Success hours Webinar:
Vendor & Contract Visibility - Repository 101
Transcript | 8 March 2023
Daniel Barnes: So just to get started, my name is Daniel Barnes. I'm the community manager, here at Gatekeeper, and I'm actually joined by James Ince.
James, do you want to say hi quickly?
James Ince: Hi, everyone. Thanks for attending today. DB: James is one of our Learning Experience Designers. So he makes a lot of materials to help people inside Gatekeeper and also people like yourself, our customers, get better equipped with using Gatekeeper as a platform.
And we're going to be talking about Vendor and Contract Visibility today. This is a Repository 101, and we're going back to basics with Gatekeeper. We're starting from pretty much the foundational element.
And before we get started with today's session, I just wanted to go over something we call the Three Pillars at Gatekeeper, and the Three Pillars are super important, and it's a stairway approach.
You can see it here on the screen, and how we look at this, the starting point is we need visibility. We need to "Restore Visibility" around all of our vendors and all of our contracts.
This means getting all of the data that we have for these in one place. So that's the repository, right?
You'll have your vendor and contract records, and from this, you can power the rest of your activities, whether that's your renewals, your risk management, everything like that.
As we go up the stairway, we go to "take control. This is where we have our digitalised vendor and contract processes. So this might be one of the vendor onboarding processes, your contract review, signature process, or a renewals workflow, something like that.
And how I see it then laddering up into "Safeguard Compliance" is that it almost becomes an automated exercise with compliance.
Because you have all of your data and processes in one place, and you can layer on top of that with things such as third-party data feeds that we have through Market IQ to really take control of your cyber health, of your vendors, their financial health, and anything else.
So it's a really cool way to look at Gatekeeper and to consider how you're using the platform.
So that was the Three Pillars here a Gatekeeper, and we wanted to run a bit of a poll just before we got started here. Just to see how familiar everyone is with the platform.
Just whilst James gets set up and gets an instance of Gatekeeper that we're going to run for the purposes of this webinar.
JI: Thanks, Daniel. I hope sharing my screen doesn't take the poll off everyone's...DB: It should be good, and James, Sergio in the webinar chat has written that you are one of the best Gatekeeper implementers that he has met. So that's some really nice feedback there.
Sergio, I also say-- I was just going to add, James, like when I was buying Gatekeeper, you were also one of the implementers that helped me design some almost crazy processes and all sorts.
And I was almost like your worst nightmare and best friend at times, and you were very, very patient with me, when I was a Gatekeeper customer.
JI: Yeah. We had a good time. Should we just give another a few seconds whilst we close the poll, before we get started? DB: Yeah. Let's just give it a few more seconds, and what I also would just add here is that, for anyone who maybe joined a little bit later, all I would ask is that please send us questions.
Send us questions in the Q&A feature on this webinar, and we're trying to answer them throughout the session or sometime at the end. And that way, we will hopefully get some more insights to you.
We're going to cover quite a bit in this webinar. It's probably going to take 25 minutes. We'll have some time at the end for live Q&A as well, but yeah, please, keep those questions come in.
And yeah, we can probably close the poll now and just see what these results are coming back as. Great. So I'm just looking here at the poll results.
We've got about 42% of people as beginners, 33% as moderate levels, and there are some advanced users on here as well. I would say to the advanced users, you're it's good to get a refresh here.
You might pick up a thing or two, and definitely for the beginners and moderate level of experience on the platform, James and I will hopefully give you some good insights here that you can take away and apply. But James, I would be cool to start here on the Executive Dashboard. This is the dashboard that I'm very familiar with. This is what I used to log into on Gatekeeper. And I really like a few points on here, which is contracts, vendors, and categories.
I like to see how many contracts I have, how many vendors I have, and how many categories we're responsible for as a team. But maybe you could give an overview of this dashboard.
JI: Yeah. Sure. Thanks, Daniel, and I love these bits too. This dashboard itself is a really good selling point for the end goal of maintaining a contract and vendor lifecycle management system.
Because it gives you some really key data insights into what's going on in your repository, the reflections of the living, breathing data. And yeah, we'll start with those bits across the top that you called out there. You've got oversights of all the total value of all the contracts in the system, as well as how many contracts you've got live at the moment.
How many vendor relationships you have, and how many different spend categories that's split against. And a lot of the time, if you are in procurement or contract management, these are probably things that you know.
But because you're managing a live business, a live organisation, a live procurement process, this reflects to the second contracts that are being terminated, contracts and vendors that are being onboarded, things like that.
So it's really useful as a jumping off point, when you land in the system to get that key information at the top level there.
What this also gives, though, is a bit of an alternative use case. What this initial view is showing me that oversight of everything that's going on in the business.
But if I am one of these procurement managers or vendor relationship managers on this view, I can switch in this dashboard the filter-- and this also applies to a few of the dashboards in Gatekeeper.
So it's useful to call this out-- from All, which shows me everything in my organisation, to Your Own. So I might want to change my dashboard view just to show me, what am I responsible for, what do I need to be aware of before I actually go into gatekeeper itself and start any reviews or assessments that I planned on doing in the system there?
The next cool module section of this dashboard is the centre piece here, the Contract Renewals Timeline, and like I said, with the whole dashboard itself, this is a really good selling point of capturing some key metadata points against your contracts.
Namely, for this timeline, the end date of contracts and notice period dates, so that drop dead point by which notice must be served, really key during a renewals and negotiations, things like that.
And it's useful because what it does is, in a few different use cases, the first one that we see a lot of feedback from clients, especially those who are proactively managing contracts-- and a lot of Gatekeeper clients do do that.
