Infrastructure &Operations Priorities 2023

Navigate the liminal space between threats and opportunities.

2023: A liminal space between threats and opportunities

Introduction

Welcome to the Info-Tech 2023 I&O Priorities Report

Infrastructure & Operations priorities

The I&O priorities were determined by combining I&O member responses from the Tech Trends and Priorities 2023 survey with insightful signals from secondary research, economic markets, regulatory bodies, industry organizations, and vendors.

I&O Priorities 2023

I&O priorities framework

Challenge: Expand the I&O border

The hidden message in this report is that I&O priorities extend beyond the traditional scope of I&O functions. I&O members need to collaborate across functional areas to successfully address the priorities presented in this report. Info-Tech can help! Align your priorities with our material on how to Build a Business-Aligned IT Strategy. Use a modified version of the Strategy Initiative Template (next slide) to convey your strong opinion on the priorities you need your stakeholders to know about. And do so in a way that is familiar so they will easily understand.

Info-Tech 2023 Trends Survey Results

Call your Executive Advisor or Counselor to help identify the one or two key messages you want to bring forward for success in 2023!

Info-Tech IT Strategy Initiative Template, from the IT Strategy Presentation Template & Priorities Report Initiative Template .

Protect from threats

Get out of your silo. Forget your job description and just start doing what needs to be done.

Enhance I&O Cybersecurity

Produce ESG Reporting

Recession Readiness

Enhance cybersecurity response

SIGNALS

Enhance cybersecurity response

SIGNALS

Enhance cybersecurity response

SIGNALS

Enhance cybersecurity response

CALL TO ACTION

Get out of your I&O silo and form cross-functional cybersecurity teams.

I&O priority actions

Establish a cross-functional security steering committee to coordinate security processes and technologies. The complexity of managing security across modern applications, cloud, IoT, and network infrastructure that members operate is greater than ever before and requires coordinated teamwork.

Contain the cyber threat with zero trust (ZT) architecture. Extend ZT to network and critical infrastructure to limit exposure.

Leverage AI to build vigilant security intelligence. Smart I&O operators will make use of AI automation to augment their security technologies to help detect threats and contain security incidents on critical infrastructure.

Enhance cybersecurity response

I&O priority actions

Build specialized cybersecurity incident management protocols with your service desk. Build integrated security focused teams within service desk operations that continually test and improve security incident response protocols internally and with specialized security vendors. In some organizations, security incident response teams extend beyond traditional infrastructure into social media. Work cross-functionally to determine the risk exposure to misinformation and incident response procedures.

Treat lost or stolen equipment as a security incident. Develop hardware asset management protocols for tracking and reporting on these incidents and keep a record of equipment disposal. Implement tools that allow for remote deletion of data and report on lost or stolen equipment.

Produce ESG reporting

SIGNALS

Produce ESG reporting

SIGNALS

ESG mandates are being rolled out globally.

ESG reporting has greatly expanded since a 2017 report by Task Force on Climate-Related Financial Disclosures (TCFD, 2017) which recommended that organizations disclose climate-related financial metrics for investors to appropriately price climate-related risks to share price. In 2021, the Swiss Finance Institute research paper (Sautner, 2021) identified 29 countries that require ESG reporting, primarily for larger public companies, financial institutions, and state-owned corporations.

Global ESG mandates

29 nations with ESG mandates identified by the Swiss Finance Institute

Produce ESG reporting

SIGNALS

Produce ESG reporting

CALL TO ACTION

Being unprepared for new ESG reporting mandates without a clear and validated ESG reporting process puts your organization at risk.

I&O priority actions

Understand ESG risk exposure. Define the gap between what ESG reporting is required in your jurisdiction and current reporting capabilities to meet them. Build the I&O role with responsibility for ESG reporting.

Include vendors in ESG reporting. Review infrastructure facilities with landlords, utilities, and hosting providers to see if they can provide ESG reporting on sustainable power generation, then map it to I&O power consumption as part of their contractual obligations. Ask equipment vendors to provide ESG reporting on manufacturing materials and energy consumption to boot-strap data collection.

Implement a HAM process to track asset disposal and other types of e-waste. Update agreements with disposal vendors to get reporting on waste and recycle volumes.

Produce ESG reporting

I&O priority actions

Implement an ESG reporting framework. There are five major ESG reporting frameworks being used globally. Select one of the frameworks below that makes sense for your organization, and implement it.

ISO 14001 Environmental Management: Part of the ISO Technical Committee family of standards that allows your organization to understand its legal requirements to become certified in ESG.

Global Reporting Initiative (GRI) Sustainability Reporting Standards: GRI has been developing ESG reporting standards since 1997. GRI provides a modular ESG framework applicable to all sizes and sectors of organizations worldwide.

Principles for Responsible Investment: UN-developed framework for ESG reporting framework for disclosure in responsible investments.

Sustainability Accounting Standards Board (SASB): ESG report framework to be used by investors.

UN Global Compact: ESG reporting framework based on 10 principles that organizations can voluntarily contribute data to.

Implement a HAM process to track asset disposal and other types of e-waste. Update agreements with disposal vendors to get reports on waste and recycle volumes.

Recession readiness

SIGNALS

Recession readiness

SIGNALS

Recession readiness

SIGNALS

Tough choices on budgetary spends.

The responses indicated that I&O members expect decreased reinvestment for 2023 for the following:

• API programming (-21.7%)
• Cloud computing (-19.4%)
• 44% of I&O members indicated if 2023 requires costs cutting, 5-20% of their cloud computing investment will be at risk of the chopping block!
• Workforce management (-9.4%)
• No-code /low-code infrastructure (-5.3%)

Make sure you can clearly measure the value of all budgeted I&O activities.

Anything that can't demonstrate clear value to leadership is potentially on the chopping block.

Recession readiness

CALL TO ACTION

Get ahead of inflationary pressures with early budgetary planning, and identify the gap between the catch-up projects and required critical net new investments.

II&O priority actions

Hedge against inflation on infrastructure projects. Develop and communicate value-based strategies to lock in pricing and mitigate inflationary risk with vendors.

Communicate value-add on all I&O budgeted items. Define an infrastructure roadmap to highlight which projects are technical debt and which are new strategic investments, and note their value to the organization.

Look for cost saving technologies. Focus on I&O projects that automate services to increase productivity and optimize head count.

Realize opportunities

Build on a record of COVID-related innovation success and position the enterprise to take advantage of 2023.

AI governance: Watching the watchers

Data stewardship: Cornerstone of value

Prep for a brave new metaverse

AI governance: Watching the watchers

SIGNALS

AI governance: Watching the watchers

SIGNALS

AI governance: Watching the watchers

CALL TO ACTION

Establish I&O within an AI governance program to build trust in AI results and behaviors and limit legal exposure.

I&O priority actions

Define who has overall AI accountability for AI governance within I&O. This role is responsible for establishing strategic governance metrics over AI use and results, and identifying liability risks.

Maintain an inventory of AI use. Conduct an audit of where AI is used within I&O, and identify gaps in documentation and alignment with I&O processes and organizational values.

Define an I&O success map. Provide transparency of AI use by generating pseudo code of AI models, and scorecard AI decision making with expected predictions and behavioral actions taken.

AI governance: Watching the watchers

Manage bias in AI decision making. Work with AI technology vendors to identify how unethical bias can enter the results, using operational data sets for validation prior to rollout.

Protect AI data sets from manipulation. Generate new secure storage for AI technology audit trails on AI design making and results. Work with your security team to ensure data sets used by AI for training can’t be corrupted.

Data governance: Cornerstone of value

SIGNALS

Data governance: Cornerstone of value

SIGNALS

Approach to data analysis is primarily done in-house.

85% of surveyed I&O members are doing data analysis with custom-made or external tools. Interestingly, 10% of I&O members do not conduct any data analysis.

Members are missing a formal data governance process.

81% of surveyed I&O members do not have a formal or automated process for data governance. Ironically, 24% of members responded that they aim to have publicly accessible data-as-a-service or information repositories.

Despite investment in data initiatives, organizations carry high levels of data debt.

Info-Tech research, Establish Data Governance, points out that data debt, the accumulated cost associated with sub-optimal governance of data assets, is a problem for 78% of organizations.

What the enterprise expects out of enterprise storage is much more complicated in 2023.

Data protection and governance are non-negotiable aspects of enterprise storage, even when it’s unstructured.

Data governance: Cornerstone of value

SIGNALS

Data governance: Cornerstone of value

CALL TO ACTION

Develop a data governance program that includes an I&O data steward for oversight.

I&O priority actions

Establish an I&O data steward. Make data governance by establishing a data steward role with accountability for governance. The steward works collaboratively with DataOPs to control access to I&O data, enforce policies, and reduce the time to make use of the data.

Define a comprehensive storage architecture. If you thought you had a data sprawl problem before, wait until you see the volume of data generated from IoT and Web 3.0 applications. Get ahead of the problem by creating an infrastructure roadmap for structured and unstructured data storage.

Build a solid backbone for AI Operations using data quality best practices. Data quality is the foundation for generation of operational value from the data and artificial intelligence efforts. Focus on using a methodology to build a culture of data quality within I&O systems and applications that generate data rather than reactive fixes.

Look to partner with third-party vendors for your master data management (MDM) efforts. Modern MDM vendors can work with your existing data fabrics/lake and help leverage your data governance policies into the cloud.

Prep for a brave new metaverse

SIGNALS

From science fiction to science fact.

The term metaverse was coined in 1992 by Neal Stephenson and is a common theme in science fiction. For most I&O surveyed professionals, the term metaverse conjures up more confusion than clarity, as it’s not one place, but multiple metaverse worlds. The primordial metaverse was focused on multiplayer gaming and some educational experiences. It wasn’t until recently that it gained a critical mass in the fashion and entertainment industries with the use of non-fungible tokens (NFT). The pandemic created a unique opportunity for metaverse-related technologies to expand Web 3.0.

Related Info-Tech Research

• Into the Metaverse
• Establish a Foresight Capability
• Double Your Organization’s Effectiveness With a Digital Twin
• Adopt Blockchain for Supply Chain Transparency

Prep for a brave new metaverse

SIGNALS

Collaboration and beyond.

On one hand, metaverse technologies virtual reality(VR)/augmented reality (AR) headsets can be a method of collaborating internally within a single organization. About 10% of our surveyed I&O members engaged this type of collaborative metaverse in 2022, with another 24% looking to run proof of concept projects in 2023. However, there is a much larger terrain for metaverse projects outside of workforce collaboration, which 17% of surveyed I&O members are planning to engage with in 2023.

These are sophisticated new metaverse worlds, and digital twins of production environments are being created for B2B collaboration, operations, engineering, healthcare, architecture, and education that include the use of block chain, NFTs, smart contracts, and other Web 3.0 technologies

“They are the audiovisual bodies that people use to communicate with each other in the Metaverse.”

Neal Stephenson,
Snow Crash 1992

Prep for a brave new metaverse

SIGNALS

Metaverse requires multidimensional security.

Security in the context of the metaverse presents new challenges to I&O. The infrastructure that runs the metaverse is still vulnerable to “traditional” security threats. New attack vectors include financial and identity fraud, privacy and data loss, along with new cyber-physical threats which are predicted to occur as the metaverse begins to integrate with IoT and other 3D objects in the physical world.

The ultimate in "not a product" – the metaverse promises to be a hodgepodge of badly standardized technologies for the near future.

Be prepared to take care of pets and not cattle for the foreseeable future, but keep putting the fencing around the ranch.

Prep for a brave new metaverse

SIGNALS

Prep for a brave new metaverse

CALL TO ACTION

Ready or not, the metaverse is coming to an infrastructure near you. Start expanding I&O technologies and processes to support a metaverse infrastructure.

I&O priority actions

Develop a plan for network upgrades.

A truly immersive VR/AR experience requires very low latency. Identify gaps and develop a plan to enhance your network infrastructure surrounding your metaverse space(s) and end users.

Extend security posture into the metaverse.

Securing the infrastructure that runs your metaverse is going to extend the end-user equipment used to navigate it. More importantly, security policies need to encompass the avatars that navigate it and the spatial web that they interact with, which can include physical world items like IoT.

Prep for a brave new metaverse

I&O priority actions

Metaverse theft prevention

Leverage existing strategies to identify management in the metaverse. Privacy policies need to extend their focus to data loss prevention within the metaverse.

Collaborate

The skill set required to build, deploy, manage, and support the metaverse is complex. Develop a metaverse support organization that extends beyond I&O functions into security, DevOps, and end-user experiences.

Educate

Web 3.0 technologies and business models are complex. Education of I&O technical- and commerce-focused team members is going to help prevent you from getting blindsided. Seek out specialized training programs for technical staff and strategic education for executives, like the Wharton School of Business certification program.

Authors

John Annand Principal Research Director	Theo Antoniadis Principal Research Director	Contributors Paul Sparks, CTO at Brookshire Grocery Company 2 Anonymous Contributors
Figuring out the true nature of the “Turbo” button of his 486DX100 launched John on a 20-year career in managed services and solution architecture, exploring the secrets of HPC, virtualization, and DIY WANs built with banks of USR TotalControl modems. Today he focuses his research and advisory on software-defined infrastructure technologies, strategy, organization, and service design in an increasingly Agile and DevOps world.	Theo has decades of operational and project management experience with start-ups and multinationals across North America and Europe. He has held various consulting, IT management and operations leadership positions within telecommunications, SaaS, and software companies.

Bibliography

“3 Cybersecurity Trends that are Changing Financial Data Management." FIMA US. Accessed August 2022.
Arti. “While much of the world is just discovering the Metaverse, a number of universities have already established centers for studying Web 3." Analytics Insight. 10 July 2022.
“Artificial intelligence (AI) for cybersecurity." IBM. Accessed September 2022
“Business in the Metaverse Economy." Wharton School of University of Pennsylvania. Accessed October 2022.
“Cost of a data breach 2022: A million-dollar race to detect and respond." IBM. Accessed September 2022.
“Countries affected by mandatory ESG reporting – here’s the list." New Zealand Ministry of Business, Innovation & Employment. Accessed September 2022.
“Countries affected by mandatory ESG reporting – here’s the list.” WorldFavor. Accessed September 2022.
Crenshaw, Caroline A. “SEC Proposes to Enhance Disclosures by Certain Investment Advisers and Investment Companies About ESG Investment Practices." U.S. Securities and Exchange Commission. May 2022.
“Cutting through the metaverse hype: Practical guidance and use cases for business." Avanade. Accessed October 2022.
“Data Governance Global Market Sees Growth Rate Of 25% Through 2022." The Business Research Company. August 2022.
“DIRECTIVE 2014/95/EU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 22 October 2014 amending Directive 2013/34/EU as regards disclosure of non-financial and diversity information by certain large undertakings and groups." UER-Lex. Accessed September 2022.
"Ethically Aligned Design: A Vision for Prioritizing Human Well-being with Autonomous and Intelligent Systems." IEEE. March 2019.
“European Parliament resolution of 20 October 2020 with recommendations to the Commission on a civil liability regime for artificial intelligence." European Parliament. Accessed October 2022.
Ghose, Ronit et al. "Metaverse and Money." Citi GPS. March 2022.
Hernandez, Roberto, et al. “Demystifying the metaverse." PWC. Accessed August 2022.
Info-Tech Trends Report Survey, 2023; N=813.
“ISO 14000 Family: Environmental Management." ISO. Accessed October 2022.
Knight, Michelle & Bishop, Annie, ”The 2022 State of Cloud Data Governance.“ Zaloni DATAVERSITY. 2022.

Bibliography

Kompella, Kashyap, “What is AI governance and why do you need it?“ TechTarget. March 2022.
“Management of electronic waste worldwide in 2019, by method." Statista. 2022.
“Model Artificial Intelligence Governance Framework and Assessment Guide.“ World Economic Forum. Accessed September 2022.
“Model Artificial Intelligence Governance Framework." PDPC Singapore. Accessed October 2022.
“New rules on corporate sustainability reporting: provisional political agreement between the Council and the European Parliament.“ European Council. June 2022.
"OECD Economic Outlook Volume 2022." OECD iLibrary. June 2022.
"Recommendations of the Task Force on Climate-related Financial Disclosures." TCFD. Accessed August 2022.
“Risk of Global Recession in 2023 Rises Amid Simultaneous Rate Hikes.” World Bank Organization. September 2022.
Sautner, Zacharias, et al. “The Effects of Mandatory ESG Disclosure around the World.” SSRN. November 2021.
Sondergaard, Peter. “AI GOVERNANCE – WHAT ARE THE KPIS? AND WHO IS ACCOUNTABLE?“ The Sondergaard Group. November 2019.
Srivastavam Sudeep, “How can your business enter the Metaverse?." Appinventiv.
September 2022.
“Standards Overview." SASB. Accessed October 2022.
Stephenson, Neal. Snow Crash. Bantam Books, 1992.
“Sustainability Reporting Standards." Global Reporting Initiative. Accessed October 2022.
“The Ten Principles of the UN Global Compact." UN Global Compact. Accessed October 2022.
Tian Tong Lee, Sheryl. "China Unveils ESG Reporting Guidelines to Catch Peers.” Bloomberg. May 2022.
“What are the Principles for Responsible Investment?" UNPRI. Accessed October 2022.
"What is the EU's Corporate Sustainability Reporting Directive (CSRD)?" WorldFavor.
June 2022.
West, Darrell M. “Six Steps to Responsible AI in the Federal Government.“ Brookings Institution. March 2022. Web.

Design and Build an Effective Contract Lifecycle Management Process

Mitigate risk and drive value through robust best practices for contract lifecycle management.

Our understanding of the problem

This Research Is Designed For:

• The CIO who depends on numerous key vendors for services
• The CIO or Project Manager who wants to maximize the value delivered by vendors
• The Director or Manager of an existing IT procurement or vendor management team
• The Contracts Manager or Legal Counsel whose IT department holds responsibility for contracts, negotiation, and administration

This Research Will Help You:

• Implement and streamline the contract management process, policies, and procedures
• Baseline and benchmark existing contract processes
• Understand the importance and value of contract lifecycle management (CLM)
• Minimize risk, save time, and maximize savings with vendor contracts

This Research Will Also Assist

• IT Service Managers
• IT Procurement
• Contract teams
• Finance and Legal departments
• Senior IT leadership

This Research Will Help Them

• Understand the required components of a CLM
• Establish the current CLM maturity level
• Implement a new CLM process
• Improve on an existing or disparate process

ANALYST PERSPECTIVE

"Contract lifecycle management (CLM) is a vital process for small and enterprise organizations alike. Research shows that all organizations can benefit from a contract management process, whether they have as few as 25 contracts or especially if they have contracts numbering in the hundreds.

A CLM system will:

• Save valuable time in the entire cycle of contract/agreement processes.
• Save the organization money, both hard and soft dollars.
• Mitigate risk to the organization.
• Avoid loss of revenue.

If you’re not managing your contracts, you aren’t capitalizing on your investment with your vendors and are potentially exposing your organization to contract and monetary risk."

- Ted Walker
Principal Research Advisor, Vendor Management Practice
Info-Tech Research Group

Executive Summary

Situation

• Most organizations have vendor overload and even worse, no defined process to manage the associated contracts and agreements. To manage contracts, some vendor management offices (VMOs) use a shared network drive to store the contracts and a spreadsheet to catalog and manage them. Yet other less-mature VMOs may just rely on a file cabinet in Procurement and a reminder in someone’s calendar about renewals. These disparate processes likely cost your organization time spent finding, managing, and renewing contracts, not to mention potential increases in vendor costs and risk and the inability to track contract obligations.

Complication

• Contract lifecycle management (CLM) is not an IT buzzword, and it’s rarely on the top-ten list of CIO concerns in most annual surveys. Until a VMO gets to a level of maturity that can fully develop a CLM and afford the time and costs of doing so, there can be several challenges to developing even the basic processes required to store, manage, and renew IT vendor contracts. As is always an issue in IT, budget is one of the biggest obstacles in implementing a standard CLM process. Until senior leadership realizes that a CLM process can save time, money, and risk, getting mindshare and funding commitment will remain a challenge.

Resolution

• Understand the immediate benefits of a CLM process – even a basic CLM implementation can provide significant cost savings to the organization; reduce time spent on creating, negotiating, and renewing contracts; and help identify and mitigate risks within your vendor contracts.
• Budgets don’t always need to be a barrier to a standard CLM process. However, a robust CLM system can provide significant savings to the organization.

Info-Tech Insight

• If you aren’t managing your contracts, you aren’t capitalizing on your investments.
• Even a basic CLM process with efficient procedures will provide savings and benefits.
• Not having a CLM process may be costing your organization money, time, and exposure to unmitigated risk.

What you can gain from this blueprint

Why Create a CLM

• Improved contract organization
• Centralized and manageable storage/archives
• Improved vendor compliance
• Risk mitigation
• Reduced potential loss of revenue

Knowledge Gained

• Understanding of the value and importance of a CLM
• How CLM can impact many departments within the organization
• Who should be involved in the CLM steps and processes
• Why a CLM is important to your organization
• How to save time and money by maximizing IT vendor contracts
• How basic CLM policies and procedures can be implemented without costly software expenditure

The Outcome

• A foundation for a CLM with best-practice processes
• Reduced exposure to potential risks within vendor contracts
• Maximized savings with primary vendors
• Vendor compliance and corporate governance
• Collaboration, transparency, and integration with business units

Contract management: A case study

CASE STUDY
Industry Finance and Banking
Source Apttus

FIS Global

The Challenge

FIS’ business groups were isolated across the organization and used different agreements, making contract creation a long, difficult, and manual process.

• Customers frustrated by slow and complicated contracting process
• Manual contract creation and approval processes
• Sensitive contract data that lacked secure storage
• Multiple agreements managed across divisions
• Lack of central repository for past contracts
• Inconsistent and inaccessible

The Solution: Automating and Streamlining the Contract Management Process

A robust CLM system solved FIS’ various contract management needs while also providing a solution that could expand into full quote-to cash in the future.

• Contract lifecycle management (CLM)
• Intelligent workflow approvals (IWA)
• X-Author for Excel

Customer Results

• 75% cycle time reduction
• $1M saved in admin costs per year
• 49% increase in sales proposal volume
• Automation on one standard platform and solution
• 55% stronger compliance management
• Easy maintenance for various templates
• Ability to quickly absorb new contracts and processes via FIS’s ongoing acquisitions

Track the impact of CLM with these metrics

The numbers are compelling

71%

of companies can’t locate up to 10% of their contracts.

Source: TechnologyAdvice, 2019

9.2%

of companies’ annual revenue is lost because of poor contract management practices.

Source: IACCM, 2019

60%

still track contracts in shared drives or email folders.

Source: “State of Contract Management,” SpringCM, 2018

CLM blueprint objectives

• To provide a best-practice process for managing IT vendor contract lifecycles through a framework that organizes from the core, analyzes each step in the cycle, has collaboration and governance attached to each step, and integrates with established vendor management practices within your organization.
• CLM doesn’t have to be an expensive managed database system in the cloud with fancy dashboards. As long as you have a defined process that has the framework steps and is followed by the organization, this will provide basic CLM and save the organization time and money over a short period of time.
• This blueprint will not delve into the many vendors or providers of CLM solutions and their methodologies. However, we will discuss briefly how to use our framework and contract stages in evaluating a potential solution that you may be considering.

Info-Tech offers various levels of support to best suit your needs

DIY Toolkit

"Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

Guided Implementation

“Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

Workshop

"We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

Consulting

"Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

Diagnostics and consistent frameworks used throughout all four options

Design and Build an Effective CLM Process – project overview

Workshop overview

Contact your account representative or email Workshops@InfoTech.com for more information.

PHASE 1

Master the Operational Framework of Contract Lifecycle Management

Design and Build an Effective CLM Process

Phase 1: Master the Operational Framework of Contract Lifecycle Management

Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of
2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

What Is Contract Lifecycle Management?

• Every contract has a lifecycle, from creation to time and usage to expiration. Organizations using a legacy or manual contract management process usually ask, “What is contract lifecycle management and how will it benefit my business?”
• Contract lifecycle management (CLM) creates a process that manages each contract or agreement. CLM eases the challenges of managing hundreds or even thousands of important business and IT contracts that affect the day-to-day business and could expose the organization to vendor risk.
• Managing a few contracts is quite easy, but as the number of contracts grows, managing each step for each contract becomes increasingly difficult. Ultimately, it will get to a point where managing contracts properly becomes very difficult or seemingly impossible.

That’s where contract lifecycle management (CLM) comes in.

CLM can save money and improve revenue by:

• Improving accuracy and decreasing errors through standardized contract templates and approved terms and conditions that will reduce repetitive tasks.
• Securing contracts and processes through centralized software storage, minimizing risk of lost or misplaced contracts due to changes in physical assets like hard drives, network shares, and file cabinets.
• Using policies and procedures that standardize, organize, track, and optimize IT contracts, eliminating time spent on creation, approvals, errors, and vendor compliance.
• Reducing the organization’s exposure to risks and liability.
• Having contracts renewed on time without penalties and with the most favorable terms for the business.

The Operational Framework of Contract Lifecycle Management

Four Components of the Operational Framework

1. Organization
2. Analysis
3. Collaboration and Governance
4. Integration/Vendor Management

• By organizing at the core of the process and then analyzing each stage, you will maximize each step of the CLM process and ensure long-term contract management for the organization.
• Collaboration and governance as overarching policies for the system will provide accountability to stakeholders and business units.
• Integration and vendor management are encompassing features in a well-developed CLM that add visibility, additional value, and savings to the entire organization.

Info-Tech Best Practice

Putting a contract manager in place to manage the CLM project will accelerate the improvements and provide faster returns to the organizations. Reference Info-Tech’s Contract Manager Job Description template as needed.

The operational framework is key to the success, return on investment (ROI), cost savings, and customer satisfaction of a CLM process.

1. Organization

• Every enterprise needs to organize its contract documents and data in a central repository so that everyone knows where to find the golden source of contractual truth.
• This includes:
• A repository for storing and organizing contract documents.
• A data dictionary for describing the terms and conditions in a consistent, normalized way.
• A database for persistent data storage.
• An object model that tracks changes to the contract and its prevailing terms over time.

Info-Tech Insight

Paper is still alive and doing very well at slowing down the many stages of the contract process.

2. Analysis

Most organizations analyze their contracts in two ways:

• First, they use reporting, search, and analytics to reveal risky and toxic terms so that appropriate operational strategies can be implemented to eliminate, mitigate, or transfer the risk.
• Second, they use process analytics to reveal bottlenecks and points of friction as contracts are created, approved, and negotiated.

3. Collaboration

• Throughout the contract lifecycle, teams must collaborate on tasks both pre-execution and post-execution.
• This includes document collaboration among several different departments across an enterprise.
• The challenge is to make the collaboration smooth and transparent to avoid costly mistakes.
• For some contracting tasks, especially in regulated industries, a high degree of control is required.
• In these scenarios, the organization must implement controlled systems that restrict access to certain types of data and processes backed up with robust audit trails.

4. Integration

• For complete visibility into operational responsibilities, relationships, and risk, an organization must integrate its golden contract data with other systems of record.
• An enterprise contracts platform must therefore provide a rich set of APIs and connectors so that information can be pushed into or pulled from systems for enterprise resource planning (ERP), customer relationship management (CRM), supplier relationship management (SRM), document management, etc.

This is the ultimate goal of a robust contract management system!

Member Activity: Document Current CLM Processes

1.1 Completion Time: 1-5 days

Goal: Document your existing CLM processes (if any) and who owns them, who manages them, etc.

Instructions

Interview internal business unit decision makers, stakeholders, Finance, Legal, CIO, VMO, Sales, and/or Procurement to understand what’s currently in place.

1. Use the Existing CLM Process Worksheet to capture and document current CLM processes.
2. Establish what processes, procedures, policies, and workflows, if any, are in place for pre-execution (Phase 1) contract stages.
3. Do the same for post-execution (Phase 2) stages.
4. Use this worksheet as reference for assessments and as a benchmark for improvement review six to 12 months later.

INPUT

• Internal information from all CLM stakeholders

OUTPUT

• A summary of processes and owners currently in place

Materials

• Existing CLM processes from interviews

Participants

• Finance, Legal, CIO, VMO, Sales, Procurement

PHASE 2

Understand the Ten Stages of Contract Lifecycle Management

Design and Build an Effective CLM Process

Phase 1: Master the Operational Framework of Contract Lifecycle Management

Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of
2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

The Ten Stages of Contract Lifecycle Management

There are ten key stages of contract lifecycle management.

The steps are divided into two phases, pre-execution and post-execution.

Pre-Execution (Phase 1)

1. Request
2. Create
3. Review Risk
4. Approve
5. Negotiate
6. Sign

Post-Execution (Phase 2)

7. Capture
8. Manage
9. Monitor Compliance
10. Optimize

Ten Process Stages Within the CLM Framework

Stage 1: Request or Initiate

Contract lifecycle management begins with the contract requesting process, where one party requests for or initiates the contracting process and subsequently uses that information for drafting or authoring the contract document. This is usually the first step in CLM.

