This Procurement Management Plan establishes the framework for acquiring external products, services, and resources needed for the ICT Governance Framework Application. It defines the processes, roles, and responsibilities for procurement activities to ensure they are conducted efficiently, transparently, and in alignment with organizational objectives.
This plan applies to all procurement activities related to the ICT Governance Framework Application, including:
The ICT Governance Framework Application employs a procurement management approach based on the following principles:
The procurement strategy for the ICT Governance Framework Application will:
For each component of the ICT Governance Framework Application, a structured make-vs-buy analysis will be conducted:
The Procurement Management Team provides oversight and execution of procurement activities:
| Role | Responsibilities |
|---|---|
| Procurement Manager | - Overall accountability for procurement management - Approve procurement strategy and major purchases - Resolve procurement issues - Ensure compliance with procurement policies |
| Procurement Specialist | - Execute procurement processes - Prepare procurement documentation - Conduct market research - Negotiate with vendors - Maintain procurement records |
| Contract Administrator | - Develop and review contracts - Monitor contract performance - Process contract changes - Manage contract closeout - Maintain contract documentation |
| Role | Procurement Responsibilities |
|---|---|
| Project Manager | - Identify procurement needs - Develop procurement requirements - Evaluate technical aspects of proposals - Approve deliverables - Manage vendor relationships |
| Technical Lead | - Define technical requirements - Evaluate technical capabilities of vendors - Participate in technical reviews - Validate technical deliverables |
| Legal Department | - Review and approve contracts - Advise on legal risks and terms - Support contract negotiations - Assist with dispute resolution |
| Finance Department | - Verify budget availability - Process payments - Track procurement expenses - Support financial analysis |
| Security Team | - Review security aspects of procurements - Conduct vendor security assessments - Define security requirements for vendors - Verify security compliance |
The following procurement types will be used for the ICT Governance Framework Application:
| Procurement Type | Description | When to Use |
|---|---|---|
| Fixed Price | Vendor delivers specified products or services for a predetermined price | - Well-defined requirements - Stable scope - Low risk of changes |
| Time & Materials | Vendor is paid based on actual time and materials used | - Evolving requirements - Uncertain scope - Need for flexibility |
| Cost Reimbursable | Vendor is reimbursed for actual costs plus a fee | - Complex requirements - High uncertainty - Need for detailed cost visibility |
| Subscription | Ongoing payment for access to services or products | - Software as a Service (SaaS) - Cloud services - Recurring needs |
| Framework Agreement | Establishes terms for future purchases | - Repeated purchases - Need for procurement efficiency - Strategic vendor relationships |
Procurements will be categorized as follows:
| Category | Description | Examples |
|---|---|---|
| Software | Commercial software products and licenses | - Azure service subscriptions - Monitoring tools - Reporting software |
| Cloud Services | Public cloud infrastructure and platform services | - Azure resources - Database services - Content delivery networks |
| Professional Services | Specialized expertise and consulting | - Architecture consulting - Implementation services - Security assessment |
| Support & Maintenance | Ongoing support and maintenance services | - Technical support - Software maintenance - Managed services |
| Training & Education | Training services and educational resources | - Technical training - Certification courses - Documentation services |
The following thresholds and approval levels will apply to procurements:
| Threshold | Approval Required | Process Requirements |
|---|---|---|
| < $10,000 | Project Manager | - Single quote - Purchase order - Basic vendor assessment |
| $10,000 - $50,000 | Department Director | - Three competitive quotes - Vendor assessment - Statement of Work |
| $50,000 - $250,000 | Executive Sponsor | - Formal RFP process - Comprehensive vendor assessment - Legal review of contract |
| > $250,000 | Executive Committee | - Full RFP with selection committee - Detailed business case - Risk assessment - Legal and finance review |
Potential vendors will be qualified based on the following criteria:
The standard procurement process will follow these steps:
Vendors will be evaluated based on weighted criteria appropriate to the procurement. Standard evaluation categories include:
| Criterion | Description | Typical Weight |
|---|---|---|
| Technical Capability | Ability to meet technical requirements | 30% |
| Cost | Total cost of ownership | 25% |
| Experience & Expertise | Relevant experience and qualifications | 15% |
| Implementation Approach | Methodology, timeline, and resources | 10% |
| Support & Maintenance | Quality and availability of support | 10% |
| Security & Compliance | Security practices and compliance capabilities | 5% |
