As we begin 2018 and reflect on some of the headlines from the past year, it’s hard to believe that most organizations still take an ad hoc approach to vendor management. Here are a few that our clients and partners were talking about.
- Cybersecurity and the Need for Better Oversight. 2017 was the worst year so far with regard to reported data breaches, many of which involved third-party vendors. Equifax, Goodwill Industries and the University of Oklahoma are just a few of the high-profile data breaches reported in 2017. And most experts agree that it is only going to get worse.
- Implementation of Uniform Guidance Procurement Standards. On December 26th the new Uniform Guidance Procurement Standards went into effect for more than 30,000 federally-funded states, local governments and nonprofit organizations. These new regulations require massive changes to the way in which recipients of grant and cooperative agreements procure goods and services, and manage their vendor contracts and relationships.
- Changes to SSAE 18 and SOC Certifications. The American Institute of CPAs also joined the party in 2017 by requiring service organizations to have a formal vendor management program if they want to pass their Service Organization Controls (‘SOC’) examination. The SOC certification is crucial ‘seal of approval’ for thousands of companies providing payment processing, data centers and software-as-a-service.
These are just a few examples of external forces that are combining to create a watershed moment in vendor management. As they evolve and converge, the risk in managing vendor relationships is only going to expand and get more complex.
The days of being undisciplined are long over. It’s never been more important than now for organizations to get serious about vendor management.
Throughout the year we’ll be sharing insights and ideas on everything you’ll need to know to ‘get serious’ and create a vendor management program that’s right-sized for your organization. We’ll be interviewing thought leaders who are on the cutting edge, yet we’ll also be rolling out a variety of practical ideas and tools that are easy to implement. We have so much to share that we even decided to launch a new podcast series, Rethinking Vendors, that we’ll be rolling out in a few weeks.
Stay tuned – and please be sure to subscribe to our blog so you don’t miss anything!
Author: Tom Rogers
Job Title: CEO
Organization: Vendor Centric
Tom is the founder and CEO of Vendor Centric, he has been a trusted advisor to nonprofit organizations for 30 years, with a focus on helping them align the right people, processes and systems to mitigate third-party risk and drive more value from third-party contracts and relationships.