In order to achieve demanded return on investment (ROI), organizations, public or private, need to integrate IT project procurement into IT project oversight and consulting functions to leverage the the insights, skills, and experience of IT technological and management professionals in all areas towards project risk reduction. Leveraging IT project procurement as a risk mitigation strategy will help ensure the timely delivery of technology solutions for an organization’s bottom line. The following strategies have proven to be effective to reach the goals.
Enforcing the Timeframe
Organizations should ensure that the IT project procurements are completed within timeframes that mitigate risk to projects. By reducing bureaucracy, engaging stakeholders earlier in the process, and performing procurement tasks concurrently rather than sequentially, an organization will reduce procurement timelines. Extended timelines will almost likely increase costs, which must be avoided. It is important to integrate security aspects into every project to effectively address security and privacy throughout the project and system development lifecycles. This will yield more effective security and reduce overall project risk and cost.
Cutting In-House and Vendor Costs
The management team needs to reorient the project approval process to focus on clearly defining the project’s business case, which will create more effective bid requirements, ensure effective decision-making, and provide clear guidance to bidders. In combination, this will lead to lower costs and more effective solutions.
Focusing on Customer Service
An organization must aims to improve quality and quantity of communication between the bidding community, the sponsoring departments, and the Department of Technology. It is necessary to involve stakeholders throughout the procurement process to ensure better procurement outcomes.
Reducing Bureaucratic and Redundant Processes
For large organizations and public sectors, it is beneficial and efficient to allow parallel processes where possible, such as bidder pre-qualification and vetting of requirements.
Handling Large IT Projects
It is critical to reduce the complexity and risk of large IT projects by implementing a phased approach to procurement. The following five phases may be implemented through the process.
- Phase I – The preparation phase, is separate from the actual solicitation process. More time will be focused on clearly defining business objectives and requirements and in developing the business case for a new IT project. This will result in more focused and timely procurements.
- Phase II – The draft solicitation phase, allows bidders to provide input on bid requirements to identify any fatal flaws in the procurement. Ensuring effective bid solicitations will keep more competitors engaged in project procurements and therefore, will provide organizations more options for viable technical solutions at more competitive costs.
- Phase III – The conceptual proposal phase ensures that the requirements of procurements trace back to clearly defined business objectives.
- Phase IV – The business solution phase, will separately evaluate technical solutions as part of the procurement.
- Phase V – The final phase will leverage the organizational authority to negotiate “best and final offers” for the best technical solutions. This will result in better value to the organization for sound technical solutions from the most capable business partners.
Increasing Vendor Competition
An important strategy is to increase bidder participation and competition by initiating a vendor pre-qualification process. The project planning and management team should engage the IT vendor community, in advance of procurement efforts, to monitor and evaluate vendor performance on technology initiatives and in pre-qualifying bidders prior to conducting procurement. This will foster vendor accountability, shorten procurement cycles, and increase competition by well-qualified business partners.
the State of California has success stories for implementing these strategies. In 2014, the Office of Information Security participated in the STAR project to integrate the appropriate security considerations at each phase of the project and system acquisition and development lifecycles. The Office of Information Security also worked with the Department of General Services (DGS) in facilitated vendor forums and information security community discussions to develop and adopt model contract provisions for cloud computing offerings such as Software as a Service (SaaS) solutions. State entities now have a set of contractual provisions for their use of SaaS solutions which provide for both security and a reduced procurement timeline. Additionally, the Office of Information Security also collaborated with DGS to develop training for procurement officials on the use of the SaaS model contract language. The training was recorded and will be presented through webinars.