More and more aspects of the IT environment are being outsourced to third parties. While this approach offers many benefits, managing vendor relationships becomes increasingly critical. So what should your contracts look like/include? What is the ‘real’ difference between a ‘supplier’ or a ‘partner’? How can you be sure your technological development matches up with the vendor’s? How can you require the vendor to use the same level of security as your company? And what about SLAs, follow-up, etc?
Presentations from the event are available, exclusively for Beltug members (after login):
At this X-change, we first heard from Wouter Machiels of Agfa about the company's approach to vendor management. Then, following an introduction by Pierre Verbraeken of Barry Callebaut, we engaged in an interactive roundtable on vendor management and IT security.
Wouter Machiels is Head of Purchasing Centre of Excellence at Agfa; he started by explaining the different ‘faces’ of supplier management:
Historically, he continued, we have all been taught to 'squeeze' our suppliers, to get the most for the least cost. But Wouter wonders: is that really the right approach? In this changing world, if we want to build solid relationships with our suppliers, hadn’t we better show our cards, mutually, and dive together into the waters of a true partnership? That brings the highest value to your business.
Break the rules, Wouter encourages his peers. Procurement is ready to become a 'sexy', i.e. profit, department again, instead of a cost department. But it should also be a people business, he emphasised.
When having a look at the foundations of vendor management, three words pop up: 'Ensure', 'value' and 'risk'. “The goal of Vendor Management is to ensure the organisation continuously obtains the best value from external providers of products and services, while controlling exposure to vendor-related risk.”
Of course, this isn’t only a procurement job: building a solid relationship with vendors also involves legal, ‘business’, senior management and finance.
Wouter then brought this into the ‘real world’, by zooming in on Agfa’s governance model (see slide 38) and on the lessons learned there.
Keep a checklist, he concluded:
After the break, Pierre Verbraeken, CISO, Barry Callebaut took the floor – with questions only, no answers, he stated. Some of the questions included:
This led into the highly interactive roundtable discussion, during which the participants exchanged concerns and best practices on how to enforce a company's security standards on its suppliers.
Great session with #beltug about vendor management— Wouter Machiels (@wouterbasile) February 27, 2018
Access to more information about this topic and/or to download the paper is easy and fast, but exclusively for Beltug members (just login to get access).
Beltug gathers a lot of information. Here you find the advantages of Beltug membership
The Beltug Team
Click here to login