The key to ensuring that your IT organization adequately addresses the business risk associated with acquiring technology products and services is to build structure around that acquisition process. The formality can vary depending on the size and culture of the organization, but the structure must establish a process and the tools and training to support it.
I’ll explain how to build a framework for that structure. Organizations can use this framework to build a technology acquisition process that best matches their size and culture. The framework consists of three steps (see Figure A). The way you implement those steps determines the formality of the process, tools, and training that will support your acquisition activities. Let’s examine the three steps and how you can vary their implementation to reflect your organization’s needs and mitigate the risks regarding cost and terms that accompany the procurement of external products and services.
|The three-step framework|
Step 1: Set up acquisition process
The setup step includes the activities required to develop a structured technology acquisition process (see Figure B).
Let’s look more closely at each of these activities.
Senior management sponsorship
Establishing senior management sponsorship is critical to the implementation of any organizational process, and this is no exception. The lack of buy-in equals failure.
In many organizations, the CIO may be the senior management that provides sponsorship. In some organizations, that management may include the CIO’s entire staff along with additional senior management from other departments (finance, procurement) that have a stake in procurement processes. Regardless of the organization’s characteristics, it is essential that senior management clearly sponsor any effort to build structure around the acquisition process.
Defining the acquisition process
The next step entails defining and documenting a process that reflects the specific characteristics of your organization. Key components in the process document should include process description, process stakeholders with roles and responsibilities, process checklists, and approval/sign off requirements. The resulting document serves as a valuable communication tool. To assist you in this process, I’ve provided a downloadable template that TechRepublic members can use.
Communicating to the organization
Once you’ve generated a process document and established sponsorship, you need to communicate the new process to the organization. Your communication technique can range from e-mail notification with links, to extranet sites containing the documentation, to more formal rollout meetings with a presentation.
Identifying process owner and assessing capabilities
If you’re establishing a formal process, someone must own the execution of that process. Ownership varies depending on the organization.
Examples of acquisition process owners include IT finance, IT procurement, corporate procurement, and individual IT managers. You need to identify the owner and determine whether he or she possesses the required skills and training.
Training the organization
The training activity includes both the process owners and participants. If your assessment of the process owners concludes that expertise is lacking, you can consider external training.
The Association of Technology Procurement Professionals at Caucusnet.com is one source of further information on training. Once adequately trained, the process owners should handle any training needed for the participants.
Developing standard agreements
One key to a structured technology acquisition process is utilizing boilerplate contract documents constructed from your organization’s perspective. If you don’t have these, it’s well worth the time and resources to develop them.
At a minimum, your portfolio of standard agreements should include a confidentiality agreement, software license, software maintenance agreement, consulting services agreement, and a lease.
Step 2: Execute acquisition transactions
Establishing an acquisition process is great, but it means little if you can’t execute. The basic steps required to effectively execute a transaction can vary depending on the transaction type and size, but any execution must align with the following four principles.
- Know what you need (define your requirements).
- Identify potential providers.
- Systematically evaluate providers.
- Identify the best providers and maintain a competitive environment until you have executed a contract.
For larger transactions, these principles translate into the steps shown in Figure C.
Effective execution of these steps requires a team approach that includes various stakeholder perspectives. Those stakeholders can include the IT manager driving the acquisition, his or her business sponsor, and the finance, legal, and procurement departments.
Involvement of all the stakeholders throughout the process ensures that the final contract protects the organization’s interests while minimizing both risk and cost. The acquisition process owner should lead the transaction team.
Step 3: Manage acquisition process
Managing the acquisition program includes the ongoing contract management and vendor management aspects of a technology acquisition process. This step is essentially an information management activity.
Someone must be responsible for collecting and storing all the information associated with existing contracts, analyzing the ongoing risk and cost impact of the contracts, and delivering the appropriate contract information on demand. Figure D summarizes those activities.
Responsibility for these activities lies with the acquisition process owner. The process owner is best positioned to centrally manage the critical information and provide it to the other stakeholders as needed.
Managing that information will usually require some type of tool. The sophistication of the tool will vary based on an organization’s individual needs. Whether that tool is a simple spreadsheet or a full-blown contract management system, it must enable the process owner to effectively manage the contract and vendor information.
A challenging, but attainable goal
Managing the business risk associated with acquiring technology products and services presents a significant challenge. Organizations can address this risk by reviewing how they acquire technology products and services and determining whether a more structured process is warranted. As you consider revamping your existing process, consider utilizing this framework as a guide.