The Creative Supplier List

Over the last year or so I’ve had several clients ask me to recommend a new product or supplier. In some instances, it tests my ability as a consultant to remain independent and as we all know, independence once lost is hard to regain. I’ve noticed more recently that clients are compelled to ask for recommendations due to a combination of a) me having that enviable trusted advisor status, and b) they are constrained by their preferred supplier's list.

This has been heightened because organisations were required to risk assess their third party and supplier relationships during the run-up to GDPR in May 2018. We advised many of our clients to conduct detailed third party assessments, supporting them through the process. As a result, many chose to take the opportunity to cleanse their supplier lists.

Almost two years on and that position seems firm in terms of more manageable, risk-averse approach to their supplier relationships. This is great news for compliance and risk managers, even more so for finance and procurement teams. But what has been the impact on the IT leaders? Has it had any impact? From my perspective, I would say yes, albeit subtle and which may well prove more restrictive as time passes. I'm talking specifically about access to more competitive, new or innovative suppliers, and their products.

Technology is only a benefit if it is delivering to the business goals, operating efficiently and supporting business development. Nobody wants to be stuck with this year’s Blackberry, the business must be free to excel, and IT teams must be free to support, and innovate. This means that IT leaders and procurement leads can also seek opportunities to make cost savings and achieve hard-won efficiencies. This invariably means having access to new suppliers, and that is where I believe the problem begins.

At what point does a supplier list restrict IT delivering solutions and innovation?

Economically and politically the road ahead looks interesting for all of us, certainly for the next couple of years. My view is simple. We all need to be ready to take advantage of the inevitable moves and changes that will be presented, including having access to the supplier market and partners. With that in mind I often recommend to my clients the following when considering supplier lists:

1. Evaluate regularly. This includes alignment with your business and IT strategic goals. Ensure they are performing consistently well. That they continue to be fit for purpose and look likely to do so for the whole life of the contracts you have with them. At some point, we have all been prone to sentimentality when it comes to a once great supplier. I refer to it as the "GoComapare" approach.
2. Have clearly defined exception policy. If it is a cast iron "no", it needs to be clear to everyone. This includes the board who may only see failure and not a project sponsor struggling with access to valuable products, or services.
3. Keep abreast of changes in the IT market and encourage comments from your IT leads. They may not recognise the full impact, but they are good at recognising subtle tech divestments and false heroes in the tech market.
4. Leverage a key supplier who can legitimately provide access to off-list suppliers. That key supplier should champion your policies and standards. They should also have the ability to predetermine the off-list supplier's ability to meet recognised standards such as DPA 2018 (GDPR) & ISO 27001 on your behalf.