For an ongoing relationship, it is needless to say that there needs to be a mechanism to monitor the health of the relationship. At a 25,000 ft level, the process of having a regular touchpoint to talk about things that can improve or maintain an existing relationship between and vendor and its client is called a Governance Scorecard. It is a formal way to measure, track, compare, monitor vendor performance and address any pending issues. Having this touchpoint helps to just set aside a dedicated time to discuss matters that are important for both organizations to continue enjoying a healthy ongoing partnership
The Deep Dive
Whether the vendor misses the SLAs or fails to provide a deliverable under a Statement of Work, the governance meeting is a place where each party can have an open dialogue based on facts. Setting up the right Governance framework might be but complicated and time consuming at first, but once every stakeholder understands what they are expected to do then it becomes easier from there. I will walk you through the scorecard components, sub-components, weightage and how to structure it for best performance. It helps in improving communication regarding performance (it should not be a surprise to anyone), encouraging the vendor to do better, and benchmarking the performance and comparing it with historical trends. If you can't measure it, you can't improve it.
Components of Scorecard
SLA or Service Level Agreement is a minimum commitment from the vendor to provide a certain level of quality all the time. Depending upon the service, it could take shape of uptime, response times, resolution times or something else. It is usually included in the Master Services Agreement. If there are multiple products or components, each with a different SLA, then it needs to be captured respectively.
For example, a vendor commits to have 99.9% uptime for their application, but only commits to 99.7% on another parameter. Few vendors will have a 4Hr response time on Severity 1 ticket (most severe), few others will have 6Hrs. Few vendors will have financial penalty for missing their SLA, few others will only agree to Service Level Objective that doesn’t have any financial penalty. Your Agreement would dictate these arrangements. If there is no SLA in the contract, then your product would be governed by vendor’s standard SLA for all customers. Ask for a copy!!
Create columns for Target, actual for that month/quarter, cumulative for the year, deviation, reasons for deviations. Give it a green or red status icon to classify whether the vendor met the target or not.
If you are in a regulated environment, then you may have more requirements for the vendor to meet. However, even if you are not in a regulated environment, it’s still recommended to protect your organization by collecting evidence to make sure the vendor is compliant.
Depending upon the type of service from the vendor and type of organization you work for, there could be a bunch of compliance requirements such as SOC 2 Type 2 report and/or Bridge Letters, Insurance Certificate, Disaster Recovery Report and Test Results, Business Continuity Planning and any other document that the vendor committed to provide as part of the Master Agreement If you are currently negotiating a Master Agreement, then this is the perfect time to discuss the compliance requirements with your Line of Business, Legal, and Technology Asset Owners and get the vendor to accept them and have them inserted in the agreement now.
Vendor must furnish artifacts for each at or before the committed date. Most of these requirements are required to be met once annually, but your contract provisions would dictate the frequency.
Create columns for when was the last date the artifact was provided for each, when is it due next and what is the frequency?
There should be a placeholder for capturing the action items discussed during the meeting. During the meeting if it is discussed that vendor has to do A,B and C and Client needs to do D, E and F, then it needs to be captured here with the name of accountable/responsible person along with the date it will be completed.
Now that you have defined what goes in, you can start to define how important is each component and the items that make up that component.
For example, you could say that everything is equally important. So three components would be weighed equally for a total of 100%
SLA - 33.33%, Compliance - 33.33%, Relationship - 33.33%
or you could say, I will make SLA more important, followed by Relationship and then Compliance
SLA - 50%, Relationship - 30%, Compliance - 20%
You can further define how each item under the main component would be worth. So let's say for SLA, you could say:
Product 1: 60%
Product 2: 40%
Similarly, you can define weightage for other individual items under other components.
Get creative with Excel, and roll it out, review with your LOB to make sure they are comfortable how it is structured and how the weightage works. Make changes if required. Once everyone is comfortable, socialize it with the Vendor and ask them to start at a mutually agreed date and frequency. I recommend monthly governance meetings for high risk vendors, quarterly for medium risk vendors and half yearly or yearly for low risk vendors. If you do not know, how to assess the risk of vendors, read this.
A good relationship, whether it is personal or professional, is based on trust and transparency. A client wants a good trust worthy partner, and a good vendor needs a nice accommodative client. A well balanced performance scorecard and governance mechanism lays a solid foundation for a successful relationship. If done well and followed religiously by both organizations, it will leave no room for communication gaps and would lead to a happy relationship.