Requests for contracts can come from various sources:

• Business units within the organization
• Vendors presenting their contract, including renewal agreements
• System- or process-generated requests for renewal or extension

At this stage, you need to validate if a non-disclosure agreement (NDA) is currently in place with the other party or is required before moving forward. At times, adequate NDA components could be included within the contract or agreement to satisfy corporate confidentiality requirements.

Stage 1: Request or Initiate

Stage Input

• Information about what the contract needs to contain, such as critical dates, term length, coverage, milestones, etc.
• Some organizations require that justification and budget approval be provided at this stage.
• Request could come from a vendor as a pre-created contract.
• Best practices recommend that a contract request form or template is used to standardize all required information.

Stage Output

• Completed request form, stored or posted with all details required to move forward to risk review and contract creation.
• Possible audit trails.

Stage 2: Create Contract

• At the creation or drafting stage, the document is created, generated, or provided by the vendor. The document will contain all clauses, scope, terms and conditions, and pricing as required.
• In some cases, a vendor-presented contract that is already prepared will go through an internal review or redlining process by the business unit and/or Legal.
• Both internal and external review and redlining are included in this stage.
• Also at this stage, the approvers and signing authorities are identified and added to the contract. In addition, some audit trail features may be added.

Info-Tech Best Practice

For a comprehensive list of terms and conditions, see our Software Terms & Conditions Evaluation Tool within Master Contract Review and Negotiation for Software Agreements.

Stage 2: Create Contract

Stage Input

• Contract request form, risk review/assessment.
• Vendor- or contractor-provided contract/agreement, either soft copy, electronic form, or more frequently, “clickwrap” web-posted document.
• Could also include a renewal notification from a vendor or from the CLM system or admin.

Stage Output

• Completed draft contract or agreement, typically in a Microsoft Word or Adobe PDF format with audit trail or comment tracking.
• Redlined document for additional revision and or acceptance.
• Amendment or addendum to existing contract.

Stage 3: Review Risk 1 of 2

The importance of risk review can not be understated. The contract or agreement must be reviewed by several stakeholders who can identify risks to the organization within the contract.

Three important definitions:

1. Risk is the potential for a negative outcome. A risk is crossing the street while wearing headphones and selecting the next track to play on your smartphone. A negative outcome is getting hit by an oncoming person who, unremarkably, was doing something similar at the same time.
2. Risk mitigation is about taking the steps necessary to minimize both the likelihood of a risk occurring – look around both before and while crossing the street – and its impact if it does occur – fall if you must, but save the smartphone!
3. Contract risk is about any number of situations that can cause a contract to fail, from trivially – the supplier delivers needed goods late – to catastrophically – the supplier goes out of business without having delivered your long-delayed orders.

Stage 3: Review Risk 2 of 2

• Contracts must be reviewed for business terms and conditions, potential risk situations from a financial or legal perspective, business commitments or obligations, and any operational concerns.
• Mitigating contract risk requires a good understanding of what contracts are in place, how important they are to the success of the organization, and what data they contain.

Collectively, this is known as contract visibility.

• Risk avoidance and mitigation are also a key component in the ROI of a CLM system and should be tracked for analysis.
• Risk-identifying forms or templates can be used to maintain consistency with corporate standards.

Stage 3: Review Risk

Stage Input

• All details of the proposed contract so that a proper risk analysis can be done as well as appropriate review with stakeholders, including:
  • Finance
  • Legal
  • Procurement
  • Security
  • Line-of-business owner
  • IT stakeholders

Stage Output

• A list of identified concerns that could expose the business unit or organization.
• Recommendations to minimize or eliminate identified risks.

Stage 4: Approve

The approval stage can be a short process if policies and procedures are already in place. Most organizations will have defined delegation of authority or approval authority depending on risk, value of the contract, and other corporate considerations.

• Defined approval levels should be known within the organization and can be applied to the approval workflow, expediting the approval of drafted terms, conditions, changes, and cost/spend within the contract internally.
• Tracking and flexibility needs to considered in the approval process.
• Gates need to be in place to ensure that a required approver has approved the contract before it moves to the next approver.
• Flexibility is needed in some situations for ad hoc approval tasks and should include audit trail as required.
• Approvers can include business units, Finance, Legal, Security, and C-level leaders

Stage 4: Approve

Stage Input

• Complete draft contract with all terms and conditions (T&Cs) and approval trail.
• Amendment or addendum to existing contract.

Stage Output

• Approved draft contract ready to move to the next step of negotiating with the vendor.
• Approved amendment or addendum to existing or renewal agreement.

Stage 5: Negotiate

• At this stage, there should be an approved draft of the contract that can be presented to the other party or vendor for review.
• Typically organizations will negotiate their larger deals for terms and conditions with the goal of balancing the contractual allocation of risk with the importance of the vendor or agreement and its value to the business.
• Several people on either side are typically involved and will discuss legal and commercial terms of the contract. Throughout the process, negotiators may leverage a variety of tools, including playbooks with preferred and fallback positions, clause libraries, document redlines and comparisons, and issue lists.

• Audit trails or tracking of changes and acceptances is an important part of this stage. Tracking will avoid duplication and lost or missed changes and will speed up the entire process.
• A final, clean document is created at this point and readied for execution.

Stage 5: Negotiate

Stage Input

• Approved draft contract ready to move to the next step of negotiating with the vendor.
• Approved amendment or addendum to existing or renewal agreement.

Stage Output

• A finalized and approved contract or amendment with agreed-upon terms and conditions ready for signatures.

Info-Tech Insight

Saving the different versions of a contract during negotiations will save time, provide reassurance of agreed terms as you move through the process, and provide reference for future negotiations with the vendor.

Stage 6: Sign or Execute

• At this stage in the process, all the heavy lifting in a contract’s creation is complete. Now it’s signature time.
• To finalize the agreement, both parties need to the sign the final document. This can be done by an in-person wet ink signature or by what is becoming more prevalent, digital signature through an e-signature process.
• Once complete, the final executed documents are exchanged or received electronically and then retained by each party.

Stage 6: Sign or Execute

Stage Input

• A finalized and approved contract or amendment with agreed-upon terms and conditions ready for signatures.

Stage Output

• An executed contract or amendment ready to move to the next stage of CLM, capturing in the repository.

Info-Tech Best Practice

Process flow provisions should made for potential rejection of the contract by signatories, looping the contract back to the appropriate stage for rework or revision.

Stage 7: Capture in Database/Repository 1 of 2

• This is one of the most important stages of a CLM process. Executed agreements need to be stored in a single manageable, searchable, reportable, and centralized repository.
• All documents should to be captured electronically, reviewed for accuracy, and then posted to the CLM repository.
• The repository can be in various formats depending on the maturity, robustness, and budget of the CLM program.

Most repositories are some type of database:

• An off-the-shelf product
• A PaaS cloud-based solution
• A homegrown, internally developed database
• An add-on module to your ERP system

Stage 7: Capture in Database/Repository 2 of 2

Several important features of an electronic repository should be considered:

• Consistent metadata tagging of clauses, terms, conditions, dates, etc.
• Centralized summary view of all contracts
• Controlled access for those who need to review and manage the contracts

Establishing an effective repository will be key to providing measurable value to the organization and saving large amounts of time for the business unit.

Info-Tech Insight

Planning for future needs by investing a little more money into a better, more robust repository could pay bigger dividends to the VMO and organization while providing a higher ROI over time as advanced functionality is deployed.

Stage 8: Manage

• Once an agreement is captured in the repository, it needs to be managed from both an operational and a commitment perspective.
• Through a summary view or master list, contracts need to be operationally managed for end dates and renewals, vendor performance, discounts, and rebates.
• Managing contracts for commitment and compliance will ensure all contract requirements, rights, service-level agreements (SLAs), and terms are fulfilled. This will eliminate the high costs of missed SLAs, potential breaches, or missed renewals.
• Managing contracts can be improved by adding metadata to the records that allow for easier search and retrieval of contracts or even proactive notification.

• The repository management features can and should be available to business stakeholders, or reporting from a CLM admin can also alert stakeholders to renewals, pricing, SLAs, etc.
• Also important to this stage is reporting. This can be done by an admin or via a self-serve feature for stakeholders, or it could even be automated.

Stage 9: Monitor Compliance 1 of 2

• At this stage, the contracts or agreements need to be monitored for the polices within them and the purpose for which they were signed.
• This is referred to as obligation management and is a key step to providing savings to the organization and mitigating risk.
• Many contracts contain commitments by each party. These can include but are not limited to SLAs, service uptime targets, user counts, pricing threshold discounts and rebates, renewal notices to vendors, and training requirements.
• All of these obligations within the contracts should be summarized and monitored to ensure that all commitments are delivered on. Managing obligations will mitigate risks, maximize savings and rebates to the organization, and minimize the potential for a breach within the contract.

Stage 9: Monitor Compliance 2 of 2

• Monitoring and measuring vendor commitments and performance will also be a key factor in maximizing the benefits of the contract through vendor accountability.
• Also included in this stage is renewal and/or disposition of the contract. If renewal is due, it should go back to the business unit for submission to the Stage 1: Request process. If the business unit is not going to renew the contract, the contract must be tagged and archived for future reference.

Stage 10: Optimize

• The goal of this stage is to improve the other stages of the process as well as evaluate how each stage is integrating with the core operational framework processes.
• With more data and improved insight into contractual terms and performance, a business can optimize its portfolio for better value, greater savings, and lower-risk outcomes.
• For high-performance contract teams, the goal is a continuous feedback loop between the contract portfolio and business performance. If, for example, the data shows that certain negotiation issues consume a large chunk of time but yield no measurable difference in risk or performance, you may tweak the playbook to remedy those issues quickly.

Additional optimization tactics:

• Streamlining contract renewals with auto-renew
• Predefined risk review process or template, continuous review/improvement of negotiation playbook
• Better automation or flow of approval process
• Better signature delegation process if required
• Improving repository search with metadata tagging
• Automating renewal tracking or notice process
• Tracking the time a contract spends in each stage

Establish Your Current CLM Maturity Position

• Sometimes organizations have a well-defined pre-execution process but have a poor post-signature process.
• Identifying your current processes or lack thereof will provide you with a starting point in developing a plan for your CLM. It’s possible that most of the stages are there and just need some improvements, or maybe some are missing and need to be implemented.
• It’s not unusual for organizations to have a manual pre-execution process and an automated backend repository with compliance and renewal notices features.

Info-Tech Best Practice

Use the CLM Maturity Assessment Tool to outline where your organization is at each stage of the process.

Member Activity: Assess Current CLM Maturity

2.1 Completion Time 1-2 days

Goal: Identify and measure your existing CLM processes, if any, and provide a maturity value to each stage. The resulting scores will provide a maturity assessment of your CLM.

Instructions

1. Use the Existing CLM Process Worksheet to document current CLM processes.
2. Using the CLM worksheet info, answer the questions in the CLM Maturity Assessment Tool.
3. Review the results and scores on Tab 3 to see where you need to focus your initial improvements.
4. Save the initial assessment for future reference and reassess in six to 12 months to measure progress.

INPUT

• Internal information from all CLM stakeholders

OUTPUT

• A summary of processes and owners currently in place in the organization

Materials

• Existing CLM processes from interviews

Participants

• Finance, Legal, CIO, VMO, Sales, Procurement

Member Activity: Complete RASCI Chart

2.2 Completion Time 2-6 hours

Goal: Identify who in your organization is primarily accountable and involved in each stage of the CLM process.

Instructions

Engage internal business unit decision makers, stakeholders, Finance, Legal, CIO, VMO, Sales, and Procurement as required to validate who should be involved in each stage.

1. Using the information collected from internal reviews, assign a level in the CLM RASCI Diagram to each team member.
2. Use the resulting RASCI diagram to guide you through developing or improving your CLM stages.

INPUT

• Internal interview information

OUTPUT

• Understanding of who is involved in each CLM stage

Materials

• Interview data
• RASCI Diagram

Participants

• Finance, Legal, CIO, VMO, Sales, Procurement

Applying CLM Framework and Stages to Your Organization

• Understand what CLM process you currently do or do not have in place.
• Review implementation options: automated, semi-automated, and manual solutions.
• If you are improving an existing process, focus on one phase at a time, perfect it, and then move to the other phase. This can also be driven by budget and time.
• Create a plan to start with and then move to automating or semi-automating the stages.
• Building onto or enhancing an existing system or processes can be a cost-effective method to produce near-term measurable savings
• Focus on one phase at a time, then move on to the other phase.
• While reviewing implementation of or improvements to CLM stages, be sure to track or calculate the potential time and cost savings and risk mitigation. This will help in any required business case for a CLM.

CLM: An ROI Discussion 1 of 2

• ROI can be easier to quantify and measure in larger organizations with larger CLM, but ROI metrics can be obtained regardless of the company or CLM size.
• Organizations recognize their ROI through gains in efficiency across the entire business as well as within individual departments involved in the contracting process. They also do so by reducing the risk associated with decentralized and insecure storage of and access to their contracts, failure to comply with terms of their contracts, and missing deadlines associated with contracts.

Just a few of the factors to consider within your own organization include:

• The number of people inside and outside your company that touch your contracts.
• The number of hours spent weekly, monthly, and annually managing contracts.
• Potential efficiencies gained in better managing those contracts.
• The total number of contracts that exist at any given time.
• The average value and total value of those contract types.
• The potential risk of being in breach of any of those contracts.
• The number of places contracts are stored.
• The level of security that exists to prevent unauthorized access.
• The potential impact of unauthorized access to your sensitive contract data.

CLM: An ROI Discussion 2 of 2

Decision-Maker Apprehensions

Decision-maker concerns arise from a common misunderstanding – that is, a fundamental failure to appreciate the true source of contract management value. This misunderstanding goes back many years to the time when analysts first started to take an interest in contract management and its automation. Their limited experience (primarily in retail and manufacturing sectors) led them to think of contract management as essentially an administrative function, primarily focused on procurement of goods. In such environments, the purpose of automation is focused on internal efficiency, augmented by the possibility of savings from reduced errors (e.g. failing to spot a renewal or expiry date) or compliance (ensuring use of standard terms).

Today’s CLM systems and processes can provide ROI in several areas in the business.

Info-Tech Insight

Research on ROI of CLM software shows significant hard cost savings to an organization. For example, a $10 million company with 300 contracts valued at $3 million could realize savings of $83,400 and avoid up to $460,000 in lost revenues. (Derived from: ACCDocket, 2018)

Additional Considerations 1 of 2

Who should own and/or manage the CLM process within an organization? Legal, VMO, business unit, Sales?

This is an often-discussed question. Research suggests that there is no definitive answer, as there are several variables.

Organizations needs to review what makes the best business sense for them based on several considerations and then decide where CLM belongs.

• Business unit budgets and time management
• Available Administration personnel and time
• IT resources
• Security and access concerns
• Best fit based on organizational structure

35% of law professionals feel contract management is a legal responsibility, while 45% feel it’s a business responsibility and a final 20% are unsure where it belongs. (Source: “10 Eye-Popping Contract Management Statistics,” Apttus, 2018)

Additional Considerations 2 of 2

What type of CLM software or platform should we use?

This too is a difficult question to answer definitively. Again, there are several variables to consider. As well, several solutions are available, and this is not a one-size-fits-all scenario.

As with who should own the CLM process, organizations must review the various CLM software solutions available that will meet their current and future needs and then ask, “What do we need the system to do?”

• Do you build a “homegrown” solution?
• Should it be an add-on module to the current ERP or CRM system?
• Is on-premises more suitable?
• Is an adequate off-the-shelf (OTS) solution available?
• What about the many cloud offerings?
• Is there a basic system to start with that can expand as you grow?

Info-Tech Insight

When considering what type of solution to choose, prioritize what needs to been done or improved. Sometimes solutions can be deployed in phases as an “add-on” type modules.

Summary of Accomplishment

Knowledge Gained

• Documented current CLM process
• Core operational framework to build a CLM process on
• Understanding of best practices required for a sustainable CLM

Processes Optimized

• Internal RASCI process identified
• Existing internal stage improvements
• Internal review process for risk mitigation

Deliverables Completed

• Existing CLM Processes Worksheet
• CLM Maturity Assessment
• CLM RASCI Chart
• CLM improvement plan

Project Step Summary

Client Project: CLM Assessment and Improvement Plan

1. Set your goals – what do you want to achieve in your CLM project?
2. Assess your organization’s current CLM position in relation to CLM best practices and stages.
3. Map your organization’s RASCI structure for CLM.
4. Identify opportunities for stage improvements or target all low stage assessments.
5. Prioritize improvement processes.
6. Track ROI metrics.
7. Develop a CLM implementation or improvement plan.

Info-Tech Insight

This project can fit your organization’s schedule:

• Do-it-yourself with your team.
• Remote delivery (Info-Tech Guided Implementation).

CLM Blueprint Summary and Conclusion

• Contract management is a vital component of a responsible VMO that will benefit all business units in an organization, save time and money, and reduce risk exposure.
• A basic well-deployed and well-managed CLM will provide ROI in the short term.
• Setting an improvement plan with concise improvements and potential cost savings based on process improvements will help your business case for CLM get approval and leadership buy-in.
• Educating and aligning all business units and stakeholders to any changes to CLM processes will ensure that cost savings and ROI are achieved.
• When evaluating a CLM software solution, use the operational framework and the ten process stages in this blueprint as a reference guide for CLM vendor functionality and selection.

Related Info-Tech Research

Master Contract Review and Negotiation

Optimize spend with significant cost savings and negotiate from a position of strength.

Manage Your Vendors Before They Manage You

Maximize the value of vendor relationships.

Bibliography

Burla, Daniel. “The Must Know Of Transition to Dynamics 365 on Premise.” Sherweb, 14 April 2017. Web.

Anand, Vishal, “Strategic Considerations in Implementing an End-to-End Contract Lifecycle Management Solution.” DWF Mindcrest, 20 Aug. 2016. Web.

Alspaugh, Zach. “10 Eye-Popping Contract Management Statistics from the General Counsel’s Technology Report.” Apttus, 23 Nov. 2018. Web.

Bishop, Randy. “Contract Management is not just a cost center.” ContractSafe, 9 Sept. 2019. Web.

Bryce, Ian. “Contract Management KPIs - Measuring What Matters.” Gatekeeper, 2 May 2019. Web.

Busch, Jason. “Contract Lifecycle Management 101.” Determine. 4 Jan. 2018. Web.

“Contract Management Software Buyer's Guide.” TechnologyAdvice, 5 Aug. 2019. Web.

Dunne, Michael. “Analysts Predict that 2019 will be a Big Year for Contract Lifecycle Management.” Apttus, 19 Nov. 2018. Web.

“FIS Case Study.” Apttus, n.d. Web.

Gutwein, Katie. “3 Takeaways from the 2018 State of Contract Management Report.” SpringCM, 2018. Web.

“IACCM 2019 Benchmark Report.” IAACM, 4 Sept. 2019. Web.

Linsley, Rod. “How Proverbial Wisdom Can Help Improve Contract Risk Mitigation.” Gatekeeper, 2 Aug. 2019. Web.

Mars, Scott. “Contract Management Data Extraction.” Exari, 20 June 2017. Web.

Rodriquez, Elizabeth. “Global Contract Life-Cycle Management Market Statistics and Trends 2019.” Business Tech Hub, 17 June 2017. Web.

“State of Contract Management Report.” SpringCM, 2018. Web.

Teninbaum, Gabriel, and Arthur Raguette. “Realizing ROI from Contract Management Technology.” ACCDocket.com, 29 Jan. 2018. Web.

Wagner, Thomas. “Strategic Report on Contract Life cycle Management Software Market with Top Key Players- IBM Emptoris, Icertis, SAP, Apttus, CLM Matrix, Oracle, Infor, Newgen Software, Zycus, Symfact, Contract Logix, Coupa Software.” Market Research, 21 June 2019. Web.

“What is Your Contract Lifecycle Management (CLM) Persona?” Spend Matters, 19 Oct. 2017. Web.

Manage Your Chromebooks and MacBooks

Financial constraints, strategy, and your user base dictate the need for Chromebooks and MacBooks – now you have to manage them in your environment.

Analyst Perspective

Managing MacBooks and Chromebooks is similar to managing Windows devices in many ways and different in others. The tools have many common features, yet they struggle to achieve the same goals.

Until recently, Windows devices dominated the workplace globally. Computing devices were also rare in many industries such as education. Administrators and administrative staff may have used Windows-based devices, but Chromebooks were not yet in use. Most universities and colleges were Windows-based in offices with some flavor of Unix in other areas, and Apple devices were gaining some popularity in certain circles.

That is a stark contrast compared to today, where Chromebooks dominate the classrooms and MacBooks and Chromebooks are making significant inroads into the enterprise environment. MacBooks are also a common sight on many university campuses. There is no doubt that while Windows may still be the dominant player, it is far from the only one in town.

Now that Chromebooks and MacBooks are a notable, if not significant, part of the education and enterprise environments, they must be afforded the same considerations as Windows devices in those environments when it comes to management. The good news is that there is no lack of available solutions for managing these devices, and the endpoint management landscape is continually evolving and improving.

P.J. Ryan
Research Director, Infrastructure & Operations
Info-Tech Research Group

Executive Summary

Your Challenge

• You modernized your end-user computing strategy and now have Windows 10 devices as well as MacBooks.
• Virtual desktop infrastructure (VDI) and desktop as a service (DaaS) are becoming popular. Chromebooks would be ideal as a low-cost interface into DaaS for your employees.
• You are responsible for the management of all the new Chromebooks in your educational district.
• Windows is no longer the only option. MacBooks and Chromebooks are justified, but now you have to manage them.

Common Obstacles

• Endpoint management solutions typically do a great job at managing one category of devices, like Windows or MacBooks, but they struggle to fully manage alternative endpoints.
• Multiple solutions to manage multiple devices will result in multiple dashboards. A single view would be better.
• One solution may not fit all, but multiple solutions is not desirable either, especially if you have Windows devices, MacBooks, and Chromebooks.

Info-Tech's Approach

• Use the tools at your disposal first – don't needlessly spend money if you don't have to. Many solutions can already manage other types of devices to some degree.
• Use the integration capabilities of endpoint management tools. Many of them can integrate with each other to give you a single interface to manage multiple types of devices while taking advantage of additional functionality.
• Don't purchase capabilities you will never use. Using 80% of a less expensive tool is economically smarter than using 10% of a more expensive tool.

Info-Tech Insight

Managing end-user devices may be accomplished with a variety of solutions, but many of those solutions advocate integration with a Microsoft-friendly solution to take advantage of features such as conditional access, security functionality, and data governance.

Insight Summary

Insight 1

Google Admin Console is necessary to manage Chromebooks, but it can be paired with other tools. Implementation partnerships provide solutions to track the device lifecycle, track the repair lifecycle, sync with Google Admin Console as well as PowerSchool to provide a more complete picture of the user and device, and facilitate reminders to return the device, pay fees if necessary, pick up a device when a repair is complete, and more.

Insight 2

The Google Admin Console allows admins to follow an organizational unit (OU) structure very similar to what they may have used in Microsoft's Active Directory environment. This familiarity makes the task of administering Chromebooks easier for admins.

Insight 3

Chromebook management goes beyond securing and manipulating the device. Controls to protect the students while online, such as Safe Search and Safe Browsing, should also be implemented.

Insight 4

Most companies choose to use a dedicated MacBook management tool. Many unified endpoint management (UEM) tools can manage MacBooks to some extent, but admins tend to agree that a MacBook-focused endpoint management tool is best for MacBooks while a Windows-based endpoint management tool is best for Windows devices.

Insight 5

Some MacBook management solutions advocate integration with Windows UEM solutions to take advantage of Microsoft features such as conditional access, security functionality, and data governance. This approach can also be applied to Chromebooks.

Chromebooks

Chromebooks had a respectable share of the education market before 2020, but the COVID-19 pandemic turbocharged the penetration of Chromebooks in the education industry.

Chromebooks are also catching the attention of some decision makers in the enterprise environment.

"In 2018, Chromebooks represented an incredible 60 percent of all laptop or tablet devices in K-12 -- up from zero percent when the first Chromebook launched during the summer break in 2011."
– "Will Chromebooks Rule the Enterprise?" Computerworld

"Chromebooks were the best performing PC products in Q3 2020, with shipment volume increasing to a record-high 9.4 million units, up a whopping 122% year-on-year."
– Android Police

"Until the pandemic, Chrome OS' success was largely limited to U.S. schools. Demand in 2020 appears to have expanded beyond that small but critical part of the U.S. PC market."
– Geekwire

"In addition to running a huge number of Chrome Extensions and Apps at once, Chromebooks also run Android, Linux and Windows apps."
– "Will Chromebooks Rule the Enterprise?" Computerworld

Managing Chromebooks

Start with the Google Admin Console (GAC)

GAC is necessary to initially manage Chrome OS devices.

GAC gives you a centralized console that will allow you to:

• Create organizational units
• Add your Chromebook devices
• Add users
• Assign users to devices
• Create groups
• Create and assign policies
• Plus more

GAC can facilitate device management with features such as:

• Control admin permissions
• Encryption and update settings
• App deployment, screen timeout settings
• Perform a device wipe if required
• Audit user activity on a device
• Plus more

Device and user addition, group and organizational unit creation and administration, applying policies to devices and users – does all this remind you of your Active Directory environment?

GAC lets you administer users and devices with a similar approach.

Managing Chromebooks

Use Active Directory to manage Chromebooks.

• Enable Active Directory (AD) management from within GAC and you will be able to integrate your Chromebook devices with your AD environment.
• Devices will be visible in both the GAC and AD environment.
• Use Windows Group Policy to manage devices and to push policies to users and devices.
• Users can use their AD username and password to sign into Chromebook devices.
• GAC can still be used for devices that are not synced with AD.

Chromebooks can also be managed through these approved partners:

• Cisco Meraki
• Citrix XenMobile
• IBM MaaS360
• ManageEngine Mobile Device Manager Plus
• VMware Workspace ONE

Source: Google

You must be running the Chrome Enterprise Upgrade and have any licenses required by the approved partner to take advantage of this management option. The partner admin policies supersede GAC.

If you stop using the approved partner admin console to manage your devices, the polices and settings in GAC will immediately take over the devices.

Microsoft still has the market share when it comes to device sales, and many administrators are already familiar with Microsoft's Active Directory. Google took advantage of that familiarity when it designed the Google Admin Console structure for users, groups, and organizational units.

Chromebook Deployment

Chromebook deployment becomes a challenge when device quantities grow. The enrollment process can be time consuming, and every device must be enrolled before it can be used by an employee or a student. Many admins enlist their full IT teams to assist in the short term. Some vendor partners may assist with distribution options if staffing levels permit. Recent developments from Google have opened additional options for device enrollment beyond the manual enrollment approach.

Enrolling Chromebooks comes down to one of two approaches:

1. Manually enrolling one device at a time
   • Users can assist by entering some identifying details during the enrollment if permitted.
   • Some third-party solutions exist, such as USB drives to reduce repetitive keystrokes or hubs to facilitate manually enrolling multiple Chromebooks simultaneously.
2. Google's Chrome Enterprise Upgrade or the Chrome Education Upgrade
   • This allows you to let your users enroll devices after they accept the end-user license agreement.
   • You can take advantage of Google's vendor partner program and use a zero-touch deployment method where the Chromebook devices automatically receive the assigned policies, apps, and settings as soon as the device is powered on and an authorized user signs in.
   • The Enterprise Upgrade and the Education Upgrade do come with an annual cost per device, which is currently less than US$50.
   • The Enterprise and Education Upgrades come with other features as well, such as enhanced security.

Chromebooks are automatically assigned to the top-level organizational unit (OU) when enrolled. Devices can be manually moved to another OU, but admins can also create enrollment policies to place newly enrolled devices in a specific OU or have the device locate itself in the same OU as the user.

Chromebooks in Education

GAC is also used with Education-licensed devices

Most of the settings and features previously mentioned are also available for Education-licensed devices and users. Enterprise-specific features will not be available to Education licenses. (Active Directory integration with Education licenses, for example, is accomplished using a different approach)

• Groups, policies, administrative controls, app deployment and management, adding devices and users, creating organizational units, and more features are all available to Education Admins to use.

Education device policies and settings tend to focus more on protecting the students with controls such as:

• Disable incognito mode
• Disable location tracking
• Disable external storage devices
• Browser based protections such as Safe Search or Safe Browsing
• URL blocking
• Video input disable for websites
• App installation prevention, auto re-install, and app blocking
• Forced re-enrollment to your domain after a device is wiped
• Disable Guest Mode
• Restrict who can sign in
• Audit user activity on a device

When a student takes home a Chromebook assigned to them, that Chromebook may be the only computer in the household. Administrative polices and settings must take into account the fact that the device may have multiple users accessing many different sites and applications when the device is outside of the school environment.

