This summer, the driving topic for many organizations seems to be “how to build a world class vendor management organization” – as we all know – it is often much easier to manage “one” thing at a time. In reality, in order to be effective in managing vendors across your enterprise, you need to be able to manage multiple vendors, all the time. Your first reaction may well be – that’s impossible. While I will not be able to address every issue that will come up, this article is intended to lay out a roadmap that will help you to get started if you are at the early stages, validate and potentially expand the breadth of your program if you are in development and perhaps even give you some things to consider if you are at the more advanced stage of implementation.
In a nutshell, effective governance or vendor management - on a one-off basis - is all about how to ensure that the value you achieve with your vendor equals or exceeds all that you expected when you initiated the relationship. (If you would like to hear more about how to implement good vendor management on a point to point basis, click hereto listen to a 60 minute webinar I presented in May.) A world class vendor management organization takes vendor management to the next level. Why do you need to worry about building a vendor management organization (VMO)? For years most of us have addressed “vendor management” in one of three ways. Either we relied upon the business owners who are buying the services to ensure that the vendor performed as required, we focused our energies on the top strategic relationships, or we relied upon the contract to cover the critical issues and assumed the rest would be resolved through periodic sourcing initiatives. So why are more and more people thinking that the time has come to implement a Vendor Management Organization? As we work with our clients, we find there are three common drivers:
Increasing complexity of relationships,
Increasing pressure from regulators, consumers and customers, and
A phenomenal increase in the volume of activity that is done outside the four walls of organizations.
The combination of these, leads to an exponential increase in the pressure to ensure that vendors are being managed effectively, all the time. Another common theme that we see is that the number of stakeholders who need to obtain/track or analyze information about a vendor (or any 3rd party entity that interacts with your organization) has also grown exponentially. As shown in the image below, suppliers are often bombarded by requests for information – often times for the same information – by multiple parties – and perhaps even at the same time.
Establishing an effective vendor management strategy has become a strategic imperative for companies to ensure that their vendors aren’t overwhelmed and to ensure the Company actually gets all of what it needs from each supplier, when it needs it. Implementation of an effective VMO will often generate tremendous efficiencies for both the vendor and the supply base and once implemented can actually result in headcount or cost reductions as these efficiencies get traction.
As is always the case, while you/we may know that it makes perfect sense to implement an effective VMO – you will need to build a solid business case that justifies what you want to do. Unfortunately, the value to be gained by implementing a VMO is not always easily quantified. Measures are often “soft” e.g. “enhanced relationships with key suppliers”, or “avoidance” – “minimized potential for FCPA violations”, “proactively identified potential supply chain disruptions”. Often we find that the most compelling argument is seeing your competitors name brandished across the headlines in the Wall Street Journal for using subcontractors who used child labor, or getting fined by the OCC for breaching fiduciary duties by managing subcontractors ineffectively”. Or even the dreaded data privacy breach – because you didn’t monitor PII security on an ongoing basis, but did it only when the relationship was originally sourced. While these are all great “attention getters” – unless there is a fine or penalty attached, even they can be hard to quantify. Nonetheless, there are a number of straightforward benefits that you may be able to quantify or defend, including efficiency arguments, performance improvement arguments and even potential returns. Each will require you to “prove” these claims over time so be prepared to measure the “actual results” against your promised targets.
Okay… everybody is convinced. You have got buy-in… it is time to implement a VMO. So, how do you go about it? As with any initiative, there are many ways to “skin the cat”… how do you determine which is the right way for you? Best practice should mean different things to different people. Company cultures vary widely. Some organizations are all about command and control, others are about collaboration; some are structured around the concepts of centralized delivery, others utilize Centers of Excellence effectively; and still others believe that anything other than a matrixed or decentralized environment will be doomed to failure.
Regardless of where your organization falls within the cultural spectrum – you need to start by defining what the “scope” of your VMO is. A holistic VMO needs to address the full gamut from the very basic to the most complex. A few of these might include;
ensuring that you have up-to-date, valid and comprehensive information about each supplier,
assessing the level of inherent and actual risk that each contract or relationship you have with a supplier poses to the organization,
implementing effective compliance programs to manage and mitigate those risks,
managing the actual contract requirements, and
governing the actual relationship.
However, based upon your organization’s maturity – which of these need to be included in the “VMO”, will differ. Attempting to boil the ocean of vendor management (i.e. doing it all) as a first step is sure to lead to disaster. Phasing in your vendor management organization is a perfectly acceptable and time-tested way to achieve your goals. However, it comes back to the Lewis Carroll saying “if you don’t know where you’re going, any road will get you there”. Start by defining your end point – what do you want your VMO to look like.
