The Statement of Work (or SOW) is one of the most important documents you will develop during your relationship with a third-party vendor. Its impact is broad – affecting the scope of work that will be performed, the overall schedule of your project, the amount you pay (and the timing those payments are made) and many other critical aspects of a vendor engagement.
When preparing a SOW (regardless of whether you’re using one of your organization’s pre-approved SOW templates or a vendor’s template) there are certain questions you should always ask to ensure details are documented and assumptions are removed. But first, let’s review the difference between two terms that often get confused – “Statement of Work” and “Scope of Work.”
Statement of Work vs Scope of Work
The Scope of Work is actually just a section that can be found within a Statement of Work. The Statement of Work defines the overall objective of your project, and also defines details about schedule/timeline, costs, deliverables, acceptance criteria and much more. The Scope of Work focuses on defining the details of how the project objectives/goals will be achieved, and describes (in detail) the exact work that will be performed.
It’s also worth noting that in many cases, the SOW would have been developed during the solicitation process. Well defined SOWs within a Request for Proposal (RFP) or Request for Quotation (RFQ) are critical to ensuring the success of your project. Not only will a high qualify SOW within a solicitation ensure the vendor understands exactly what they are required to provide, but it can also reduce your exposure to third-party risk. Check out one of our related blog posts on that topic.
Here are some common sections that can be found within a Statement of Work:
- Project overview/objective
- Scope of Work
- Acceptance Criteria
- Resources and Location of Services
- Contractual terms and conditions (Note – In many cases the SOW is governed by a Master Services Agreement, or MSA. The MSA will contain all the contractual terms & conditions that govern the relationship between you and the third-party, and the SOW will be incorporated into the MSA by reference).
Questions to Consider
While all Statements of Work are different (i.e. a SOW for consulting services will be different than a SOW for the implementation of a new enterprise-wide system), there are some common questions you should ask while developing your SOW.
(note that the categories and lists of questions below is by no means exhaustive)
Description of Goods/Services to be Provided
- What product or services is being provided? If it’s not clearly documented, assume that it won’t be provided.
- Have you distinguished between the “must haves” and the “nice to haves?”
- Have you received input from all stakeholders to ensure that functional and technical requirements/specifications are properly documented?
- If any assumptions were used to develop the scope, have they been documented?
- Have all deliverables been listed, along with their schedule of completion?
- If changes to the services are required, has a Change Procedure been defined?
Schedule and Timeline
- Has an estimated project schedule been documented?
- Have project milestones been defined?
- Are payments tied to completion of project milestones?
- Will the vendor have access to any of your organization’s non-public/confidential information during this project? If so:
Have the appropriate stakeholders provided their input on cyber/confidentiality requirements the vendor must fulfil if nonpublic data is to be shared?
- Are the appropriate confidentiality clauses included in your MSA or SOW?
- How much data will the vendor have access to?
- Will the vendor be using any subcontractors to perform the work under the SOW?
- Who (both on your side and on the vendor’s side) is responsible for the overall success of the project?
- Have you verified the qualifications of all project team members?
- Have all certifications been listed that the vendor must meet?
- Where will services be provided (on-site, remote, etc)?
- Will the project be fixed fee or time and materials (T&M)?
- Will there be incentives for good performance?
- How will travel and project expenses be reimbursed?
- When are payments made?
Delivery and Acceptance Criteria
- If equipment, software or other products are to be delivered, have you defined when ownership is transferred from the vendor to your organization?
- Will the vendor be required to provide any post-delivery set up/installation?
- What are the completion criteria you will use to determine when certain milestones are deemed “complete?”
- Is there a procedure in place to define how deliverables will be tested/evaluated to ensure they are acceptable?
- Does your project require a formal “sign-off” to verify acceptance of the entire project? (note – this is important if a warranty period begins after project completion)
All SOWs are going to be different, but the questions above should assist you in developing a detailed document that defines the work and/or products to be provided by your third-party vendor. Remember, if it is not clearly defined in the SOW, assume that it won’t be provided!
I hope you found this article helpful. Should you have any questions or if you would like to learn more about third-party risk management in general, reach out to us.