Because it's a key procurement process is that it lets them from a budgeting perspective what they have on the horizon.
They can see, maybe if they're in the contract cutting or spend-limiting mindset, they can see when maybe some of our auto-renewing contracts are going to be renewing. So when do we expect money to be going out of the business?
And on the other side of the coin, when might we be able to limit some costs? When are some key renewals coming up that we could look to get out of or minimise expenditure on the subscriptions?
And then the other use case there is, like I said, if you're proactively managing your renewals, this also lets, from a workload perspective, what do we have in the next three quarters?
DB: It's a big one for that. Right, James? This is my favourite use of this.
And it might sound odd, I almost didn't care so much about all the exorbitant fees and everything coming up with each of the contracts. But I just needed to know where my team needed to be.
And when we needed to start working on things, and where perhaps we could better spend our time doing things, like process improvements as opposed to working on renewals. You really need to get all of that worked out early on, and this dashboard. Either with the end date or the notice date, I like to use the notice day one, especially dealing with a lot of software contracts that had auto renew in it. Yeah, really, really good view. Yeah.
JI: Agreed. Yeah. Moving past this really cool centre piece, what you get along the bottom of the executive dashboard too are some key insights into breaking down contracts and vendors by spend as well.
So you can see the breakdown of contract concentration in value. Which vendors are we spending our money with, vendors with the highest values in the system, and then similarly, what are we spending our money on in the largest proportions?
And like I said, if you do have your finger to the pulse, and you're very aware of what's going in your business, these are probably things you're aware of.
But because these are reflecting live data in your repository, coming about via, like you said, Daniel, vendor onboarding, new contracts being executed and approved, it's useful to have these dashboard objects here to let you know if any key things are changing there. One cool thing about this dashboard, and then we'll move on to some other areas of the system, because we don't want to spend all day here, is that it's useful for those purposes of getting that key information.
Not just if you're in procurement or contract management, for your execs as well. they might want to come here and see the fruits of your labor in maintaining a contract and vendor management system, and this gives them that exact data.
So they aren't having to drill down into specific records and do their own analysis. This is a really good way of digesting it all.
But this can serve as a good jumping off point into the rest of the system. So if you are, like Daniel said earlier, interested in those renewals that are coming up for your team.
Rather than having to wait for those to come about or just view them at the dashboard level, clicking into this object will take you into a specifically filtered list of all those contracts that are renewing in that specific time period.
And similarly, there are other objects here that I can click into, if I want to see my vendors or contracts that I flagged as red for-- their red RAG status is showing that they're risky.
I can click into this object here, or similarly, if I want to drill down into a particular vendor record that's on this dashboard.
I can click this object here, or follow this through to my vendor repository. So I think now would be a good time to actually look at a specific vendor record.
Just to show some of the data tabs and elements of information that can be stored there, that you can leverage to truly make proper decisions around vendor relationships and contracts, when you're maintaining a good central repository like this.
DB: So we're going to look at Atlassian. Right? And we've got some data here.
So we're going to run through some of the tabs that you can see on the vendor record. We'll probably covered most of these tabs on the vendor record, but we will then jump into a contract record for Atlassian, which kind of mirrors the tabs that we have here.
So if we do miss any, we'll probably cover them off in the contract side. But James, I just wanted to start with Atlassian and the vendor summary. The vendor summary is a great little starting point. Right?
It gives your total contract values from all of your contracts that you have linked to Atlassian. You see, we've got four live contracts. It's all under one category.
The RAG status - I think is green. I'm super colourblind, so I'm taking a bit of a shot there. It looks green to me.
And something I really like, I'm really passionate about having really good vendor segmentation in. So from the type, we can see that Atlassian is actually treated as a strategic vendor for us, and it's a live and approved vendor.
So it's a really good snapshot for the vendor here just to get some key bits of data.
And then just further down, we've got the vendor data piece here, which is just your typical business data, and all of this is pulled through from your vendor onboarding process.
If you have a workflow set up, it's a really easy way to get all of this data into your vendor records, and it's an approach that I very much like. It removes all that manual way of entering data.
But James, maybe go over the IT vendor accreditations and ESG piece, because these are custom data fields that you've created here for our vendors.
JI: Yeah. Exactly, and what these are demonstrative of, like you just said, is that some of this data isn't necessarily just going to be keyed in by an administrator.
Because Gatekeeper isn't an Excel spreadsheet. It doesn't have to be maintained by one guy in Procurement or anything like that. These fields and attachments here will likely have come during a vendor onboarding process.
So the additional sections we've got against this vendor are IT vendor accreditations and ESG form data. So you can see, because this is an IT vendor, we're asking them if they're ISO certified, and as a result, we're capturing their ISO certificate here, so that will have been provided by the vendor.
And similarly, down in this ESG compliance-related section, we are capturing whether they have sustainability programs in place, what their policies are, and if they have any documents to provide to support those as well.
So yeah, it's a good point to mention that vendor onboarding workflows mean that compiling data like this and documentation doesn't have to just be one person's job.
It's a very collaborative process. It comes from internal users, as well as external users, and we'll show this in a second. It can come from market feeds as well, but I don't want to jump ahead just yet.
DB: I'll just add that we do plan on going through workflows, probably later on in the year, as part of that "Control" pillar on the stairway approach that I showed earlier on.
But yeah, we just want to highlight that this information is good, if it comes through from a workflow. But maybe, James, if you scroll down to the bottom of the vendor record.
You've got a couple of good data points here with regards to owners and how that's a useful data point to capture here. JI: Yeah. Before that, we actually have RAG Status, so I just want to call this out DB: Oh yeah, that's a good shout.
