2.2 Critical factors in IT procurement
The Commonwealth can maximize the value it receives from technology and reduce the risk of supplier and technology failures by using smart sourcing and contract strategies. Listed below are examples of IT sourcing and contract strategies to mitigate some potential IT procurement difficulties:
|
Challenge |
Impact/risk |
IT sourcing principles to employ |
IT contract approaches to mitigate |
|
Complexity of business functions, technology and legal issues make procurement long and difficult |
major omissions from a business, technical or legal standpoint are anticipated and prevented |
use a structured IT acquisition process that provides a framework to ensure all areas are part of the screening and selection process |
draft a clear, easy-to-use contract that documents the business relationship, and includes only mandatory and specialized IT terms and conditions and the essence of the deal |
|
Industry consolidation/ monopoly suppliers |
key products lie with powerful suppliers |
use solution-based solicitations that focus on business problems and solutions, not technical specifications or requirements |
adopt meaningful service level agreements (SLAs) and business performance commitments and measurements to monitor solution continues to meet business need assign incentives/remedies in the contract to incentivize Supplier performance |
|
Products and solutions are intangibles |
difficult to specify and evaluate products |
collaborate in an evaluation process that incorporates all areas needed for successful IT solution: business, technical, legal and financial include subject matter experts (SMEs) on evaluation team who will only evaluate their area(s) of expertise provide contract template with solicitation, not prepared after selection incorporate offeror response to contract template as part of the evaluation |
use strong warranty language with significant business remedies give significant attention to intellectual property rights and alternatives to ensure the right to use, access, transfer to other Commonwealth entities |
|
Rapid and planned obsolescence |
versions out of date new entrants into market |
conduct market research to evaluate market risk evaluation based on value-to-cost ratio include total life cycle costs in evaluation |
tie contractual commitments to providing solution, not product provide support of version and upgrades for appropriate period of time |
|
Significant barriers to exit |
customer is locked in to products or services |
ensure that evaluation and contract negotiation are part of commitment to strong balanced decision-making process anticipate transitions/exit strategies |
provide system data, back-up; ownership of work product or perpetual license to work product, including third party products needed to run systems/solutions provide a strong transition/exit plan for agency |
|
Complexity of IT products and services |
difficult selecting the best from value solution due to complexity of needed IT good or service |
collaborate in a team-based process to ensure all necessary requirements are appropriately evaluated address all project, security, data privacy and cost risk factors use data-driven evaluation processes to coalesce many different perspectives |
base contract on solutions, not buying of specific product or version include protections against product splitters or bundling include risk mitigation project activities and contract language to align with risk potentialities |
|
IT must support business function |
evaluation criteria focused on business value and needs; not specification- driven process |
use solution-based solicitations that focus on solving business problems and incentivizing Suppliers to offer solutions, not just meet technical specifications |
include meaningful SLAs and performance commitments and measures to monitor solution continues to meet business need assign incentives/remedies in the contract |
|
Solutions being procured are highly interdependent |
no accountability for full solution the weakest component will drive your risk profile |
take a full supply chain view of solutions evaluate suppliers and components on strength of solution, both independently and collectively |
give prime contractor accountability for performance, but also allow Commonwealth to reach through to subcontractors to maintain services |
|
Contracts must protect Commonwealth data and systems |
compromise of sensitive Commonwealth data unauthorized disablement of Commonwealth data and citizen services |
understand the data sensitivity of the procurement/project collaborate with your business owner, project manager, information security officer and other SMEs |
include protective contract terms to cover data privacy and security. require supplier to perform specific actions, to have special insurance coverages and to comply with Commonwealth data, architecture and security standards require supplier to undergo a security assessment of their cloud solution (SaaS application) prior to agency making an award VITA SCM has cloud terms available if the procurement is for Software as a Service Agency may inquire at: scminfo@vita.virginia.gov |
A structured IT sourcing process provides a comprehensive framework to ensure agencies that:
- omissions from a business, technical or legal standpoint are anticipated and prevented
- the costs and resources for the IT sourcing process are appropriate and are efficiently deployed
- the business case in support of the IT procurement is reaffirmed prior to selecting a solution
- across the board executive buy-in to the new system or technology is measurable as a result of user group involvement throughout the IT sourcing process
Regardless of the nature of the anticipated IT procurement, its size, cost and complexity, the following core principles of IT sourcing apply:
- Use a structured solicitation process which incorporates multiple complex domains, e.g., legal, technical, business functionality, financial.
- Sourcing should be a data-driven business process, which incorporates and balances concerns across multiple domains.
- Contract formation and negotiation are part of the decision process. It is critical to include an appropriate contract in the solicitation. If the supplier is not committed to providing the Commonwealth with value through the negotiation process, the Supplier should be evaluated accordingly.
- Business needs must be supported in the solicitation requirements and any statement of work. Focus less on specification-driven solicitations for major systems/solutions and write solicitations that are structured for IT suppliers to offer innovative and cost effective solutions.
- The sourcing evaluation process should include a comprehensive cost analysis that includes the total cost of ownership and all cost components including maintenance and not just the price of software or hardware.
- Long-term issues such as obsolesce, technology replacement and compatibility must be part of the evaluation, negotiation and decision-making process.
- Negotiations must be conducted prior to the selection of a particular IT solution or supplier.
- Intangible rights, software ownership and other critical terms and conditions must be considered in evaluation and negotiation.
- Risk analysis and trade-offs must consider the security of Commonwealth systems/data and continuity of operations for the Commonwealth and the solution and/or supplier's potential impact on the Commonwealth's ability to protect Commonwealth assets and service its citizens without interruption.
Search the manual by key words or common terms.