Latest News

Key Vendor Risk Analysis Activities Are Vital

IT vendors and service providers continue to deal with the effects of a recession-based economy. Accordingly, enterprises should scrutinize key vendors and suppliers to verify if they can still provide the necessary services and support. Vendor risk analyses should be completed to avoid a discrepancy between IT needs and vendor capabilities.

IT vendors and service providers continue to deal with the effects of a recession-based economy. Accordingly, enterprises should scrutinize key vendors and suppliers to verify if they can still provide the necessary services and support. Vendor risk analyses should be completed to avoid a discrepancy between IT needs and vendor capabilities.

Executive Summary

IT organizations have a number of key vendors that play a critical role in their daily operations. Because of the economy, IT managers should review current as well as potential key vendors to confirm their financial viability and capability to deliver the requisite products and services. This research note discusses several fundamental areas for IT organizations to consider as they perform their vendor risk analyses:

  • The company’s current financial position.
  • Existing vendor contract terms and conditions.
  • The vendor’s support organization.
  • Products and services updates.

Both unexpected and unresolved vendor problems can cripple an enterprise. As a result, IT managers should confirm that their IT needs and service delivery strategies remain aligned with key vendor delivery capabilities and contractual guarantees.

Strategy Point

The failure of a key vendor to perform as required can result in many enterprise problems, including lost business unit revenue and critical service disruptions. This also includes contractual commitments that could be jeopardized as well as various support/service issues. In some cases, a formal business meeting with the vendor or VAR may be needed. In other instances, the local vendor support team may be able to handle the problems. If a formal vendor management meeting is needed, request the local support team to get the meeting organized. If the vendor cannot travel to the enterprise location, at least consider meeting them at their headquarters or setting up a virtual meeting. The associated costs represent cheap insurance to ensure the IT organization and the business units it supports are not at undue risk because of vendor business problems.

Key Considerations

Now is certainly a good time for enterprises to perform a key vendor risk analysis to ensure there are no undetected or potential problems on the horizon. The macro-analysis processes discussed in this research note can move along very quickly and many enterprises complete them in a few days – even when multiple vendors involved. However, face-to-face meetings may be necessary, in some cases, to extract the requisite information. Although conference calls can work, they are typically less effective than a face-to-face meeting. Regardless of how the vendor meeting is established, discuss the following agenda items to get the risk analysis process started.

The Vendor’s Current Financial Position

Are they financially healthy or not? When public domain financial information is over 90 days old, it probably has limited value to help enterprises understand the economic health of key vendors. If there is no other financial information available, request the vendor to provide an update on their current business conditions so that any impact can be evaluated. Begin the financial review process by focusing on the following items and request additional information on those areas that are considered business critical:

  • Current sales achievements & 2009 forecasts. Although this information is normally in the public domain, it tends to be too general in nature. Try to hone in on those specific products, services, and markets that are of enterprise importance. Generic changes in sales revenue are meaningless unless enterprises can drill-down to obtain more details and specifics. Use this preliminary sales revenue discussion as a non-threatening segue into the next two critical items.
  • Specific product revenue changes and why. Identifying those products and services that are experiencing revenue problems can be helpful to IT. Begin by preparing a list of specific vendor questions and offer to sign a non-disclosure to obtain the information. Use pointed questions to establish the impact of revenue declines on products and services of interest. Although the vendor may decline to answer some questions, it is likely that a few will be addressed when a non-disclosure is in place. Don’t be afraid to ask. The discussion could also provide insight into the purchasing patterns of enterprise competitors in specific product and service areas.
  • Major vendor budget cuts that could impact the enterprise. To obtain this information, IT organizations may need to speak directly with vendor executives and probably sign a non-disclosure. However, this is a vital area that could certainly impact the IT organization and the services it provides. For example, if research and development (R&D) funding to continue the development of a network product/service has been reduced, those IT organizations planning to utilize this product/service may need to adjust their services strategy and timeline depending upon circumstances.

