I’ve been thinking lately about the demise of NorthPoint Communications and its nearly 100,000 business customers who saw their Digital Subscriber Line (DSL) service cut off without warning. Clearly it’s a nightmare for those companies—some TechRepublic members are looking for someone to sue.

The problems with DSL vendors aren’t limited to NorthPoint. According to news reports, other DSL vendors like Covad Communications and Rhythms NetConnections are retrenching or undergoing management turmoil. Ironically, despite these problems, Gartner believes that the broadband market is going to continue to grow rapidly. That’s small comfort if you’re one of the businesses left in the lurch by NorthPoint’s bankruptcy. (TechRepublic is an independent subsidiary of Gartner.)

On the other hand, the failure of a carrier like NorthPoint Communications offers a valuable lesson to all IT managers. In this column, we’re going to talk about the importance of risk when considering vendors.

Discuss this article for a chance to win a TechRepublic coffee mug

In our Discussion Center, we’re talking about the importance of managing risk in a volatile Internet environment. To add to this discussion, post your comment to this article. Each week, the person who provides the best feedback to an Artner’s Law column will win a free TechRepublic coffee mug.

Why risk matters
Let me start by saying that I’m not proposing that all technical managers become experts in risk analysis, a surprisingly arcane and difficult specialty that is the province of insurance underwriters and government actuaries. Few of us have the desire or the need to enter the quagmire of sophisticated regression analysis whenever we need to choose a new vendor.

What I’m talking about is simpler but no less vital: determining the ability of your vendor (or prospective vendor) to deliver on their promises, as well as making sure you understand the implications of vendor failure.

If you’ve been in the business long enough, you’re going to pick a dud vendor or two. It’s an occupational hazard for any technical manager. Despite your best efforts, some vendors will inevitably disappoint you, in ways great and small.

The importance of risk is that it forces you to ask yourself tough questions: How bad can it get? What is the worst-case scenario? How much downtime can I afford on this project?

Victims of previous successes?
As I said earlier, technical managers can actually learn from a disaster like the NorthPoint implosion if it shakes us up from our complacency and reminds us that vendor catastrophes can and do happen.


In a weird kind of way, IT managers may have been lulled into complacency by the generally good vendor options available in most categories. Granted, I’ve heard as many horror stories as the next person (unless the next person is Stephen King’s wife). All the same, let me ask you: Do you really feel your job is at stake when choosing between Dell and Compaq for your corporate desktops?

For that matter, in many categories, we have at least a couple of worthy competitors. Corporate databases—you can choose between Oracle, SQL Server, Sybase, and DB2. Looking for an enterprise application vendor? The list is quite long: SAP, PeopleSoft, Siebel, and I2 are just some of the players. Even mighty Intel now has to compete with Advanced Micro Devices (AMD).

You get my point. Despite our current problems with vendors, this is in many ways a golden age for those who have to purchase IT goods and services. Maybe it’s made us a little lazy.

Act calmly; fear frantically
So if the NorthPoint debacle has made you a little uncomfortable about your vendors, the news has performed a useful public service. What should you do now? Here are some ideas:

  • Check on the status of your current vendors. When awarding a contract or sending out an RFP, most of us do the obvious things to check on prospective vendors: We call some references and ask our finance people to run a Dunn & Bradstreet. However, once we’ve signed the contract, most of us lose our vigilance, forgetting that companies’ financial circumstances can change. Take NorthPoint, for example. The trade press was reporting as early as last December that up to 30 percent of its customer base was delinquent in paying. In fact, the company had to restate its earnings to reflect this growing problem. I have to think that if I was a NorthPoint customer and knew about their customer payment problems (to say nothing of their failed acquisition by Verizon), I’d have been making arrangements for a new provider long before the company’s DSL network went dark.
  • Determine your risk tolerance on an individual case basis (ICB). No two IT purchases are the same. Therefore, your risk tolerance should vary from purchase to purchase. To take an obvious example, you might be more willing to take a chance on a new printer toner cartridge supplier than you would on a Sales Force Automation (SFA) vendor.
  • Prepare for the worst. Sure it sounds paranoid, but even paranoids have bad vendors. For your mission-critical vendors, you not only have to manage the relationship but also be prepared in case it fails. When it comes to a telecom vendor, for example, it’s only prudent to budget some redundancy with an alternative vendor. With other purchases of IT goods and services, try not to burn any bridges. Maintain relationships with alternative suppliers, in the hope that if needed, they could fill service gaps in a hurry.

Don’t get me wrong—I’m not gloating over the failure of NorthPoint and all the businesses it has inconvenienced (or worse). I’m saying it can serve as a useful wake-up call.

Keeping an eye on vendors

How do you monitor vendors who serve your organization? To add to this discussion, post your comment to this article. Each week, the person who provides the best feedback to an Artner’s Law column will win a free TechRepublic coffee mug.