JI: You did confirm this was a green vendor, and contributing to that central-source-of-truth ethos, and the visibility there, this vendor happens to have been maintained by a good internal vendor manager who set why it's a green RAG Status partner.
And having that context, really, would enable the procurement team to make good data driven decisions, in future, if they're looking to expand services.
Or similarly, in future, if something goes wrong, they have that historical context as to what is the relationship like with this partner, and it's always good to make decisions based on that full context.
But you're right, at the bottom here, we have an Owners section for this vendor. And we saw an element of these owners come into play on My Dashboard, when I switched the view from All to You Own, because ownership does play a role in the way dashboards appear to users, and what they can see when they're browsing.
But it's also very useful to have them here so you know who should we be reaching out to Internally who's the relationship manager there?
And there's also going to be an opposite number for every internal owner there. So who from Atlassian will we contact, if we have queries or need to discuss our services with them?
DB: Yeah. That's great, James. We move over to the Market IQ element. We'll come back to contracts in just a moment. Right? JI: Yeah. So you talked briefly about this data coming from different places. So some of its summaries of contracts, some of it was pulled through from vendor onboardings.
Market IQ is a really cool one, because this module-- and we're looking at specifically the financial side of our Market IQ module at the moment-- is information that's pulled directly from Creditsafe via a native integration we have built.
So it's the case that, we've connected Atlassian to Creditsafe, and so on this view, we have information around their risk level basically.
So information around their credit rating, score to go along with that, as well as a historical timeline, so we see the stability of this partner throughout their time being scored by Creditsafe.
And what we also have on this view, probably a nice one for finance people, is the full Creditsafe report that's been pulled through as part of the integration too, which is really cool.
DB: Yeah. This one's definitely, at least for me, I would always want to go through this with a finance pro.
They're just often far better at going through this information than I was in Procurement or as a Contract Manager. But at one point, like Atlassian, they're actually scoring super high here. Right? They're an A rate and local score 91 out of 100. And I probably wouldn't worry too much for any of my vendors are rated A or B, but C and below I'd probably want to get some second eyes on that.
James, is it a good segue to move over to the Messages feature and how we can use that?
JI: Yeah, for sure. I want to share one thing, because I'm excited about this feature that's coming out.DB: Cyber, right?
JI: So yeah, I mentioned this is the financial side of our Market IQ module, coming out I think next month. We'll have to confirm after this call. Next month is the other side-- the next iteration of our Market IQ module. So I'm in a different Gatekeeper environment here, where we have Market IQ financial linked to the same vendor. But on this other tab over here, I have Market IQ Cyber, which is partnered with SecurityScorecards, and what that will pull through is cybersecurity information.
So it's a different way of risk assessing a vendor, but just as important, if you are in procurement and need to be staying on top of your vendor relationships and making sure everything's meeting compliance standards, things like that.
DB: Yeah. That's great, James. No. Thanks for mentioning that. Yeah. We'll send out some more information about Market IQ Cyber closer to the release and the launch of it.
It's currently in beta mode. Yeah. Let's move over to Messages now. JI: Yeah. Messages is super underlooked, in my opinion. So Slack, Microsoft Teams, emails, they obviously all have their place for instant communications.
Every business relies on them, but it's definitely the case that, if you are having discussions, specifically pertaining to projects or vendor relationships and contractual agreements, having them against their record in your central source of truth is super useful.
Because in this example message, I've pinged someone from our finance team, asking them just to double check the risk rating of this vendor. They've been scored a grade A in Market IQ Financial. So I'm not worried about them, but let's say, in a year's time, something was going wrong with this vendor.
I wouldn't want to have to search through my email threads or search all of my history in Slack to see what I discussed with Steve from our finance team.
Having that directly against this vendor record in Messages is super useful, and the same goes for anyone else that might want to see this conversation. If they weren't part of that email thread or Slack channel, they probably wouldn't know that we had this internal review going on.
DB: It's a really good point, James, that one. Because it's one thing that I made sure everyone was using. Right?
Everyone had to, if they were going to talk about a vendor or reach out to a vendor, let's do it in Messages in Gatekeeper.
Because if you're out sick or out for any reason, and we can't suddenly get into your email inbox, your Slack messages. I don't really want to do that anyway. This gives full visibility of all the conversations in one place, and it ladders up to that central source of truth. And it's something as simple as messaging. Right?
It's nothing too fancy, but it does a really good job. And yes, you can also message the vendor direct in any of the contacts there, which is a really cool feature, and you have those conversations in one place.
JI: Yeah. DB: Yeah. That's great. Let's-- yeah. I was about to say, let's jump over to Files now, because you've shown a little bit on the Atlassian vendor data tab, with regards to ESG and ISO, but yeah, I'll leave that with you to run through.
JI: I did, and we had some of those files as actual data fields, like specific, for specific purposes, like certificates that were being asked for during onboarding forms.
But the Files tab is just where you'll see any documentation that is necessary for compliance reasons that needs to be stored against that vendor or contributing to that central source of truth.
So in this Files tab, we have a folder called Certificates, just where we're storing everything like ISO certificates and stock reports. And in Gatekeeper itself as well, we can preview these by clicking this eye. We don't have to download them and do things with them outside the system. Handily, because they're in here, we can open these up and start reading them, if we want to.
DB: Yes. It's a good one to have, and James, I just wanted to jump in. Someone asked if we can touch on Obligations. We're getting a jump into Obligations from the contract record.
You might see this as Events. We've just renamed it Obligations for our use of it in this tenant, and yeah, we'll talk about Obligations in just a moment, for sure.