Chromebook Management Extended

An online search for Chromebook management solutions will reveal several software solutions that augment the capabilities of the Google Admin Console. Many of these solutions are focused on the education sector and classroom and student options, although the features would be beneficial to enterprises and educational organizations alike.

These solutions assist or augment Chromebook management with features such as:

• Ability to sync with Google Admin Console
• Ability to sync with student information systems, such as PowerSchool
• Financial management, purchase details, and chargeback
• Asset lifecycle management
• 1:1 Chromebook distribution management
• Repair programs and repair process management
• Check-out/loan program management
• Device distribution/allocation management, including barcode reader integration
• Simple learning material distribution to the classroom for teachers
• Facilitate GAC bulk operations
• Manage inventory of non-IT assets such as projectors, TVs, and other educational assets
• Plus more

"There are many components to managing Chromebooks. Schools need to know which student has which device, which school has which device, and costs relating to repairs. Chromebook Management Software … facilitates these processes."
– VIZOR

MacBooks

• MacBooks are gaining popularity in the Enterprise world.
• Some admins claim MacBooks are less expensive in the long run over Windows-based PCs.
• Users claim less issues when using a MacBook, and overall, companies report increased retention rates when users are using MacBooks.

"Macs now make up 23% of endpoints in enterprises."
– ComputerWeekly.com

"When given the choice, no less than 72% of employees choose Macs over PCs."
– "5 Reasons Mac is a must," Jamf

"IBM says it is 3X more expensive to manage PCs than Macs."
– Computerworld

"74% of those who previously used a PC for work experienced fewer issues now that they use a Mac"
– "Global Survey: Mac in the Enterprise," Jamf

"When enterprise moves to Mac, staff retention rates improve by 20%. That's quite a boost! "
– "5 Reasons Mac is a must," Jamf

Managing MacBooks

Can your existing UEM keep up?

Many Windows unified endpoint management (UEM) tools can manage MacBooks, but most companies choose to use a dedicated MacBook management tool.

• UEM tools that are primarily Windows focused do not typically go deep enough into the management capabilities of non-Windows devices.
• Admins have noted limitations when it comes to using Windows UEM tools, and reasons they prefer a dedicated MacBook management solution include:
  • Easier to use
• Faster response times when deploying settings and policies
• Better control over notification settings and lock screen settings.
• Easier Apple Business Manager (ABM) integration and provisioning.
• Note that not every UEM will have the same limitations or advantages. Functionality is different between vendor products.

Info-Tech Insight

Most Windows UEM tools are constantly improving, and it is only a matter of time before they rival many of the dedicated MacBook management tools out there.

Admins tend to agree that a Windows UEM is best for Windows while an Apple-based UEM is best for Apple devices.

Managing MacBooks

The market for "MacBook-first" management solutions includes a variety of players of varying ages such as:

• Jamf
• Kandji
• Mosyle
• SimpleMDM
• Others

MacBook-focused management tools can provide features such as:

• Encryption and update settings
• App deployment and lifecycle management
• Remote device wipe, scan, shutdown, restart, and lock
• Zero touch deployment and support
• Location tracking
• Browser content filtering
• Enable, hide/block, or disable built-in features
• Configure Wi-Fi, VPN, and certificate-based settings
• Centralized dashboard with device and app listings as well as individual details
• Data restrictions
• Plus more

Unified endpoint management (UEM) solutions that can provide MacBook management to some degree include (but are not limited to):

• Intune
• Ivanti
• Endpoint Central
• WorkspaceOne

Dedicated solutions advocate integration with UEM solutions to take advantage of conditional access, security functionality, and data governance features.

Jamf and Microsoft entered into a collaboration several years ago with the intention of making the MacBook management process easier and more secure.

Microsoft Intune and Jamf Pro: Better together to manage and secure Macs
Microsoft Conditional Access with Jamf Pro ensures that company data is only accessed by trusted users, on trusted devices, using trusted apps. Jamf extends this Enterprise Mobile + Security (EMS) functionality to Mac, iPhone and iPad.
– "Microsoft Intune and Jamf Pro," Jamf

Endpoint Management Selection Tool
Activity

There are many solutions available to manage end-user devices, and they come with a long list of options and features. Clarify your needs and define your requirements before you purchase another endpoint management tool. Don't purchase capabilities that you may never use.

Use the Endpoint Management Selection Tool to identify your desired endpoint solution features and compare vendor solution functionality based on your desired features.

1. List out the desired features you want in an endpoint solution for your devices and record those features in the first column. Use the features provided, or add your own and edit or delete the existing ones if necessary.
2. List your selected endpoint management solution vendors in each of the columns in place of "Vendor 1," "Vendor 2," etc.
3. Fill out the spreadsheet by changing the corresponding desired feature cell under each vendor to a "yes" or "no" based on your findings while investigating each vendor solution.
4. When you have finished your investigation, review your spreadsheet to compare the various offerings and pros and cons of each vendor.
5. Select your endpoint management solution.

Related Info-Tech Research

Modernize and Transform Your End-User Computing Strategy
This project helps support the workforce of the future by answering the following questions: What types of computing devices, provisioning models, and operating systems should be offered to end users? How will IT support devices? What are the policies and governance surrounding how devices are used? What actions are we taking and when? How do end-user devices support larger corporate priorities and strategies?

Best Unified Endpoint Management (UEM) Software 2022 | SoftwareReviews
Compare and evaluate unified endpoint management vendors using the most in-depth and unbiased buyer reports available. Download free comprehensive 40+ page reports to select the best unified endpoint management software for your organization.

Best Enterprise Mobile Management (EMM) Software 2022 | (softwarereviews.com)
Compare and evaluate enterprise mobile management vendors using the most in-depth and unbiased buyer reports available. Download free comprehensive 40+ page reports to select the best enterprise mobile management software for your organization.

Bibliography

Bridge, Tom. "Macs in the enterprise – what you need to know". Computerweekly.com, TechTarget. 27 May 2022. Accessed 12 Aug. 2022.
Copley-Woods, Haddayr. "5 reasons Mac is a must in the enterprise". Jamf.com, Jamf. 28 June 2022. Accessed 16 Aug. 2022.
Duke, Kent. "Chromebook sales skyrocketed in Q3 2020 with online education fueling demand." androidpolice.com, Android Police. 16 Nov 2020. Accessed 10 Aug. 2022.
Elgin, Mike. "Will Chromebooks Rule the Enterprise? (5 Reasons They May)". Computerworld.com, Computerworld. 30 Aug 2019. Accessed 10 Aug. 2022.
Evans, Jonny. "IBM says it is 3X more expensive to manage PCs than Macs". Computerworld.com, Computerworld. 19 Oct 2016. Accessed 23 Aug. 2022.
"Global Survey: Mac in the Enterprise". Jamf.com, Jamf. Accessed 16 Aug. 2022.
"How to Manage Chromebooks Like a Pro." Vizor.cloud, VIZOR. Accessed 10 Aug. 2022.
"Manage Chrome OS Devices with EMM Console". support.google.com, Google. Accessed 16 Aug. 2022.
Protalinski, Emil. "Chromebooks outsold Macs worldwide in 2020, cutting into Windows market share". Geekwire.com, Geekwire. 16 Feb 2021. Accessed 22 Aug. 2022.
Smith, Sean. "Microsoft Intune and Jamf Pro: Better together to manage and secure Macs". Jamf.com, Jamf. 20 April 2022. Accessed 16 Aug. 2022.

Jump Start Your Vendor Management Initiative

Create and implement a vendor management framework to begin obtaining measurable results in 90 days.

EXECUTIVE BRIEF

Analyst Perspective

What is vendor management?

When you read the phrase “vendor management,” what comes to mind? This isn’t a rhetorical question. Take your time … I’ll wait.

Unfortunately, those words conjure up a lot of different meanings, and much of that depends on whom you ask. Those who work in the vendor management field will provide a variety of answers. To complicate matters, those who are vendor management “outsiders” will have a totally different view of what vendor management is. Why is this important? Because we need a common definition to communicate more effectively, even if the definition is broad.

Let’s start creating a working definition that is not circular. Vendor management is not simply managing vendors. That expression basically reorders the words and does nothing to advance our cause; it only adds to the existing confusion surrounding the concept.

Vendor management is best thought of as a spectrum or continuum with many points rather than a specific discipline like accounting or finance. There are many functions and activities that fall under the umbrella term of vendor management: some of them will be part of your vendor management initiative (VMI), some will not, and some will exist in your organization but be outside the VMI. This is the unique part of vendor management – the part that makes it fun, but also the part that leads to the confusion. For example, accounts payable sits within the accounting department almost exclusively, but contract management can sit within or outside the VMI. The beauty of vendor management is its flexibility; your VMI can be created to meet your specific needs and goals while leveraging common vendor management principles.

Every conversation around vendor management needs to begin with “What do you mean by that?” Only then can we home in on the scope and nature of what people are discussing. “Managing vendors” is too narrow because it often ignores many of the reasons organizations create VMIs in the first place: to reduce costs, to improve performance, to improve processes, to improve relationships, to improve communication, and to manage risk better.

Vendor management is a strategic initiative that takes the big picture into account … navigating the cradle to grave lifecycle to get the most out of your interactions and relationships with your vendors. It is flexible and customizable; it is not plug and play or overly prescriptive. Tools, principles, templates, and concepts are adapted rather than adopted as is. Ultimately, you define what vendor management is for your organization.

We look forward to helping you on your vendor management journey no matter what it looks like. But first, let’s have a conversation about how you want to define vendor management in your environment.

Phil Bode
Principal Research Director, Vendor Management
Info-Tech Research Group

Executive Summary

Your Challenge

Each year, IT organizations “outsource” tasks, activities, functions, and other items. During 2021:

• Spend on as-a-service providers increased 38% over 2020.*
• Spend on managed service providers increased 16% over 2020.*
• IT service providers increased their merger and acquisition numbers by 47% over 2020.*

*Source: Information Services Group, Inc., 2022.

Common Obstacles

As new contracts are negotiated and existing contracts are renegotiated or renewed, there is a perception that the contracts will yield certain results, output, performance, solutions, or outcomes. The hope is that these will provide a measurable expected value to IT and the organization. Oftentimes, much of the expected value is never realized. Many organizations don’t have a VMI to help:

• Ensure at least the expected value is achieved.
• Improve on the expected value through performance management.
• Significantly increase the expected value through a proactive VMI.

Info-Tech’s Approach

Vendor management is a proactive, cross-functional lifecycle. It can be broken down into four phases:

• Plan
• Build
• Run
• Review

The Info-Tech process addresses all four phases and provides a step-by-step approach to configure and operate your VMI. The content in this blueprint helps you quickly establish your VMI and set a solid foundation for its growth and maturity.

Info-Tech Insight

Vendor management is not a one-size-fits-all initiative. It must be configured:

• For your environment, culture, and goals.
• To leverage the strengths of your organization and personnel.
• To focus your energy and resources on your critical vendors.

Executive Summary

Your Challenge

Spend on managed service providers and as-a-service providers continues to increase. In addition, IT services vendors continue to be active in the mergers and acquisitions arena. This increases the need for a VMI to help with the changing IT vendor landscape. In 2021, there was increases of:

38%

Spend on As-a-Service Providers

16%

Spend on Managed Services Providers

47%

IT Services Merger & Acquisition Growth (Transactions)

Source: Information Services Group, Inc., 2022.

Executive Summary

Common Obstacles

When organizations execute, renew, or renegotiate a contract, there is an “expected value” associated with that contract. Without a robust VMI, most of the expected value will never be realized. With a robust VMI, the realized value significantly exceeds the expected value during the contract term.

A contract’s realized value with and without a vendor management initiative

Source: Based on findings from Geller & Company, 2003.

Executive Summary

Info-Tech’s Approach

A sound, cyclical approach to vendor management will help you create a VMI that meets your needs and stays in alignment with your organization as they both change (i.e. mature and grow).

Info-Tech’s Methodology for Creating and Operating Your VMI

Insight Summary

Insight 1

Vendor management is not “plug and play” – each organization’s vendor management initiative (VMI) needs to fit its culture, environment, and goals. While there are commonalities and leading practices associated with vendor management, your initiative won’t look exactly like another organization’s. The key is to adapt vendor management principles to fit your needs.

Insight 2

All vendors are not of equal importance to your organization. Internal resources are a scarce commodity and should be deployed so that they provide the best return on the organization’s investment. Classifying or segmenting your vendors allows you to focus your efforts on the most important vendors first, allowing your VMI to have the greatest impact possible.

Insight 3

Having a solid foundation is critical to the VMI’s ongoing success. Whether you will be creating a formal vendor management office or using vendor management techniques, tools, and templates “informally,” starting with the basics is essential. Make sure you understand why the VMI exists and what it hopes to achieve, what is in and out of scope for the VMI, what strengths the VMI can leverage and the obstacles it will have to address, and how it will work with other areas within your organization.

Blueprint Deliverables

The four phases of creating and running a vendor management initiative are supported with configurable tools, templates, and checklists to help you stay aligned internally and achieve your goals.

VMI Tools and Templates

Build a solid foundation for your VMI and configure tools and templates to help you manage your vendor relationships.

Key Deliverables:

1. Jump – Phase 1 Tools and Templates Compendium
2. Jump – Phase 2 Tools and Templates Compendium
3. Jump – Phase 2 Vendor Classification Tool
4. Jump – Phase 2 Vendor Risk Assessment Tool

A suite of tools and templates to help you create and implement your vendor management initiative.

Blueprint benefits

IT Benefits

• Identify and manage risk proactively.
• Reduce costs and maximize value.
• Increase visibility with your critical vendors.
• Improve vendor performance.
• Create a collaborative environment with key vendors.
• Segment vendors to allocate resources more effectively and more efficiently.

Business Benefits

• Improve vendor accountability.
• Increase collaboration between departments.
• Improve working relationships with your vendors.
• Create a feedback loop to address vendor or customer issues before they get out of hand or are more costly to resolve.
• Increase access to meaningful data and information regarding important vendors.

Establish Baseline Metrics

Baseline metrics will be improved through:

Using the Maturity Assessment and 90-Day Plan tools, track how well you are able to achieve your goals and objectives:

• Did you meet the targeted maturity level for each maturity category as determined by the point system?
• Did you finish each activity in the 90-Day Plan completely and on time?

Info-Tech offers various levels of support to best suit your needs

DIY Toolkit

“Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

Guided Implementation

“Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

Workshop

“We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

Consulting

“Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

Diagnostics and consistent frameworks used throughout all four options

Guided Implementation

What does a typical GI on this topic look like?

Workshop Overview

Contact your account representative for more information.
workshops@infotech.com 1-888-670-8889

Phase 1: Plan

Get Organized

1.1 Mission Statement and Goals
1.2 Scope
1.3 Strengths and Obstacles
1.4 Roles and Responsibilities
1.5 Process Mapping
1.6 Charter
1.7 Vendor Inventory
1.8 Maturity Assessment
1.9 Structure

This phase will walk you through the following activities:

Organize your VMI and document internal processes, relationships, roles, and responsibilities. The main outcomes from this phase are organizational documents, a baseline VMI maturity level, and a desired future state for the VMI.

This phase involves the following participants:

• VMI team
• Applicable stakeholders and executives
• Procurement/Sourcing
• IT
• Others as needed

Jump Start Your Vendor Management Initiative

Phase 1: Plan

Get organized.

Phase 1: Plan focuses on getting organized. Foundational elements (mission statement, goals, scope, strengths and obstacles, roles and responsibilities, and process mapping) will help you define your VMI. These and the other elements of this Phase will follow you throughout the process of standing up your VMI and running it.

Spending time up front to ensure that everyone is on the same page will help avoid headaches down the road. The tendency is to skimp (or even skip) on these steps to get to “the good stuff.” To a certain extent, the process provided here is like building a house. You wouldn’t start building your dream home without having a solid blueprint. The same is true with vendor management. Leveraging vendor management tools and techniques without the proper foundation may provide some benefit in the short term, but in the long term it will ultimately be a house of cards waiting to collapse.

Step 1.1: Mission statement and goals

Identify why the VMI exists and what it will achieve.

Whether you are starting your vendor management journey or are already down the path, it is important to know why the vendor management initiative exists and what it hopes to achieve. The easiest way to document this is with a written declaration in the form of a mission statement and goals. Although this is the easiest way to proceed, it is far from easy.

The mission statement should identify at a high level the nature of the services provided by the VMI, who it will serve, and some of the expected outcomes or achievements. The mission statement should be no longer than one or two sentences.

The complement to the mission statement is the list of goals for the VMI. Your goals should not be a reassertion of your mission statement in bullet format. At this stage it may not be possible to make them SMART (Specific, Measurable, Achievable/Attainable, Relevant, Time-Bound/Time-Based), but consider making them as SMART as possible. Without some of the SMART parameters attached, your goals are more like dreams and wishes. At a minimum, you should be able to determine the level of success achieved for each of the VMI goals.

Although the VMI’s mission statement will stay static over time (other than for significant changes to the VMI or organization as a whole), the goals should be re-evaluated periodically using a SMART filter and adjusted as needed.

1.1.1: Mission statement and goals

20-40 minutes

1. Meet with the participants and use a brainstorming activity to list on a whiteboard or flip chart the reasons why the VMI will exist.
2. Review external mission statements for inspiration.
3. Review internal mission statements from other areas to ensure consistency.
4. Draft and document your mission statement in the Phase 1 Tools and Templates Compendium, Tab 1.1 Mission Statement and Goals.
5. Continue brainstorming and identify the high-level goals for the VMI.
6. Review the list of goals and make them as SMART (Specific, Measurable, Achievable/Attainable, Relevant, Time-Bound/Time-Based) as possible.
7. Document your goals in the Phase 1 Tools and Templates Compendium, Tab 1.1 Mission Statement and Goals.
8. Obtain sign-off on the mission statement and goals from stakeholders and executives as required.

Input

• Brainstorming results
• Mission statements from other internal and external sources

Output

• Completed mission statement and goals

Materials

• Whiteboard/Flip Charts
• Jump – Phase 1 Tools and Templates Compendium, Tab 1.1 Mission Statement and Goals

Participants

• VMI team
• Applicable stakeholders and executives (as needed)

Step 1.2: Scope

Determine what is in scope and out of scope for the VMI

Regardless of where your VMI resides or how it operates, it will be working with other areas within your organization. Some of the activities performed by the VMI will be new and not currently handled by other groups or individuals internally; at the same time, some of the activities performed by the VMI may be currently handled by other groups or individuals internally. In addition, executives, stakeholders, and other internal personnel may have expectations or make assumptions about the VMI. As a result, there can be a lot of confusion about what the VMI does and doesn’t do, and the answers cannot always be found in the VMI’s mission statement and goals.

One component of helping others understand the VMI landscape is formalizing the VMI scope. The scope will define boundaries for the VMI. The intent is not to fence itself off and keep others out but provide guidance on where the VMI’s territory begins and ends. Ultimately, this will help clarify the VMI’s roles and responsibilities, improve workflow, and reduce errant assumptions.

When drafting your VMI scoping document, make sure you look at both sides of the equation (similar to what you would do when following best practices for a statement of work): Identify what is in scope and what is out of scope. Be specific when describing the individual components of the VMI scope, and make sure executives and stakeholders are on board with the final version.

1.2.1: Scope

20-40 minutes

1. Meet with the participants and use a brainstorming activity to list on a whiteboard or flip chart the activities and functions in scope and out of scope for the VMI.
   1. Be specific to avoid ambiguity and improve clarity.
   2. Go back and forth between in scope and out of scope as needed; it is not necessary to list all of the in-scope items and then turn your attention to the out-of-scope items.
2. Review the lists to make sure there is enough specificity. An item may be in scope or out of scope but not both.
3. Use the Phase 1 Tools and Templates Compendium, Tab 1.2 Scope, to document the results.
4. Obtain sign-off on the scope from stakeholders and executives as required.

Input

• Brainstorming
• Mission statement and goals

Output

• Completed list of items in and out of scope for the VMI

Materials

• Whiteboard/Flip Charts
• Jump – Phase 1 Tools and Templates Compendium, Tab 1.2 Scope

Participants

• VMI team
• Applicable stakeholders and executives (as needed)

Step 1.3: Strengths and obstacles

Pinpoint the VMI’s strengths and obstacles.

A SWOT analysis (strengths, weaknesses, opportunities, and threats) is a valuable tool, but it is overkill for your VMI at this point. However, using a modified and simplified form of this tool (strengths and obstacles) will yield significant results and benefit the VMI as it grows and matures.

Your output will be two lists: the strengths associated with the VMI and the obstacles facing the VMI. For example, strengths could include items such as smart people working within the VMI and executive support. Obstacles could include items such as limited headcount and training required for VMI staff.

The goals are 1) to harness the strengths to help the VMI be successful and 2) to understand the impact of the obstacles and plan accordingly. The output can also be used to enlighten executives and stakeholders about the challenges associated with their directives or requests (e.g. human bandwidth may not be sufficient to accomplish some of the vendor management activities and there is a moratorium on hiring until the next budget year).

For each strength identified, determine how you will or can leverage it when things are going well or when the VMI is in a bind. For each obstacle, list the potential impact on the VMI (e.g. scope, growth rate, and number of vendors that can actively be part of the VMI).

As you do your brainstorming, be as specific as possible and validate your lists with stakeholders and executives as needed.

1.3.1: Strengths and obstacles

20-40 minutes

1. Meet with the participants and use a brainstorming activity to list on a whiteboard or flip chart the VMI’s strengths and obstacles.
   1. Be specific to avoid ambiguity and improve clarity.
   2. Go back and forth between strengths and obstacles as needed; it is not necessary to list all of the strengths and then turn your attention to the obstacles.
   3. It is possible for an item to be a strength and an obstacle; when this happens, add details to distinguish the situations.
2. Review the lists to make sure there is enough specificity.
3. Determine how you will leverage each strength and how you will manage each obstacle.
4. Use the Phase 1 Tools and Templates Compendium, Tab 1.3 Strengths and Obstacles, to document the results.
5. Obtain sign-off on the strengths and obstacles from stakeholders and executives as required.

Download the Info-Tech Jump – Phase 1 Tools and Templates Compendium

Input

• Brainstorming
• Mission statement and goals
• Scope

Output

• Completed list of items impacting the VMI’s ability to be successful: strengths the VMI can leverage and obstacles the VMI must manage

Materials

• Whiteboard/Flip Charts
• Jump – Phase 1 Tools and Templates Compendium, Tab 1.3 Strengths and Obstacles

Participants

• VMI team
• Applicable stakeholders and executives (as needed)

Step 1.4: Roles and responsibilities

Obtain consensus on who is responsible for what.

One crucial success factor for VMIs is gaining and maintaining internal alignment. There are many moving parts to an organization, and a VMI must be clear on the various roles and responsibilities related to the relevant processes. Some of this information can be found in the VMI’s scope, referenced in Step 1.2, but additional information is required to avoid stepping on each other’s toes since many of the processes require internal departments to work together. (For example, obtaining requirements for a request for proposal takes more than one person or one department to complete this process.) While it is not necessary to get too granular, it is imperative that you have a clear understanding of how the VMI activities will fit within the larger vendor management lifecycle (which is comprised of many sub processes) and who will be doing what.

As we have learned through our workshops and guided implementations, a traditional RACI* or RASCI* chart does not work well for this purpose. These charts are not intuitive, and they lack the specificity required to be effective. For vendor management purposes, a higher-level view and a slightly different approach provide much better results.

This step will lead your through the creation of an OIC* chart to determine vendor management lifecycle roles and responsibilities. Afterward, you’ll be able to say, “Oh, I see clearly who is involved in each part of the process and what their role is.”

*RACI – Responsible, Accountable, Consulted, Informed
*RASCI – Responsible, Accountable, Support, Consulted, Informed
*OIC – Owner, Informed, Contributor

Step 1.4: Roles and responsibilities (cont.)

Obtain consensus on who is responsible for what.

To start, define the vendor management lifecycle steps or process applicable to your VMI. Next, determine who participates in the vendor management lifecycle. There is no need to get too granular – think along the lines of departments, subdepartments, divisions, agencies, or however you categorize internal operational units. Avoid naming individuals other than by title; this typically happens when a person oversees a large group (e.g. the CIO [chief information officer] or the CPO [chief procurement officer]). Be thorough, but the chart can get out of hand quickly. For each role and step of the lifecycle, ask whether the entry is necessary – does it add value to the clarity of understanding the responsibilities associated with the vendor management lifecycle? Consider two examples, one for roles and one for lifecycle steps: 1) Is IT sufficient or do you need IT Operations and IT Development? 2) Is “negotiate contract documents” sufficient or do you need “negotiate the contract” and “negotiate the renewal”? The answer will always depend on your culture and environment, but be wary of creating a spreadsheet that requires an 85-inch monitor to view it in its entirety.

After defining the roles (departments, divisions, agencies) and the vendor management lifecycle steps or process, assign one of three letters to each box in your chart:

• O – Owner – who owns the process; they may also contribute to it.
• I – Informed – who is informed about the progress or results of the process.
• C – Contributor – who contributes or works on the process; it can be tangible or intangible contributions.

This activity can be started by the VMI or done as a group with representatives from each of the named roles. If the VMI starts the activity, the resulting chart should be validated by the each of the named roles.

1.4.1: Roles and responsibilities

1-6 hours

1. Meet with the participants and configure the OIC Chart in the Jump – Phase 1 Tools and Templates Compendium, Tab 1.4 OIC Chart.
   1. Review the steps or activities across the top of the chart and modify as needed.
   2. Review the roles listed along the left side of the chart and modify as needed.
2. For each activity or step across the top of the chart, assign each role a letter – O for owner of that activity or step; I for informed; or C for contributor. Use only one letter per cell.
3. Work your way across the chart. Every cell should have an entry or be left blank if it is not applicable.
4. Review the results and validate that every activity or step has an O assigned to it; there must be an owner for every activity or step.
5. Obtain sign-off on the OIC chart from stakeholders and executives as required.

Download the Info-Tech Jump – Phase 1 Tools and Templates Compendium

Input

• A list of activities or steps to complete a project, starting with requirements gathering and ending with ongoing risk management
• A list of internal areas (departments, divisions, agencies, etc.) and stakeholders that contribute to completing a project

Output

• Completed OCI chart indicating roles and responsibilities for the VMI and other internal areas

Materials

• Jump – Phase 1 Tools and Templates Compendium, Tab 1.4 OIC Chart

Participants

• VMI team
• Procurement/Sourcing
• IT
• Representatives from other areas as needed
• Applicable stakeholders and executives as needed

Step 1.5: Process mapping

Diagram the workflow.

Although policies and procedures are important, their nature can make it difficult to grasp how things work at a high level (or even at the detail level). To help bridge the gap, map the applicable processes (determined by how deep and wide you want to go) involving the VMI. To start, look at the OIC chart from Step 1.4. You can expand the breadth and depth of your mapping to include the VMI scope, the 3-year roadmap (see Step 2.9), and the processes driven by the day-to-day work within the VMI.

Various mapping tools can be used. Three common approaches that can be mixed and matched are:

• Traditional flowcharts.
• Swimlane diagrams.
• Work breakdown structures.

Step 1.5: Process mapping (cont.)

Diagram the workflow.

Your goal is not to create an in-depth diagram for every step of the vendor management lifecycle. However, for steps owned by the VMI, the process map should include sufficient details for the owner and the contributors (see Step 1.4) to understand what is required of them to support that step in the lifecycle.

For VMI processes that don’t interact with other departments, follow the same pattern as outlined above for steps owned by the VMI.

Whatever methodology you use to create your process map, make sure it includes enough details so that readers and users can identify the following elements:

• Input:
  • What are the inputs?
  • Where do the inputs originate or come from?
• Process:
  • Who is involved/required for this step?
  • What happens to the inputs in this step?
  • What additional materials, tools, or resources are used or required during this step?
• Output:
  • What are the outputs?
  • Where do the outputs go next?

1.5.1: Process Mapping

1-8 hours (or more)

1. Meet with the participants and determine which processes you want to map.
   1. For processes owned by the VMI, map the entire process.
   2. For processes contributed to by the VMI, map the entire process at a high level and map the VMI portion of the process in greater detail.
2. Select the right charts/diagrams for your output.
   1. Flowchart
   2. Swimlane diagram
   3. Modified SIPOC (Supplier, Input, Process, Output, Customer)
   4. WBS (work breakdown structure)
3. Begin mapping the processes either in a tool or using sticky notes. You want to be able to move the steps and associated information easily; most people don’t map the entire process accurately or with sufficient detail the first time through. An iterative approach works best.
4. Obtain signoff on the process maps from stakeholders and executives as required. A copy of the final output can be kept in the Jump – Phase 1 Tools and Templates Compendium, Tab 1.5 Process Mapping, if desired.

