Time to Dust Off Your IT Vendor Strategy

At the core of “as-a-service” technology-delivery models is the need for a far tighter, ongoing working relationship between your company and its I...
Rob LivingstoneAugust 26, 2013

The conventional approach to managing IT vendors though a bidding and selection process may not be adequate when it comes to new, emerging and disruptive technologies. The shift from capital-intensive IT purchasing to “as-a-service” models is only one among a number of fundamental changes reshaping the global IT delivery model.

Many organizations are beginning to reap the benefits of agility and value that come along with their IT department’s transition from a cost-focused technology provider to a business-relevant, valued service broker. At the core of “as-a-service” models is the need for a far tighter, ongoing working relationship between your company and its IT vendors, as you are now increasingly dependent on their performance.

Drive Business Strategy and Growth

Drive Business Strategy and Growth

Learn how NetSuite Financial Management allows you to quickly and easily model what-if scenarios and generate reports.

Implicit in this model is that fact that the vendors are accountable for all the security, operational and other elements comprising the service, over which you have little to no influence or visibility. Their problem can immediately become your headache.

To maintain the operational integrity and strategic alignment between the vendor’s direction and your requirements in the longer term is no trivial exercise. Once the contract’s been signed and services are up and running, maintaining an active, healthy vendor-management regime will mitigate the latent risks.

Consider the following current influences in the vendor-relationship landscape:

1. Adaptability is key. Adaptable, responsive organizations win business and can respond to changes in the commercial, regulatory and security environments. If may be a problem if either your or your vendor’s business is based on inflexibility and process compliance.

2. Your risk appetite and your vendor’s risk profile are not constant. In this volatile environment, expect your risk profile to change as your business changes. The same applies to your IT vendors, who are constantly evolving and adapting their solutions and services to the changing market. Get a sense of how your vendor can or will respond to your changes, and at what cost or unmitigated risk to you.

3. The IT department may no longer be the primary decision makers. The tacit understanding that “because it’s IT, the IT department makes the vendor decision” is now under scrutiny. That’s influenced by a range of factors, including shadow IT, moves to decentralize enterprise IT, and the increasing need to deliver a solution in weeks rather than months to avert a short-term business crisis. As CFO, ensure that these decisions are subject to the appropriate degree of oversight.

4. Exit is more important than entry. It’s important to know under what circumstances you can terminate a vendor’s contract without penalty or prejudice. How painless will be the transition to another vendor at a later date? Plan accordingly.

5. Disruption in your vendor’s market. Understand what forces are at play in your vendor’s environment by regularly monitoring changes in vendor markets.

6. Too big to talk? Have a plan for how to negotiate with one of the globally dominant digital landlords, such as Google, Amazon or Microsoft, if you need to.

7. Managing vendor jurisdictions. How well your various vendors play together is key to your overall success. Managing demarcation disputes may be a challenge, especially if there are non-disclosure considerations between competing vendors that are expected to collaborate in the delivery of your services.

8. Multinational, multi-challenges: The recent PRISM expose is the tip of the iceberg in the international data jurisdiction debate. Where your global services are dependent on your vendor’s IT systems, understand your exposure to privacy and other international jurisdictional compliance considerations.

9. Your vendor’s shareholders are not yours. Your vendor will make technical, commercial, risk and jurisdictional decisions that are in their best interests. That’s called commercial reality, but you have your own, of course. Identify in advance, through scenario planning, what your response will be should unacceptable changes be made.

10. What’s the purpose of your contract? Encapsulating in your vendor’s contract every possible change scenario that could occur in your business or technology environments is problematic. Stitching up a restrictive contract with your vendors could be counterproductive in an agile, volatile environment.

11. Fragmentation of the vendor’s supply chain. Your vendor most likely has its own vendor ecosystem, so recognize that the challenges you face in the selection and management of vendors are similar to the vendor’s challenges. This will continue down the vendor daisy chain. That adds complexity to the overall system which may elevate your systemic risk. Find the answer to this question: How far down this chain do you really need to see?

As a CFO, you are well-placed to help balance the short-term demands for the selection of a particular IT vendor with the possibility of future failure. Be informed, be well-advised and act decisively when needed.

Rob Livingstone, a former CIO, is the author of Navigating Through the Cloud. He runs an IT advisory practice and is also a Fellow at the University of Technology Sydney (UTS), Australia, where he teaches strategy and innovation in UTS’s flagship MBITM program. Visit Rob at or email him at [email protected].