JI: Yeah. I feel like we did bypass that one, but we'll pick it up in a second or two, for sure. And one thing I want to call out, before I leave this Files area is-- and we'll highlight this again, when we're looking at a contract record-- is that some files have histories.
So basically-- and this can definitely be the case for insurance certificates and reports that do need refreshing on a regular basis.
Daniel, I'm aware that this was a part of your job, when you were in Vendor Management and Procurement. DB: Yeah. JI: Staying on top of keeping these up to date for compliance reasons can be a bit of a headache. So what we'll look-- DB: A horrendous exercise. JI: Is the admin of replacing these files can actually be built into workflow processes, and you can always go back and see historical versions of files here.
Even though they look like one document, Gatekeeper will show the historical versions in there so you can see where did the new version come from?
And I'll show you where this one has come from in the next tab actually. I just want to call that out before we go to the next point. DB: Yeah, James, it's a good point, maybe watching me over the forms to show that I can think of hours spent every week by numerous people in the teams that I've been in who just are chasing SOC certificates, ISO certificates and whatever other-- business continuity reports, things like that, just updated ones.
And when you've got a large vendor base, that time it just gets sapped just doing quite manual tasks like that and we can automate those very easily with a file expiry in your workflow, which I think you'll talk to you from a top level now. JI: Yeah, well this Forms tab is one of my favourites from that visibility perspective because what this does is it will show all the previous workflow processes that have been completed for this vendor.
So what in an ideal world you should see and a lot of our clients will have is a vendor onboarding process that's been completed. This vendor has also gone through creating an automated NDA because it's been a policy for this environment that when onboarding a vendor we want that NDA setting up.
And like you said, there's automated workflows here that aren't started by specific users like requesting them. Gatekeeper can automatically initiate workflows based on those insurance certificates expiring to get the documents replaced without you having to outside of Gatekeeper chase vendors and message them and then follow up and remind yourself things like that.
You can really tailor an automated process around it to take away that time sap that you mentioned.
DB: Yeah, no, definitely. And James, just before we move on to-- I think we're going on to vendor users in just a moment, just a couple of questions that were coming in around the Message tab.
Inga asked if a company moves away from Gatekeeper, would they have the ability to retain and move those messages with them?
And my immediate thought - please correct me here, James - is that when we send a message out to any of the vendors, we can select whether it just sends them an in-app message or also an email, so they would just receive it like a regular email. But for your purposes as a Gatekeeper user, you're going to have that all put into Gatekeeper, which is a really great way to keep that audit history, to keep that visibility of all the conversations there.
And that's just answered another question that came in, which was around how do these messages look like to the vendor, what they're sent out while they can look just like a regular email or the vendor will actually see the same view.
James, maybe if you click back into Messages, if your vendor has the vendor portal, which they'll need, which you'll need, they'll just fundamentally get the same view that you have here.
So it's quite nice and easy to follow in the messages, kind of, just layer under one another as they build up, right?
JI: Yeah. If you don't have the vendor portal, both messages and obligations or events, as they might be named by default in some environments, can still be sent to vendors and they'll receive it via an email.
It could be-- I guess we can show this at the end once we get past some of the bits we do want to highlight in the repository side. But yeah, they just come through as like they look like workflow notifications.
If this anonymous attendee has interacted with the workflows before but they just have the message thread in there and the users, like you said, can actually respond to the email that comes and that will log itself back in the Gatekeeper Messages tab automatically, which is pretty cool. DB: Yeah, that's great. And yeah, James, let's go over to vendor users now and maybe I'll take this.
I really like vendor users, and I view this as a CRM for my contacts, right? So you can have as many contacts as you need to from your vendor. And one really good use case is you're typically dealing with a Salesperson so maybe the AE, the Account Executive. You'll then get bumped up to having an Account Manager when you've gone live, especially with software and SaaS.
But you may need other points of contact. You may need the data protection officer, the general counsel, the InfoSec person if there's any downtime or, heaven forbid, if there's any breaches and things like that. You need to know the right people to contact. So just making sure that you've got a populated vendor user list here of all the people you need to reach out to in any circumstance and probably tie that in with your continuity plans with these vendors. Yeah, just a really, really nice way to do it.
JI: From a functional perspective as well, they're useful. Like you said, if they have a vendor portal, you can see which users have accessed it to collaborate on processes.
And for the other Gatekeeper users that involve external parties like contract negotiations, e-signatures, having those contacts stored in here ready means that you can go straight ahead and say, well, I know this account executive needs to sign this. I'm going to select them whilst I'm using Gatekeeper. You sign and file that document off. DB: Yeah, that's great. And James, I think you were just going to cover Risk on this and then we're going to move on to the contract record. JI: Yeah, so the Risk tab is a module that we have in Gatekeeper that takes it a step further than the RAG status, but it's for the same intents and purposes.
If you are going to make good data-driven decisions around vendor partnerships and making sure you're meeting compliance standards, you need to be storing the risks that you've analysed and that you've assessed, so that you know which of these have we accepted? Which do we need to take mitigating steps towards? And you can see in this particular vendor most of the risks probabilities and impacts are resulting in a low score. So there's not really much that we need to worry about here.
But it's definitely worth as actually storing them so that we know we've assessed everything here and maybe we have a plan in place or if risks come along that are too severe, we might need to take steps to either offboard the vendor or search for services elsewhere.
DB: Yeah, it's a really nice module. I used to use it, used to give me some-- used to scare me at times. I'm fine being open about that.
And within the actual risk itself, you can add a description and your mitigation plans and put as much or as little detail as you want within that. So yeah, it's a really cool module to have. But yeah, let's jump into the Atlassian contract record. I think we've got a number of contracts here. We've got four of them. We've got three statement of works or subscriptions, and we're going to focus a bit on the MSA, which is effectively our parent relationship that all of these statement of works emanate from here.
