been included in the written contract
- You need to make sure you agree in writing about how the risks will impact both parties and which party bears specific responsibility for a given risk and the resulting response if indeed it does arise
- Here is where Service Level Agreements (SLA’s) can be an important addition to every contract. Establishing clear requirements is critical to minimizing risk
- Have appropriate approval authorities in place to ensure you have the necessary stakeholders (i.e., Subject Matter Experts) involved throughout this stage
- This will ensure the agreement that gets executed has effectively addressed and mitigated all of your potential risks
- Automate the entire Contract Lifecycle Management process by using a Contract Management System (CMS) to streamline these processes
- This will eliminate the added risk of lost time which will have a negative impact on your speed to market and competitiveness
Performance & Compliance
Once the contract is executed, the important work of managing performance and compliance associated with the vendor and your working relationship begins. Ensuring you have added Service Level Agreements (SLA’s) in your contract will enable you to effectively manage performance and compliance issues between you and the vendor.
Without SLA’s or specific language in the contract detailing the performance and compliance responsibilities of the vendor, you will be at risk for the following
- The vendor doesn’t deliver the required or expected service in the contract
- The vendor doesn’t accurately bill you with the contracted pricing
- The vendor doesn’t provide the quality of service or support required in the contract
- The vendor doesn’t abide with their compliance requirements in the contract
Many organizations handle this stage in an ad-hoc manner and it is no surprise that these organizations feel like they are ‘fire fighters’ constantly reacting to unforeseen problems vs being program managers proactively managing to legally agreed upon services, pricing and performance.
Renewals & Closeout
This is a stage that can ultimately present significant risk, unnecessary costs and a lost opportunity to renegotiate the terms of a contract. I have heard too many times from prospects and clients that their organization has had contracts auto renew without anyone knowing it. In one case, I heard of a six-figure contract auto renewing and the organization had not even fully received the benefits from the initial term of the agreement.
Key risk mitigation factors to consider:
- Have notifications and controls in place to ensure you are proactively managing all of your auto renewable contracts
- Take the opportunity to renegotiate terms and conditions in advance of renewing a contract with particular attention to strengthening you risk posture, SLA’s and related improvements to the contracted relationship
- When you close out contracts to end a relationship, follow the language in the contract to ensure the vendor’s responsibilities to return all protected data or other confidential information is met. This will ensure you are fully protected against any future misuse
In Conclusion
The risks outlined above can all be effectively mitigated by ensuring you have:
- Comprehensive contracting standards, approval authorities and controls in place
- Ensure your contracting standards are fully aligned with your third-party (vendor) risk management and procurement policies
- A system to automate the full Contract Lifecycle Management
- Commitment across your organization to consistently engage with your vendors to actively manage the relationship as it is agreed upon in your contract
No matter where you are on your contract lifecycle management journey, here are the Contract Management Services we provide. In addition, we are an authorized consulting partner for Gatekeeper, a best-in-class Contract and Vendor Management system. We are here to help!!