Download the Info-Tech Jump – Phase 1 Tools and Templates Compendium

Input

• Existing processes (formal, informal, documented, and undocumented)
• OIC chart

Output

• Process maps for processes contributed to or owned by the VMI

Materials

• Sticky Notes
• Flowchart/process mapping software or something similar
• (Optional) Jump – Phase 1 Tools and Templates Compendium, Tab 1.5 Process Mapping

Participants

• VMI team
• Procurement/Sourcing
• IT
• Representatives from other areas as needed
• Applicable stakeholders and executives (as needed)

Step 1.6: Charter

Document how the VMI will operate.

As you continue getting organized by working through steps 1.1-1.5, you may want to document your progress in a charter and add some elements. Basically, a charter is a written document laying out how the VMI will operate within the organization. It clearly states the VMI’s mission, goals, scope, roles and responsibilities, and vendor governance model. In addition, it can include a list of team members and sponsors.

Whether you create a VMI charter will largely depend on:

• Your organization’s culture.
• Your organization’s formality.
• The perceived value of creating a charter.

If you decide to create a VMI charter, this is a good place in the process to create an initial draft. As you continue working through the blueprint and your VMI matures, update the VMI charter as needed.

VMI Charter:

• Purpose
• Sponsors
• Roles
• Responsibilities
• Governance

1.6.1: Charter

1-4 hours

1. Meet with the participants and review the template in Jump – Phase 1 Tools and Templates Compendium, Tab 1.6 Charter.
2. Determine whether the participants will use this template or add materials to your standard charter template.
3. Complete as much of the charter as possible, knowing that some information may not be available until later.
4. Return to the charter as needed until it is completed.
5. Obtain sign-off on the charter from stakeholders and executives as required.

Download the Info-Tech Jump – Phase 1 Tools and Templates Compendium

Input

• Mission statement and goals
• Scope
• Strengths and obstacles
• OIC chart
• List of stakeholders and executives and their VMI roles and responsibilities

Output

• Completed VMI charter

Materials

• Jump – Phase 1 Tools and Templates Compendium, Tab 1.6 Charter
• Your organization’s standard charter document

Participants

• VMI team
• Applicable stakeholders and executives (as needed)

Step 1.7: Vendor inventory

Compile a list of vendors and relevant vendor information.

As you prepare your VMI for being operational, it’s critical to identify all of your current vendors providing IT products or services to the organization. This can be tricky and may depend on how you view things internally. For example, you may have traditional IT vendors that are managed by IT, and you may have IT vendors that are managed by other internal departments (shadow IT or out-in-the-open IT). If it wasn’t determined with the help of stakeholders and executives before now, make sure you establish the purview of the VMI at this point. What types of vendors are included and excluded from the VMI?

You may find that a vendor can be included and excluded based on the product or service they provide. A vendor may provide a service that is managed by IT and a service that is managed/controlled by another department. In this instance, a good working relationship and clearly defined roles and responsibilities between the VMI and the other department will be required. But, it all starts with compiling a list of vendors and validating the VMI’s purview (and any limitations) for the vendors with stakeholders and executives.

Step 1.7: Vendor inventory (cont.)

Compile a list of vendors and relevant vendor information.

At a minimum, the VMI should be able to quickly retrieve key information about each of “its” vendors:

• Vendor Name
• Classification (see Steps 2.1 and 3.1)
• Categories of Service
• Names of Products and Services Provided
• Brief Descriptions of Products and Services Provided
• Annualized Vendor Spend
• Vendor Contacts
• Internal Vendor Relationship Owner

Not all of this information will be available at this point, but you can begin designing or configuring your tool to meet your needs. As your VMI enters Phase 3: Run and continues to mature, you will return to this tool and update the information. For example, the vendor classification category won’t be known until Phase 3, and it can change over time.

1.7.1: Vendor inventory

1-10 hours

Meet with the participants and review the Jump – Phase 1 Tools and Templates Compendium, Tab 1.7 Vendor Inventory. Determine whether the VMI wants to collect and/or monitor additional information and make any necessary modifications to the tool.

Enter the “Annual IT Vendor Spend” amount in the appropriate cell toward the top of the spreadsheet. This is for IT spend for vendor-related activities within the VMI’s scope; include shadow IT spend and “non-shadow” IT spend if those vendors will be included in the VMI’s scope.

Populate the data fields for your top 50 vendors by annual spend; you may need multiple entries for the same vendor depending on the nature of the products and services they provide.

Ignore the “Classification” column for now; you will return to this later when classification information is available.

Ignore the “Percentage of IT Budget” column as well; it uses a formula to calculate this information.

Input

• Data from various internal and external sources such as accounts payable, contracts, and vendor websites

Output

• List of vendors with critical information required to manage relationships with key vendors

Materials

• Jump – Phase 1 Tools and Templates Compendium, Tab 1.7 Vendor Inventory

Participants

• VMI team (directly)
• Other internal and external personnel (indirectly)

Download the Info-Tech Jump – Phase 1 Tools and Templates Compendium

Step 1.8: Maturity assessment

Establish a VMI maturity baseline and set an ideal future state.

Knowing where you are and where you want to go are essential elements for any journey in the physical world, and the same holds true for your VMI journey. Start by assessing your current-state VMI maturity. This will provide you with a baseline to measure progress against. Next, using the same criteria, determine the level of VMI maturity you would like to achieve one year in the future. This will be your future-state VMI maturity. Lastly, identify the gaps and plot your course.

The maturity assessment provides three main benefits:

1. Focus – you’ll know what is important to you moving forward.
2. 3-Year Roadmap (discussed more fully in Step 2.9) – you’ll have additional input for your short-term and long-term roadmap (1, 2, and 3 years out).
3. Quantifiable Improvement – you’ll be able to measure your progress and make midcourse corrections when necessary.

Step 1.8: Maturity assessment (cont.)

Establish a VMI maturity baseline and set an ideal future state.

The Info-Tech VMI Maturity Assessment tool evaluates your maturity across several criteria across multiple categories. Once completed, the assessment will specify:

• A current-state score by category and overall.
• A target-state score by category and overall.
• A quantifiable gap for each criterion.
• A priority assignment for each criterion.
• A level of effort required by criterion to get from the current state to the target state.
• A target due date by criterion for achieving the target state.
• A rank order for each criterion (note: limit your ranking to your top 7 or 9).

Many organizations will be tempted to mature too quickly. Resource constraints and other items from Step 1.3 (Strengths and Obstacles) will impact how quickly you can mature. Being aggressive is fine, but it must be tempered with a dose of reality. Otherwise, morale, perception, and results can suffer.

1.8.1: Maturity assessment

45-90 minutes

1. Meet with the participants and use Jump – Phase 1 Tools and Templates Compendium, Tab 1.8 Maturity Assessment Input, to complete the first part of this activity. Provide the required information indicated below.
   1. Review each statement in column B and enter a value in the “Current” column using the drop-down menus based on how much you disagree or agree (0-4) with the statement. This establishes a baseline maturity.
   2. Repeat this process for the “Future” column using a target date of one year from now to achieve this level. This is your desired maturity.
   3. Enter information regarding priority, level of effort, and target due date in the applicable columns using the drop-down menus. (Priority levels are critical, high, medium, low, and maintain; Levels of Effort are high, medium, and low; Target Due Dates are broken into timelines: 1-3 months, 4-6 months, 7-9 months, and 10-12 months.)
2. Review the information on Jump – Phase 1 Tools and Templates Compendium, Tab 1.8 Maturity Assessment Output; use the Distribution Tables to help you rank your top priorities. Enter a unique number into the Priority (Rank) column. Limit your ranking to the top 7 to 9 activities to provide focus.

Input

• Knowledge of current VMI practices and desired future states

Output

• VMI maturity baseline
• Desired VMI target maturity state (in one year)
• Prioritized areas to improve and due dates
• Graphs and tables to identify maturity deltas and track progress

Materials

• Jump – Phase 1 Tools and Templates Compendium, Tab 1.8 Maturity Assessment Input
• Jump – Phase 1 Tools and Templates Compendium, Tab 1.8 Maturity Assessment Output

Participants

• VMI team
• Applicable stakeholders and executives (as needed)

Step 1.9: Structure

Determine the VMI’s organizational and reporting structure.

There are two parts to the VMI structure:

1. Organization Structure. Who owns the VMI – where does it fit on the organization chart?
2. Reporting Structure. What is the reporting structure within the VMI – what are the job functions, titles, and solid and dotted lines of accountability?

VMI Organization Structure

The decision regarding who owns the VMI can follow one of two paths:

1. The decision has already been made by the board of directors, executives, senior leadership, or stakeholders; OR
2. The decision has not been made, and options will be reviewed and evaluated before it is implemented.

Many organizations overlook the importance of this decision. The VMI’s position on the organization chart can aid or hinder its success. Whether the decision has already been made or not, this is the perfect time to evaluate the decision or options based on the following question: Why is the VMI being created and how will it operate? Review the documents you created during Steps 1.1-1.8 and other factors to answer this question.

Step 1.9: Structure (cont.)

Determine the VMI’s organizational and reporting structure.

Based on your work product from Steps 1.1-1.8 and other factors, select where the VMI will be best located from the following areas/offices or their equivalent:

• Chief Compliance Officer (CCO)
• Chief Information Officer (CIO)
• Chief Financial Officer (CFO)
• Chief Procurement Officer (CPO)
• Chief Operating Officer (COO)
• Other area

Without the proper support and placement in the organization chart, the VMI can fail. It is important for the VMI to find a suitable home with a direct connection to one of the sponsors identified above and for the VMI lead to have significant stature (aka title) within the organization. For example, if the VMI lead is a “manager” level who is four reporting layers away from the chief officer/sponsor, the VMI will have an image issue within and outside of the sponsor’s organization (as well as within the vendor community). While this is not to say that the VMI lead should be a vice president* or senior director, our experience and research indicate that the VMI and the VMI lead will be taken more seriously when the VMI lead is at least a director level reporting directly to a CXO.

*For purposes of the example above, the reporting structure hierarchy used is manager, senior manager, director, senior director, vice president, CXO.

Step 1.9: Structure (cont.)

Determine the VMI’s organizational and reporting structure.

VMI Reporting Structure

As previously mentioned, the VMI reporting structure describes and identifies the job functions, titles, and lines of accountability. Whether you have a formal vendor management office or you are leveraging the principles of vendor management informally, your VMI reporting structure design will involve some solid lines and some dotted lines. In this instance, the dotted lines represent part-time participation or people/areas that will assist the VMI in some capacity. For example, if the VMI sits within IT, a dotted line to Procurement will show that a good working relationship is required for both parties to succeed; or a dotted line to Christina in Legal will indicate that Christina will be helping the VMI with legal issues.

There is no one-size-fits-all reporting structure for VMIs, and your approach must leverage the materials from Steps 1.1-1.8, your culture, and your needs. By way of example, your VMI may include some or all of the following functions:

• Contract Management
• Relationship Management
• Financial Management
• Asset Management
• Performance Management
• Sourcing/Procurement
• Risk Management

Step 1.9: Structure (cont.)

Determine the VMI’s organizational and reporting structure.

Once you’ve identified the functional groups, you can assign titles, responsibilities, and reporting relationships. A good diagram goes a long way to helping others understand your organization. Traditional organization charts work well with VMIs, but a target diagram allows for rapid absorption of the dotted-line relationships. Review the two examples below and determine an approach that works best for you.

1.9.1: Structure

15-60 minutes

1. Meet with the participants and review decisions that have been made or options that are available regarding the VMI’s placement in the organization chart.
   1. Common options include the Chief Information Officer (CIO), Chief Financial Officer (CFO), or Chief Procurement Officer (CPO).
   2. Less common but viable options include the Chief Compliance Officer (CCO), Chief Operating Officer (COO), or another area.
2. Brainstorm and determine the job functions and titles
3. Define the reporting structure within the VMI.
4. Identify the “dotted line” relationships between the VMI and other internal areas.
5. Using flowchart, org. chart, or other similar software, reduce your results to a graphic representation that indicates where the VMI resides, its reporting structure, and its dotted-line relationships.
6. Obtain sign-off on the structure from stakeholders and executives as required. A copy of the final output can be kept in the Jump – Phase 1 Tools and Templates Compendium, Tab 1.9 Structure, if desired.

Input

• Mission statement and goals
• Scope
• Maturity assessment results (current and target state)
• Existing org. charts
• Brainstorming

Output

• Completed org. chart with job titles and reporting structure

Materials

• Whiteboard/flip chart
• Sticky notes
• Flowchart/org. chart software or something similar
• (Optional) Jump – Phase 1 Tools and Templates Compendium, Tab 1.9 Structure

Participants

• VMI team
• VMI sponsor
• Stakeholders and executives

Phase 2: Build

Create and Configure Tools, Templates, and Processes

This phase will walk you through the following activities:

Configure and create the tools and templates that will help you run the VMI. The main outcomes from this phase are a clear understanding of which vendors are important to you, the tools to manage the vendor relationships, and an implementation plan.

This phase involves the following participants:

• VMI team
• Applicable stakeholders and executives
• Human Resources
• Legal
• Others as needed

Jump Start Your Vendor Management Initiative

Phase 2: Build

Create and configure tools, templates, and processes.

Phase 2: Build focuses on creating and configuring the tools and templates that will help you run your VMI. Vendor management is not a plug-and-play environment, and unless noted otherwise, the tools and templates included with this blueprint require your input and thought. The tools and templates must work in concert with your culture, values, and goals. That will require teamwork, insights, contemplation, and deliberation.

During this Phase, you’ll leverage the various templates and tools included with this blueprint and adapt them for your specific needs and use. In some instances, you’ll be starting with mostly a blank slate; while in others, only a small modification may be required to make it fit your circumstances. However, it is possible that a document or spreadsheet may need heavy customization to fit your situation. As you create your VMI, use the included materials for inspiration and guidance purposes rather than as absolute dictates.

Step 2.1: Classification model

Configure the COST Vendor Classification Tool.

One of the functions of a VMI is to allocate the appropriate level of vendor management resources to each vendor since not all vendors are of equal importance to your organization. While some people may be able intuitively to sort their vendors into vendor management categories, a more objective, consistent, and reliable model works best. Info-Tech’s COST model helps you assign your vendors to the appropriate vendor management category so that you can focus your vendor management resources where they will do the most good.

COST is an acronym for Commodity, Operational, Strategic, and Tactical. Your vendors will occupy one of these vendor management categories, and each category helps you determine the nature of the resources allocated to that vendor, the characteristics of the relationship desired by the VMI, and the governance level used.

The easiest way to think of the COST model is as a 2x2 matrix or graph. The model should be configured for your environment so that the criteria used for determining a vendor’s classification align with what is important to you and your organization. However, at this point in your VMI’s maturation, a simple approach works best. The Classification Model included with this blueprint requires minimal configuration to get you started and that is discussed on the activity slide associated with this Step 2.1.

Step 2.1: Classification model (cont.)

Configure the COST Vendor Classification Tool.

Common Characteristics by Vendor Management Category

Source: Compiled in part from Stephen Guth, “Vendor Relationship Management Getting What You Paid for (And More)”

2.1.1: Classification Model

15-30 minutes

1. Meet with the participants to configure the spend ranges in Jump – Phase 2 Vendor Classification Tool, Tab 1. Configuration, for your environment.
2. Sort the data from Jump – Phase 1 Tools and Templates Compendium, Tab 1.7 Vendor Inventory, by spend; if you used multiple line items for a vendor in the Vendor Inventory tab, you will have to aggregate the spend data for this activity.
3. Update cells F14-J14 in the Classification Model based on your actual data.
   1. Cell F14 – set the boundary at a point between the spend for your 10th and 11th ranked vendors. For example, if the 10th vendor by spend is $1,009,850 and the 11th vendor by spend is $980,763, the range for F14 would be $1,000,00+.
   2. Cell G14 – set the bottom of the range at a point between the spend for your 30th and 31st ranked vendors; the top of the range will be $1 less than the bottom of the range specified in F14.
   3. Cell H14 – set the bottom of the range slightly below the spend for your 50th ranked vendor; the top of the range will be $1 less than the bottom of the range specified in G14.
   4. Cells I14 and J14 – divide the remaining range in half and split it between the two cells; for J14 the range will be $0 to $1 less than the bottom range in I14.
4. Ignore the other variables at this time.

Download the Info-Tech Jump – Phase 2 Vendor Risk Assessment Tool

Input

• Jump – Phase 1 Tools and Templates Compendium, Tab 1.7 Vendor Inventory

Output

• Configured Vendor Classification Tool

Materials

• Jump – Phase 2 Vendor Classification Tool, Tab 1. Configuration

Participants

• VMI team

Step 2.2: Risk assessment tool

Identify risks to measure, monitor, and report on.

One of the typical drivers of a VMI is risk management. Organizations want to get a better handle on the various risks their vendors pose. Vendor risks originate from many areas: financial, performance, security, legal, and many others. However, security risk is the high-profile risk and the one organizations often focus on almost exclusively, which leaves the organization vulnerable in other areas.

Risk management is a program, not a project – there is no completion date. A proactive approach works best and requires continual monitoring, identification, and assessment. Reacting to risks after they occur can be costly and can have other detrimental effects on the organization. Any risk that adversely affects IT will adversely affect the entire organization.

While the VMI won’t necessarily be quantifying or calculating the risk directly, it generally is the aggregator of risk information across the risk categories, which it then includes in its reporting function. (See Steps 2.12 and 3.8.)

At a minimum, your risk management strategy should involve:

• Identifying the risks you want to measure and monitor.
• Identifying your risk appetite (the amount of risk you are willing to live with).
• Measuring, monitoring, and reporting on the applicable risks.
• Developing and deploying a risk management plan to minimize potential risk impact.

Vendor risk is a fact of life, but you do have options for how you handle it. Be proactive and thoughtful in your approach, and focus your resources on what is important.

2.2.1: Risk assessment tool

30-90 minutes

1. Meet with the participants to configure the risk indicators in Jump – Phase 2 Vendor Risk Assessment Tool, Tab 1. Set Parameters, for your environment.
2. Review the risk categories and determine which ones you will be measuring and monitoring.
3. Review the risk indicators under each risk category and determine whether the indicator is acceptable as written, is acceptable with modifications, should be replaced, or should be deleted.
4. Make the necessary changes to the risk indicators; these changes will cascade to each of the vendor tabs. Limit the number of risk indicators to no more than seven per risk category.
5. Gain input and approval as needed from sponsors, stakeholders, and executives as required.

Download the Info-Tech Jump – Phase 2 Vendor Risk Assessment Tool

Input

• Scope
• OIC Chart
• Process Maps
• Brainstorming

Output

• Configured Vendor Classification Tool

Materials

• Jump – Phase 2 Vendor Classification Tool, Tab 1. Configuration

Participants

• VMI team

Step 2.3: Scorecards and feedback

Design a two-way feedback loop with your vendors.

A vendor management scorecard is a great tool for measuring, monitoring, and improving relationship alignment. In addition, it is perfect for improving communication between you and the vendor.

Conceptually, a scorecard is similar to a report card you received when you were in school. At the end of a learning cycle, you received feedback on how well you did in each of your classes. For vendor management, the scorecard is also used to provide periodic feedback, but there are some different nuances and some additional benefits and objectives when compared to a report card.

Although scorecards can be used in a variety of ways, the main focus here will be on vendor management scorecards – contract management, project management, and other types of scorecards will not be included in the materials covered in this Step 2.3 or in Step 3.4.

Step 2.3: Scorecards and feedback (cont.)

Design a two-way feedback loop with your vendors.

Anatomy

The Info-Tech Scorecard includes five areas:

• Measurement Categories. Measurement categories help organize the scorecard. Limit the number of measurement categories to three to five; this allows the parties to stay focused on what’s important. Too many measurement categories make it difficult for the vendor to understand the expectations.
• Criteria. The criteria describe what is being measured. Create criteria with sufficient detail to allow the reviewers to fully understand what is being measured and to evaluate it. Criteria can be objective or subjective. Use three to five criteria per measurement category.
• Measurement Category Weights. Not all of your measurement categories may be of equal importance to you; this area allows you to give greater weight to a measurement category when compiling the overall score.
• Rating. Reviewers will be asked to assign a score to each criteria using a 1 to 5 scale.
• Comments. A good scorecard will include a place for reviewers to provide additional information regarding the rating or other items that are relevant to the scorecard.

An overall score is calculated based on the rating for each criteria and the measurement category weights.

Step 2.3: Scorecards and feedback (cont.)

Design a two-way feedback loop with your vendors.

Goals and Objectives

Scorecards can be used for a variety of reasons. Some of the common ones are listed below:

• Improve vendor performance.
• Convey expectations to the vendor.
• Identify and recognize top vendors.
• Increase alignment between the parties.
• Improve communication with the vendor.
• Compare vendors across the same criteria.
• Measure items not included in contract metrics.
• Identify vendors for “strategic alliance” consideration.
• Help the organization achieve specific goals and objectives.
• Identify and resolve issues before they impact performance or the relationship.

Identifying your scorecard drivers first will help you craft a suitable scorecard.

Step 2.3: Scorecards and feedback (cont.)

Design a two-way feedback loop with your vendors.

Info-Tech recommends starting with simple scorecards to allow you and the vendors to acclimate to the new process and information. As you build your scorecards, keep in mind that internal personnel will be scoring the vendors and the vendors will be reviewing the scorecard. Make your scorecard easy for your personnel to fill out and composed of meaningful content to drive the vendor in the right direction. You can always make the scorecard more complex in the future.

Our recommendation of five categories is provided below. Choose three to five categories to help you accomplish your scorecard goals and objectives:

1. Timeliness – responses, resolutions, fixes, submissions, completions, milestones, deliverables, invoices, etc.
2. Cost – total cost of ownership, value, price stability, price increases/decreases, pricing models, etc.
3. Quality – accuracy, completeness, mean time to failure, bugs, number of failures, etc.
4. Personnel – skilled, experienced, knowledgeable, certified, friendly, trustworthy, flexible, accommodating, etc.
5. Risk – adequate contractual protections, security breaches, lawsuits, finances, audit findings, etc.

Some criteria may be applicable in more than one category. The categories above should cover at least 80% of the items that are important to your organization. The general criteria listed for each category is not an exhaustive list, but most things break down into time, money, quality, people, and risk issues.

Step 2.3: Scorecards and feedback (cont.)

Design a two-way feedback loop with your vendors.

Additional Considerations

• Even a good rating system can be confusing. Make sure you provide some examples or a way for reviewers to discern the differences between 1, 2, 3, 4, and 5. Don’t assume your “Rating Key” will be intuitive.
• When assigning weights, don’t go lower than 10% for any measurement category. If the weight is too low, it won’t be relevant enough to have an impact on the total score. If it doesn’t “move the needle,” don’t include it.
• Final sign-off on the scorecard template should occur outside of the VMI. The heavy lifting can be done by the VMI to create it, but the scorecard is for the benefit of the organization overall and those impacted by the vendors specifically. You may end up playing arbiter or referee, but the scorecard is not the exclusive property of the VMI. Try to reach consensus on your final template whenever possible.
• You should notice improved ratings and total scores over time for your vendors. One explanation for this is the Pygmalion Effect: “The Pygmalion [E]ffect describes situations where someone’s high expectations improves our behavior and therefore our performance in a given area. It suggests that we do better when more is expected of us.”* Convey your expectations and let the vendors’ competitive juices take over.
• While you’re creating your scorecard and materials to explain the process to internal personnel, identify those pieces that will help you explain it to your vendors as part of your vendor orientation (see steps 2.6 and 3.4). Leveraging pre-existing materials is a great shortcut.

*Source: The Decision Lab, 2020

Step 2.3: Scorecards and feedback (cont.)

Design a two-way feedback loop with your vendors.

Vendor Feedback

After you’ve built your scorecard, turn your attention to the second half of the equation – feedback from the vendor. A communication loop cannot be successful without the dialogue flowing both ways. While this can happen with just a scorecard, a mechanism specifically geared toward the vendor providing you with feedback improves communication, alignment, and satisfaction.

You may be tempted to create a formal scorecard for the vendor to use. Our recommendation is to avoid that temptation until later in your maturity or development of the VMI. You’ll be implementing a lot of new processes, deploying new tools and templates, and getting people to work together in new ways. Work on those things first.

For now, implement an informal process for obtaining information from the vendor. Start by identifying information that you will find useful, information that will allow you to improve overall, to reduce waste or time, to improve processes, to identify gaps in skills. Incorporate these items into your business alignment meetings (see Steps 2.4 and 3.5). Create three to five good questions to ask the vendor and include these in the business alignment meeting agenda. The goal is to get meaningful feedback, and that starts with asking good questions.

Keep it simple at first. When the time is right, you can build a more formal feedback form or scorecard. Don’t be in a rush though. So long as the informal method works, keep using it.

2.3.1: Scorecards and feedback

30-60 minutes

1. Meet with the participants and brainstorm ideas for your scorecard measurement categories:
   1. What makes a vendor valuable to your organization?
   2. What differentiates a “good” vendor from a “bad” vendor?
   3. What items would you like to measure and provide feedback to the vendor to improve performance, the relationship, risk, and other areas?
2. Select three, but no more than five, of the following measure categories: timeliness, cost, quality, personnel, and risk.
3. Within each measurement category, list two or three criteria that you want to measure and track for your vendors; choose items that are as universal as possible rather than being applicable to one vendor or one vendor type.
4. Assign a weight to each measurement category, ensuring that the total weight is 100% for all measurement categories.
5. Document your results as you go in Jump – Phase 2 Tools and Templates Compendium, Tab 2.3 Scorecard.

Download the Info-Tech Jump – Phase 2 Tools and Templates Compendium

Input

• Brainstorming

Output

• Configured scorecard template

Materials

• Jump – Phase 2 Tools and Templates Compendium, Tab 2.3 Scorecard

Participants

• VMI team
• Applicable stakeholders and executives (as needed)

2.3.2: Scorecards and feedback

15-30 minutes

1. Meet with the participants and brainstorm ideas for feedback to seek from your vendors during your business alignment meetings. During the brainstorming, identify questions to ask the vendor about your organization that will:
   1. Help you improve the relationship.
   2. Help you improve your processes or performance.
   3. Help you improve ongoing communication.
   4. Help you evaluate your personnel.
2. Identify the top five questions you want to include in your business alignment meeting agenda. (Note: you may need to refine the actual questions from the brainstorming activity before they are ready to include in your business alignment meeting agenda.)
3. Document both your brainstorming activity and your final results in Jump – Phase 2 Tools and Templates Compendium, Tab 2.3 Feedback. The brainstorming questions can be used in the future as your VMI matures and your feedback transforms from informal to formal. The final results will be used in Steps 2.4 and 3.5.

Download the Info-Tech Jump – Phase 2 Tools and Templates Compendium

Input

• Brainstorming

Output

• Feedback questions to include with the business alignment meeting agenda

Materials

• Jump – Phase 2 Tools and Templates Compendium, Tab 2.3 Feedback

Participants

• VMI team
• Applicable stakeholders and executives (as needed)

Step 2.4: Business alignment meeting agenda

Craft an agenda that meets the needs of the VMI.

A business alignment meeting (BAM) is a great, multi-faceted tool to ensure the customer and the vendor stay focused on what is important to the customer at a high level. BAMs are not traditional “operational” meetings where the parties get into the details of the contracts, deal with installation problems, address project management issues, or discuss specific cost overruns. The main focus of the BAM is the scorecard (see Step 2.3), but other topics are discussed and other purposes are served. For example, you can use the BAM to develop the relationship with the vendor’s leadership team so that if escalation is ever needed, your organization is more than just a name on a spreadsheet or customer list; you can learn about innovations the vendor is working on (without the meeting turning into a sales call); you can address high-level performance trends and request corrective action as needed; you can clarify your expectations; you can educate the vendor about your industry, culture, and organization; and you can learn more about the vendor.

As you build your BAM agenda, someone in your organization may say, “Oh, that’s just a quarterly business review (QBR) or top-to-top meeting.” However, in most instances, an existing QBR or top-to-top meeting is not the same as a BAM. Using the term QBR or top-to-top meeting instead of BAM can lead to confusion internally. The VMI may say to the business unit, Procurement, or another department, “We’re going to start running some QBRs for our strategic vendors.” The typical response is, “There’s no need to do that. We already run QBRs/top-to-top meetings with our important vendors.” This may be accompanied by an invitation to join their meeting, where you may be an afterthought, have no influence, and get five minutes at the end to talk about your agenda items. Keep your BAM separate so that it meets your needs.

Step 2.4: Business alignment meeting agenda (cont.)

Craft an agenda that meets the needs of the VMI.

