10.49.1 Purpose
A vendor assessment assesses the ability of a vendor to meet commitments regarding the delivery and the consistent provision of a product or service.
10.49.2 Description
When solutions are in part provided by external vendors (who may be involved in design, construction, implementation, or maintenance of the solution or solution components), or when the solution is outsourced, there may be specific requirements in regard to the involvement of a third party. There may be a need to ensure that the supplier is financially secure, capable of maintaining specific staffing levels, compliant with standards, and able to commit appropriate skilled staff to support the solution. Non-functional requirements can be used to define the service levels expected of a third party, due diligence may be conducted, or certification from an independent authority may be requested.
A vendor assessment is conducted to ensure that the vendor is reliable and that the product and service meet the organization’s expectations and requirements.
The assessment may be formal through the submission of a Request for Information (RFI), Request for Quote (RFQ), Request for Tender (RFT), or Request for Proposal (RFP). It may also be very informal through word of mouth and recommendations. The standards of the organization, the complexity of the initiative, and the criticality of the solution may influence the level of formality in which vendors are assessed.
10.49.3 Elements
.1 Knowledge and Expertise
A common reason for using third-party vendors is that they can provide knowledge and expertise not available within the organization. It may be desirable to target vendors with expertise in particular methodologies or technologies with the goal of having that expertise transferred to people within the enterprise.
.2 Licensing and Pricing Models
The licensing or pricing model is taken into account in cases where a solution or solution component is purchased from or outsourced to a third party vendor. In many cases, solutions that offer similar functionality may differ greatly in their licensing models, which then requires analysis of different usage scenarios to determine which option will provide the best cost-benefit ratio under the scenarios likely to be encountered in the enterprise.
.3 Vendor Market Position
It is important to be able to compare each vendor with the competitors and decide with which market players the organization wants to get involved. The comparison of the organization’s profile with each vendor’s customer community may also be a factor in the assessment. The dynamics of the vendors’ market position are also very important, especially if the organization intends to establish a long-term partnership with that vendor.
.4 Terms and Conditions
Terms and conditions refer to the continuity and integrity of the provided products and services. The organization investigates whether the vendor’s licensing terms, intellectual property rights and technology infrastructure are likely to turn into challenges if the organization later chooses to transition to another supplier. There may also be considerations regarding the vendor’s use of, and responsibility for protecting, the organization’s confidential data. The terms under which customizations of the product will be executed, as well as the availability of a regular update schedule and roadmap of features that are planned for delivery, are considered.
.5 Vendor Experience, Reputation, and Stability
Vendors’ experience with other customers may provide valuable information on how likely it is that they will be able to meet their contractual and noncontractual obligations. Vendors can also be evaluated for conformance and compliance with external relevant standards for quality, security, and professionalism. It may be necessary to request that steps be taken to ensure there are no risks if a vendor encounters financial difficulties, and that it will be possible to maintain and enhance the solution even if the vendor’s situation changes radically.
10.49.4 Usage Considerations
.1 Strengths
- Increases the chances of the organization to develop a productive and fair relationship with a suitable and reliable vendor, and to improve long-term satisfaction with the decision.
.2 Limitations
- May be consuming in regards to time and resources.
- Does not prevent risk of failure as the partnership evolves.
- Subjectivity may bias the evaluation outcome.