The major risks associated with IT Supplier Management

Here are the major risks associated with IT Supplier Management

Risk : Lack of commitment from senior management to the IT Supplier Management Process 

How to mitigate:  Identify any serious issues that have occurred or may potentially occur within the organization due to weaknesses in IT supplier management, and share these findings with the senior management. Ensure that an IT supplier management is designed with stakeholders and management approves this process. The IT Supplier Management process should be integrated into the IT Governance system.

Risk: Weak contracts

How to mitigate: IT Supplier Management should ensure that business case is  prepared  before procurement phase starts and risks associated with the contract  are identified. Business and IT service requirements  should be defined with stakeholders and IT Supplier Management process should  ensure that the contract covers these requirements. A contract manager should be appointed  well in advance  to oversee the structure and provisions of the contract.

Risk: Misalignment between the service levels committed by the supplier and those committed to the business

How to mitigate: IT Supplier management process should ensure supply chain analysis and alignment of all requirements. Be aware the service levels don’t cover just service outage recovery  times and availability rates.

Risk: Weak or no monitoring of contractual commitments by service provider

How to mitigate:  Supplier Management process should ensure that every critical contract has an assigned  contract manager,   monitoring and reporting of contractual commitments should be ensured by this role.  Escalation should occur  if necessary.

Risk:  IT staff is not fully aware of the technical and operational contractual provisions

How to mitigate: Contract manager ensures that knowledge is transferred and contractual commitments and related controls are embedded in the tools, processes or systems of the service provider. IT Supplier Management ensures proper oversight.

Risk:  Lack of integration by supplier with service management processes, policies and procedures of the service provider

How to mitigate: The contract should include provisions that enforce alignment with relevant policies and procedures. A transition phase should be planned to ensure this alignment is properly designed.