Do You Like Your Vendors?
Recently, Onspring began working with a large financial institution to help them manage vendor contracts. As the organization grew, its vendor roster also expanded, and so did the maintenance and onboarding requirements. Add to that, changes in the Sourcing team meant that key information was leaving with people who previously managed vendor accounts. I recall hearing frustrations like, “Why did we renew that vendor contract? We don’t even like them anymore!”
With hundreds or thousands of active vendors and suppliers to manage, keeping track of contracts and related risk assessments, contracts, contacts and key metrics can be a real nightmare. We needed a plan.
The Onspring team began by working with the client to inventory all active contracts stored in a legacy contract management system. We then used the Onspring platform to import and store all pertinent contract details—amounts, expiration dates, evergreen (auto-renew) status and the hierarchy between contracts. This allowed for easy navigation between parent agreements (Master Services Agreement) and child agreements (Statements of Work).
Once all the contracts were loaded in Onspring, we began to think about all the great things we could track, such as vendor tiers and criticality ratings. The goal was to enable the client’s Sourcing team to spend more time focusing on vendors that were critical to business operations, such as those providing technology or legal services, and less time on those who were responsible for less critical functions, such as watering office plants. The beauty of using Onspring for this purpose was that we could automatically calculate vendor tiers by (in their case) determining
- whether the vendor had access to confidential information
- the level of annual spend with the vendor
- the number of records held by the vendor, if applicable
- whether the current contract extended beyond 2 years
The client is now using Onspring as the primary vehicle for assessing initial vendor risk. They send out surveys to ensure that the vendor will meet risk and compliance objectives. Best of all, these surveys can be sent out automatically or with just a click. Vendors access their surveys via an email link, and there’s no need for them to log into Onspring to fill it out. Vendors can even attach onboarding documents to their survey, such as insurance certificates or a SOC 2 report.
Now that the client’s vendor management program has been fully implemented in Onspring for some time, other groups have since jumped on board and created an integrated governance, risk and compliance program:
- The Enterprise Risk Management team has visibility of third and fourth-party risks using the Onspring Risk Management solution.
- The Legal department can easily assist in the contract review process by way of an Onspring Legal Tickets app.
- The Compliance team monitors ongoing adherence to third party management policies and controls using the Onspring Controls & Compliance solution.
Automated email alerts, real-time reports and role-based dashboards ensure that everyone is consistently “in the know.” Vendors, contracts, contacts, assessments, notes and key metrics are all available in one place. That means fewer surprises when it comes time to renew third-party relationships. And those vendors that nobody likes? Well, there’s nowhere to hide anymore.