Next - you need to define what will be the role of the VMO? What responsibilities will fall within its scope? Will it play the role of a COE – where it has responsibility to define policy, develop process, provide the platform, tools and training to the actual vendor managers spread across the organization? Will it have some accountability for compliance to ensure that the organization is actually following through on the policy and process? Will it be the “right arm” of the Board and handle all enterprise reporting from a central point? Is it the VMO’s responsibility to actually mitigate risk or just advise the business owners on how they can choose (or not) to do so? Alternatively will it have an actual, direct, functional accountability for managing the vendors? You will need to identify exactly what level of responsibility the VMO will have for each of the five components of vendor management noted above. Again, there is no “one” right answer. As long as you effectively define the roles, responsibilities and accountabilities of all of the impacted parties you can implement an effective VMO. Your greatest chance of failure arises when there is ambiguity and a lack of clarity on who does what, when.
The decisions you make regarding roles will naturally drive your next step – which is to design the structure of your VMO. This is more than putting boxes on a chart. Your structure needs to take into account, your organizational culture, your level of maturity relative to vendor management, the level of investment that you have been able to obtain, and your timetable. For many, development of a VMO will occur in stages or phases. Some will be more effective with individual “functional” VMOs within either a given business unit or a particular function (e.g. IT or HR). This may be a pilot or even a sandbox. It is a more controlled environment, likely reporting within a single hierarchy, with vendors who provide a relatively narrow array of services and can often be compared more easily to each other. It may be more of a formalization of what is currently done informally, a first step – or only one of several.
Alternatively, you may want to start with a COE – this may solely have accountability to develop policy, process and platform. It may be responsible for assisting the business unit vendor managers with training and subject matter expertise. Perhaps it is the group responsible for ensuring compliance. As an analogy – think of your HR department. Today every major organization in the world has an HR department. HR doesn’t actually manage all the human resources in your organization. They provide the rules, the framework, the process and the infrastructure (including training of managers) for the actual business unit managers to manage their people. A COE/VMO can serve the exact same function for your external resources (vendors).
Take it to the next level. How often do you see a corporate HR department who owns the big picture policy and programs, and then BU HR departments that are responsible to ensure that each BU implements the corporate mandates in a way that works for their particular BU? Or, how about Compliance? You will often see a corporate compliance department and then BU compliance officers who are matrixed to Corporate Compliance but have accountability for ensuring that their BU follows corporate compliance programs. Vendor Management can be structured in the exact same manner. As a matter of course, we see that a multi-faceted VMO structure is typically the most effective.
Ah, if it were only so simple - five easy steps. What’s next? In one word - execution. Of course, execution in and of itself is a many headed Hydra. But, if you start with a good roadmap, and you align your scope, roles and organizational design, it really does just come down to “do it”.
Do not be afraid to start small and build. Pilots work really well. Given the multitude of stakeholders involved you will need to make sure that your implementation team consists of key individuals from all of the critical areas (e.g. IT, Privacy, Legal, Compliance, Audit, Security, Procurement, BU representation, Risk etc.). You will note that I put “people” first. While we work with our clients all of the time to design and implement effective VMOs we always stress how important it is to get the people who will be responsible for making the VMO a success on board early. The later you bring resources to the table, the more time-consuming it will be to bring them up to speed, to address any concerns they have for why the organization is designed this way, and the more difficult the change management will be.
You may also note that I have recommended that you identify the technology BEFORE you design the workflow. Why? Because the days of designing your workflow in a vacuum and paying millions of dollars to a software provider to customize their off the shelf application are gone. Few organizations have the bandwidth or the budget to do process first and technology second. Take advantage of the tremendously valuable knowledge that the technology players bring to the table. There is no need to reinvent the wheel. SaaS applications provide a speed to market that can’t be beat. Be prepared to “configure” your workflow versus customize theirs. It will be faster, cheaper and it will allow you to capitalize on all they have learned as they implemented other customers and all they have invested.
Don’t build your policies and programs in a vacuum. Work with the key stakeholders, early buy-in will assure a smooth and speedy implementation. Managed effectively, you will have them lining up at your door, wanting to get on board, because your way will make their lives so much easier.
What are the takeaways? Quite simply follow the road map and focus on collaboration, alignment, buy-in, leveraging talent and expertise, invest in automation and remember you can never communicate too much, too often, or to too many people. Your Result will be Success!!!
Michele Flynn, President
For the last 15 years Michele has been one of the industry leaders in outsourcing and governance. She is a recognized subject matter expert, and top advisor, with a mission to help clients maximize value for all parties across their extended enterprise. As a prior CAO, her corporate experience spans senior positions in procurement, real estate and related functions. Michele is a longstanding member of SIG, and has just rotated off the SIG Advisory Board.