JI: Yeah, so when we're in the Data tab of this contract in the contract repository now, we get a similar snapshot of the status of this agreement and the nature of it.
So we can see it's an MSA, so there's no actual value related to this one. But we can see it's live and approved, so it's gone through an approval process and it's completed it. So it's an active agreement. We get a RAG status, which can actually be different from the vendor RAG status.
It's useful to bear in mind that you might have a green RAG status vendor but you could have particular agreements with them where you're not happy about some of the clauses that are included in the contract.
So you want to flag that is a risky agreement in some cases. And as we carry on down, we get additional data points just like we had on the vendor record.
So we can see internal contracting entities and teams and a bit of a summary around that agreement that's just been stored for descriptive purposes just to give some context around what's involved. It's a very basic one actually at this point.
DB: Yeah, you can use the description as much as you want. You can put a full contract summary in there. That's how I've used it in places as well, just to give a very quick summary of what that contract is about.
But yeah, maybe go over the jurisdiction-- well, I think you're going to go over GDPR and InfoSec, right? And I think the jurisdiction data as well.
Yeah, I was about to say let's skip that one. These are all custom data points very similar to the vendor record. But yeah, I'll hand that over to you there. JI: Sure. So this is just a short demonstrative example of some of the bits that you'd want to be capturing. And just like with the vendor side, this is probably information that would come out whilst you're going through a contract approval process.
So it's likely the case that the business owner of a contract who is requesting it or the legal team who's negotiating it will know about these information points.
So it's worth noting them down during that process so that when you have the record that represents the agreement, you can report on these later.
And I know you were really keen on this, Daniel, because one of your big things was you wanted to be able to see from an oversight perspective who of our vendors is processing our personal data. So if someone came and asked you--
DB: Yeah, you're giving me-- you reminded me of like the Sunday scaries. Yeah, I would sometimes get off just like, which one of my contracts has got a new sub processor.
So yeah, I built quite a large data processing part of this and especially because of the changes to the standard contract clauses that were coming up and things like that. Yeah, it's a really good way to do it. And like you said, James, I think you just made the point that whoever's reviewing the contracts will be aware of this.
So I used to just be detailing all of this as part of my regular contract review and I would just be putting that data in as I went along the contract review within Gatekeeper.
So yeah, good shot there. Yeah, let's move to contract dates as a data point here.
JI: These ones, because this is an MSA, it's not necessarily the case that it's like a fixed term deliverable contract, but it is one that it's useful capturing dates if we have them.
But the only key one here is the start date. However, for most agreements what we always recommend for our clients, capture is end dates and notice period dates because they feed into those top level dashboards like we saw in the executive one.
And they're really useful from a functional perspective in Gatekeeper. A lot of our clients will build automatic renewal workflows that handle that proactive negotiation. They can start a process based on an end date approaching or a notice period date approaching.
So this is a really key summary area from a visibility perspective but also a functional one later on.
DB: Yeah, James, just before we move to owners, let's just quickly just linger on RAG status. Inga has just asked, can we advise what RAG means?
And effectively, it almost comes from project management. And maybe Inga, we can send you an article that we've got that goes into loads of depth about RAG statuses and we've got a video made on this. But in short, if your vendors or the contract performance isn't doing so well, you'd give them a red rating. If they're doing OK but maybe you've got some minor or some improvements that are needed, you give them an amber rating.
And if they're good, just mark them as green. So it's just a very visual way, very quickly or very simply to indicate the status of either the relationship or the performance you have with your vendors and their contracts.
So yeah, that's why we like to use RAG status. I think it's an underused function within Gatekeeper. But yeah, it's a super easy one just to quickly put a status in and to show how forth those relationships.
JI: Those of you that don't know as well, it comes from red, amber, green. It's an acronym in case they're wondering what the word rag means. DB: Yeah, it's a good shout, though. Yeah, and often traffic light system is often a connotation there. But yeah, James we're on owners here. And owners look slightly different to the vendors on the vendors.
You can only have one owner per vendor. But on a contract level, you can add multiple owners. So maybe if you could just talk about how that works and some use cases there and I can jump in if need be for sure.
JI: Yeah, so by default, on the contract side, you do only-- Gatekeeper will just give you a standard internal owner, an external owner.
But we've changed this environment to replicate what we see a lot of our clients doing because what they'll have for most contracts you'll have a business owner.
So that's usually the person that requested it because they're the one who needs the service. But as well you'll have other people that are involved and who are key stakeholders along the way. So we've added an additional owner here called procurement owner because they might be the one who was involved in the contract setup process, the negotiations, they agreed the terms with the partner.
But you can add as many additional owners of these as you want. And I'm aware you used this to capture exec level stakeholders--
DB: A lot. JI: And also members of compliance teams that are aware of an agreement and have all the context as to what went into this becoming a live record in the system. DB: Yeah, that's right. Linked the senior leadership team who own the budget for that contract into this. And maybe just one point that we should make is whenever you add a new owner, it will add it for both.
So for example, we've got procurement owner for both internal, which is you as the user of Gatekeeper and then for your vendor as well.
But you're probably not going to have a procurement owner for your vendor. You won't deal with them.
So they might have some gaps and you may also have some roles with the vendor that you want to capture here as owners that you won't have internally. But that's not an issue, you just leave it empty on your side or their side. But moving on from owners, just a couple more features on this page. Relationships, something I really like, James, because I spoke about this at the start.
