The vendor management process consists of a lot of moving parts. Your budget, available resources and level of expertise on the topic can all play a role in determining exactly what your vendor management process looks like.
The good news is that, regardless of your industry, regulations you need to comply with or your organizational structure, you can put your mind at ease by following this simple best practice – Align your vendor management process with the vendor management lifecycle (i.e. the stages of your vendor relationships). Here’s how:
- Procurement – Don’t wait for a vendor contract to start managing your vendor relationships. Once a business need is identified and your organization begins the search for vendors/third parties, you should begin planning to manage the selected vendor (especially from a risk perspective). Your vendor management office (VMO) can help to ensure that business requirements have been defined so that the right vendor/solution is ultimately selected.
- Risk & Due Diligence – Once you’ve down-selected your prospective vendors (i.e. identified finalists or even a winning vendor), make sure you have a process in place for assessing the inherent risk that exists in the vendor relationship. Based on the inherent “riskiness” of the vendor (specifically, the products/services they will be providing), you then need to perform the appropriate level of (risk-based) due diligence before you enter into a contract with the vendor.
- Contracting – Now that you’ve performed assessed inherent risk and performed due diligence, you can confidently enter into a contractual relationship with your selected vendor. It is imperative that you perform your risk/due diligence assessments prior to contracting. This way you can address any residual risks that may remain (after performing due diligence) in the contract with the vendor. The goal of this stage of the vendor management process is to negotiate high-value, low-risk contracts.
- Onboarding – You can’t just assume that once a contract is signed with your vendor that everything will fall perfectly into place. You need to have a consistent process in place to ensure that vendors are integrated into your operations in a controlled manner. Vendor onboarding activities include things such as setting up a profile for the vendor in your vendor management system, ensuring that the vendor is set up in your accounts payable system, and assigning an internal stakeholder with ultimate responsibility/accountability for the vendor’s performance and risks associated with the vendor relationship (this role is often referred to as the “Vendor Relationship Owner”).
- Ongoing Monitoring – This stage of the vendor management process includes managing costs, performance, risks and compliance requirements throughout the term of the vendor relationship. Ongoing monitoring activities in this stage of the process include performing periodic risk-based due diligence, conducting performance reviews of the vendor and utilizing continuous monitoring solutions to obtain real-time data intelligence about your vendors.
- Offboarding – Ending a vendor relationship might sound like an absolute/final part of the process, but it can actually expose your organization to serious risks if not performed in a formal and consistent manner. The vendor termination and offboarding process should ensure that you properly “de-risk” the vendor relationship by doing things such as disabling the vendor’s access to your network/systems, ensuring that data provided to the vendor is returned or destroyed and ensuring that any assets lent to the vendor (i.e. computers) are returned.
Align your vendor management process with this lifecycle approach, and you’ll be effectively managing your vendor relationships in no time!