As previously noted, using the term BAM more accurately depicts the nature of the VMI meeting and prevents confusion internally with other meetings already occurring. In addition, hosting the BAM yourself rather than piggybacking onto another meeting ensures that the VMI’s needs are met. The VMI will set and control the BAM agenda and determine the invite list for internal personnel and vendor personnel. As you may have figured out by now, having the right customer and vendor personnel attend will be essential.

BAMs are conducted at the vendor level … not the contract level. As a result, the frequency of the BAMs will depend on the vendor’s classification category (see Steps 2.1 and 3.1). General frequency guidelines are provided below, but they can be modified to meet your goals:

• Commodity Vendors – Not applicable
• Operational Vendors – Biannually or annually
• Strategic Vendors – Quarterly
• Tactical Vendors – Quarterly or biannually

BAMs can help you achieve some additional benefits not previously mentioned:

• Foster a collaborative relationship with the vendor.
• Avoid erroneous assumptions by the parties.
• Capture and provide a record of the relationship (and other items) over time.

Step 2.4: Business alignment meeting agenda (cont.)

Craft an agenda that meets the needs of the VMI.

As with any meeting, building the proper agenda will be one of the keys to an effective and efficient meeting. A high-level BAM agenda with sample topics is set out below:

BAM Agenda

• Opening Remarks
  • Welcome and introductions
  • Review of previous minutes
• Active Discussion
  • Review of open issues
  • Scorecard and feedback
  • Current status of projects to ensure situational awareness by the vendor
  • Roadmap/strategy/future projects
  • Accomplishments
• Closing Remarks
  • Reinforce positives (good behavior, results, and performance, value added, and expectations exceeded)
  • Recap
• Adjourn

2.4.1: Business alignment meeting agenda

20-45 minutes

1. Meet with the participants and review the sample agenda in Jump – Phase 2 Tools and Templates Compendium, Tab 2.4 BAM Agenda.
2. Using the sample agenda as inspiration and brainstorming activities as needed, create a BAM agenda tailored to your needs.
   1. Select the items from the sample agenda applicable to your situation.
   2. Add any items required based on your brainstorming.
   3. Add the feedback questions identified during Activity 2.3.2 and documented in Jump – Phase 2 Tools and Templates Compendium, Tab 2.3 Feedback.
3. Gain input and approval from sponsors, stakeholders, and executives as required or appropriate.
4. Document the final BAM agenda in Jump – Phase 2 Tools and Templates Compendium, Tab 2.4 BAM Agenda.

Download the Info-Tech Jump – Phase 2 Tools and Templates Compendium

Input

• Brainstorming
• Jump – Phase 2 Tools and Templates Compendium, Tab 2.3 Feedback

Output

• Configured BAM agenda

Materials

• Jump – Phase 2 Tools and Templates Compendium, Tab 2.4 BAM Agenda

Participants

• VMI team
• Applicable stakeholders and executives (as needed)

Step 2.5: Relationship alignment document

Draft a document to convey important VMI information to your vendors.

Throughout this blueprint, alignment is mentioned directly (e.g. business alignment meetings [Steps 2.4 and 3.5]) or indirectly implied. Ensuring you and your vendors are on the same page, have clear and transparent communication, and understand each other’s expectations is critical to fostering strong relationships. One component of gaining and maintaining alignment with your vendors is the relationship alignment document (RAD). Depending upon the scope of your VMI and what your organization already has in place, your RAD will fill in the gaps on various topics.

Early in the VMI’s maturation, the easiest approach is to develop a short document (i.e. 1 page) or a pamphlet (i.e. the classic trifold) describing the rules of engagement when doing business with your organization. The RAD can convey expectations, policies, guidelines, and other items. The scope of the document will depend on 1) what you believe is important for the vendors to understand, and 2) any other similar information already provided to the vendors.

The first step to drafting a RAD is to identify what information vendors need to know to stay on your good side. For example, you may want vendors to know about your gift policy (e.g. employees may not accept gifts from vendors above a nominal value such as a pen or mousepad). Next, compare your list of what vendors need to know and determine if the content is covered in other vendor-facing documents such as a vendor code of conduct or your website’s vendor portal. Lastly, create your RAD to bridge the gap between what you want and what is already in place. In some instances, you may want to include items from other documents to reemphasize them with the vendor community.

Info-Tech Insight

The RAD can be used with all vendors regardless of classification category. It can be sent directly to the vendors or given to them during vendor orientation (see Step 3.3)

2.5.1: Relationship alignment document

1-4 hours

1. Meet with the participants and review the RAD sample and checklist in Jump – Phase 2 Tools and Templates Compendium, Tab 2.5 Relationship Alignment Doc.
2. Determine:
   1. Whether you will create one RAD for all vendors or one RAD for strategic vendors and another RAD for tactical and operational vendors; whether you will create a RAD for commodity vendors.
   2. The concepts you want to include in your RAD(s).
   3. The format for your RAD(s) – traditional, pamphlet, or other.
   4. Whether signoff or acknowledgement will be required by the vendors.
3. Draft your RAD(s) and work with other internal areas such as Marketing to create a consistent brand for the RADS and Legal to ensure consistent use and preservation of trademarks or other intellectual property rights and other legal issues.
4. Review other vendor-facing documents (e.g. supplier code of conduct, onsite safety and security protocols) for consistencies between them and the RAD(s).
5. Obtain signoff on the RAD(s) from stakeholders, sponsors, executives, Legal, Marketing, and others as needed.

Download the Info-Tech Jump – Phase 2 Tools and Templates Compendium

Input

• Brainstorming
• Vendor-facing documents, policies, and procedures

Output

• Completed relationship alignment document(s)

Materials

• Jump – Phase 2 Tools and Templates Compendium, Tab 2.5 Relationship Alignment Doc

Participants

• VMI team
• Marketing, as needed
• Legal, as needed

Step 2.6: Vendor orientation

Create a VMI awareness process to build bridges with your vendors.

Your organization is unique. It may have many similarities with other organizations, but your culture, risk tolerance, mission, vision, and goals, finances, employees, and “customers” (those that depend on you) make it different. The same is true of your VMI. It may have similar principles, objectives, and processes to other organizations’ VMIs, but yours is still unique. As a result, your vendors may not fully understand your organization and what vendor management means to you.

Vendor orientation is another means to helping you gain and maintain alignment with your important vendors, educate them on what is important to you, and provide closure when/if the relationship with the vendor ends. Vendor orientation is comprised of three components, each with a different function:

• Orientation
• Reorientation
• Debrief

Vendor orientation focuses on the vendor management pieces of the puzzle (e.g. the scorecard process) rather than the operational pieces (e.g. setting up a new vendor in the system to ensure invoices are processed smoothly).

Step 2.6: Vendor orientation (cont.)

Create a VMI awareness process to build bridges with your vendors.

Orientation

Orientation is conceptually similar to new hire orientation for employees at your organization. Generally conducted as a meeting, orientation provides your vendors with the information they need to be successful when working with your organization. Sadly, this is often overlooked by customers; it can take months or years for vendors to figure it out by themselves. By controlling the narrative and condensing the timeline, vendor relationships and performance improve more rapidly.

A partial list of topics for orientation is set out below:

• Your organization’s structure
• Your organization’s culture
• Your relationship expectations
• Your governances (VMI and other)
• Their vendor classification designation (commodity, operational, strategic, or tactical)
• The scorecard process
• Business alignment meetings
• Relationship alignment documents

In short, this is the first step toward building (or continuing to build) a robust, collaborative, mutually beneficial relationship with your important vendors.

Step 2.6: Vendor orientation (cont.)

Create a VMI awareness process to build bridges with your vendors.

Reorientation

Reorientation is either identical or similar to orientation, depending upon the circumstances. Reorientation occurs for a number of reasons, and each reason will impact the nature and detail of the reorientation content. Reorientation occurs whenever:

• There is a significant change in the vendor’s products or services.
• The vendor has been through a merger, acquisition, or divestiture.
• A significant contract renewal/renegotiation has recently occurred.
• Sufficient time has passed from orientation; commonly 2 to 3 years.
• The vendor has been placed in a “performance improvement plan” or “relationship improvement plan” protocol.
• Significant turnover has occurred within your organization (executives, key stakeholders, and/or VMI personnel).
• Substantial turnover has occurred at the vendor at the executive or account management level.
• The vendor has changed vendor classification categories after the most current classification.

As the name implies, the goal is to refamiliarize the vendor with your current VMI situation, governances, protocols, and expectations. The drivers for reorientation will help you determine its scope, scale, and frequency.

Step 2.6: Vendor orientation (cont.)

Create a VMI awareness process to build bridges with your vendors.

Debrief

To continue the analogy from orientation, debrief is similar to an exit interview for an employee when their employment is terminated. In this case, debrief occurs when the vendor is no longer an active vendor with your organization – all contracts have terminated or expired, and no new business with the vendor is anticipated within the next three months.

Similar to orientation and reorientation, debrief activities will be based on the vendor’s classification category within the COST model. Strategic vendors don’t go away very often; usually, they transition to operational or tactical vendors first. However, if a strategic vendor is no longer providing products or services to you, dig a little deeper into their experiences and allocate extra time for the debrief meeting.

The debrief should provide you with feedback on the vendor’s experience with your organization and their participation in your VMI. In addition, it can provide closure for both parties since the relationship is ending. Be careful that the debrief does not turn into a finger-pointing meeting or therapy session for the vendor. It should be professional and productive; if it is going off the rails, terminate the meeting before more damage can occur.

End the debrief on a high note if possible. Thank the vendor, highlight its key contributions, and single out any personnel who went above and beyond. You never know when you will be doing business with this vendor again – don’t burn bridges!

Step 2.6: Vendor orientation (cont.)

Create a VMI awareness process to build bridges with your vendors.

• As you create your vendor orientation materials, focus on the message you want to convey.
• For orientation and reorientation:
  • What is important to you that vendors need to know?
  • What will help the vendors understand more about your organization … your VMI?
  • What and how are you different from other organizations overall … in your “industry”?
  • What will help them understand your expectations?
  • What will help them be more successful?
  • What will help you build the relationship?
• For debrief:
  • What information or feedback do you want to obtain?
  • What information or feedback to you want to give?
• The level of detail you provide strategic vendors during orientation and reorientation may be different from the information you provide tactical and operational vendors. Commodity vendors are not typically involved in the vendor orientation process. The orientation meetings can be conducted on a one-to-one basis for strategic vendors and a one-to-many basis for operational and tactical vendors; reorientation and debrief are best conducted on a one-to-one basis. Lastly, face-to-face or video meetings work best for vendor orientation; voice-only meetings, recorded videos, or distributing only written materials seldom hit their mark or achieve the desired results.

2.6.1: Vendor orientation

1 to several hours

1. Meet with the participants and review the Phase Tools and Templates Compendium, Tab 2.6 Vendor Orientation.
   1. Use the orientation checklist to identify the materials you want to create for your orientation meetings.
   2. Use the reorientation checklist to identify the materials you want to create for your reorientation meetings.
2. The selections can be made by classification category (i.e. different items can apply to strategic, operational, and tactical vendors).
3. Create the materials and seek input and/or approval from sponsors, stakeholders, and executives as needed.
4. Use the debrief section of the tool to create an agenda, list the questions you want to ask vendors, and list information you want to provide to vendors. The agenda, questions, and information can be segregated by classification category.

Download the Info-Tech Jump – Phase 2 Tools and Templates Compendium

Input

• Brainstorming

Output

• Agendas and materials for orientation, reorientation, and debrief

Materials

• Phase Tools and Templates Compendium, Tab 2.6 Vendor Orientation

Participants

• VMI team

Step 2.7: Job descriptions

Ensure new and existing job descriptions are up to date.

Based on your work product from Steps 1.1-1.9, it’s time to start drafting new or modifying existing job descriptions applicable to the VMI team members. Some of the VMI personnel may be dedicated full-time to the VMI, while others may be supporting the VMI on a part-time basis. At a minimum, create or modify your job descriptions based on the categories set out below. Remember to get the internal experts involved so that you stay true to your environment and culture.

01 Title

This should align overall with what the person will be doing and what the person will be responsible for. Your hands may be tied with respect to titles, but try to make them intuitively descriptive if possible.

02 Duties

This is the main portion of the job description. List the duties, responsibilities, tasks, activities, and results expected. Again, there may be some limitations imposed by your organization, but be as thorough as possible.

03 Qualifications

This tends to be a gray area for many organizations, with the qualifications, certifications, and experience desired expressed in “ranges” so that good candidates are not eliminated from consideration unnecessarily.

2.7.1: Job descriptions

1 to several hours

1. Meet with the participants and review the VMI structure from Step 1.9.
   1. List the positions that require new job descriptions.
   2. List the positions that require updated job descriptions.
2. Review the other Phase 1 work product and list the responsibilities, tasks, and functions that need to be incorporated into the new and updated job descriptions.
3. Review the sample VMI job descriptions and sample VMI job description language in Jump – Phase 2 Tools and Templates Compendium, Tab 2.7 Job Descriptions, and identify language and concepts you want to include in the new and revised job descriptions.
4. Using your template, draft the new job descriptions and modify the existing job descriptions to synchronize with the VMI structure. Work with other internal areas such as Human Resources to ensure cultural fit and compliance.
5. Obtain input and signoff on the job descriptions from stakeholders, sponsors, executives, Human Resources, and others as needed.
6. Document your final job descriptions in Jump – Phase 2 Tools and Templates Compendium, Tab 2.7 Job Descriptions.

Download the Info-Tech Jump – Phase 2 Tools and Templates Compendium

Input

• Brainstorming
• Existing job descriptions
• Work product from Phase 1

Output

• Job descriptions for new positions
• Updated job descriptions for existing positions

Materials

• Jump – Phase 2 Tools and Templates Compendium, Tab 2.7 Job Descriptions

Participants

• VMI team
• Human Resources (as needed)
• Applicable stakeholders and executives (as needed)

Step 2.8: Policies and procedures

Prepare policies and procedures for VMI functions.

Policies and procedures are often thought of as boring documents that are 1) tedious to create, 2) seldom read after creation, and 3) only used to punish people when they do something “wrong.” However, when done well, these documents:

• Communicate expectations.
• Capture institutional knowledge.
• Provide guidance for decision making.
• Help workers avoid errors and minimize risk.
• Ensure regulatory and organizational compliance.
• List the steps required to achieve consistent results.

Definitions of Policies and Procedures

Policies and procedures are essential, but they are often confused with each other. A policy is a rule, guideline, or framework for making decisions. For example, in the vendor management space, you may want a policy indicating your organization’s view on gifts from vendors. A procedure is a set of instructions for completing a task or activity. For example, staying in the vendor management space, you may want a procedure to outline the process for classifying vendors.

Step 2.8: Policies and procedures (cont.)

Prepare policies and procedures for VMI functions.

Start With Your Policy/Procedure Template or Create One for Consistency

When creating policies and procedures, follow your template. If you don’t have one (or want to see if anything is missing from your template) the following list of potential components for your governance documents is provided.* Not every concept is required. Use your judgment and err on the side of caution when drafting; balance readability and helpfulness against over documenting and over complicating.

• Descriptive Title
• Policy Number
• Brief Overview
• Purpose
• Scope
• The Policy or Procedure
• Definitions
• Revision Date
• History
• Related Documents
• Keywords

Step 2.8: Policies and procedures (cont.)

Prepare policies and procedures for VMI functions.

Although they are not ever going to be compared to page-turning novels, policies and procedures can be improved by following a few basic principles. By following the guidelines set out below, your VMI policies and procedures will contribute to the effectiveness of your initiative.*

• Use short sentences.
• Organize topics logically.
• Use white space liberally.
• Use mandatory language.
• Use gender-neutral terms.
• Write with an active voice.
• Avoid jargon when possible.
• Use a consistent “voice” and tone.
• Use pictures or diagrams when they will help.
• Write in the same tense throughout the document.
• Use icons and colors to designate specific elements.
• Make sure links to other policies and procedures work.
• Define all acronyms and jargon (when it must be used).
• Avoid a numbering scheme with more than three levels.

*Adapted in part from smartsheet.com

Info-Tech Insight

Drafting policies and procedures is an iterative process that requires feedback from the organization’s leadership team.

2.8.1: Policies and procedures

Several hours

1. Meet with the participants and review the sample policies and procedures topics in Jump – Phase 2 Tools and Templates Compendium, Tab 2.8 Policies and Procedures.
2. Determine:
   1. The concepts you want to include in your policies and procedures; brainstorm for any additional concepts you want to include.
   2. The format/template for your policies and procedures.
3. Draft your policies and procedures based on the sample topics and your brainstorming activity. Work with other internal areas such as Legal and Human Resources to ensure cultural and environmental fit within your organization.
4. Obtain input and signoff on the policies and procedures from stakeholders, sponsors, executives, Legal, Human Resources, and others as needed.
5. Document your final policies and procedures in Jump – Phase 2 Tools and Templates Compendium, Tab 2.8 Policies and Procedures.
6. Publish your policies and procedures and conduct training sessions or awareness sessions as needed.

Download the Info-Tech Jump – Phase 2 Tools and Templates Compendium

Input

• Existing policies and procedures (if any)
• Existing policies and procedures template (if any)
• Scope
• OIC chart
• Process maps
• Brainstorming

Output

• VMI policies and procedures

Materials

• Jump – Phase 2 Tools and Templates Compendium, Tab 2.8 Policies and Procedures

Participants

• VMI team
• Legal and Human Resources (as needed)
• Applicable stakeholders and executives (as needed)

Step 2.9: 3-year roadmap

Plot your path at a high level.

The VMI exists in many planes concurrently: 1) it operates both tactically and strategically, and 2) it focuses on different timelines or horizons (e.g. the past, the present, and the future). Creating a 3-year roadmap facilitates the VMI’s ability to function effectively across these multiple landscapes.

The VMI roadmap will be influenced by many factors. The work product from Phase 1: Plan, input from executives, stakeholders, and internal clients, and the direction of the organization as a whole are great sources of information as you begin to build your roadmap.

To start, identify what you would like to accomplish in Year 1. This is arguably the easiest year to complete: budgets are set (or you have a good idea what the budget will look like), personnel decisions have been made, resources have been allocated, and other issues impacting the VMI are known with a higher degree of certainty than any other year. This does not mean things won’t change during the first year of the VMI, but expectations are usually lower and the short event horizon makes things more predictable during the Year-1 ramp-up period.

Years 2 and 3 are more tenuous, but the process is the same: identify what you would like to accomplish or roll out in each year. Typically, the VMI maintains the Year 1 plan into subsequent years and adds to the scope or maturity. For example, you may start Year 1 with BAMs and scorecards for three of your strategic vendors; during Year 2, you may increase that to five vendors; and during Year 3, you may increase that to nine vendors. Or, you may not conduct any market research during Year 1, waiting to add it to your roadmap in Year 2 or 3 as you mature.

Breaking things down by year helps you identify what is important and the timing associated with your priorities. A conservative approach is recommended. It is easy to overcommit, but the results can be disastrous and painful.

2.9.1: 3-year roadmap

45-90 minutes

1. Meet with the participants and decide how to coordinate Year 1 of your 3-year roadmap with your existing fiscal year or reporting year. Year 1 may be shorter or longer than a calendar year.
2. Review the VMI activities listed in Jump – Phase 2 Tools and Templates Compendium, Tab 2.9 3-Year Roadmap. Use brainstorming and your prior work product from Phase 1 and Phase 2 to identify additional items for the roadmap and add them at the bottom of the spreadsheet.
3. Starting with the first activity, determine when that activity will begin and put an X in the corresponding column; if the activity is not applicable, leave it blank or insert N/A.
4. Go back to the top of the list and add information as needed.
   1. For any Year-1 or Year-2 activities, add an X in the corresponding columns if the activity will be expanded/continued in subsequent periods (e.g. if a Year 2 activity will continue in Year 3, put an X in Year 3 as well).
   2. Use the comments column to provide clarifying remarks or additional insights related to your plans or “X’s.” For example, “Scorecards begin in Year 1 with three vendors and will roll out to five vendors in Year 2 and nine vendors in Year 3.”
5. Obtain signoff from stakeholders, sponsors, and executives as needed.

Download the Info-Tech Jump – Phase 2 Tools and Templates Compendium

Input

• Phase 1 work product
• Steps 2.1-2.8 work product
• Brainstorming

Output

• High level 3-year roadmap for the VMI

Materials

• Jump – Phase 2 Tools and Templates Compendium, Tab 2.9 3-Year Roadmap

Participants

• VMI team
• Applicable stakeholders and executives (as needed)

Step 2.10: 90-day plan

Pave your short-term path with a series of detailed quarterly plans.

Now that you have prepared a 3-year roadmap, it’s time to take the most significant elements from the first year and create action plans for each three-month period. Your first 90-day plan may be longer or shorter if you want to sync to your fiscal or calendar quarters. Aligning with your fiscal year can make it easier for tracking and reporting purposes; however, the more critical item is to make sure you have a rolling series of four 90-day plans to keep you focused on the important activities and tasks throughout the year. The 90-day plan is a simple project plan that will help you measure, monitor, and report your progress. Use the Info-Tech tool to help you track: Activities Tasks comprising each activity Who will be performing the tasks An estimate of the time required per person per task An estimate of the total time to achieve the activity A due date for the activity A priority of the activity The first 90-day plan will have the greatest level of detail and should be as thorough as possible; the remaining three 90-day plans will each have less detail for now. As you approach the middle of the first 90-day plan, start adding details to the next 90-day plan; toward the end of the first quarter add a high-level 90-day plan to the end of the chain. Continue repeating this cycle each quarter and consult the 3-year roadmap and the leadership team as necessary.

2.10.1: 90-day plan

45-90 minutes

1. Meet with the participants and decide how to coordinate the first 90-day plan with your existing fiscal year or reporting cycles. Your first plan may be shorter or longer than 90 days.
2. Looking at the Year 1 section of the 3-year roadmap, identify the activities that will be started during the next 90 days.
3. Using the Jump – Phase 2 Tools and Templates Compendium, Tab 2.10 90-Day Plan, enter the following information into the spreadsheet for each activity to be accomplished during the next 90 days:
   1. Activity description
   2. Tasks required to complete the activity (be specific and descriptive)
   3. The people who will be performing each task
   4. The estimated number of hours required to complete each task
   5. The start date and due date for each task or the activity
4. Validate the tasks are a complete list for each activity and the people performing the tasks have adequate time to complete the tasks by the due date(s).
5. Assign a priority to each activity.

Download the Info-Tech Jump – Phase 2 Tools and Templates Compendium

Input

• 3-year roadmap
• Phase 1 work product
• Steps 2.1-2.9 work product
• Brainstorming

Output

• Detailed plan for the VMI for the next quarter or 90 days

Materials

• Jump – Phase 2 Tools and Templates Compendium, Tab 2.10 90-Day Plan

Participants

• VMI team
• Applicable stakeholders and executives (as needed)

Step 2.11: Quick wins

Identify potential short-term successes to gain momentum and show value immediately.

As the final step in the timeline trilogy, you are ready to identify some quick wins for the VMI. Using the first 90-day plan and a brainstorming activity, create a list of things you can do in 15 to 30 days that add value to your initiative and build momentum.

As you evaluate your list of potential candidates, look for things that:

• Are achievable within the stated timeline.
• Don’t require a lot of effort.
• Involve stopping a certain process, activity, or task; this is sometimes known as a “stop doing stupid stuff” approach.
• Will reduce or eliminate inefficiencies; this is sometimes known as the war on waste.
• Have a moderate to high impact or bolster the VMI’s reputation.

As you look for quick wins, you may find that everything you identify does not meet the criteria. That’s ok … don’t force the issue. Return your focus to the 90-day plan and 3-year roadmap, and update those documents if the brainstorming activity associated with this Step 2.11 identified anything new.

2.11.1: Quick wins

15-30 minutes

1. Meet with the participants and review the 3-year roadmap and 90-day plan. Determine if any item on either document can be completed:
   1. Quickly (30 days or less)
   2. With minimal effort
   3. To provide or show moderate to high levels of value or provide the VMI with momentum
2. Brainstorm to identify any other items that meet the criteria in step 1 above.
3. Compile a comprehensive list of these items and select up to five to pursue.
4. Document the list in the Jump – Phase 2 Tools and Templates Compendium, Tab 2.11 Quick Wins.
5. Manage the quick wins list and share the results with the VMI team and applicable stakeholders and executives.

Download the Info-Tech Jump – Phase 2 Tools and Templates Compendium

Input

• 3-year roadmap
• 90-day plan
• Brainstorming

Output

• A list of activities that require low levels of effort to achieve moderate to high levels of value in a short period

Materials

• Jump – Phase 2 Tools and Templates Compendium, Tab 2.11 Quick Wins

Participants

• VMI team

Step 2.12: Reports

Construct your reports to resonate with your audience.

Issuing reports is a critical piece of the VMI since the VMI is a conduit of information for the organization. It may be aggregating risk data from internal areas, conducting vendor research, compiling performance data, reviewing market intelligence, or obtaining relevant statistics, feedback, comments, facts, and figures from other sources. Holding onto this information minimizes the impact a VMI can have on the organization; however, the VMI’s internal clients, stakeholders, and executives can drown in raw data and ignore it completely if it is not transformed into meaningful, easily-digested information.

Before building a report, think about your intended audience:

• What information are they looking for … what will help them understand the big picture?
• What level of detail is appropriate, keeping in mind the audience may not be like-minded?
• What items are universal to all of the readers and what items are of interest to one or two readers?
• How easy or hard will it be to collect the data … who will be providing it, how time consuming will it be?
• How accurate, valid, and timely will the data be?
• How frequently will each report need to be issued?

Step 2.12: Reports (cont.)

Construct your reports to resonate with your audience.

Use the following guidelines to create reports that will resonate with your audience:

• Value information over data, but sometimes data does have a place in your report.
• Use pictures, graphics, and other representations more than words, but words are often necessary in small, concise doses.
• Segregate your report by user; for example, general information up top, CIO information below that on the right, CFO information to the left of CIO information, etc.
• Send a draft report to the internal audience and seek feedback, keeping in mind you won’t be able to cater to or please everyone.

Step 2.12: Reports (cont.)

Construct your reports to resonate with your audience.

The report’s formatting and content display can make or break your reports.*

• Make the report look inviting and easy to read. Use:
  • Short paragraphs and bullet points.
  • A simple layout and uncluttered, wide margins.
  • Minimal boldface, underline, or italics to attract the readers’ attention.
  • High contrast between text and background.
• Charts, graphs, and infographics should be intuitive and tell the story on their own.
• Make it easy to peruse the report for topics of interest.
  • Maintain consistent design features.
  • Use impactful, meaningful headings and subheadings.
  • Include callouts to draw attention to important high-level information.
• Demonstrate the impact of the accomplishments or success stories when appropriate.
• Finish with a simple concise summary when appropriate. Consider adding:
  • Key points for the reader to takeaway.
  • Action items or requests.
  • Plans for next reporting period.

*Sources: Adapted and compiled in part from: designeclectic.com, ahrq.gov, and 60secondmarketer.com.

2.12.1: Reports

15-45 minutes

1. Meet with the participants and review the applicable work product from Phases 1 and 2; identify qualitative and quantitative items the VMI measures, monitors, tracks, or aggregates.
2. Determine which items will be reported and to whom (by category):
   1. Internally to personnel within the VMI
   2. Internally to personnel outside the VMI
   3. Externally to vendors
3. Within each category above, determine your intended audiences/recipients. For example, you may have a different list of recipients for a risk report than you do a scorecard summary report. This will help you identify the number of reports required.
4. Create a draft structure for each report based on the audience and the information being conveyed. Determine the frequency of each report and person responsible for creating for each report.
5. Document your final choices in Jump – Phase 2 Tools and Templates Compendium, Tab 2.12 Reports.

Download the Info-Tech Jump – Phase 2 Tools and Templates Compendium

Input

• Brainstorming
• Phase 1 work product
• Steps 2.1-2.11 work product

Output

• A list of reports used by the VMI
• For each report:
• The conceptual content
• A list of who will receive or have access
• A creation/distribution frequency

Materials

• Jump – Phase 2 Tools and Templates Compendium, Tab 2.12 Reports

Participants

• VMI team
• Applicable stakeholders and executives (as needed)

Phase 3: Run

Implement Your Processes and Leverage Your Tools and Templates

This phase will walk you through the following activities:

Begin operating the VMI. The main outcomes from this phase are guidance and the steps required to implement your VMI.

This phase involves the following participants:

• VMI team
• Applicable stakeholders and executives
• Others as needed

Jump Start Your Vendor Management Initiative

Phase 3: Run

Implement your processes and leverage your tools and templates.