The MSA is the main agreement here. It sets out the rules of operation and the scope to some extent, and it's got all of your key legal and operation clauses in. But then we've got effective what a subscription agreements and statement of works here. So maybe jump into how this works a little bit more for us.
JI: This is-- it's really nice. Like you said, you really enjoyed this feature. This is just to add that richness to this data tab.
So when you're viewing this MSA, because this is the record we're currently on, you might lose sight of everything that's involved in our relationship with Atlassian. So from here I can see all the children agreements that fall under these operating terms that have been agreed as part of this MSA.
So it gives you that overarching view of everything that's involved that you're signed up to there. And you can see other bits of information around these agreements.
Like you said, the contract types, how much we're spending with them throughout the year, how much we've actually spent with them, and key dates with those agreements as well, which is a really useful information to have at this top level view.
DB: And just to maybe add here, we were just rolling out something very similar for your vendors.
So for example, if any of your vendors are in the same sort of parent company structure, maybe you've got resellers that engage with lots of software providers or you want to link different vendors who are working on maybe the same direct procurement program or project and you've got some interdependencies, you can link all of that soon enough in your vendor records as well. But James, something I really like just at the bottom of this page is just the master contract for you.
I'm a bit of a contract nerd, so just seeing the contract here, I can search it. I can look through it. I can read it all in one place, and search for any clauses that may come back to bite me if I've not done a good enough job of reviewing them.
But one thing that we like here is this is the master contract. And we know it's the master contract because at the bottom of this contract on the signature you can see that it's clearly signed.
And James will jump in momentarily to the files where we'll see that in a bit more detail. But we can see the full e-signature trail here. And it's a nice feature to have everything.
Effectively, how I see the contract record and this data tab is it's very rare that I need to go anywhere else to find anything with regards to my vendor contract. So I'm a big fan of this page.
But James, if we scroll up, I think we should probably make good on our promise of just going over obligations. I know we had a question come in. I'm just seeing-- I can't remember who it was.
I think it's come through as anonymous. But within Gatekeeper, this tab that we're on now, Obligations I think as a default is called Events. And it lets you track action items effectively.
James and I when we were talking about this, one of my use cases, I like to track contract obligations here specifically against the contract record. And James and I have just added some basic key important contractual obligations.
So within some of your contracts you may have quarterly performance reviews, you may have SLAs or usage that you need to review on a monthly or recurring basis.
Or say, for example, if you've got external coders who are developing some code for your software product, you may need to actually review their deliverables and you may have in your contract once they've delivered it, you've got 10 days, for example, to review and approve it.
Otherwise, it's deemed accepted. You probably want to build that in and have a record of all of those obligations.
So just going into obligations, having those put in place, having due dates against them, owners against them is a really good way to do that. And when we get to the end of this bit in just a moment, we'll show you how this looks in the lifecycle element as well.
JI: The way I like to consider the obligations or events, whatever they're called in a particular environment, is like messages.
It makes sense to have that in your central source of truth, but they're obviously messages with more structure and more planning involved because if you or someone else needs to revisit this record later and they need to know what has this been reviewed in the last quarter or what are the deliverable progresses, what's the progress on those deliverables.
If you don't have those against the particular record and you have to go through other systems or spreadsheet trackers or Slack discussions, things like that, everything just gets disjointed. DB: It can get messy. JI: Yeah. DB: Yeah, disparate ways of working are never good. Let's just quickly jump into the Files because we showed version history before on, say, like an ISO certificate, which I didn't find as interesting as a contract document.
But with a contract document during a negotiation, I imagine most people listening to us talk here, I've already been through certain rounds of contract negotiations and know just how many rounds of red lines that can be exchanged. We've got this really cool feature, and it's built into one of-- it's built into the contract workflow, where we have something called eNegotiate, where you can upload the contracts that you're reviewing and negotiating and Gatekeeper will store every version of that contract until you get to the final one.
And the key thing is you never lose that data.
And typically, if you're doing things outside of Gatekeeper, maybe doing it via email, you'll have them hidden away in emails, but you'll probably only ever refer to that master agreement, which is good.
But sometimes if things go bad or go wrong in the contract, we need to go back through the versions and do some learning from experiences. It's good to have that full history. So I'm a big fan of this view for sure.
JI: Yeah, because you can see all those version histories starting with the original one, like you said, if you need to refer back to what was those original contract terms before.
Things were changed and we ended on our final signed version 7. It's always useful to have those. And Gatekeeper stores every single one, a bit like we had on the vendor record.
It would appear as one document in the repository to save clutter. But you can always open up the history and download previous versions if you want to compare and contrast and see what actually changed between those documents there. DB: And we've got a similar thing, right, on the-- sorry, I didn't mean to. You're already going to say the exact same thing as me, James. But we can also see the history on the signatures as well, right, from here. JI: Exactly. So when you use Gatekeeper's eSign solution, you get that page appended to the bottom, the audit trails that we saw on the Data tab with the master record.
But if you want that audit trail just in and of itself, what you can do is click this executed status here because we know it's been an executed file and see who were the signers, what were their IP addresses and timestamps of when they interacted with this contract.
And this is audit level information. This isn't necessarily data, again, that needs to be keyed in or anything. It's reflecting what's gone on during this contract's setup process.
DB: Yeah, that's great, James. I appreciate you showing that off. And I think we're just going to finish off this webinar before we go into any Q&A with Lifecycle, which is a view that both of us love.
I know that auditors love it because I've shown auditors this very page on a video course for SOC and ISO 27001, and they've been very happy to see that it's gone through the process and everything. But maybe James, yeah, I'll hand this over to you to run through. JI: Yeah, I love that you can just show Gatekeeper as your source of truth and that can tick those compliance boxes because we have had that feedback from previous clients that yeah-- rather than having to export loads of documents and compile folders in SharePoint and so on.
