The Business Case for Assessing Vendor Performance
© Compliance Education Institute
While many of us continue to analyze our vendor inventories and our vendors’ Disaster Recovery, Business Continuity and Pandemic Plan plans as we manage through the COVID-19, we should also be scrutinizing contracts for Service Level Agreements (SLA’s), the quantitative measurable metrics to which vendors must be contractually bound. Key Performance Indicators (KPI’s) are typically qualitative in nature and not included in contracts but are also essential elements to assess and monitor.
With the Pandemic bringing greater attention to vendor management programs, the role of Vendor Program Manager continues to gain respect as a profession rather than the perception of it as a part-time job that causes bottlenecks and impedes business. As such, it’s time to listen to the Vendor Program Manager, Risk Officer, Compliance Officer and Auditor when they tell you that SLA’s must be included in contracts and MONITORED AND ASSESSED.
During the course of the audits and assessments we conduct and in discussing and advising many companies on structuring their vendor management programs, we often find that SLA’s are not included in contracts and, when they are, they aren’t monitored and assessed. Why not? Here are the top reasons:
- My vendor management solution can’t do it
- It’s the vendor relationship owner’s responsibility so we don’t manage it in the program
- Not enough time
- Not enough staff
With regard to point #1, there are a slew of automated TPRM solutions on the market but the majority don’t have the capability to assess SLA’s & KPI’s at all, or they are too confusing to use or they use subjective meaningless slider bars or they allow you to assign silly little performance stars like you got in kindergarten. Unlike our solution, 3rd Party Toolbox, and those of some our very capable competitors, they rarely accommodate SLA’s in their solutions and have no consistent risk-based framework and methodology for assessing them. So be careful when your vendors start side stepping or talking in circles around an extremely important issue.
With regard to points #2, #3 & #4, here are some concrete business reasons why you’d want to make monitoring and assessing SLA’s & KPI’s a requirement of your vendor management program:
- Operational Cost Efficiency: poorly performing vendors require more oversight from one or more staff members thus increasing the cost of managing them
- Risk Management: poor vendor performance elevates multiple dimensions of risk at YOUR organization
- Early Warning: poor performance is a leading risk indicator and red flag to catch early in order to get your vendor back on track to meeting strategic goals
- Strategic Goals: A vendor that performs poorly will likely not meet its strategic objectives which means that your organization will likely not meet yours
- Continuous Improvement: monitoring and assessing performance provides discussion points with your vendors for continuous improvement
- Peer Review: Comparing vendors within a vendor category and service category provide visibility into comparative peer performance
- Formal Documentation: documenting performance and adherence to SLA’s provides a concrete basis for discussion, improvement and legal recourse if the vendor is unable to cure the issue(s) and meet the contractually agreed upon terms.
So if you haven’t been able to convince senior execs and business owners to keep track of SLA’s and KPI’s, try presenting the business case and see if you gain some traction. Sometimes dollars and cents makes a lot of sense!