<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=229461991482875&amp;ev=PageView&amp;noscript=1">

It’s hard to forget when a new payroll system was rolled out for Queensland Health, the public health body for the Australian state. 

A report outlined that the new system delivered by IBM, which should have automated many processes, was expected to cost upwards of $1.2 billion over eight years.

Given that the original projected cost for the project had been $98 million, he was justified in writing that:

The replacement of the QH payroll system must take a place in the front rank of failures in public administration in this country. It may be the worst.

It represented a catastrophic failure of vendor and project management, with blame apportioned to all sides. It also shows the potential financial impacts when vendors are managed poorly and communication breaks down.

Similar failures in how to manage vendors can be found on the other side of the world. A Crossrail project in the UK, seeking to connect East and West London, also faced the same financial overspending. The new Elizabeth line opened more than three years late and cost almost £4bn more than originally budgeted.

These huge projects demonstrate that vendor lifecycle management needs to be a core competence in successful organisations. Businesses must look at creative ways to extract more value from onboarding suppliers, while simultaneously reducing risk, upholding quality and ensuring obligations are fulfilled on time."

What is vendor management?

Vendor management done well is a repeatable, effective method for developing and monitoring third-party providers of goods and services. It allows businesses to derive as much value as possible from contracts, get the most from renewals and build mutually-beneficial, long-term relationships. 

In this article, we're going to take you through five key areas of vendor lifecycle management, offering practical, actionable advice. 

The areas we’re going to cover will be:

We’ll get into a bit more detail on vendor management best practices for these topics below but first let’s take stock of the situation.

How mature are your vendor management processes?

A business’s approach to vendor relationship management (VRM) is generally looked at in terms of maturity.

A company with an immature approach to VRM would be characterised by:

Companies at the opposite end of the scale of vendor relationship management strategies are characterised by:

  • Clear documented processes at all stages of the contract and vendor lifecycle
  • Quick identification, mitigation and resolution of vendor risks
  • Automated vendor onboarding and data-delegation
  • RAG statuses and risk-intelligence feeds used to monitor vendors
  • Clear and honest communication and positive relationships with vendors
  • The use of vendor scorecards to monitor performance 
  • Ability to capture spend and analyse costs across all vendors

The diagram below shows the path to maturity in vendor relationship management.

Take a moment to identify where you think your business sits on it.

Maturity in Vendor Management

Wherever you identify your organisation being along this continuum, there is likely to be improvements you can make. 

Making these improvements generally depend on the use of vendor management software which allows your business to automate and standardise its processes. It also allows your business to start defining and tracking vendor management KPIs, with their results allowing you to define paths to continuous improvement.

How to manage vendors: five areas to focus on

The Institute for Supply Management (ISM) has identified five categories of vendor management activity that should be measured and managed to achieve a level of excellence.

Let’s explore each one and see how this can help to manage vendors more effectively.

1. Spend Visibility

Information about the amount of money spent with each vendor on an annual basis is one key indicator of his importance to your business.

Data needs to be collected from all types of financial transactions, summarised and then classified in a way that makes sense to you, and from which you can draw conclusions to help identify your key suppliers.

Surprising results often come from interrogating and analysing controllable third-party spend.

You might find suppliers that you have limited awareness of are receiving more significant sums of money than other higher-profile ones.

If your business is struggling to capture this information or has the data buried away in Excel spreadsheets, it may be time to invest in vendor management software. Using a dedicated solution can help you to visualise your spend data across vendors, analyse detailed reports, compare forecasted to actual spend and take greater control of your business’s outgoings. 

Visualise Spend by Supplier with Gatekeeper's dedicated spend dashboardThe Gatekeeper Spend Dashboard

If your business is slightly further along the maturity scale and already using programs such as NetSuite to record spend-related data, it can still benefit from using VLM software. Gatekeeper offers a ‘Built For NetSuite’ SuiteApp - a native integration that allows you to see vendor spend data without ever having to leave NetSuite. 

This level of visibility makes it easier for Finance teams to find the information they need, without needing to learn a new system. The integration eliminates the potential for double entries, human error and makes vendor spend information accessible within a platform that users are already familiar with.

2. Vendor Segmentation

There is no one perfect way to segment vendors, choose a method that works for you. Key to this exercise is centralising your data into a spreadsheet or ideally, a dedicated vendor management solution. The latter will provide a secure repository that houses all your vendor agreements and additional information. 

Having all your vendor information in one place will allow you to create accurate segments more efficiently. Managing vendors doesn’t need to involve high levels of administration such as searching for agreements or chasing colleagues to understand a vendor's strategic importance. 

Many companies allocate their vendors into three groups by type:

  1. Strategic (key) vendors: High value, low volume and sole-source.
  2. Important vendors: Mid-value, there are alternative sources of supply
  3. Tactical vendors: Low value, high volume, lots of options

Once you have allocated third parties into these groups, you can start to focus on vendor relationship management.

Naturally, your business may want to dedicate more time to strategic vendors to ensure your business continues to operate with little disruption."

