The biggest challenge with service provider governance is designing a good program that minimizes the increased workload of already stretched resources. Simply stated, service provider governance is composed of structured processes that allow you to consistently measure performance and the level of risk presented by individual as well as a portfolio of relationships.
Despite many talented practitioners and emerging best practices, service provider governance models and procedures are still a work in process. As a former chief sourcing officer and now as an advisor, I’d like to share some of my secrets to successfully maximizing performance, minimizing operational risk, and ensuring you don’t accidentally create a resource-intensive bureaucracy.
Designing your program
Program design starts with defining what types of service provider relationships you want to actively manage. By this I mean describing what you mean by the terms outsourcing, mission critical, important, and so on. This can help you distinguish the critical and potentially risky service provider relationships from the hundreds or even thousands of other service provider relationships on the books.
The next step is developing crisp, simple definitions of levels of risk. You can assign labels to risk like severe, high, moderate, and low, or A, B, C, D, or 1, 2, 3, 4. Use whatever resonates within your company. Do the math. If you apply your definitions to your in-scope relationships, how many will you have at each level? If you end up with too many relationships to manage and clutter things up with “noise,” you’ll undermine the credibility of your program.
You’ll notice that I am proposing four levels of risk. Think back to picking “C” on a multiple choice test. If you only have three choices for the level of risk, most people will pick the middle one. With four levels, you’ll actually need to think about the correct response.
You’ll want to think about the actual risks associated with each of the types of relationships you defined in the first step and what they have in common. This will make it easier to describe the levels of risk. Keep in mind your goal is to normalize the assessed performance and level of risk across your entire in-scope service provider community. Clarity is key.
The next step is to develop a performance and risk assessment model you can apply to any type of relationship. To ensure consistency, my preference for this tool is to ask a set of simple questions and provide multiple choice responses in drop-down boxes. The algorithm that scores performance and risk sits in behind the assessment model, removing a considerable amount of variability and judgment from individual assessment of performance and risk.
Minimalists can create this model in Excel, and build a Microsoft Access database to capture multiple relationships. Access allows you to extract data from any field for analysis at the individual relationship and portfolio level and to enable management reporting. There are several sophisticated software applications available in the market, which are can be stand-alone products or modules of risk management software.
Deploying a standardized performance and risk assessment tool ensures that the amount of work associated with the monitoring and review process is commensurate with the level of risk. Obviously, the higher the level of risk, the more frequent and intense the management and review processes will be. Use your resources wisely!
Deploying your program
The contract owner, relationship manager, or for larger, more complex relationships, a governance team usually manages and monitors in-scope service provider relationships. When designing your program, clearly define roles and responsibilities.
Managing includes a range of tasks including:
- Managing financial management
- Reviewing and auditing invoices
- Managing the contract
- Establishing service level agreements and reviewing outcomes
- Planning and managing continuous improvement projects
- Analyzing reports to identify trends, opportunities, and results
- Resolving or escalating issues
- Monitoring user satisfaction.
A lot has been written on service level and service provider management, so I won’t go into it here.
Monitoring means conducting periodic service provider reviews, including refreshing due diligence the company undertook at the origination phase of the relationship, and updating the performance and risk assessment model, which captures performance outcomes and inherent risk at a summary level. Monitoring also means keeping abreast of news – positive and negative – about the service provider, ensuring you have a good early warning system.
Time the service provider monitoring schedule to reflect the level of risk. It should also be subject to change.
Good governance also means separation of duties. It is important to establish a small, strategic governance function that has overarching responsibility for service provider governance at the portfolio level. This macro view allows them to look for opportunities to improve performance and lower risk, analyze trends, support the service provider-level governance functions, and report upwards to senior management and the Board.
Good governance is a sound investment, optimizing service provider performance and minimizing risk. Good governance also means a sensible use of resources and delivery of consistent outcomes. Good governance needs a good design.
Lessons from the Outsourcing Center:
- Do the math. The program shouldn’t capture more than you can manage. If you end up with too many relationships to manage and clutter things up with “noise,” you’ll undermine the credibility of your program.
- Focus on service provider performance and risk management.
- Sound programs enable individual relationships and portfolio management.
Linda Tuck Chapman can be contacted at [email protected] or (416) 452-4635. ONTALA Performance Solutions delivers seasoned advisors to accelerate your business and sourcing strategies to achieve extraordinary results. ONTALA specializes in Strategic Sourcing, Offshoring, Outsourcing, Third Party Risk Governance, and Change Management. ONTALA’s Advisors leverage their hands-on experience as corporate sourcing leaders and expert advisory services. ontalasolutions.com
About the Author: Ben Trowbridge is an accomplished Outsourcing Advisor with extensive experience in outsourcing and managed services. As a former EY Partner and CEO of Alsbridge, he built successful practices in Transformational Outsourcing, BPO, Cybersecurity assessment, IT Outsourcing, and Cybersecurity Sourcing. Throughout his career, Ben has advised a broad range of clients on outsourcing and global business services strategy and transactions. As the current CEO of the Outsourcing Center, he provides invaluable insights and guidance to buyers and managed services executives. Contact him at [email protected].