All of the hard work invested in Phase 1: Plan and Phase 2: Build begins to pay off in Phase 3: Run. It’s time to stand up your VMI and ensure that the proper level of resources is devoted to your vendors and the VMI itself. There’s more hard work ahead, but the foundational elements are in place. This doesn’t mean there won’t be adjustments and modifications along the way, but you are ready to use the tools and templates in the real world; you are ready to begin reaping the fruits of your labor.

Phase 3: Run guides you through the process of collecting data, monitoring trends, issuing reports, and conducting effective meetings to:

• Manage risk better.
• Improve vendor performance.
• Improve vendor relationships.
• Identify areas where the parties can improve.
• Improve communication between the parties.
• Increase the value proposition with your vendors.

Step 3.1: Classify vendors

Begin classifying your top 25 vendors by spend.

Step 3.1 sets the table for many of the subsequent steps in Phase 3: Run. The results of your classification process will determine: which vendors go through the scorecarding process (Step 3.4); which vendors participate in BAMs (Step 3.5); the nature and content of the vendor orientation activities (Step 3.3); which vendors will be part of the risk measurement and monitoring process (Step 3.8); which vendors will be included in the reports issued by the VMI (Step 3.9); and which vendors you will devote relationship-building resources to (Step 3.10).

As you begin classifying your vendors, Info-Tech recommends using an iterative approach initially to validate the results from the classification model you configured in Step 2.1.

1. Using the information from the Vendor Inventory tab (Step 1.7), identify your top 25 vendors by spend.
2. Run your top 10 vendors by spend through the classification model and review the results.
   1. If the results are what you expected and do not contain any significant surprises, go to next page.
   2. If the results are not what you expected or contain significant surprises, look at the configuration page of the tool (Tab 1) and adjust the weights or the spend categories slightly. Be cautious in your evaluation of the results before modifying the configuration page – some legitimate results are unexpected or surprising based on bias. If you modify the weighting, review the new results and repeat your evaluation. If you modify the spend categories, review the answers on the vendor tabs to ensure that the answers are still accurate; review the new results and repeat your evaluation.

Step 3.1: Classify vendors (cont.)

Review your results and adjust the classification tool as needed.

3. Run your top 11 through 25 vendors by spend through the classification model and review the results. Identify any unexpected results or surprises. Determine if further configuration makes sense and repeat the process outlined in 2.b, previous page, as necessary. If no further modifications are required, continue to 4, below.
4. Share the preliminary results with the leadership team, executives, and stakeholders to obtain their approval or adjustments to the results.
   1. They may have questions and want to understand the process before approving the results.
   2. They may request that you move a vendor from one quadrant to another based on your organization’s roadmap, the vendor’s roadmap, or other information not available to you.
5. Identify the vendors that will be part of the VMI at this stage – how many and which ones. Based on this number and the VMI’s scope (Step 1.2), make sure you have the resources necessary to accommodate the number of vendors participating in the VMI. Proceed cautiously and gradually increase the number of vendors participating in the VMI.

Step 3.1: Classify vendors (cont.)

Finalize the results and update VMI tools and templates.

6. Update the Vendor Inventory tab (Step 1.7) to indicate the current classification status for the top 25 vendors by spend. Once your vendors have been classified, you can sort the Vendor Inventory tab by classification status to see all the vendors in that category at once.
7. Review your 3-year roadmap (Step 2.9) and 90-day plans (Step 2.10) to determine if any modifications are needed to the activities and timelines.

Additional classification considerations:

• You should only have a few vendors that fit in the strategic category. As a rough guideline, no more than 5% to 10% of your IT vendors should end up in the strategic category. If you have a large number of vendors, even 5% may be too many. The classification model is an objective start to the classification process, but common sense must prevail over the “math” at the end of the day.
• At this point, there is no need to go beyond the top 25 by spend. Most VMIs starting out can’t handle more than three to five strategic vendors initially. Allow the VMI to run a pilot program with a small sample size, work out any bugs, make adjustments, and then ramp up the VMI’s rollout in waves. Vendors can be added quarterly, biannually, or annually, depending upon the desired goals and available resources.

Step 3.1: Classify vendors (cont.)

Align your vendor strategy to your classification results.

As your VMI matures, additional vendors will be part of the VMI. Review the table below and incorporate the applicable strategies into your deployment of vendor management principles over time. Stay true to your mission, goals, and scope, and remember that not all of your vendors are of equal importance.

Step 3.1: Classify vendors (cont.)

Be careful when using the word “partner” with your strategic and other vendors.

For decades, vendors have used the term “partner” to refer to the relationship they have with their clients and customers. In many regards, this is often an emotional ploy used by the vendors to get the upper hand. To fully understand the terms “partner” and “partnership” let’s evaluate them through two more-objective, less-cynical lenses.

If you were to talk to your in-house or outside legal counsel, you may be told that partners share in profits and losses, and they have a fiduciary obligation to each other. Unless there is a joint venture between the parties, you are unlikely to have a partnership with a vendor from this perspective.

What about a “business” partnership … one that doesn’t involve sharing profits and losses? What would that look like? Here are some indicators of a business partnership (or preferably a strategic alliance):

• Trust and transparent communication exist.
• You have input into the vendor’s roadmap for products and services.
• The vendor is aligned with your desired outcomes and helps you achieve success.
• You and the vendor are accountable for actions and inactions, with both parties being at risk.
• There is parity in the peer-to-peer relationships between the organizations (e.g. C-Level to C-Level).
• The vendor provides transparency in pricing models and proactively suggests ways for you to reduce costs.
• You and the vendor work together to make each party better, providing constructive feedback on a regular basis.
• The vendor provides innovative suggestions for you to improve your processes, performance, the bottom line, etc.
• Negotiations are not one-sided; they are meaningful and productive, resulting in an equitable distribution of money and risk.

Step 3.1: Classify vendors (cont.)

Understand the implications and how to leverage the words “partner” and “partnership.”

By now you might be thinking, “What’s all the fuss? Why does it matter?” At Info-Tech, we’ve seen firsthand how referring to the vendor as a partner can have the following impact:

• Confidences are disclosed unnecessarily.
• Negotiation opportunities and leverage are lost.
• Vendors no longer have to earn the customer’s business.
• Vendor accountability is missing due to shared responsibilities.
• Competent skilled vendor resources are assigned to other accounts.
• Value erodes over time since contracts are renewed without being competitively sourced.
• One-sided relationships are established, and false assurances are provided at the highest levels within the customer organization.

Proceed with caution when using partner or partnership with your vendors. Understand how your organization benefits from using these terms and mitigate the negatives outlined above by raising awareness internally to ensure people understand the psychology behind the terms. Finally, use the term to your advantage when warranted by referring to the vendor as a partner when you want or need something that the vendor is reluctant to provide. Bottom line: Be strategic in how you refer to vendors and know the risks.

Step 3.2: Conduct internal “kickoff” meeting

Raise awareness about the VMI and its mission, vision, and goals.

To be effective, your VMI needs executive support, a clear vision, appropriate governances and tools, personnel with the right skills, and other items discussed in this blueprint. However, the VMI doesn’t exist in a vacuum … it can’t sit back and be reactive. As part of being proactive, the VMI must be aware of its brand and “market” its services. An effective way to market the VMI is to conduct an internal kickoff meeting. There are at least a couple of ways to do this:

• Host a meeting for stakeholders, executives, and others who will be contributing to the VMI processes (but are not part of the VMI). The meeting can be part of a townhall or standalone meeting; it can be done live or via a recorded video.
• Attend appropriate staff meetings and make your presentation.

With either approach above or one of your choosing, keep in mind the following objectives for your kickoff meeting:

• Make sure you provide a way for those in attendance to ask questions at that time and later. You want to create and foster a communication loop with the people who will be impacted by the VMI or participating with it.
• Raise awareness of your existence and personnel. Tell the VMI’s story by sharing your mission statement, goals, and scope; this will help dispel (or confirm) rumors about the VMI that often lead to confusion and faulty assumptions.
• As you share the VMI’s vision, connect the story to how the VMI will impact the organization and individuals and to how they can help. The VMI tends to be the least autonomous area within an organization; it needs the assistance of others to be successful. Convey an atmosphere of collaboration and appreciation for their help.

Host a kickoff meeting annually to kickoff the new year. Remind people of your story, announce successes from the past year, and indicate what the future year holds. Keep it brief, make it personal for the audience, and help them connect the names of VMI personnel to faces.

Step 3.3: Conduct vendor orientation

Introduce your VMI to your top vendors.

Based on the results from your vendor classification (Step 3.1) and your VMI deployment timeline, identify the vendors who will participate in the initial orientation meetings. Treat the orientation as a formal, required meeting for the vendors to attend. Determine the attendee list for your organization and the vendors, and send out invites. Ideally, you will want the account manager, a sales director or vice president, the “delivery” director or vice president, and an executive from the vendor in the meeting. From the customer side, you may need more than one or two people from the VMI to entice the vendor’s leadership team to attend; you may need attendance from your own leadership team to add weight or credibility to the meeting (unfortunately).

Before going into the meeting, make sure everyone on your side knows their roles and responsibilities, and review the agenda. Control the agenda or the meeting is likely to get out of hand and turn into a sales call.

Conduct orientation meetings even if the participating vendors have been doing business with you for several years. Don’t assume they know all about your organization and your VMI (even if their other clients have a VMI).

Run two or three orientation meetings and then review the “results.” What needs to be modified? What lessons have you learned? Make any necessary adjustments and continue rolling out the orientation meetings.

Early in the VMI’s deployment, reorientation and debrief may not be in play. As time passes, it is important to remember them! Use them when warranted to help with vendor alignment.

Step 3.4: Compile scorecards

Begin scoring your top vendors.

The scorecard process typically is owned and operated by the VMI, but the actual rating of the criteria within the measurement categories is conducted by those with day-to-day interactions with the vendors, those using or impacted by the services and products provided by the vendors, and those with the skills to research other information on the scorecard (e.g. risk). Chances are one person will not be able to complete an entire scorecard by themselves. As a result, the scorecard process is a team sport comprising sub-teams where necessary.

The VMI will compile the scores, calculate the final results, and aggregate all of the comments into one scorecard. There are two common ways to approach this task:

1. Send out the scorecard template to those who will be scoring the vendor and ask them to return it when completed, providing them with a due date a few days before you actually need it; you’ll need time to compile, calculate, and aggregate.
2. Invite those who will be scoring the vendor to a meeting and let the contributors use that time to score the vendors; make VMI team members available to answer questions and facilitate the process.

Step 3.4: Compile scorecards (cont.)

Gather input from stakeholders and others impacted by the vendors.

Since multiple people will be involved in the scorecarding process or have information to contribute, the VMI will have to work with the reviewers to ensure that the right mix of data is provided. For example:

• If you are tracking lawsuits filed by or against the vendor, one person from Legal may be able to provide that, but they may not be able to evaluate any other criteria on the scorecard.
• If you are tracking salesperson competencies, multiple people from multiple areas may have valuable insights.
• If you are tracking deliverable timeliness, several project managers may want to contribute across several projects.

Where one person is contributing exclusively to limited criteria, make it easy for the person to identify the criteria they are to evaluate. When multiple people from the same functional area will provide insights, they can contribute individually (and the VMI will average their responses) or they can respond collectively after reaching consensus among themselves.

After the VMI has compiled, calculated, and aggregated, share the results with executives, impacted stakeholders, and others who will be attending the BAM for that vendor. Depending upon the comments provided by internal personnel, you may need to create a sanitized version of the scorecard for the vendor.

Make sure your process timeline has a buffer built in. You’ll be sending the final scorecard to the vendor three to five days before the BAM, and you’ll need some time to assemble the results. The scorecarding process can be perceived as a low-priority activity for people outside of the VMI, and other “priorities” will arise for them. Without a timeline buffer, the VMI may find itself behind schedule and unprepared due to things beyond its control.

Step 3.5: Conduct business alignment meetings

Determine which vendors will participate and how long the meetings will last.

At their core, BAMs aren’t that different from any other meeting. The basics of running a meeting still apply, but there are a few nuances that apply to BAMs Set out below are leading practices for conducing your BAMs; adapt them to meet your needs and suit your environment.

Who

Initially, BAMs are conducted with the strategic vendors in your pilot program. Over time, you’ll add vendors until all of your strategic vendors are meeting with you quarterly. After that, roll out the BAMs to those tactical and operational vendors located close to the strategic quadrant in the classification model (Steps 2.1 and 3.1) and as VMI resources allow. It may take several years before you are holding regular BAMs with all of your strategic, tactical, and operational vendors.

Duration

Keep the length of your meetings reasonable. The first few with a vendor may need to be 60 to 90 minutes long. After that, you should be able to trim them to 45 to 60 minutes. The BAM does not have to fill the entire time. When you are done, you are done.

Step 3.5: Conduct business alignment meetings (cont.)

Identify who will be invited and send out invitations.

Invitations

Set up a recurring meeting whenever possible. Changes will be inevitable, but keeping the timeline regular works to your advantage. Also, the vendors included in your initial BAMs won’t change for twelve months. For the first BAM with a vendor, provide adequate notice; four weeks is sufficient in most instances, but calendars will fill up quickly for the main attendees from the vendor. Treat the meeting as significant and make sure your invitation reflects this. A simple meeting request will often be rejected, treated as optional, or ignored completely by the vendor’s leadership team (and maybe yours as well!).

Invitees

Internal invitees should include those with a vested interest in the vendor’s performance and the relationship. In addition, other functional areas may be invited based on need or interest. Be careful the attendee list doesn’t get too big. Based on this, internal BAM attendees often include representatives from IT, Sourcing/Procurement, and the applicable business units. At times, Finance and Legal are included.

From the vendor’s side, strive to have decision makers and key leaders attend. The salesperson/account manager is often included for continuity, but a director or vice president of sales will have more insights and influence. The project manager is not needed at this meeting due to the nature of the meeting and its agenda; however, a director or vice president from the “product or service delivery” area is a good choice. Bottom line: get as high into the vendor’s organization as possible whenever possible; look at the types of contracts you have with that vendor to provide guidance on the type of people to invite.

Step 3.5: Conduct business alignment meetings (cont.)

Prepare for the meetings and maintain control.

Preparation

Send the scorecard and agenda to the vendor five days prior to the BAM. The vendor should provide you with any information you require for the meeting five days prior as well.

Decide who will run the meeting. Some customers like to lead and others let the vendor present. How you craft the agenda and your preferences will dictate who runs the show.

Make sure the vendor knows what materials it should bring to the meeting or have access to. This will relate to the agenda and any specific requests listed under the discussion points. You don’t want the vendor to be caught off guard and unable to discuss a matter of importance to you.

Running the BAM

Regardless of which party leads, make sure you manage the agenda to stay on topic. This is your meeting – not the vendor’s, not IT’s, not Procurement’s or Sourcing’s. Don’t let anyone hijack it.

Make sure someone is taking notes. If you are running this virtually, consider recording the meeting. Check with your legal department first for any concerns, notices, or prohibitions that may impact your recording the session.

As a reminder, this is not a sales call, and this is not a social activity. Innovation discussions are allowed and encouraged, but that can quickly devolve into a sales presentation. People can be friendly toward one another, but the relationship building should not overwhelm the other purposes.

Step 3.5: Conduct business alignment meetings (cont.)

Follow these additional guidelines to maximize your meetings.

More Leading Practices

• Remind everyone that the conversation may include items covered by various confidentiality provisions or agreements.
• Publish the meeting minutes on a timely basis (within 48 hours).
• Focus on the bigger picture by looking at trends over time; get into the details only when warranted.
• Meet internally immediately beforehand to prepare – don’t go in cold; review the agenda and the roles and responsibilities for the attendees.
• Physical meetings are better than virtual meetings, but travel constraints, budgets, and pandemics may not allow for physical meetings.

Final Thoughts

• When performance or the relationship is suffering, be constructive in your feedback and conversations rather than trying to assign blame; lead with the carrot rather than the stick.
• Look for collaborative solutions whenever possible and avoid referencing the contract if possible. Communicate your willingness to help resolve outstanding issues.
• Use inclusive language and avoid language that puts the vendor on the defensive.
• Make sure that your meetings are not focused exclusively on the negative, but don’t paint a rosy picture where one doesn’t exist.
• A vendor that is doing well should be commended. This is an important part of relationship building.

Step 3.6: Work the 90-day plan

Monitor your progress and share your results.

Having a 90-day plan is a good start, but assuming the tasks on the plan will be accomplished magically or without any oversight can lead to failure. While it won’t take a lot of time to work the plan, following a few basic guidelines will help ensure the 90-day plan gets results and wasn’t created in vain.

1. Measure and track your progress against the initial/current 90-day plan at least weekly; with a short timeline, any delay can have a huge impact.
2. If adjustments are needed to any elements of the plan, understand the cause and the impact of those adjustments before making them.
3. Make adjustments ONLY when warranted. The temptation will be to push activities and tasks further out on the timeline (or to the next 90-day plan!) when there is any sort of “hiccup” along the way, especially when personnel outside the VMI are involved. Hold true to the timeline whenever possible; once you start slipping, it often becomes a habit.
4. Report on progress every week and hold people accountable for their assignments and contributions.
5. Take the 90-day plan seriously and treat it as you would any significant project – this is part of the VMI’s branding and image.

Step 3.7: Manage the 3-year roadmap

Keep an eye on the future since it will feed the present.

The 3-year roadmap is a great planning tool, but it is not 100% reliable. There are inherent flaws and challenges. Essentially, the roadmap is a set of three “crystal balls” attempting to tell you what the future holds. The vision for Year 1 may be fairly clear, but for each subsequent year, the crystal ball becomes foggier. In addition, the timeline is constantly changing; before you know it, tomorrow becomes today and Year 2 becomes Year 1.

To help navigate through the roadmap and maximize its potential, follow these principles:

• Manage each year of the roadmap differently.
  • Review the Year 1 map each quarter to update your 90-day plans (See steps 2.10 and 3.6).
  • Review the Year 2 map every six months to determine if any changes are necessary. As you cycle through this, your vantage point of Year 2 will be 6 months or 12 months away from the beginning of Year 2, and time moves quickly.
  • Review the Year 3 map annually, and determine what needs to be added, changed, or deleted. Each time you review Year 3, it will be a “new” Year 3 that needs to be built.
• Analyze the impact on the proposed modifications from two perspectives: 1) What is the impact if a requested modification is made? 2) What is the impact if a requested modification is not made?
• Validate all modifications with leadership and stakeholders before updating the 3-year roadmap to ensure internal alignment.

Step 3.8: Measure and monitor risk

Understand and manage risk levels.

Using the configured Vendor Risk Assessment Tool (Step 2.2), confirm which risks you will be measuring and monitoring and identify the vendors that will be part of the initial risk management process. Generally, organizations start measuring and monitoring risk in two to five risk categories for two or three strategic vendors. Over time, additional risk categories and/or vendors can be added in waves. Resist the temptation to add risk categories or vendors into the mix too quickly. Expanding requires resources inside and outside of the VMI.

The VMI will rely heavily on other areas to provide input or the risk data, and the VMI needs to establish good working relationships with those areas. For example, if legal risk is something being measured and monitored, the VMI will need data from Legal on the number and nature of any lawsuits filed by or against the applicable vendors; the VMI will need data from Legal, Contract Management, or Procurement/Sourcing on the number and nature of any agreed upon deviations from your organization’s preferred contract terms that increase legal risk.

With respect to risk, the VMI’s main role is threefold: 1) take the data obtained from others (or in some instances the VMI may have the data) and turn it into useful information, 2) monitor the risk categories over time and periodically issue reports, and 3) work with other areas to manage the risk.

Step 3.9: Issue reports

Inform internal personnel and vendors about trends, issues, progress, and results.

Issuing the reports created in Step 2.12 is one of the main ways the VMI 1) will communicate with internal and external personnel and 2) track trends and information over time. Even with input from the potential reviewers of the reports, you’ll still want to seek their feedback and input periodically. It may take a few iterations until the reports are hitting their mark. You may find that a metric is no longer required, that a metric is missing completely or it is missing a component, or a formatting change would improve the report’s readability. Once a report has been “finalized,” try not to change it until you are engaged in Phase 4: Review activities. It can be unsettling for the reviewers when reports change constantly.

Whenever possible, find ways to automate the reports. While issuing reports is critical, the function should not consume more time than necessary. Automation can remove some of the manual and repetitive tasks.

Internal reports may need to be kept confidential. An automated dashboard or reporting tool can help lock down who has access to the information. At a minimum, the internal reports should contain a “Confidential” stamp, header, watermark, or other indicator that the materials are sensitive and should not be disclosed outside of your organization without approval.

Reports for vendors may not need to be sent as often as reports are generated or prepared for internal personnel. Establish a cadence by classification model category and stick to it. Letting each vendor choose the frequency will make it more difficult for you to manage. The vendors can choose to ignore the report if they so choose.

Step 3.10: Develop/improve vendor relationships

Drive better performance through better relationships.

One of the key components of a VMI is relationship management. Good relationships with your vendors provide many benefits for both parties, but they don’t happen by accident. Do not assume the relationship will be good or is good merely because your organization is buying products and services from a vendor.

In many respects, the VMI should mirror a vendor’s sales organization by establishing relationships at multiple levels within the vendor organizations – not just with the salesperson or account manager. Building and maintaining relationships is hard work, but the return on investment makes it worthwhile.

Business relationships are comprised of many components, not all of which have to be present to have a great relationship. However, there are some essential components. Whether you are trying to develop, improve, or maintain a relationship with a vendor, make sure you are conscious of the following:*

• Focus your energies on strategic vendors first and then tactical and operational vendors.
• Be transparent and honest in your communications.
• Continue building trust by being responsive and honoring commitments (timely).
• Create a collaborative environment and build upon common ground.
• Thank the vendor when appropriate.
• Resolve disputes early, avoid the “blame game,” and be objective when there are disagreements.

Step 3.11: Contribute to other processes

Continue assisting others and managing roles and responsibilities outside of the VMI.

The VMI has processes that it owns and processes that it contributes to. Based on the VMI scope (Step 1.2), the OIC chart (Step 1.4), and the process mapping activities (Step 1.5), ensure that the VMI is honoring its contribution commitments. This is often easier said than done though. A number of factors can make it difficult to achieve the balance required to handle VMI processes and contribute to other processes associated with the VMI’s mission and vision. Understanding the issues is half the battle. If you see signs of these common “vampires,” take action quickly to address the situation.

• The VMI’s first focus is often internal, and the tendency is to operate in a bubble. Classifying vendors, running BAMs, coordinating the risk process, and other inward-facing processes can consume all of the VMI’s energy. As a result, there is little time, effort, or let’s be honest, desire to participate in other processes outside of the VMI.
• It is easy for VMI personnel to get dragged into processes and situations that are outside of its scope. This often happens when personnel join the VMI from other internal areas or departments and have good relationships with their former teammates. The relationships make it hard to say “No” when out-of-scope assistance is being requested.
• The VMI may have “part-time” personnel who have responsibilities across internal departments, divisions, agencies, or teams. When the going gets tough and time is at a premium, people gravitate toward the easiest or most comfortable work. That work may not be VMI work.

Phase 4: Review

Keep Your VMI Up to Date and Running Smoothly

This phase will walk you through the following activities:

Identify what the VMI should stop doing, start doing, and continue doing as it improves and matures. The main outcomes from this phase are ways to advance the VMI and maintain internal alignment.

This phase involves the following participants:

• VMI team
• Applicable stakeholders and executives
• Others as needed

Jump Start Your Vendor Management Initiative

Phase 4: Review

Keep your VMI up to date and running smoothly.

As the old adage says, “The only thing constant in life is change.” This is particularly true for your VMI. It will continue to mature; people inside and outside of the VMI will change; resources will expand or contract from year to year; your vendor base will change. As a result, your VMI needs the equivalent of a physical every year. In place of bloodwork, x-rays, and the other paces your physician may put you through, you’ll assess compliance with your policies and procedures, incorporate leading practices, leverage lessons learned, maintain internal alignment, and update governances.

Be thorough in your actions during this Phase to get the most out of it. It requires more than the equivalent of gauging a person’s health by taking their temperature, measuring their blood pressure, and determining their body mass index. Keeping your VMI up to date and running smoothly takes hard work.

Some of the items presented in this Phase require an annual review; others may require quarterly review or timely review (i.e. when things are top of mind and current). For example, collecting lessons learned should happen on a timely basis rather than annually, and classifying your vendors should occur annually rather than every time a new vendor enters the fold.

Ultimately, the goal is to improve over time and stay aligned with other areas internally. This won’t happen by accident. Being proactive in the review of your VMI further reinforces the nature of the VMI itself – proactive vendor management, NOT reactive!

Step 4.1: Assess compliance

Determine what is functionally going well and not going well.

Whether you have a robust set of vendor management-related policies and procedures or they are the bare minimum, gathering data each quarter and conducting an assessment each year will provide valuable feedback. The scope of your assessment should focus on two concepts: 1) are the policies and procedures being followed and 2) are the policies and procedures accurate and relevant. This approach requires parallel thinking, but it will help you understand the complete picture and minimize the amount of time required.

Use the steps listed below (or modify them for your culture) to conduct your assessment:

• Determine the type of assessment – formal or informal.
• Determine the scale of the assessment – which policies and procedures will be reviewed and how many people will be interviewed.
• Determine the compliance levels, and seek feedback on the policies and procedures – what is going well and what can be improved?
• Review the compliance deviations.
• Conduct a root cause analysis for the deviations.
• Create a list of improvements and gain approval.
• Create a plan for minimizing noncompliance in the future.
  • Improve/increase education and awareness.
  • Clarify/modify policies and procedures.
  • Add resources, tools, and people (as necessary and as allowed).

Step 4.2: Incorporate leading practices

Identify and evaluate what external VMIs are doing.

The VMI’s world is constantly shifting and evolving. Some changes will take place slowly, while others will occur quickly. Think about how quickly the cloud environment has changed over the past five years versus the 15 years before that; or think about issues that have popped up and instantly altered the landscape (we’re looking at you COVID-19 and ransomware). As a result, the VMI needs to keep pace, and one of the best ways to do that is to incorporate leading practices.

At a high level, a leading practice is a way of doing something that is better at producing a particular outcome or result or performing a task or activity than other ways of proceeding. The leading practice can be based on methodologies, tools, processes, procedures, and other items. Leading practices change periodically due to innovation, new ways of thinking, research, and other factors. Consequently, a leading practice is to identify and evaluate leading practices each year.

Step 4.2: Incorporate leading practices (cont.)

Update your VMI based on your research.

• A simple approach for incorporating leading practices into your regular review process is set out below:
• Research:
  • What other VMIs in your industry are doing.
  • What other VMIs outside your industry are doing.
  • Vendor management in general.
• Based on your results, list specific leading practices others are doing that would improve your VMI (be specific – e.g. other VMIs are incorporating risk into their classification process).
• Evaluate your list to determine which of these potential changes fit or could be modified to fit your culture and environment.
• Recommend the proposed changes to leadership (with a short business case or explanation/justification, as needed) and gain approval.

Remember: Leading practices or best practices may not be what is best for you. In some instances, you will have to modify them to fit your culture and environment; in other instances, you will elect not to implement them at all (in any form).

Step 4.3: Leverage lessons learned

Tap into the collective wisdom and experience of your team members.

There are many ways to keep your VMI running smoothly, and creating a lessons learned library is a great complement to the other ways covered in this Phase 4: Review. By tapping into the collective wisdom of the team and creating a safe feedback loop, the VMI gains the following benefits:

• Documented institutional wisdom and knowledge normally found only in the team members’ brains.
• The ability for one team member to gain insights and avoid mistakes without having to duplicate the events leading to the insights or mistakes.
• Improved methodologies, tools, processes, procedures, skills, and relationships.

Many of the processes raised in this Phase can be performed annually, but a lessons learned library works best when the information is “deposited” in a timely manner. How you choose to set up your lessons learned process will depend on the tools you select and your culture. You may want to have regular “input” meetings to share the lessons as they are being deposited, or you may require team members to deposit lessons learned on a regular basis (within a week after they happen, monthly, or quarterly). Waiting too long can lead to vague or lost memories and specifics – timeliness of the deposits is a crucial element.

Step 4.3: Leverage lessons learned (cont.)

Create a library to share valuable information across the team.

Lessons learned are not confined to identifying mistakes or dissecting bad outcomes. You want to reinforce good outcomes as well. When an opportunity for a lessons-learned deposit arises, identify the following basic elements:

• A brief description of the situation and outcome.
• What went well (if anything) and why did it go well?
• What didn't go well (if anything) and why didn't it go well?
• What would/could you do differently next time?
• A synopsis of the lesson(s) learned.

Info-Tech Insights

The lessons learned library needs to be maintained. Irrelevant material needs to be culled periodically, and older or duplicate material may need to be archived.

The lessons learned process should be blameless. The goal is to share insightful information … not to reward or punish people based on outcomes or results.