Tactical vendors can be checked in on every so often - depending on the level of resources available in your team.

If your business is at the low end of vendor management maturity, it may take some time to gather all the information you need before you start to define your categories. It’s often easiest to start with a simple method of vendor categorisation by type to guide your activities. This will help you to prioritise your time and focus when managing vendors. 

See Vendor Type within GatekeeperSee vendors by Type in Gatekeeper to prioritise your time and effort.

3. Collaboration

Many organisations have a problem with working openly with vendors thinking that sharing operational and financial information leaves them in a weaker negotiating position. The opposite may be the case. 

Sharing of new technologies and innovative ideas can lead to added value and cost savings for both parties. Strengthening existing relationships is one of the best ways to manage vendors and it helps to establish trust.

By keeping lines of communication and collaboration open, all involved parties can have confidence that they are working together to achieve the best possible outcomes. 

Best practice is to develop relationships at many levels, both corporate and operational, ensuring overall visibility into the supplier’s wider organisation."

Collaboration can sometimes be hard to measure. However, it can be inferred from the number of vendor reviews you complete, weekly phone calls or even how many times you have messaged your vendors.  

Don't forget that collaboration also goes beyond communicating. When your business starts thinking about how to manage vendors, it should also consider how easy it makes life for them. Think about areas such as vendor onboarding, data collection and automating processes such as performance reviews. 

Implementing a Vendor Portal can take your business and its relationships with third parties to the next level of maturity. You can deploy a branded portal to your third parties to offer a personalised and centralised area where they can be onboarded automatically, update their information via self-serve and use Public Forms to submit mandatory data. 

Use a Vendor Portal to manage your relationshipsOffer a centralised portal where your vendor can collaborate with you


4. Vendor Management KPIs

Where there is poor or no focus on managing performance, all actions are reactive and unlikely to help improve delivery. If there are no agreed measures in place and no way of tracking what went well or what failed (and why), the chance of improvement is low and you will find it difficult to improve the way you manage your vendors. 

Best practice is to define, agree and implement Vendor KPIs which provide measurements based on actual historical performance."

These KPIs can form part of a Vendor Scorecard covering areas key to the value delivered by your third parties. The Key Performance Indicators you should focus on include:

  • Vendor compliance with contractual obligations, recorded at regular reviews
  • User satisfaction, as measured by surveys of key relationship personnel
  • Business risk based on vendor criticality and market/regulation changes
  • Obligation fulfilment such as deliveries, quantities and quality of goods

Balanced Scorecards from Gatekeeper help you to measure, analyse and collect the performance data you need. By tracking vendor performance against a set of KPIs, your business will gain insights into whether outcomes are likely to be achieved. It gives you leverage to act early if performance is not as expected and improves the relationship. 

Measure Vendor Performance with Balanced ScorecardsGatekeeper Balanced Scorecards

Measurement and reporting of KPIs should also:

  • Be tracked period-on-period
  • Highlight repeated occurrence of the same performance issues over time
  • Contain a threshold for triggering an assessment of chronic underperformance in any particular measurement area
  • Help develop an approach for improving a relationship that is under stress
  • Include measures that report the direct and indirect implications of supplier performance on the business

There should also be periodic reviews of the relevance of each KPI, its measurement approach and its target values to ensure it’s still relevant.Process improvements can only happen if evaluation reports are made available to both parties. Mature organisations publish scorecards and conduct formal performance reviews with suppliers at pre-defined intervals to promote best practices and enhance relationships.

At mature levels, the focus is on alignment and improving communication channels.

5. Vendor Risk Management

Best practice in vendor risk management is defined by continually monitoring and having contingency plans for each risk area.

There are many ways of categorising vendor risk depending on the industry you are in and, in most cases, the stakes are high for ignoring it.

For example, high on the agenda in financial services are risks related to cyber security breaches, bribery and corruption, and exchange rate volatility.

"60% of companies admit that they do not have the resources to monitor the security and privacy practices of vendors with whom they share sensitive or confidential information." - Ponemon Institute, LLC.

Conversely, in manufacturing, supplier fraud, logistics costs, product theft and environmental issues may be most important. All companies have financial, technology, security, contract and reputational risks.

One hopes that there is at least a rudimentary risk management plan in place in all organisations. At the very least, you should be aware of the risks that are of relevance to you, especially those that are based on availability and price. Mature organisations apply weight factors to each type of risk and develop contingency plans.

In addition, consider the advice of John Brown, a risk expert at Deloitte.

“The big question is the frequency and level of assessments”.

Brown says it’s a leading practice to assess riskier suppliers more frequently than those considered less risky. He adds that any time there’s a need to increase business from a supply-chain partner, or if a partner experiences a problem, it’s a good idea to reassess the risks of that supplier.

Watch this video to find out more about managing vendor risk

The best risk plans define all possible scenarios and provide one or more solutions or mitigation strategies for each. The plan must be constantly monitored for any changes in the external environment and adapted as required. Any sole-source contract should have a plan B in place that can be activated with immediate effect.

