SIG University Certified Sourcing Professional (CSP) program graduate Diana Redwine shares her thoughts on the best way to get business stakeholders engaged.
Ugh, here comes procurement, getting in our way again!
In the Tech world, the role of procurement changes with the transition from start-up to a public company. That transition is full of bumps if not addressed with a support mindset.
Somewhere in the timeframe from growth to a public company, experienced procurement talent is engaged to help move spend activities from tactical to strategic. The notion of this is much more grand and idealistic than the reality.
Traditionally, handling contracts, licenses, order forms, etc., have been managed by the person with the need, not necessarily by someone with expertise in contract development and negotiation. With procurement added to their toolkit, the business stakeholders might say, “gosh, it would be nice to hand this off to someone else” or “how do I know this is the best price/terms?”
More likely, they have been advised that a new policy is being implemented that requires procurement involvement. However, in my experience, many stakeholders view procurement as an impediment to progress and do not willingly hand off their contract needs. Hence the need to truly consider this question of just what the stakeholders REALLY need to know about category management.
Diana Redwine, Senior Procurement Manager, Smartsheet Inc.
When I first registered for this course, I wasn’t exactly sure what to expect. I initially thought I would learn a lot of things that I was completely unaware of. I was pleasantly surprised to see that I was learning the “why” behind the changes my organization has been implementing over the past two years.
This course took me deeper into what I need to know to be a successful third-party risk management professional (TPRMP). I will discuss how my organization has evolved, how it has impacted me, and how this course helped me see how I can grow more effectively through these changes.
Evolving into Third-Party Risk Management
My journey as a TPRMP started four years ago. At that time, we were known as Vendor Relationship Managers. My job was to perform the ongoing monitoring task. At that time, I did not know that I was performing a TPRM function under the Enterprise Third-Party Risk Management Framework (ETPRM).
It wouldn’t be until two years into my role that ETPRM was introduced to us. I remember being told that things were changing, and my role was going to evolve quickly. My leadership team was not kidding! Not only have I have learned more than I ever imagined, but my role has also significantly changed during this time.
Implementing the Enterprise Third-Party Risk Management Framework
The change to my role is largely due to heightened regulatory requirements that my organization has put in place. We were never really that “big” to have all eyes on us. Due to our significant growth over the past several years, we are now seen as a large financial institution.
Around the world, new regulations about the collection and usage of personal data are changing workflows for major organizations. Following the passage of legislation like General Data Protection Regulation (GDPR) in the EU and the California Consumer Privacy Act (CCPA), businesses are auditing privacy practices and creating much stricter guidelines when they select partners and vendors.
With tighter regulations about the way consumer data is collected and used, organizations have to increase scrutiny for every party that has access to personal data. The entire system is only as secure as the weakest part, so it’s more important than ever to vet external parties and maintain visibility into their data practices. Here are eight vital steps organizations can take to ensure that vendors aren’t jeopardizing data privacy compliance.
Step 1: Audit Your Existing Data Privacy System
Before you do anything else, examine what’s currently in place to understand the changes that need to be made to maintain compliance with new regulations. You want to avoid reinventing the wheel and make adjustments without slowing down the business or adding risks.
After that self-examination, conduct the same check on your network of vendors. It’s imperative that you have a 360-degree understanding of vendors’ business practices and overall reliability before entering or continuing business relationships.
SIG University Certified Sourcing Professional (CSP) program graduate Diane Bradley discusses how CSP modules on vendor relations and category management improved her vendor management and negotiation skills.
I would like to start my essay by saying "thank you." BNY Mellon has invested in its employees and is providing us with this training. I feel that is something that should be recognized, and I do appreciate the opportunity to expand my knowledge, which will ultimately increase my value with the bank. With that said, the SIG University training has provided me with a lot of valuable information and has also given me guidance, which I have started applying in my day-to-day activities.
I feel the units focusing on vendor relations have been extremely helpful. As I continue to negotiate more and more contracts, I have reminded myself to go into the call with my goals established and I have them written down in bullet points, so they are easy to refer to while on calls. I have also made sure to have internal calls with the stakeholders prior to reaching out to the vendor. So when the call is conducted, I am confident that we are on the same page and present a consistent and concise dialogue. I feel this preparation has given me confidence, and I strongly feel that it is represented in the call. I am also very focused on the partnership that we are building with our vendors. I realize I am an essential aspect of the partnership. My dealings with the vendor will make a significant impact on the success or failure of the relationship.