Step 4.4: Maintain internal alignment

Review the plans of other internal areas to stay in sync.

Maintaining internal alignment is essential for the ongoing success of the VMI. Over time, it is easy to lose sight of the fact that the VMI does not operate in a vacuum; it is an integral component of a larger organization whose parts must work well together to function optimally. Focusing annually on the VMI’s alignment within the enterprise helps reduce any breakdowns that could derail the organization.

To ensure internal alignment:

• Review the key components of the applicable materials from Phase 1: Plan and Phase 2: Build with the appropriate members of the leadership team (e.g. executives, sponsors, and stakeholders). Not every item from those Phases and Steps needs to be reviewed, but err on the side of caution for the first set of alignment discussions, and be prepared to review each item. You can gauge the audience’s interest on each topic and move quickly when necessary or dive deeper when needed. Identify potential changes required to maintain alignment.
• Review the strategic plans (e.g. 1-, 3-, and 5- year plans) for various portions of the organization if you have access to them or gather insights if you don’t have access.
  • If the VMI is under the IT umbrella, review the strategic plans for IT and its departments.
  • Review the strategic plans for the areas the VMI works with (e.g. Procurement, Business Units).
  • The organization itself.
• Create and vet a list of modifications to the VMI and obtain approval.
• Develop a plan for making the necessary changes.

Step 4.5: Update governances

Revise your protocols and return to the beginning of cyclical processes.

You’re at the final Step and ready to update governances. This is comprised of two sequential paths.

• First, use the information from Steps 4.1-4.4 to make any required modifications to the items in Phase 1: Plan, Phase 2: Build, and Phase 3: Run. For example, you may need to update your policies and procedures (Step 2.8) based on your findings in Step 4.1; or you may need to update the VMI’s scope (Step 1.2) to ensure internal alignment issues identified in Step 4.4. are accounted for.
• Second, return to Phase 3: Run to perform the activities below; they tend to be performed annually, but use your discretion and perform them on an as-needed basis:
  • Reclassify vendors.
  • Complete a new maturity assessment.
  • Run reorientation sessions for vendors.
  • Conduct a kickoff meeting to update internal personnel.

Other activities and tasks (e.g. scorecards and BAMs) may be impacted by the modifications made above, but the nature of their performance follows a shorter cadence. As a result, they are not specifically called out here in this Step 4.5 since they are performed on an ongoing basis. However, don’t overlook them as part of your update.

Summary of Accomplishment

Problem Solved

Vendor management is a broad, often overwhelming, comprehensive spectrum that encompasses many disciplines. By now, you should have a great idea of what vendor management can or will look like in your organization. Focus on the basics first: Why does the VMI exist and what does it hope to achieve? What is its scope? What are the strengths you can leverage, and what obstacles must you manage? How will the VMI work with others? From there, the spectrum of vendor management will begin to clarify and narrow.

Leverage the tools and templates from this blueprint and adapt them to your needs. They will help you concentrate your energies in the right areas and on the right vendors to maximize the return on your organization’s investment in the VMI of time, money, personnel, and other resources. You may have to lead by example internally and with your vendors at first, but they will eventually join you on your path if you stay true to your course.

At the heart of a good VMI is the relationship component. Don’t overlook its value in helping you achieve your vendor management goals. The VMI does not operate in a vacuum, and relationships (internal and external) will be critical.

Lastly, seek continual improvement from the VMI and from your vendors. Both parties should be held accountable, and both parties should work together to get better. Be proactive in your efforts, and you, the VMI, and the organization will be rewarded.

If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop

Contact your account representative for more information

workshops@infotech.com

1-888-670-8889

Related Info-Tech Research

Prepare for Negotiations More Effectively

Don't leave negotiation preparations and outcomes to chance. Learn how to prepare for negotiations more effectively and improve your results.

Understand Common IT Contract Provisions to Negotiate More Effectively

Info-Tech’s guidance and insights will help you navigate the complex process of contract review and identify the key details necessary to maximize the protections for your organization.

Capture and Market the ROI of Your VMO

Calculating the impact or value of a vendor management office (VMO) can be difficult without the right framework and tools. Let Info-Tech’s tools and templates help you account for the contributions made by your VMO.

Bibliography

“Best Practices for Writing Corporate Policies and Procedures.” PowerDMS, 29 Dec. 2020. Accessed 11 January 2022.

Duncan. “Top 10 Tips for Creating Compelling Reports.” Design Eclectic, 11 October 2019. Accessed 29 March 2022.

Eby, Kate. “Master Writing Policies, Procedures, Processes, and Work Instructions.” 1 June 2018, updated 19 July 2021. Accessed 11 January 2022.

“Enterprise Risk Management.” Protiviti, n.d. Accessed 16 Feb. 2017.

Geller & Company. “World-Class Procurement — Increasing Profitability and Quality.” Spend Matters, 2003. Accessed 4 March 2019.

Guth, Stephen. “Vendor Relationship Management Getting What You Paid for (And More).” Citizens, 26 Feb. 2015. Web.

Guth, Stephen. The Vendor Management Office: Unleashing the Power of Strategic Sourcing. Lulu.com, 2007. Print.

“ISG Index 4Q 2021.” Information Services Group, Inc., 2022. Web.

“Six Tips for Making a Quality Report Appealing and Easy To Skim.” AHRQ, Oct. 2019. Accessed 29 March 2022.

Tucker, Davis. “Marketing Reporting: Tips to Create Compelling Reports.” 60 Second Marketer, 28 March 2020. Accessed 29 March 2022.

“Why Do We Perform Better When Someone Has High Expectations of Us?” The Decision Lab, 9 Sept. 2020. Accessed 31 January 2022.

Microsoft Teams Cookbook

Recipes for best practices and use cases for Microsoft Teams.

Table of contents

Executive Brief

Section 1: Teams for IT

Section 2: Teams for End Users

Executive Summary

Situation

Remote work calls for leveraging your Office 365 license to utilize Teams – but IT is unsure about best practices for governance and permissions.

Without a framework or plan for governing the rollout of Teams, IT risks overlooking secure use of Teams, the phenomenon of “teams sprawl,” and not realizing how Teams integrates with Office 365 more broadly.

Complication

Teams needs to be rolled out quickly, but IT has few resources to help train end users with Teams best practices.

With teams, channels, chats, meetings, and live events to choose from, end users may get frustrated with lack of guidance on how to use Teams’ many capabilities.

Resolution

Use Info-Tech’s Microsoft Teams Cookbook to successfully implement and utilize Teams. This cookbook includes recipes for:

• IT best practices concerning governance of the creation process and Teams rollout.
• End-user best practices for Teams functionality and common use cases.

Key Insights

Teams is not a standalone app

Successful utilization of Teams occurs when conceived in the broader context of how it integrates with Office 365. Understanding how information flows between Teams, SharePoint Online, and OneDrive for Business, for instance, will aid governance with permissions, information storage, and file sharing.

IT should paint the first picture for team creation

No initial governance for team creation can lead to “teams sprawl.” While Teams was built to allow end users’ creativity to flow in creating teams and channels, this can create problems with a cluttered interface and keeping track of information. To prevent end-user dissatisfaction here, IT’s initial Teams rollout should offer a basic structure for end users to work with first, limiting early teams sprawl.

The Teams admin center can only take you so far with permissions

Knowing how Teams integrates with other Office 365 apps will help with rolling out sensitivity labels to protect important information being accidentally shared in Teams. Of course, technology only does so much – proper processes to train and hold people accountable for their actions with data sharing must be implemented, too.

Related Info-Tech Research

Establish a Communication and Collaboration System Strategy

Don’t waste your time deploying yet another collaboration tool that won’t get used.

Modernize Communication and Collaboration Infrastructure

Your legacy telephony infrastructure is dragging you down – modern communications and collaboration technology will dramatically improve productivity.

Migrate to Office 365 Now

One small step to cloud, one big leap to Office 365. The key is to look before you leap.

Section 1: Teams for IT

Governance best practices and use cases for IT

From determining prerequisites to engaging end users.

IT fundamentals

• Creation process
• Teams rollout

Use cases

• Retain and search for legal/regulatory compliance
• Add an external user to a team
• Delete/archive a team

Overview: Creation process

IT needs to be prepared to manage other dependent services when rolling out Teams. See the figure below for how Teams integrates with these other Office 365 applications.

Which Microsoft 365 license do I need to access Teams?

• Microsoft 365 Business Essentials
• Microsoft 365 Business Premium
• Office 365 Enterprise, E1, E3, or E5
• Office 365 Enterprise E4 (if purchased prior to its retirement)

Please note: To appeal to the majority of Info-Tech’s members, this blueprint refers to Teams in the context of Office 365 Enterprise licenses.

Assign admin roles

You will already have at least one global administrator from setting up Office 365.

Global administrators have almost unlimited access to settings and most of the data within the software, so Microsoft recommends having only two to four IT and business owners responsible for data and security.

Info-Tech Best Practice

Configure multifactor authentication for your dedicated Office 365 global administrator accounts and set up two-step verification.

Once you have organized your global administrators, you can designate your other administrators with “just-enough” access for managing Teams. There are four administrator roles:

Prepare the network

There are three prerequisites before Teams can be rolled out:

• UDP ports 3478 through 3481 are opened.
• You have a verified domain for Office 365.
• Office 365 has been rolled out, including Exchange Online and SharePoint Online.

Microsoft then recommends the following checklist to optimize your Teams utilization:

• Optimize calls and performance using the Call Quality Dashboard.
• Assess network requirements in the Network Planner in the Teams admin center.
• Ensure all computers running Teams client can resolve external DNS queries.
• Check adequate public IP addresses are assigned to the NAT pools to prevent port exhaustion.
• Route to local or regional Microsoft data centers.
• Whitelist all Office 365 URLs to move through security layers, especially IDS/IPS.
• Split tunnel Teams traffic so it bypasses your organization’s VPN.

Info-Tech Best Practice

For online support and walkthroughs, utilize Advisor for Teams. This assistant can be found in the Teams admin center.

Team Creation

You can create and manage Teams through the Teams PowerShell module and the Teams admin center. Only the global administrator and Teams service administrator have full administrative capabilities in this center.

Governance over team creation intends to prevent “teams sprawl” – the phenomenon whereby end users create team upon team without guidance. This creates a disorganized interface, with issues over finding the correct team and sharing the right information.

Prevent teams sprawl by painting the first picture for end users:

1. Decide what kind of team grouping would best fit your organization: by department or by project.
2. Start with a small number of teams before letting end users’ creativity take over. This will prevent initial death by notifications and support adoption.
3. Add people or groups to these teams. Assign multiple owners for each team in case people move around at the start of rollout or someone leaves the organization.
4. Each team has a general channel that cannot be removed. Use it for sharing an overview of the team’s goals, onboarding, and announcements.

Info-Tech Best Practice

For smaller organizations that are project-driven, organize teams by projects. For larger organizations with established, siloed departments, organize by department; projects within departments can become channels.

Integrations with SharePoint Online

Teams does not integrate with SharePoint Server.

Governance of Teams is important because of how tightly it integrates with other Office 365 apps, including SharePoint Online.

A poor rollout of Teams will have ramifications in SharePoint. A good rollout will optimize these apps for the organization.

Teams and SharePoint integrate in the following ways:

• Each team created in Teams automatically generates a SharePoint team site behind it. All documents and chat shared through a team are stored in that team’s SharePoint document library.
• As such, all files shared through Teams are subject to SharePoint permissions.
• Existing SharePoint folders can be tied to a team without needing to create a new one.
• If governance over resource sharing in Teams is poor, information can get lost, duplicated, or cluttered throughout both Teams and SharePoint.

Info-Tech Best Practice

End users should be encouraged to integrate their teams and channels with existing SharePoint folders and, where no folder exists, to create one in SharePoint first before then attaching a team to it.

Permissions

Within the Teams admin center, the global or Teams service administrator can manage Teams policies.

Typical Teams policies requiring governance include:

• The extent end users can discover or create private teams or channels
• Messaging policies
• Third-party app use

Chosen policies can be either applied globally or assigned to specific users.

Info-Tech Best Practice

If organizations need to share sensitive information within the bounds of a certain group, private channels help protect this data. However, inviting users into that channel will enable them to see all shared history.

External and guest access

Within the security and compliance center, the global or Teams service administrator can set external and guest access.

External access (federation) – turned on by default.

• Lets you find, call, and chat with users in other domains. External users will have no access to the organization’s teams or team resources.

Guest access – turned off by default.

• Lets you add individual users with their own email address. You do this when you want external users to access teams and team resources. Approved guests will be added to the organization’s active directory.

If guest access is enabled, it is subject to Azure AD and Office 365 licensing and service limits. Guests will have no access to the following, which cannot be changed:

• OneDrive for Business
• An organization’s calendar/meetings
• PSTN
• Organization’s hierarchical chart
• The ability to create, revise, or browse a team
• Upload files to one-on-one chat

Info-Tech Best Practice

Within the security and compliance center, you can allow users to add sensitivity labels to their teams that can prevent external and guest access.

Expiration and archiving

To reduce the number of unused teams and channels, or delete information permanently, the global or Teams service administrator can implement an Office 365 group expiration and archiving policy through the Teams admin center.

If a team has an expiration policy applied to it, the team owner will receive a notification for team renewal 30 days, 15 days, and 1 day before the expiry date. They can renew their team at any point within this time.

• To prevent accidental deletion, auto-renewal is enabled for a team. If the team owner is unable to manually respond, any team that has one channel visit from a team member before expiry is automatically renewed.
• A deleted Office 365 group is retained for 30 days and can be restored at any point within this time.

Alternatively, teams and their channels (including private) can be archived. This will mean that all activity for the team ceases. However, you can still add, remove, and update roles of the members.

Retention and data loss prevention

Retention policies can be created and managed in the Microsoft 365 Compliance Center or the security and compliance center PowerShell cmdlets. This can be applied globally or to specific users.

By default, information shared through Teams is retained forever.

However, setting up retention policies ensures data is retained for a specified time regardless of what happens to that data within Teams (e.g. user deletes).

Info-Tech Best Practice

To prevent external or guest users accessing and deleting sensitive data, Teams is able to block this content when shared by internal users. Ensure this is configured appropriately in your organization:

• For guest access in teams and channels
• For external access in meetings and chat

Please note the following limitations of Teams’ retention and data loss prevention:

• Organization-wide retention policies will need to be manually inputted into Teams. This is because Teams requires a retention policy that is independent of other workloads.
• As of May 2020, retention policies apply to all information in Teams except private channel messages. Files shared in private channels, though, are subject to retention policies.
• Teams does not support advanced retention settings, such as a policy that pertains to specific keywords or sensitive information.
• It will take three to seven days to permanently delete expired messages.

Teams telephony

Teams has built-in functionality to call any team member within the organization through VoIP.

However, Teams does not automatically connect to the PSTN, meaning that calling or receiving calls from external users is not immediately possible.

Bridging VoIP calls with the PSTN through Teams is available as an add-on that can be attached to an E3 license or as part of an E5 license.

There are two options to enable this capability:

• Enable Phone System. This allows for call control and PBX capabilities in Office 365.
• Use direct routing. You can use an existing PSTN connection via a Session Border Controller that links with Teams (Amaxra).

Steps to implement Teams telephony:

1. Ensure Phone System and required (non-Microsoft-related) services are available in your country or region.
2. Purchase and assign Phone System and Calling Plan licenses. If Calling Plans are not available in your country or region, Microsoft recommends using Direct Routing.
3. Get phone numbers and/or service numbers. There are three ways to do this:
   • Get new numbers through the Teams admin center.
   • If you cannot get new numbers through the Teams admin center, you can request new numbers from Microsoft directly.
   • Port or transfer existing numbers. To do this, you need to send Microsoft a letter of authorization, giving them permission to request and transfer existing numbers on your behalf.
4. To enable service numbers, including toll-free numbers, Microsoft recommends setting up Communications Credits for your Calling Plans and Audio Conferencing.

Overview: Teams rollout

1. From Skype (and Slack) to Teams
2. Gain stakeholder purchase
3. Employ a phased deployment
4. Engage end users

Skype for Business is being retired; Microsoft offers a range of transitions to Teams.

Combine the best transition mode with Info-Tech’s adoption best practices to successfully onboard and socialize Teams.

From Skype to Teams

Skype for Business Online will be retired on July 31, 2021. Choose from the options below to see which transition mode is right for your organization.

Skype for Business On-Premises will be retired in 2024. To upgrade to Teams, first configure hybrid connectivity to Skype for Business Online.

Islands mode (default)

• Skype for Business and Teams coexist while Teams is rolled out.
• Recommended for phased rollouts or when Teams is ready to use for chat, calling, and meetings.
• Interoperability is limited. Teams and Skype for Business only transfer information if an internal Teams user sends communications to an external Skype for Business user.

Teams only mode (final)

• All capabilities are enabled in Teams and Skype for Business is disabled.
• Recommended when end users are ready to switch fully to Teams.
• End users may retain Skype for Business to join meetings with non-upgraded or external parties. However, this communication is only initiated from the Skype for Business external user.

Collaboration first mode

• Skype for Business and Teams coexist, but only Teams’ collaboration capabilities are enabled. Teams communications capabilities are turned off.
• Recommended to leverage Skype for Business communications yet utilize Teams for collaboration.

Meetings first mode

• Skype for Business and Teams coexist, but only Teams’ meetings capabilities are enabled.
• Recommended for organizations that want to leverage their Skype for Business On-Premises’ Enterprise Voice capability but want to benefit from Teams’ meetings through VoIP.

From Slack to Teams

The more that’s left behind in Slack, the easier the transition. As a prerequisite, pull together the following information:

• Usage statistics of Slack workspaces and channels
• What apps end users utilize in Slack
• What message history you want to export
• A list of users whose Slack accounts can map on to required Microsoft accounts

Test content migration

Your Slack service plan will determine what you can and can’t migrate. By default, public channels content can be exported. However, private channels may not be exportable, and a third-party app is needed to migrate Direct Messages.

Files migration

Once you have set up your teams and channels in Teams, you can programmatically copy files from Slack into the target Teams channel.

Apps migration

Once you have a list of apps and their configurations used in Slack’s workspaces, you can search in Teams’ app store to see if they’re available for Teams.

User identity migration

Slack user identities may not map onto a Microsoft account. This will cause migration issues, such as problems with exporting text content posted by that user.

Info-Tech Best Practice

Avoid data-handling violations. Determine what privacy and compliance regulations (if any) apply to the handling, storage, and processing of data during this migration.

Gain stakeholder purchase

Change management is a challenging aspect of implementing a new collaboration tool. Creating a communication and adoption plan is crucial to achieving universal buy-in for Teams.

To start, define SMART objectives and create a goals cascade.

Sample list of stakeholder-specific benefits from improving collaboration

Use these activities to define what pain points stakeholders face and how Teams can directly mitigate those pain points.

Employ a phased deployment

Info-Tech Best Practice

Deploy Teams over a series of phases. As such, if you are already using Skype for Business, choose one of the coexistence phases to start.

1. Identify and pilot Teams with early adopters that will become your champions. These champions should be formally trained, be encouraged to help and train their colleagues, and be positively reinforced for their efforts.
2. Iron out bugs identified with the pilot group and train middle management. Enterprise collaboration tool adoption is strongly correlated with leadership adoption.
   1. Top-level management
      Control and direct overall organization.
   2. Middle management
      Execute top-level management’s plans in accordance with organization’s norms.
   3. First-level management
      Execute day-to-day activities.
3. Use Info-Tech’s one-pager marketing template to advertise the new tool to stakeholders. Highlight how the new tool addresses specific pain points. Address questions stemming from fear and uncertainty to avoid employees’ embarrassment or their rejection of the tool.

1. Extend the pilot to other departments and continue this process for the whole organization.

(Source: Rationalize Your Collaboration Tools (coming soon), Tools:GANTT Chart and Marketing Materials, Activities: 3.2A – 3.2B)

Info-Tech Insight

Be in control of setting and maintaining expectations. Aligning expectations with reality and the needs of employees will lower onboarding resistance.

Engage end users

Short-term best practices

Launch day:

• Hold a “lunch and learn” targeted training session to walk end users through common use cases.
• Open a booth or virtual session (through Teams!) and have tool representatives available to answer questions.
• Create a game to get users exploring the new tool – from scavenger hunts to bingo.

Launch week:

• Offer incentives for using the tool and helping others, including small gift cards.
• Publicize achievements if departments hit adoption milestones.

Long-term best practices

• Make available additional training past launch week. End users should keep learning new features to improve familiarity.
• Distribute frequent training clips, slowly exposing end users to more complex ways of utilizing Teams.
• Continue to positively reinforce and recognize those who use Teams well. This could be celebrating those that help others use the tool, how active certain users are, and attendance at learning events.

Info-Tech Best Practice

Microsoft has a range of training support that can be utilized. From instructor-led training to “Coffee in the Cloud” sessions, leverage all the support you can.

Use case #1: Retain and search data for legal/regulatory compliance

Scenario:

Your organization requires you to retain data and documents for a certain period of time; however, after this period, your organization wishes to delete or archive the data instead of maintaining it indefinitely. Within the timeframe of the retention policy, the admin may be asked to retrieve information that has been requested through a legal channel.

Purpose:

• Maintain compliance with the legal and regulatory standards to which the organization is subject.

Jobs:

• Ensure the data is retained for the approved time period.
• Ensure the policy applies to all relevant data and users.

Solution: Retention Policies

• Ensure that your organization has an Office 365 E3 or higher license.
• Set the desired retention policy through the Security & Compliance Center or PowerShell by deciding which teams, channels, chats, and users the policies will apply to and what will happen once the retention period ends.
• Ensure that matching retention policies are applied to SharePoint and OneDrive, since this is where files shared in Teams are stored.
• Be aware that Teams retention policies cannot be applied to messages in private channels.

Solution: e-Discovery

• If legally necessary, place users or Teams on legal hold in order to retain data that would be otherwise deleted by your organization’s retention policies.
• Perform e-discovery on Teams messages, files, and summaries of meetings and calls through the Security & Compliance Center.
• See Microsoft’s chart on the next slide for what is e-discoverable.

Content subject to e-discovery

E-discovery does not capture audio messages and read receipts in MS Teams.

Since files shared in private channels are stored separately from the rest of a team, follow Microsoft’s directions for how to include private channels in e-discovery. (Source: “Conduct an eDiscovery investigation of content in Microsoft Teams,” Microsoft, 2020.)

Use case #2: Add external person to a team

Scenario:

A team in your organization needs to work in an ongoing way with someone external to the company. This user needs access to the relevant team’s work environment, but they should not be privy to the goings-on in the other parts of the organization.

Jobs:

This external person needs to be able to:

• Attend meetings
• Join calls
• Chat with individual team members
• View and collaborate on the team’s files

Solution:

• If necessary, set a data loss prevention policy to prevent your users from sharing certain types of information or files with external users present in your organization’s Teams chats and public channels.
• Ensure that your Microsoft license includes DLP protection. However:
  • DLP cannot be applied to private channel messages.
  • DLP cannot block messages from external Skype for Business users nor external users who are not in “Teams only” mode.
• Ensure that you have a team set up for the project that you wish the external user to join. The external user will be able to see all the channels in this team, unless you create a private channel they are restricted from.
• Complete Microsoft’s “Guest Access Checklist” to enable guest access in Teams, if it isn’t already enabled.
• As admin, give the external user guest access through the Teams admin center or Azure AD B2B collaboration. (If given permission, team owners can also add guests through the Teams client).
• Decide whether to set a policy to monitor and audit external user activity.

Use case #3: Delete/archive a team

Scenario:

In order to avoid teams sprawl, organizations may want IT to periodically delete or archive unused teams within the Teams client in order to improve the user interface.

Alternately, if you are using a project-based approach to organizing Teams, you may wish to formalize a process to archive a team once the project is complete.

Delete:

• Determine if the team owner anticipates the team will need to be restored one day.
• Ensure that deletion does not contradict the organization’s retention policy.
• If not, proceed with deletion. Find the team in the Teams admin center and delete.
• Restore a deleted team within 30 days of its initial deletion through PowerShell.

Archive:

• Determine if the team owner anticipates the team will need to be restored one day.
• Find the relevant team in the Teams admin center and change its status to “Archived.”
• Restore the archived team if the workspace becomes relevant once again.

Info-Tech Best Practice

Remind end users that they can hide teams or channels they do not wish to see in their Teams interface. Knowing a team can be hidden may impact a team owner’s decision to delete it.

Section 2: Teams for End Users

Best practices for utilizing teams, channels, chat, meetings, and live events

From Teams how-tos to common use cases for end users.

End user basics

• Teams, channels, and chat
• Meetings and live events

Common use cases: Workspaces

• WS#1: Departments
• WS#2: A cross-functional committee
• WS#3: An innovation day event
• WS#4: A non-work-related social event
• WS#5: A project team with a defined end time

Common use cases: Meetings

• M#1: Job interview with an external candidate
• M#2: Quarterly board meeting
• M#3: Weekly recurring team meeting
• M#4: Morning stand-up/scrum
• M#5: Phone call between two people

Overview: Teams, channels, and chat

Teams

• Team: A workspace for a group of collaborative individuals.
  • Public channel: A focused area where all members of a team can meet, communicate, and share ideas and content.
  • Private channel: Like a public channel but restricted to a subset of team members, defined by channel owner.

Chat

• Chat: Two or more users collected into a common conversation thread.

For any Microsoft Teams newcomer, the differences between teams, channels, and chat can be confusing.

Use Microsoft’s figure (left) to see how these three mediums differ in their role and function.

Best practices: Workspaces 1/2

When does a Group Chat become a Channel?

• When it’s appropriate for the conversation to have a gallery – an audience of members who may not be actively participating in the discussion.
• When control over who joins the conversation needs to be centrally governed and not left up to anyone in the discussion.
• When the discussion will persist over a longer time period.
• When the number of participants approaches 100.

When does a Channel become a Team?

• When a team approaches 30 private channels, many of those private channels are likely candidates to become their own team.
• When the channel membership needs to extend beyond the boundary of the team membership.

Best practices: Workspaces 2/2

When does a Team become a Channel?

• When a team’s purpose for existing can logically be subsumed by another team that has a larger scope.

When does a Channel become a Group Chat?

• When a conversation within a channel between select users does not pertain to that channel’s scope (or any other existing channel), they should move the conversation to a group chat.
• However, this is until that group chat desires to form a channel of its own.

Create a new team

Team owner: The person who creates the team. It is possible for the team owner to then invite other members of the team to become co-owners to distribute administrative responsibilities.

Team members: People who have accepted their invitation to be a part of the team.

NB: Your organization can control who has permission to set up a team. If you can’t set a up a team, contact your IT department.

Create a new team

Decide from these two options:

• Building a team from scratch, which will create a new group with no prior history imported (steps 4.1–4.3).
• Creating a team from an existing group in Office 365, including an already existing team (steps 4.4–4.6).

NB: You cannot create a team from an existing group if:

• That group has 5,000 members or more.
• That group is in Yammer.

Decide if you want you new team from scratch to be private or public. If you set up a private team, any internal or external user you invite into the team will have access to all team history and files shared.

'.">

Create a new team

Decide from these two options:

• Building a team from scratch, which will create a new group with no prior history imported (steps 4.1–4.3).
• Creating a team from an existing group in Office 365, including an already existing team (steps 4.4–4.6).

NB: You cannot create a team from an existing group if:

• That group has 5,000 members or more.
• That group is in Yammer.

Configure your new team settings, including privacy, apps, tabs, and members.

'.">

Create a new channel

	On the right-hand side of the team name, click “More options.” Then, from the drop-down menu, click “Add channel.”	Name your channel, give a description, and set your channel’s privacy.
	To manage subsequent permissions, on the right-hand side of the channel name, click “More options.” Then, from the drop-down menu, click “Manage channel.”	Adding and removing members from channels: Only members in a team can see that team’s channels. Setting channel privacy as “standard” means that the channel can be accessed by anyone in a team. Unless privacy settings for a channel are set as “private” (from which the channel creator can choose who can be in that channel), there is no current way to remove members from channels. It will be up to the end user to decide which channels they want to hide.

Link team/channel to SharePoint folder

Need to find the SharePoint URL? ', 'Click to access the folder's SharePoint URL.'">

Create a chat

Overview: Meetings and live events

Teams Meetings: Real-time communication and collaboration between a group, limited to 250 people.

Teams Live Events: designed for presentations and webinars to a large audience of up to 10,000 people, in which attendees watch rather than interact.

Depending on the use case, end users will have to determine whether they need to hold a meeting or a live event.

Use Microsoft’s table (left) to see what license your organization needs to perform meetings and live events.

Best practices: Meetings

When should an Ad Hoc Call become a Scheduled Meeting?

• When the participants need time to prepare content for the call.
• When an answer is not required immediately.
• When bringing a group of people together requires logistical organizing.

