Supplier risk management identifies and mitigates the risks associated with engaging a specific supplier and monitoring and measuring their performance continuously throughout the life-cycle of a system or project. This involves establishing a focus on monitoring risks at activities such as:
• defining specific strategies for risk management at the executive level
• defining the scope of risk management to be performed
• defining the scope of the project and ensuring agreement wi the supplier
• identifying additional or new risks according to a strategy and throughout the project as new risks develop
• analyzing the risks and the priority in which to apply resources to monitor these risks
• defining, applying, and assessing risk measures to determine changes in the status of risk and in the progress of the monitoring activities
• applying appropriate actions to reduce or avoid the impact of risk.
Evaluations of Suppliers’ Capability to Deliver
Most organizations, including investors, do no more due diligence than the examination of a few documents and financials, talking to sales reps, performing a short hands-on trial of the product, and then going live (or investing $5-15M). Is it any wonder that 50% of software projects fail?
How much do you know about your suppliers before you enter into an agreement with them?
How closely can you see what your suppliers are really doing?
If you need to rely on more than unsubstantiated promises, and if you value your business enough to look past the assurances of your suppliers’ sales reps, then you should be using a scientific, engineering approach to increasing the reliability of your supplier relationships.
VHG can perform a benchmark evaluation of your suppliers that will enable to forecast, with remarkable accuracy, just how well your suppliers will perform. You will learn the capability of your supplier’s organizational performance before you risk your customer relationships on them.
These evaluations are performed using empirically-validated and internationally-recognized best practices. You will receive an accurate picture of not only their current level of capability, but also of the risks involved in entering into a relationship with them. This means you will have visibility into their processes so that you can manage your interfaces accordingly.
Even if you must single source to the only available supplier, you can still prepare and educate yourself to achieve the most positive outcome feasible. By understanding their current capability you can determine how best to manage your own risks as well as plan to manage the risks associated with dealing with them. No surprises!
When you undertake to evaluate a single source or a group of competing suppliers you are:
1. giving your people the tools for measuring and monitoring your suppliers’ organizational performance. This in turn affords you an objective, quantitative benchmark that clear identifies their organizational and operational strengths, weaknesses, opportunities, and threats
2. establishing the conditions under which you can request that they improve their performance and in doing so, you can include these conditions as measurable contract terms of performance
3. determine how best to assign your own resources and tracking mechanisms appropriately so you can monitor your supplier’s performance and establish (measurable) improvement objectives
4. providing yourself with a reliable and repeatable quantitative measurement that helps you set the standards under which your suppliers must perform, enabling you to demonstrate your ability to deliver to your customers.
5. establishing an insight into and oversight over your supplier’s inner
workings to detect and fix their:
– broken processes – so they can be fixed now
– mistaken assumptions – to ensure accuracy and prevent mistakes
– miscommunicated or outdated requirements – to help you achieve the right objectives
– lack of understanding of policy, process, or strategy – to educate them to deliver to you what you need
– high defect density ratios – to reduce rework, costs, and schedules
– lack of efficiency – to reduce rework and improve productivity
– low productivity rates – as a result of inefficient or broken processes or lack of training or direction
– high maintenance and support costs – as a result of too few peer reviews and development controls
– too many shortcuts – as a result of lack of process definition, discipline, or communication
– costs overruns – to increase your bottom-line profits.
…in short – all of the aspects of processes that are people-driven, and thus prone to error.
The net result is that you’ve gained intelligence as a buyer and you can help your supplier succeed by doing what they want to do – meet your requirements.
One of a project’s biggest challenges is managing the relationship with the client and ensuring that requirements changes are properly managed (documented, prioritized, matched with previous requirements, estimated, tracked). Good requirements documentation entails ensuring that analysts know to write requirements. Managing change, hence requirements, is a critical factor in managing scope creep and also in scaling up projects, such as adding more people. For product-line type organizations, Requirements Management is critical to ensuring that there is no duplication in functionality between core reusable assets and customized assets (or Configuration Management can become a nightmare). A strong link also has to be established between requirements and testing.
Control over your supplier management processes doesn’t have to mean you’re using all your valuable resources to constantly oversee every supplier activity. However, appropriate due diligence does mean that you should plan to spend sufficient time identifying, establishing, coordinating, and monitoring the activities, tasks, and resources necessary for your supplier meet your requirements. Supplier oversight is critical, but it doesn’t have to resource intensive. What is required is preparation, planning, communication, and a partnership framework that enables your suppliers to succeed. See Supplier Evaluations of Capability for more information.
Supplier Contract Specification
Clear communication and a lack of misunderstandings and assumptions are key to successfully negotiating a contract that creates a mutually-beneficial partnership between customers and suppliers. Depending on the status of the requirements at the contract stage, this process may include requirements definition activities that enable estimates of the work to be made before you enter the contract.
Working with your evaluations of your supplier’s capability to deliver, you can specify to your legal counsel exactly what terms and conditions you will be using to determine your acceptance criteria of your suppliers’ performance.
It’s no longer a guessing game that has to end up in court.
Software Product Benchmarking / Evaluation
If you are considering purchasing a Commercial Off The Shelf software (COTS) product, you should expect that they are usually produced without its users having much input into the development process. COTS products often must be operational in a number of different environments, but since they don’t incorporate specific user requirements, they can often be produced quickly, with each new release addressing new user requirements. Their obsolescence is planned in that the product’s true value only evolves after it’s been in the marketplace for several releases and users have communicated the features they need the most.
The consequences for the software purchaser can be costly as they suffer the evolutionary pains as bugs, true requirements, and problems are discovered while the product’s in use in a production environment. First users of COTS products are really beta users, helping to drive out the bugs, internal inconsistencies, and performance issues.
For users unwilling to play beta tester, a third-party, COTS, evaluation can help to identify some of the risks involved in buying COTS products and resolve some of these difficulties prior to purchase.