Gatekeeper helps businesses to monitor their risk with MarketIQ. It offers integrated risk intelligence feeds relating to vendor’s financial and cyber health. Your business can receive notifications on potential risks such as changes in credit score, allowing stakeholders to take early action and make informed decisions about the future of the relationship. 

Vendor Risk Management is made easier with risk intelligence feedsSee vendor risk ratings with MarketIQ


Use our quick six-point checklist to Create a vendor management plan in 2023:

  1. Perform a spend analysis on third-party spend for last year. Is it what you expected to see? Spend analysis is a window into your business.
  2. Review your segmentation of vendors based on the historical spend. What has changed? You may need to refocus on new or different suppliers.
  3. Talk to your key vendors about continuous improvement and how to open the lines of communication so you can prioritise managing vendor relationships.
  4. Work on a development plan for key vendors and re-look at the KPIs. Are they still relevant to use to manage supplier performance?
  5. If you don’t have a risk management plan, make one. Every company has financial and operational risks. If you have one, review it based on the economic situation you are facing now.
  6. Relationship building has its rewards. Adversarial vendor “relationships” help no-one so make sure you resolve any issues and work positively together.

If you want to know more about vendor management systems, book a Gatekeeper demo today. 

Ian Bryce
Ian Bryce

Ian writes on a variety of topics, bringing together his own knowledge and experience with that of industry experts.


Contract Management , Control , Compliance , Vendor Management , Contract Lifecycle Management , Contract Management Software , Visibility , Contract Lifecycle , Supplier Management , Case Study , Contract Risk Management , Vendor Management Software , Contract Management Strategy , Contract Repository , Risk Mitigation , Contract Automation , Workflows , CLM , Contract Ownership , Contract Visibility , Contracts , Supplier Performance , Supplier Risk , Contract and vendor management , Legal , Legal Ops , Podcast , Risk , Third Party Risk Management , Vendor Onboarding , contract renewals , Gatekeeper Guides , RFP , Supplier Relationships , TPRM , Business continuity , CLM solutions , COVID-19 , Contract Managers , Contract Performance , Contract Redlining , Contract Review , Contract Risk , ESG , Metadata , Negotiation , Procurement Reimagined , Procurement Strategy , SaaS , Supplier Management Software , Vendor Portal , Vendor risk , webinar , Artificial Intelligence , Clause Library , Contract Administration , Contract Approvals , Contract Management Plans , Contract compliance , ESG Compliance , Kanban , RBAC , Recession Planning , Regulation , Regulatory compliance , SOC Reports , Security , Sustainable Procurement , collaboration , AI , Audit preparedness , Audit readiness , Audits , Business Case , Clause Template , Contract Breach , Contract Governance , Contract Management Audit , Contract Management Automation , Contract Monitoring , Contract Obligations , Contract Outcomes , Contract Templates , Contract Tracking , Contract Value , Dashboards , Data Fragmentation , Due Diligence , Employee Portal , Excel , FCA , Future of Procurement , ISO Certification , KPIs , Legal automation , LegalTech , Market IQ , NetSuite , Obligations Management , Procurement , Procurement Planning , Redline , Scaling Business , Spend Analysis , Standard Contractual Clauses , Suppler Management Software , Touchless Contracts , Vendor risk management , central repository , success hours , time-to-contract , Australia , BCP , Breach of Contract , Brexit , Business Growth , CCPA , CMS , CPRA 2020 , CSR , Categorisation , Centralisation , Certifications , Cloud , Conferences , Confidentiality , Contract Ambiguity , Contract Analysis , Contract Approval , Contract Attributes , Contract Challenges , Contract Change Management , Contract Community , Contract Disengagement , Contract Disputes , Contract Drafting , Contract Economics , Contract Execution , Contract Management Features , Contract Management Optimisation , Contract Management pain points , Contract Negotiation , Contract Obscurity , Contract Reminder Software , Contract Reporting , Contract Routing , Contract Stratification , Contract Termination , Contract Volatility , Contract relevance , Contract relevance review , Contracting Standards , Contracting Standards Review , Cyber health , Data Privacy , Data Sovereignty , Definitions , Digital Transformation , Disputes , EU , Electronic Signatures , Enterprise , Enterprise Contract Management , Financial Services , Financial Stability , Force Majeure , GDPR , Gatekeeper , ISO , IT , Implementation , Integrations , Intergrations , Key Contracts , Measurement , Mergers and Acquisitions , Microsoft Word , Modern Slavery , NDA , Operations , Parallel Approvals , Partnerships , Pharma , Planning , Port Agency , Pricing , RAG Status , Redlining , Redlining solutions , Requirements , SaaStock , Shipping , Spend optimzation , Startups , SuiteApp , SuiteWorld , Supplier Cataloguing , Technology , Usability , Vendor Governance , Vendor Relationship Management , Voice of the CEO , automation , concentration risk , contract reminders , document automation , eSign , esignature , post-signature , remote working , vendor centric

Related Content


subscribe to our newsletter


Sign up today to receive the latest GateKeeper content in your inbox.

Subscribe to Email Updates