How and Why to Track Incidents with Your Vendors

Vendor incidents are occurrences of an undesirable action or situation that was caused by the vendor’s actions. Tracking vendor incidents serves several key purposes when managing vendors such as:

  • Creating visibility into incidents and ensuring they get resolved,
  • Identifying trends that may signify recurring performance issues, and
  • Using the documented incidents as a way of negotiating better terms on contract renewal.
Most vendor incidents tie back to noncompliance with a specific contract term. Common examples include:

Vendor not meeting Service Level Agreements (SLA)
Many vendor contracts, especially those with software and service providers, include service level agreements. Complex contracts may also attach penalties to the vendor for not meeting the SLAs. Tracking problems with SLA’s is not only a performance management issue, it may actually result in payment of a penalty by your vendor.

Breach of contractual term or clause
  • Vendor communicates confidential information regarding your contract terms to a competitor
  • Vendor brings on a sub-contractor to provide services but the sub-contractor is not licensed
  • Vendor changes a process that is critical to your operation
Incident where there is not a contractual term or clause
  • Vendor’s representative is rude or unprofessional when providing customer service to your internal employeesVendor is downsizing its operation that supports your services
  • Vendor incidents should be created at the time the incident was reported. The best way to track the incidents is by using a vendor software system.
Where Can Vendor Incidents Come From?
There are multiple sources to obtain vendor incidents as long as a company has a process and system to track them.

Sources for vendor incidents:
  • Vendor scorecards – Monitoring scorecards is one way to verify the vendor is meeting the contractual SLA’s. Any SLA that is not met should be tracked as an incident.
  • Business owner of the vendor – When the business owner has identified an issue with the vendor they should always report this to the Vendor Management Office (VMO) to track and resolve.
  • Vendor reviews – Vendor reviews usually identify areas that the vendor can improve upon — any suggested improvements should be tracked as a vendor incident to monitor for resolution.
  • Internal resources that interact with the vendor – Internal employees that deal directly with the vendor will always be a good source to identify issues. No matter how petty the issue may be, the VMO should be the gatekeeper for all vendor issues.
  • Your customers – Some vendors may deal directly with your customers, and these customers may raise complaints. The channel your company has for complaints should feed any vendor-related issues back to the VMO to track.
  • Media – The VMO should be tracking the media for alerts on their vendors. There are usually industry-specific e-publications that you can subscribe to in order to help track your vendors.
  • Vendor – When vendors incur incidents, they should let their clients know immediately. Reporting directly to the VMO to capture the incident is the most efficient way to deal with such an occurrence.
  • Vendor’s competition – The competition likes to talk — while most of their claims could be false, it is always important to vet their claims out with the vendor and other sources before disregarding any such claim.
You Have a Vendor Incident — What Do You Do?
The Vendor Management Office (VMO) should be responsible for maintaining and managing vendor incidents.

1. Track the incident in a centralized system
  • Log the incident type
  • Log the date and time of occurrence
  • Obtain and log the vendor’s action log of repair
  • Log the resolution date and time
  • Document if the incident is related to a contractual term
2. Validate if the incident is repetitive
  • Review the incident log to validate if in fact the claim is a repetitive issue
  • If repetitive, review the past resolution and meet with the vendor to determine the root cause of the re-occurrence
  • Have the vendor build a new action plan and review their proposed resolution
3. Review the incident with the business owner
  • Alert the business owner of the incident
  • Provide your findings and determine the course of action: (a) Action Plan, (b) put on notice or (c) terminate vendor
4. Review the incident with the vendor
  • Advise the vendor of the incident and provide next steps for the vendor
5. Track the incident to ensure resolution
  • If an Action Plan is needed, manage the vendor to their Action Plan to resolve the incident.  Make sure the Action Plan is SMART-based and has specific timelines.
6. Document vendor incidents in next vendor review/contract negotiation
  • During vendor performance reviews, internal vendor reviews and contract negotiations, all of the vendor’s incidents from the last review/negotiation should be included.

Gavin Mac Carthy is Founder and Partner of VendorRisk, a software company that helps organizations manage their vendors & contracts through a cloud-based vendor management platform. You can reach Gavin at gavin@vendorrisk.com.

Tom Rogers
Author:

Job Title: CEO
Organization: Vendor Centric

Tom is the founder and CEO of Vendor Centric, he has been a trusted advisor to nonprofit organizations for 30 years, with a focus on helping them align the right people, processes and systems to mitigate third-party risk and drive more value from third-party contracts and relationships.

Contact us