They can just use Gatekeeper as their evidence for everything that they've done and compiled and things like that.
So on this Lifecycle tab, we get like a timeline of everything that's gone on with this particular contract. You get them over on the vendor too. So if you want information around a vendor's lifecycle, we can look at that one.
But from this contract, we can see when it was added via workflow, who's responsible for a lot of these tasks, and I've been responsible for setting up a lot of this, key actions that have been taking place like e-signatures and contract negotiations.
So this was e-signed by our Lucy Legal and Joe Bloggs from Atlassian. And then key status changes as well. So when the contract was eventually set to live, after that signature and updates made via workflows
And then what we get after this now marker to show us we're currently on the 22nd of Feb, we see those upcoming events in this contract's lifecycle.
So actually, this was only executed recently, so it's going to become live and effective in five days. We can see that on the timeline based on those dates. And we can see those obligations that you mentioned earlier.
So any obligations we have captured that are coming up in future like those quarterly reviews and deliverable reviews as well, you can see those on the Lifecycle tab.
DB: Yeah, so it's a really nice view. And for anyone who's locked in on certain vendors to manage their contracts, just a really good way to get your bearings about what needs to happen in the future and make sure you've done everything properly so far as well.
But yeah, James, thanks so much for running us through that. We are going to go into some Q&A. We've got some questions. We've got a few probably that we can answer live, some have been answered as we've gone through.
But we do have a poll, and I'm hoping our wonderful Connie, who's working her magic in the background here will be able to bring up that poll and ensure we're just trying to garner like what would you like to hear about in future webinar topics?
And James and I are more than happy to go through pretty much the entire platform from beginning, from, I guess, a beginner's perspective through to an advanced user.
And we'll probably try and keep this a little bit more on the visibility part maybe for the next one and that would be looking at things reporting.
And I think there was a question around that that maybe we can cover in just a moment, elements around notifications and reminders, could be a couple of good ones that we can go through next.
And yeah, in the future we definitely want to go over the advanced features.
But yeah, please let us know what you are interested in seeing from us. We'll just give it maybe like 25 more seconds here. And then James, you and I can go into some Q&A here if that's OK with you, James.
JI: Yeah, sure. DB: We're going through Q&A for maybe 5 to 10 minutes. I'm very conscious that we've been going for about 50 minutes.
I'm not sure how long we said we would be going for on the event, but yeah, we can probably go up to about an hour here. So probably got about 10 minutes here for Q&A. So if you do have any questions, please let us know and we'll come through.
Great. So James, just looking at these future webinar topics responses, report and custom data, we thought custom data would be a big one. James, I, and Connie were just talking about this maybe a couple of days ago.
We want to do a dedicated session on custom data. It's quite intricate. It's a bit to it. You have to go into the settings, create it, you have to be-- I think you have to be an admin. Is that correct, James, to do that?
JI: A high level admin, yeah. DB: High level admin, right. JI: Configuration permissions. DB: But, yeah we definitely want to do an entire session on that. So maybe we've got reporting and custom data, James, as our next sessions that we can focus on two individual sessions.
And then we could start to move into the workflow side, the control side from that because I think notifications and messages and things like that, reminders, will be a really big part of that, especially if you've got some contract renewal, contract reminder workflows set up or file expiries, things like that. It's a really good way to trigger notifications and reminders internally and externally. Right, awesome. So James, just maybe an easy question for you to get started with. And I'll try and help you out. I won't just ask you to answer all these questions.
But can we have multiple vendors here to a contract? My view is no, but we can have the opposite. We can have multiple contracts to a vendor.
JI: Yeah, so like how we saw it with Atlassian, you can have-- it's very easy to store multiple agreements against a particular vendor because that's more than likely the case, especially if you class DPAs and NDAs as contractual obligations and contractual agreements, which a lot of our clients do.
And then you might have separate work orders and an overarching MSAs and so on. Capturing it the other way around is a bit more tricky, though because what things can come into play is like breakdown of spend against one vendor and another when you're splitting a contract between them.
So it's a bit more tricky when it comes to capturing tripartite or even more party agreements. There are ways that some of our clients do it, and we can include those in the follow-up knowledge base article that we released with this because they're a bit too complex to go into in a short soundbite.
DB: Well, I think the vendor linking, similar to the contract linking could be a really good way to show this as well, right, that we're rolling out.
So I think that's probably the easiest way to do it. And when we get to multi-party contracts is a bit harder, but that's probably the best way to do it. James, I'm just having a look through here through the questions here just seeing-- there's one question here and I immediately thought of saved views, sorry, James, which is, will you cover how vendor and contract data can cross over?
We struggle with constantly having to pull contract data in order to get aggregate vendor information. And my thoughts were vendor and contract data is viewable from the same--
JI: In each of those repositories, yeah. DB: And I know it wasn't there, right? When I was a user of Gatekeeper before I joined Gatekeeper, I had that same-- but I had to do the same effectively to marry up. But now it's very easy, right? Maybe you can show that. JI: So when you're configuring columns, and this view's actually going to change in the upcoming product release. It's going to be a lot slicker, especially if you have a lot of custom fields, which I heard that you did, Daniel.
When you're configuring which fields you want to see for creating a saved view which you can see as an aggregation of data report, you'll see you can select contract fields for contractual records and you can also include data from the vendor side too. DB: So for instance, if I did want to see information around these contracts and then look into that ESG stuff to see are my contracts that I have for maybe software subscriptions, other vendors ISO certified, I can include that field in there so I have it alongside. This isn't a very well fleshed out repository. JI: No, we don't have all the data in for this demo tenant. But James, like one really cool feature is you can then go to save this view the blue button just there. You can name it a specific, whatever you want to call it, right?