When should a Scheduled Meeting become an Ad Hoc Call?

• When the participants can meet on short notice.
• When a topic under discussion requires creating alignment quickly.

When should a Live Event be created?

• When the expected attendance exceeds 250 people.
• If the event does not require collaboration and is mostly a presenter conveying information.

Create a scheduled meeting

Create an ad hoc meeting

Tip: Use existing channels to host the chatrooms for your online meetings

When you host a meeting online with Microsoft Teams, there will always be a chatroom associated with the meeting. While this is a great place for meeting participants to interact, there is one particular downside.

Problem: The never-ending chat. Often the activity in these chatrooms can persist long after the meeting. The chatroom itself becomes, unofficially, a channel. When end users can’t keep up with the deluge of communication, the tools have failed them.

Solution: Adding an existing channel to the meeting. This ensures that discussion activity is already hosted in the appropriate venue for the group, during and after the meeting. Furthermore, it provides non-attendees with a means to catch up on the discussion they have missed.

In section two of this cookbook, we will often refer to this tactic.

Don’t have a channel for the chat session of your online meeting? Perhaps you should!

If your meeting is with a group of individuals that will be collaborating frequently, they may need a workspace that persists beyond the meeting.

Guests can still attend the meeting, but they can’t chat!

If there are attendees in your meeting that do not have access to the channel you select to host the chat, they will not see the chat discussion nor have any ability to use this function.

This may be appropriate in some cases – for example, a vendor providing a briefing as part of a regular team meeting.

However, if there are attendees outside the channel membership that need to see the meeting chat, consider another channel or simply default to not assigning one.

Meeting settings explained

Show device settings. For settings concerning audio, video, and whether viewing is private.

Show meeting notes. Use to take notes throughout the meeting. The notes will stay attached to this event.

Show meeting details. Find meeting information for: a dial-in number, conference ID, and link to join.

Enter full screen.

Show background effects. Choose from a range of video backgrounds to hide/blur your location.

Turn on the captions (preview). Turn on live speech-to-text captions.

Keypad. For dialing a number within the meeting (when enabled as an add-on with E3 or as part of E5).

Start recording. Recorded and saved using Microsoft Stream.

End meeting.

Turn off incoming video. To save network bandwidth, you can decline receiving attendee’s video.

Click “More options” to access the meetings settings.

Screen share. In the tool tray, select “Share” to share your screen. Select particular applications if you only want to share certain information; otherwise, you can share your whole desktop.

System audio share. To share your device’s audio while screen sharing, checkbox the “Include system audio” option upon clicking “Share.”

If you didn’t click that option at the start but now want to share audio during screen share, click the “Include systems audio” option in the tool tray along the top of the screen.

Give/take control of screen share. To give control, click “Give control” in the tool tray along the top of the screen when sharing content. Choose from the drop-down who you would like to give control to. In the same spot, click “Take back control” when required.

To request control, click “Request control” in the same space when viewing someone sharing their content. Click “Release control” once finished.

Start whiteboarding

1. You’ll first need to enable Microsoft Whiteboard in the Microsoft 365 admin center. Ask your relevant admin to do so if Whiteboard is not already enabled.
2. Once enabled, click “Share” in a meeting. This feature only appears if you have 3+ participants in the meeting.
3. Under the “Whiteboard” section in the bottom right, click “Microsoft Whiteboard.”
4. Click the pen icons to the right of the screen to begin sketching.

NB: Anonymous, federated, or guest users are currently not supported to start, view, or ink a whiteboard in a Teams meeting.

Will the whiteboard session be recorded if the meeting is being recorded?

No. However, the final whiteboard will be available to all meeting attendees after the meeting, under “Board Gallery” in the Microsoft Whiteboard app. Attendees can then continue to work on the whiteboard after the meeting has ended.

Create a live event

As the organizer, you can invite other people to the event who will be the “producers” or “presenters.” Producers: Control the live event stream, including being able to start and stop the event, share their own and others’ video, share desktop or window, and select layout. Presenters: Present audio, video, or a screen.

Live event settings explained

When you join the live event as a producer/presenter, nothing will be immediately broadcast. You’ll be in a pre-live state. Decide what content to share and in what order. Along the bottom of the screen, you can share your video and audio, share your screen, and mute incoming attendees. Once your content is ready to share along the bottom of the screen, add it to the screen on the left, in order of viewing. This is your queue – your “Pre-live” state. Then, click “Send now.” This content will now move to the right-hand screen, ready for broadcasting. Once you’re ready to broadcast, click “Start.” Your state will change from “Pre-live” to “Live.” Along the top right of the app will be a tools bar.

Workspace #1: Departments

Scenario: Most of your organization’s communication and collaboration occurs within its pre-existing departmental divisions.

Conventional communication channels:

• Oral communication: Employees work in proximity to each other and communicate in person, by phone, in department meetings
• Email: Department-wide announcements
• Memos: Typically posted/circulated in mailboxes

Solution: Determine the best way to organize your organization’s departments in Teams based on its size and your requirements to keep information private between departments.

Option A:

• Create a team for the organization/division.
• Create channels for each department. Remember that all members of a team can view all public channels created in that team and the default General channel.
• Create private channels if you wish to have a channel that only select members of that team can see. Remember that private channels have some limitations in functionality.

Option B:

• Create a new team for each department.
• Create channels within this team for projects or topics that are recurring workflows for the department members. Only department members can view the content of these channels.

Option C:

• Post departmental memos and announcements in the General channel.
• Use “Meet now” in channels for ad hoc meetings. For regular department meetings, create a recurring Teams calendar event for the specific department channel (Option A) or the General channel (Option B). Remember that all members of a team can join a public channel meeting.

Workspace #2: A cross-functional committee

Scenario: Your organization has struck a committee composed of members from different departments. The rest of the organization should not have access to the work done in the committee.

Purpose: To analyze a particular organizational challenge and produce a plan or report; to confidentially develop or carry out a series of processes that affect the whole organization.

Jobs: Committee members must be able to:

• Attend private meetings.
• Share files confidentially.

Solution:

Ingredients:

• Private team

Construction:

• Create a new private team for the cross-functional committee.
• Add only committee members to the team.
• Create channels based on the topics likely to be the focal point of the committee work.
• Decide how you will use the mandatory General channel. If the committee is small and the work limited in scope, this channel may be the main communication space. If the committee is larger or the work more complex, use the General channel for announcements and move discussions to new topic-related channels.
• Schedule recurring committee meetings in the Teams calendar. Add the relevant channel to the meeting invite to keep the meeting chat attached to this team and channel (as meeting organizer, put your name in the meeting invite notes, as the channel will show as the organizer in the Outlook invite).
• Remember that all members of this team will have access to these meetings and be able to view that they are occurring.

Workspace #3: An innovation day event

Scenario: The organization holds a yearly innovation day event in which employees form small groups and work on a defined, short-term problem or project.

Purpose: To develop innovative solutions and ideas.

Jobs:

• Convene small groups.
• Work toward time-sensitive goals.
• Communicate synchronously.
• Share files.

Solution:

Ingredients:

• Public team
• Channel tabs
• Whiteboard
• Planner

Construction:

• Create a team for the innovation day event.
• Add channels for each project working group.
• Communicate to participants the schedule for the day and their assigned channel.
• Use the General channel for announcements and instructions throughout the day. Ensure someone moderates the General channel for participants’ questions.
• Pre-populate the channel tabs with files the participants need to work with. To add a scrum board, refer to M#4 (Morning stand-up/Scrum) in this slide deck.
• For breakouts, instruct participants to use the “meet now” feature in their channel and how to use the Whiteboard during these meetings.
• Arrange to have your IT admin archive the team after a certain point so the material is still viewable but not editable.

Workspace #4: A non-work-related social event

Scenario: Employees within the organization wish to organize social events around shared interests: board game clubs, book clubs, TV show discussion groups, trivia nights, etc.

Purpose: To encourage cohesion among coworkers and boost morale.

Jobs:

• Schedule the event.
• Invite participants.
• Prepare the activity.
• Host and moderate the discussion.

Solution:

Ingredients:

• Public team
• Private channels
• Screen-sharing

Construction:

• Create a public team for the social event so that interested people can find and join it.
• Example: Trivia Night
  • Schedule the event in the Teams calendar.
  • Publish the link to the Trivia Night team where other employees will see it.
  • Create private channels for each trivia team so they cannot see the other competitors’ discussions. Add yourself to each private channel so you can see their answers.
  • As the host, begin a meeting in the General channel. Pose the trivia questions live or present the questions on PowerPoint via screen-sharing.
  • Ask each team to post its answers to its private channel.
• To avoid teams sprawl, ask your IT admin to set a deletion policy for the team, as long as this request does not contradict your organization’s policies on data retention. If the team becomes moribund, it can be set to auto-delete after a certain period of time.

Workspace #5: A project team with a defined end time

Scenario: Within a department/workplace team, employees are assigned to projects with defined end times, after which they will be assigned to a new project.

Purpose: To complete project-based work that fulfills business needs.

Jobs:

• Oral communication with team members.
• Synchronous and asynchronous work on project files.
• The ability to attend scheduled meetings and ad hoc meetings.
• The ability to access shared resources related to the project.

Solution:

If your working group already has its own team within Teams:

• Create a new public or private channel for the project. Remember that some functionality is not available in private channels (such as Microsoft Planner).
• Use the channel for the project team’s meetings (scheduled in Teams calendar or through Meet Now).
• Add a tab that links to the team’s project folder in SharePoint.

If your workplace team does not already have its own team in Teams:

• Determine if there is a natural fit for this project as a new channel in an existing team. Remember that all team members will be able to see the channel if it is public and that all relevant project members need to belong to the Team to participate in the channel.
• If necessary, create a new team for the project. Add the project members.
• Create channels based on the type of work that comprises the project.
• Use the channel for the project team’s meetings (scheduled in Teams calendar or through Meet Now)
• Add a tab to link to the team’s project folder in SharePoint.

Info-tech Best Practice

Hide the channel after the project concludes to de-clutter your Teams user interface.

Meeting #1: Job interview with external candidate

Scenario: The organization must interview a slate of candidates to fill an open position.

Purpose:

• Select the most qualified candidate for the job.

Jobs:

• Create a meeting, ensuring the candidate and other attendees know when and where the meeting will happen.
• Ensure the meeting is secure to protect confidential information.
• Ensure the meeting is accessible, allowing the candidate to present themselves through audio and/or visual means.
• Create a professional environment for the meeting to take place.
• Engender a space for the candidate to share their CV, research, or other relevant file.
• The interview must be transcribed and recorded.

Solution:

Ingredients:

• Private Teams meeting
• Screen-sharing
• Microsoft Stream

Construction:

• Create a Teams meeting, inviting the candidate with their email, alongside other internal attendees. The Teams meeting invite will auto-generate a link to the meeting itself.
• The host can control who joins the meeting through settings for the “lobby.”
• Through the Teams meeting, the attendees will be able to use the voice and video chat functionality.
• All attendees can opt to blur their backgrounds to maintain a professional online presence.
• The candidate can share their screen, either specific applications or their whole desktop, during the Teams meeting.
• A Teams meeting can be recorded and transcribed through Stream. After the meeting, the transcript can be searched, edited, and shared

NB: The external candidate does not need the Teams application. Through the meeting invite, the external candidate will join via a web browser.

Meeting #2: Quarterly board meeting

Scenario: Every quarter, the organization holds its regular board meeting.

Purpose: To discuss agenda items and determine the company’s future direction.

Jobs:

• Attendance and minutes must be taken.
• Votes must be recorded.
• In-camera sessions must occur.
• External experts must be included.

• Follow-up items must be assigned.
• Reports must be submitted.

Solution:

Ingredients:

• Teams calendar invite
• Planner; Forms
• Private channel
• Microsoft Stream

Construction:

• Guest Invite: Invites can be sent to any non-domain-joined email address to join a private, invitation-only channel within the team controlled by the board chair.
• SharePoint & Flow: Documents are emailed to the Team addresses, which kicks off an MS Flow routine to collect review notes.
• Planner: Any board member can assign tasks to any employee.
• Forms/Add-On: Chair puts down the form of the question and individual votes are tracked.
• Teams cloud meeting recording: Recording available through Stream. Manual edits can be made to VTT caption file. Greater than acceptable transcription error rate.
• Meeting Log: Real-time attendance is viewable but a point-in-time record needs admin access.

NB: The external guests do not need the Teams application. Through the meeting invite, the guests will join via a web browser.

Meeting #3: Weekly team meeting

Scenario: A team meets for a weekly recurring meeting. The meeting is facilitated by the team lead (or manager) who addresses through agenda items and invites participation from the attendees.

Purpose: The purpose of the meeting is to:

• Share information verbally
• Present content visually
• Achieve consensus
• Build team morale

Jobs: The facilitator must:

• Determine participants
• Book room
• Book meeting in calendar

Solution:

Ingredients:

• Meeting Place: A channel in Microsoft Teams (must be public) where all members of the meeting make up the entirety of the audience.
• Calendar Recurrence: A meeting is booked through Teams and appears in all participants’ Outlook calendar.
• Collaboration Space: Participants join the meeting through video or audio and can share screens and contribute text, images, and links to the meeting chat.

Construction:

• Ensure your team already has a channel created for it. If not, create one in the appropriate team.
• Create the meeting using the calendar view within Microsoft Teams:
  • Set the meeting’s name, attendees, time, and recurrence.
  • Add the team channel that serves as the most appropriate workplace for the meeting. (Any discussion in the meeting chat will be posted to this channel.)

NB: Create the meeting in the Teams calendar, not Outlook, or you will not be able to add the Teams channel. As meeting organizer, put your name in the meeting invite notes, as the channel will show as the organizer in the Outlook invite.

Meeting #4: Morning stand-up/scrum

Scenario: Each morning, at 9am, members of the team meet online.

Purpose: After some pleasantries, the team discusses what tasks they each plan to complete in the day.

Jobs: The team leader (or scrum master) must:

• Place all tasks on a scrum board, each represented by a sticky note denoting the task name and owner.
• Move the sticky notes through the columns, adjusting assignments as needed.
• Sort tasks into the following columns: “Not Started,” “In Progress,” and “Done.”

Solution:

Ingredients:

• Meeting Place: A channel in Microsoft Teams (must be public) where all members of the meeting make up the entirety of the audience.
• Scrum Board: A tab within that channel where a persistent scrum board has been created and is visible to all team members.

Meeting Place Construction:

• Create the meeting using the calendar view in Teams.
• Set the meeting’s name, attendees, time, and work-week daily recurrence (see left).
• Add the channel that is the most appropriate workplace for the meeting. Any meeting chat will be posted to this channel rather than a separate chat.

Scrum Board Construction:

• Add a tab to the channel using Microsoft Planner as the app. (You can use other task management apps such as Trello, but the identity integration of first-party Office 365 tools may be less hassle.)
• Create a new (or import an existing) Plan to the channel. This will be used as the focal point.

Meeting #5: Weekly team meeting

Scenario: An audio-only conversation that could be a regularly scheduled event but is more often conducted on an ad-hoc basis.

Purpose: To quickly share information, achieve consensus, or clarify misunderstandings.

Jobs:

• Dial recipient
• See missed calls
• Leave/check voicemail
• Create speed-dial list
• Conference call

Solution:

Ingredients:

• Audio call begun through Teams chat.

Construction:

• Voice over IP calls between users in the same MS Teams tenant can begin in multiple ways:
  • A call can be initiated through any appearance of a user’s profile picture: hover over user’s profile photo in the Chat list and select the phone icon.
  • Enter your last chat with a user and click phone icon in upper-right corner.
  • Go to the Calls section and type the name in the “Make a call” text entry form.
• Voicemail: Voicemail, missed calls, and call history are available in the Calls section.
• Speed dial: Speed dial lists can be created in the Calls section.
• Conference call: Other users can be added to an ongoing call.

NB: Microsoft Teams can be configured to provide an organization’s telephony for external calls, but this requires an E5 license. Additional audio-conferencing licenses are required to call in to a Teams meeting over a phone.

Bibliography 1/4

Section 1: Teams for IT › Creation Process

Overview: Creation process

• “How do I get access to Microsoft Teams?” Microsoft, n.d., support.office.com/en-us/article/how-do-i-get-access-to-microsoft-teams-fc7f1634-abd3-4f26-a597-9df16e4ca65b. Accessed 11 May 2020.
• “Logical architecture for Microsoft Teams and related services.” Microsoft, 6 Mar. 2020, docs.microsoft.com/en-us/microsoftteams/teams-architecture-solutions-posters. Accessed 9 May 2020.
• “Plan for governance in Teams.” Microsoft, 10 Aug. 2018, docs.microsoft.com/en-us/MicrosoftTeams/plan-teams-governance. Accessed 30 Apr. 2020.

Assign admin roles

• “Use Microsoft Teams administrator roles to manage Teams.” Microsoft, 19 Sep. 2018, docs.microsoft.com/en-us/microsoftteams/using-admin-roles. Accessed 9 May 2020.

Prepare the network

• “Prepare your organization's network for Microsoft Teams.” Microsoft, 28 Apr. 2020, docs.microsoft.com/en-us/microsoftteams/prepare-network. Accessed 9 May 2020.

Team creation

• “Best practices for organizing teams in Microsoft Teams.” Microsoft, 13 Apr. 2020, docs.microsoft.com/en-us/microsoftteams/best-practices-organizing. Accessed 9 May 2020.
• “Create your first teams and channels in Microsoft Teams.” Microsoft, 27 Apr. 2020, docs.microsoft.com/en-us/microsoftteams/get-started-with-teams-create-your-first-teams-and-channels. Accessed 9 May 2020.

Integrations with SharePoint Online

• “Configure Teams with three tiers of protection.” Microsoft, 7 May 2020, docs.microsoft.com/en-us/microsoft-365/solutions/configure-teams-three-tiers-protection?view=o365-worldwide. Accessed 9 May 2020.
• “File collaboration in SharePoint with Microsoft 365.” Microsoft, 21 Apr. 2020, docs.microsoft.com/en-us/sharepoint/deploy-file-collaboration. Accessed 9 May 2020.

Permissions

• “Manage app permission policies in Microsoft Teams.” Microsoft, 21 Apr. 2020, docs.microsoft.com/en-us/microsoftteams/teams-app-permission-policies. Accessed 9 May 2020.
• “Manage messaging policies in Teams.” Microsoft, 27 Apr. 2020, docs.microsoft.com/en-us/MicrosoftTeams/messaging-policies-in-teams. Accessed 30 Apr. 2020.
• “Sensitivity labels for Microsoft Teams.” Microsoft, 22 Apr. 2020, docs.microsoft.com/en-us/MicrosoftTeams/sensitivity-labels. Accessed 9 May 2020.

Bibliography 2/4

Section 1: Teams for IT › Creation Process (cont'd.)

External and guest access

• “Add a guest to Teams.” Microsoft, 22 Apr. 2020, docs.microsoft.com/en-us/microsoftteams/add-guests. Accessed 30 Apr. 2020.
• “Communicate with users from other organizations in Microsoft Teams.” Microsoft, 22 Apr. 2020, docs.microsoft.com/en-us/MicrosoftTeams/communicate-with-users-from-other-organizations. Accessed 30 Apr. 2020.
• “Guest access in Microsoft Teams.” Microsoft, 22 Apr. 2020, docs.microsoft.com/en-us/microsoftteams/guest-access. Accessed 9 May 2020.
• “Manage external access in Microsoft Teams.” Microsoft, 22 Apr. 2020, docs.microsoft.com/en-us/microsoftteams/manage-external-access. Accessed 9 May 2020.
• “Microsoft Teams guest access checklist.” Microsoft, 27 Apr. 2020, docs.microsoft.com/en-us/microsoftteams/guest-access-checklist. Accessed 30 Apr. 2020.
• “Turn on or turn off guest access to Microsoft Teams.” Microsoft, 27 Apr. 2020, docs.microsoft.com/en-us/microsoftteams/set-up-guests. Accessed 9 May 2020.
• “What the guest experience is like.” Microsoft, 27 Apr. 2020, docs.microsoft.com/en-us/MicrosoftTeams/guest-experience. Accessed 4 May 2020.

Expiration and archiving

• “Archive or delete a team in Microsoft Teams.” Microsoft, 27 Apr. 2020, docs.microsoft.com/en-us/microsoftteams/archive-or-delete-a-team?view=o365-worldwide. Accessed 29 Apr. 2020.
• “Microsoft 365 group expiration policy.” Microsoft, 6 May 2020, docs.microsoft.com/en-us/microsoft-365/admin/create-groups/office-365-groups-expiration-policy?view=o365-worldwide. Accessed 9 May 2020.
• “Team expiration and renewal in Microsoft Teams.” Microsoft, 6 Feb. 2020, docs.microsoft.com/en-us/microsoftteams/team-expiration-renewal. Accessed 9 May 2020.

Retention and data loss prevention

• “Data loss prevention and Microsoft Teams.” Microsoft, 21 Apr. 2020, docs.microsoft.com/en-us/microsoft-365/compliance/dlp-microsoft-teams?view=o365-worldwide. Accessed 9 May 2020.
• “Retention policies in Microsoft Teams.” Microsoft, 5 May 2020, docs.microsoft.com/en-us/microsoftteams/retention-policies. Accessed 9 May 2020.

Teams telephony

• “Here's what you get with Phone System in Office 365.” Microsoft, 26 Feb. 2020, docs.microsoft.com/en-us/microsoftteams/here-s-what-you-get-with-phone-system. Accessed 9 May 2020.
• O’Donnell, J.P. “The killer feature in Microsoft Teams your business should be using.” Amaxra, n.d., www.amaxra.com/blog/the-killer-feature-in-microsoft-teams-your-business-should-be-using. Accessed 4 May 2020.
• “Set up Phone System in your organization.” Microsoft, 27 Apr. 2020, docs.microsoft.com/en-us/MicrosoftTeams/deploy-audio-conferencing-teams-landing-page. Accessed 4 May. 2020.
• “What is Phone System in Office 365?” Microsoft, 29 Apr. 2020, docs.microsoft.com/en-us/microsoftteams/what-is-phone-system-in-office-365. Accessed 9 May 2020.

Bibliography 3/4

Section 1: Teams for IT › Teams Rollout

From Skype to Teams

• “FAQ — Upgrading from Skype for Business to Microsoft Teams.” Microsoft, 27 Apr. 2020, docs.microsoft.com/en-us/microsoftteams/faq-journey. Accessed 9 May 2020.
• “Teams and Skype interoperability.” Microsoft, 21 Apr. 2020, docs.microsoft.com/en-us/microsoftteams/teams-skype-interop. Accessed 9 May 2020.
• “Understand Microsoft Teams and Skype for Business coexistence and interoperability.” Microsoft, 3 Apr. 2020, docs.microsoft.com/en-us/microsoftteams/teams-and-skypeforbusiness-coexistence-and-interoperability. Accessed 9 May 2020.

From Slack to Teams

• “Migrate from Slack to Microsoft Teams.” Microsoft, 14 Apr. 2020, docs.microsoft.com/en-us/microsoftteams/migrate-slack-to-teams. Accessed 9 May 2020.

Teams adoption

• “365 adoption guide” Microsoft, 22 Jan. 2020, query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWqTOD. Accessed 9 May 2020.

Section 1: Teams for IT › Use Cases

• Acharya, Ansuman. “Microsoft Teams launches eDiscovery for calling and meetings.” Microsoft Tech Community, 2 Jul. 2018, techcommunity.microsoft.com/t5/microsoft-teams-blog/microsoft-teams-launches-ediscovery-for-calling-and-meetings/ba-p/210947. Accessed 30 Apr. 2020.
• “Conduct an eDiscovery investigation of content in Microsoft Teams.” Microsoft, 27 Apr. 2020, docs.microsoft.com/en-us/microsoftteams/ediscovery-investigation?view=o365-worldwide#overview, Accessed 29 Apr. 2020.
• “Teams cloud meeting recording: Compliance and eDiscovery for meeting recordings.” Microsoft, 27 Apr. 2020, docs.microsoft.com/en-us/MicrosoftTeams/cloud-recording#compliance-and-ediscovery-for-meeting-recordings. Accessed 29 Apr. 2020.

Bibliography 4/4

Section 2: Teams for End Users › Teams, Channels, Chat

• “Limits and specifications for Microsoft Teams.” Microsoft, 29 Apr. 2020, docs.microsoft.com/en-us/MicrosoftTeams/limits-specifications-teams. Accessed 4 May 2020.
• “Location of data in Microsoft Teams.” Microsoft, 27 Apr. 2020, docs.microsoft.com/en-us/MicrosoftTeams/location-of-data-in-teams. Accessed 4 May 2020.
• “Manage the Whiteboard in Microsoft Teams.” Microsoft, 1 Oct. 2019, docs.microsoft.com/en-us/microsoftteams/manage-whiteboard. Accessed 9 May 2020.
• [Microsoft Teams admin documentation.] Microsoft, n.d., docs.microsoft.com/en-us/MicrosoftTeams/teams-overview. Accessed 29 Apr. 2020.
• “Overview of teams and channels in Microsoft Teams.” Microsoft, 9 Mar. 2020, docs.microsoft.com/en-us/MicrosoftTeams/teams-channels-overview. Accessed 4 May 2020.
• “Private channels in Microsoft Teams.” Microsoft, 24 Feb. 2020, docs.microsoft.com/en-us/MicrosoftTeams/private-channels. Accessed 30 Apr. 2020.

Section 2: Teams for End Users › Meetings and Live Events

• “Admin quick start – Meetings and live events in Microsoft Teams.” Microsoft, 7 Apr. 2020, docs.microsoft.com/en-us/microsoftteams/quick-start-meetings-live-events. Accessed 21 Apr. 2020.
• “Get started with Microsoft Teams live events.” Microsoft, n.d., support.office.com/en-us/article/get-started-with-microsoft-teams-live-events-d077fec2-a058-483e-9ab5-1494afda578a#bkmk_roles. Accessed 29 Apr. 2020.
• “Schedule a Teams live event.” Microsoft, n.d., support.microsoft.com/en-us/office/schedule-a-teams-live-event-7a9ce97c-e1cd-470f-acaf-e6dfc179a0e2. Accessed 29 Apr. 2020.
• “Search the audit log for events in Microsoft Teams.” Microsoft, 12 Mar. 2018, docs.microsoft.com/en-us/microsoftteams/audit-log-events?view=o365-worldwide. Accessed 30 Apr. 2020.

Section 2: Teams for End Users › Use Cases

• “Understand calling in Microsoft Teams.” Microsoft, n.d., docs.microsoft.com/en-us/microsoftteams/tutorial-calling-in-teams. Accessed 9 May 2020.

Develop an IT Asset Management Strategy

Define your business-aligned approach to ITAM.

Table of Contents

4 Analyst Perspective

5 Executive Summary

17 Phase 1: Establish Business-Aligned ITAM Goals and Priorities

59 Phase 2: Support ITAM Goals and Priorities

116 Bibliography

Develop an IT Asset Management Strategy

Define your business-aligned approach to ITAM.

EXECUTIVE BRIEF

Analyst Perspective

Track hardware and software. Seems easy, right? It’s often taken for granted that IT can easily and accurately provide definitive answers to questions like “how many laptops do we have at Site 1?” or “do we have the right number of SQL licenses?” or “how much do we need to budget for device replacements next year?” After all, don’t we know what we have? IT can’t easily provide these answers because to do so you must track hardware and software throughout its lifecycle – which is not easy. And unfortunately, you often need to respond to these questions on very short notice because of an audit or to support a budgeting exercise. IT Asset Management (ITAM) is the solution. It’s not a new solution – the discipline has been around for decades. But the key to success is to deploy the practice in a way that is sustainable, right-sized, and maximizes value. Use our practical methodology to develop and document your approach to ITAM that is aligned with the goals of your organization. Andrew Sharp Research Director Infrastructure & Operations Practice Info-Tech Research Group

Realize the value of asset management Cost optimization, application rationalization and reduction of technical debt are all considered valuable to right-size spending and improve service outcomes. Without access to accurate data, these activities require significant investments of time and effort, starting with creation of point-in-time inventories, which lengthens the timeline to reaching project value and may still not be accurate. Cost optimization and reduction of technical debt should be part of your culture and technical roadmap rather than one-off projects. Why? Access to accurate information enables the organization to quickly make decisions and pivot plans as needed. Through asset management, ongoing harvest and redeployment of assets improves utilization-to-spend ratios. We would never see any organization saying, “We’ve closed our year end books, let’s fire the accountants,” but often see this valuable service relegated to the back burner. Similar to the philosophy that “the best time to plant a tree is 20 years ago and the next best time is now,” the sooner you can start to collect, validate, and analyze data, the sooner you will find value in it. Sandi Conrad Principal Research Director Infrastructure & Operations Practice Info-Tech Research Group

Executive Summary