Existing Vendor Contract Terms and Conditions

Review existing or proposed key vendor contracts and focus on those areas that are, or could be, impacted by the vendor’s finances or change in market focus. Place these items on the vendor meeting agenda for discussion. In many instances, vendor management will not be familiar with the contract’s specific terms and conditions. Limit the discussion to those contractual areas that have, or could have, a significant enterprise impact. Review the following contract areas to get the process started:

  • Product/service delivery dates. Review all dates and history to identify potential problems. Any existing concerns, such as missed product delivery dates, should also be included in the meeting agenda. However verify the vendor has this information in advance to provide them with sufficient time to prepare responses.
  • Support guarantees including service level agreements (SLAs). History is usually the best indication of a vendor’s performance. However, vendor service and support should be discussed in detail to ensure there are no potential problems in the near future because of budget or personnel cutbacks.
  • Penalties for non-performance. When this item is an issue, ensure that both parties understand the penalties contained in existing contracts – especially if there have been past problems. In many cases, the vendor’s management will not be aware of past problems and will need to be brought up to speed on them. If actual trouble tickets are available use them. Ensure all potential problem areas are reviewed and that solutions are identified.
  • Contract renewal dates. A renewal decision will be required on those contracts that are due to expire or where vendor mergers and acquisitions have occurred. Discuss available options with the vendor including month-to-month extensions and single or multiple year renewals that provide increased discounts. The vendor may offer special terms for contract renewals, but weigh them carefully against the vendor’s business stability and enterprise needs.

The Vendor’s Support Organization

IT managers should discuss this important area with their key vendors – especially if there have been problems in the past or particular reasons why problems could occur in the future. Concentrate on the following areas – ask drill-down questions as required:

  • Recent or planned changes in vendor support organizations. This includes reducing the workforce, closing certain maintenance locations, changing support hours and or costs, or even a reduction in depot sparing levels. If there are any significant changes, discuss how or if they could impact the enterprise.
  • Potential problem areas that concern the IT organization. Forward this list to the vendor in advance so that they have adequate time to address the issues. Bringing them up unexpectedly at the vendor meeting serves no good purpose and will probably hurt the overall rapport and discussions.
  • Develop action plans to eliminate or resolve support issues. Get as many resolved as possible at the meeting. Although some issues may require additional time, verify that there is an action plan and timetable established to complete them. If key vendor decision makers are available during the meeting take advantage of this opportunity to get their support.

Key Products and Services Update

Enterprises should prepare a list of those products and services that present the biggest concerns. Validate the list and forward it to the vendor so that they can address the items in detail. If a distributor or channel partner is involved, discuss the situation with them. However, this action may not eliminate the need to meet directly with the product/service vendor’s management. If a meeting is required, request the vendor to make the appropriate personnel available to discuss the specific product/service issues of concern. Some examples of the agenda items include:

  • Key product/service events and schedules. Focus on those products and services that are important to the enterprise. Advise the vendor that generic product presentations should be replaced with succinct information that addresses and focuses on the specific needs and issues of the IT organization. Verify that the vendor understands the required depth and content of the discussions in advance. Challenge any areas of the presentation that seem to be questionable.
  • Enterprise specific product/service concerns. Most of the product/service related questions should be answered as a result of the product and service briefings the vendor provides. However, an IT technical staff member should be in attendance to ensure vendors answers all required items satisfactorily.
  • Other potential impacts on IT service strategy. This is a catch-all category for any other business related problems or issues. For example, there could be training issues because of cancelled classes, installation issues caused by vendor site closures, or even acquisition related questions, etc.

If there are significant contractual issues or other concerns attempt to negotiate them. However, also consider using another vendor’s products/services and take appropriate actions to do so.


Enterprises require current information on key vendors to effectively execute or change their service and support strategies. One way to avoid problems is to be well-informed and prepared for them. IT managers should address the subsequent points during their key vendor risk analyses:

  1. Review the company’s current financial position. Go beyond the available public information and focus on specific product and services sales as well as market segment declines or growth in areas of interest.
  2. Discuss existing vendor contract terms and conditions. Review the vendor’s contract prior to the meeting and prepare a list of concerns for them to answer. Give them the list in advance to allow sufficient time to prepare their responses.
  3. Review the vendor’s support organization. Focus on personnel changes, organization downsizing, reduced maintenance locations, or parts depot shut-downs that could impact the enterprise. Discuss problems that are still a concern.
  4. Schedule a key products and services updates. Inform vendors in advance of those products and services of interest. Verify they understand that the briefing must be focused on those products and services considered enterprise critical.

Bottom Line

IT vendors and service providers continue to deal with the effects of a recession-based economy. Accordingly, enterprises should scrutinize key vendors and suppliers to verify if they can still provide the necessary services and support. Vendor risk analyses should be completed to avoid a discrepancy between IT needs and vendor capabilities.

Leave a comment

seks shop - izolasyon
basic theory test book basic theory test