This might be ISO view like you've just done. And you can just click on this whenever you want to come back to this view or just yeah, you leave it at default, which is everything that is there or you can have these wonderful safe use, fully targeted reporting. Yeah, that can do that.
DB: Yeah, and I think you touched on these in your last webinar that you did with Sam, our Head of Product and how super simple but such a powerful way to make better use of the data that you're compiling because if you want to properly leverage it, seeing it at a high level and being able to report on it is super useful.
So yeah, saved user probably the best way to achieve that one. JI: Yeah, I'm a big fan of this, for sure. And James, another question that came in and maybe I'll take this one.
Under Files, we've got multiple folders in the vendor or the contract view. Is there a way to have this organised like that so with folders on a workflow?
My immediate thought was no, you'll typically get the individual file come through, and you can assign it to either a vendor or contract record. And then when you go into your file area for either one of those records, you can then build out that folder structure however you want it to be.
DB: Yeah, you're exactly right. So if a file, so like these ones, the ESG policies were attached to the vendor record during onboarding, they would pull through to the Files area for sure, but it would then require a bit more organisation to structure your vendors a lot neater like this.
But like you saw in the Data tab, when you're configuring these additional custom sections, you can set them up so that they can collapse by default. So if you only want to be looking into ESG information around a vendor, you can choose to expand that and see the ESG documentation that's there. Or if you want to see just the more generic information, that's your default view in a particular vendor record.
JI: Yeah, I appreciate that, James. And I'm just going through the questions, just trying to make sense of which ones we've answered. There was one question about the risk module being different from the scorecard module, correct, two separate modules.
I think Ian has answered that in the chat but that was just for anyone who missed that in the chat there. Ayesha asked, so for notice periods, can you add notification alerts? For example, one vendor for three months before or another vendor, say, one month before.
And what came to mind here is this is a wonderful opportunity for a contract renewal workflow that is based on pre-determined triggers. And maybe I'll share an example, Ayesha. I used to have vendor segmentation based on tier one, like our strategic vendors and tier four was our very transactional, almost we didn't care about vendors. And for all of the tier one vendors, we would want to review those 90 days before their notice period end date. So that's quite a large window to review that renewal. And then maybe for some of the tier two or tier three ones, we'd have 30 to 60 days and you could add various other data points, right?
So if it's a strategic vendor for a software provider, you might want to longer to go out and run an RFX exercise to find a replacement or something.
So that's kind of what came to mind there, Ayesha, when I was reading through that. James, was there anything you wanted to add to that?
JI: Yeah, if you do have a contract review process like a renewal workflow like this one, you can, like Daniel said, set multiple triggers so Gatekeeper is checking the system for lots of different sets of criteria.
The more common scenarios I've seen for multiple triggers might be based on things like contract value. So if they're particularly high value contracts, you should be reviewing, like Daniel said for his strategic vendors, you review those further in advance of notice period and end dates. The specifics of doing contract reviews based on vendor data is probably possible, but again, I'll probably have a post of that one in the knowledge base article that bodes with this video because explaining it in a quick soundbite would be really tricky.
DB: James, maybe a visual one just to finish off because we're super conscious of the time here. And I just want to add, we've got a list of order questions. We're documenting those, and we will follow up with every single one of you.
So if we haven't covered your question here, don't be alarmed. We'll reach out to you. We can always get your CSM to reach out as well with a bit more of a targeted answer for you to help you out that way. But James, could you just maybe go into a nerdier area here of Gatekeeper and show how you could add some additional contract owners within the settings? And this would be-- it would need some additional, you'd have to have a higher admin use case here. But yeah, it's a really easy thing to do within Gatekeeper.
JI: Definitely. So if you don't have the permission to do it, you won't even see this option in the sidebar menu. So if you do, you can go to Settings, Configuration, and there's an option just called Owners.
And so you can see we added procurement and business. But to take Daniel's example earlier, he might have an exec owner, so like the budget holder that signed off on a contract.
And once you hit Enter, that will, like Daniel highlighted earlier, add internal version and they're sort of opposite number at the vendor that you might not always know or want to-- DB: So always get to know the senior at the other side, right? Yeah, James, could you jump in and show how that looks now? Yes, very quick.
JI: We've got an exec owner there in the middle. So we can start populating additional stakeholders on both sides there. DB: Yeah, that's great. And James, I think that's probably all for today. I just want to say thanks for taking the hard work here and running through all of that live. I appreciate it can be fairly intimidating.
And to everyone that joined also, I really appreciate you taking an hour out of your day here to come listen to James and I effectively nerd out about so many points here around the vendor and contract record.
If you do have any questions, just please reach out to your CSM afterwards. If you've got any last minute questions, please add them in now. We'll just keep this open for another minute or so just whilst we're waiting for any last minute questions.
I think our next webinar is planned for April sometime. And we're very conscious that it's Easter time. There's normally school holidays and things like that. So we will come back to you with webinar two in the series very soon.
But yeah, I just wanted to say thanks so much for coming along and yeah, listening to us and go through all of this.
Sure. All right, we're not getting any more questions now, everyone, so we are going to close the webinar. Just once again, thanks for coming along. And yeah, we will hopefully get to speak to you all very soon.
Please reach out if you need anything. But yeah, thanks so much for coming along.
JI: Thanks, guys.
If you would like to find out more about Gatekeeper or arrange a personalised demonstration, please get in touch today.