| Cultural Fit | Alignment with organizational values and culture | 5% |
The following selection methods may be used depending on the procurement:
| Method | Description | When to Use |
|---|---|---|
| Lowest Price Technically Acceptable | Select lowest-priced proposal that meets requirements | - Commoditized products or services - Well-defined requirements - Limited differentiation between vendors |
| Best Value | Balance technical merit and price using weighted criteria | - Complex requirements - Significant quality differences - Strategic importance |
| Qualification-Based | Select based on qualifications, then negotiate price | - Professional services - High expertise requirements - Difficult to define scope precisely |
The following metrics will be used to measure procurement performance:
| Metric | Description | Target | Measurement Method |
|---|---|---|---|
| Procurement Cycle Time | Time from requirement identification to contract execution | < 45 days | Date tracking in procurement system |
| Cost Savings | Percentage savings compared to initial budget or market rates | > 10% | Financial analysis |
| Contract Compliance | Percentage of procurements following standard processes | > 95% | Procurement audits |
| Vendor Performance | Average vendor performance rating | > 4.0/5.0 | Vendor performance reviews |
| Requirements Fulfillment | Percentage of requirements met by procured solutions | > 95% | Requirements traceability matrix |
| Budget Variance | Actual procurement costs vs. budgeted costs | < 5% | Financial reporting |
| Stakeholder Satisfaction | Satisfaction rating from internal stakeholders | > 4.2/5.0 | Stakeholder surveys |
Procurement performance will be monitored through:
Procurement processes will be continuously improved through:
The following contract types will be used based on the nature of the procurement:
| Contract Type | Description | Risk Allocation | When to Use |
|---|---|---|---|
| Firm Fixed Price (FFP) | Fixed total price for defined deliverables | Vendor bears most risk | - Well-defined requirements - Stable scope - Low uncertainty |
| Fixed Price Incentive | Fixed price with incentives for exceeding targets | Shared risk with incentives | - Performance-critical projects - Measurable objectives - Opportunity for innovation |
| Time and Materials (T&M) | Payment based on actual time and materials | Organization bears most risk | - Unclear requirements - Evolving scope - Need for flexibility |
| Cost Plus Fixed Fee | Reimbursement of costs plus fixed fee | Organization bears most risk | - High uncertainty - Complex requirements - Need for cost transparency |
| Subscription | Recurring payment for ongoing services | Shared risk | - Cloud services - Software as a Service - Ongoing support |
All contracts will include the following key elements:
Contract administration will include:
Changes to contracts will be managed through a formal change control process:
The following risk categories will be considered for all procurements:
| Risk Category | Description | Examples |
|---|---|---|
| Vendor Risk | Risks related to vendor capabilities and stability | - Vendor financial instability - Inadequate vendor resources - Poor vendor performance |
| Contract Risk | Risks related to contract terms and execution | - Ambiguous contract terms - Inadequate protection clauses - Unfavorable terms and conditions |
| Solution Risk | Risks related to the procured solution | - Solution does not meet requirements - Integration issues - Security vulnerabilities |
| Cost Risk | Risks related to procurement costs | - Cost overruns - Hidden costs - Currency fluctuations |
| Schedule Risk | Risks related to procurement timeline | - Delayed vendor selection - Extended contract negotiations - Late delivery of products or services |
| Compliance Risk | Risks related to regulatory compliance | - Non-compliance with procurement policies - Regulatory violations - Data privacy issues |
Procurement risks will be assessed using the following process:
The following risk response strategies will be employed:
| Strategy | Description | When to Use |
|---|---|---|
| Avoid | Eliminate the risk by changing approach | High-impact risks with feasible alternatives |
| Transfer | Shift risk to vendor through contract terms | Risks that vendor can better control |
| Mitigate | Reduce probability or impact of risk | Moderate risks with cost-effective controls |
| Accept | Acknowledge and monitor the risk | Low-impact risks or risks costly to address |
Procurement risks will be monitored throughout the procurement lifecycle:
Vendors will be categorized based on strategic importance and risk:
| Category | Description | Management Approach |
|---|---|---|
| Strategic | Critical to business success with few alternatives | - Executive-level relationship - Comprehensive governance - Regular strategic reviews - Long-term partnership |
| Preferred | Important vendors with established relationships | - Relationship management program - Regular performance reviews - Potential for expanded business |
| Transactional | Commodity providers with limited differentiation | - Standard contract management - Basic performance monitoring - Competitive re-evaluation at renewal |
| High Risk | Vendors with elevated risk profiles | - Enhanced due diligence - Stringent contract terms - Frequent monitoring - Contingency planning |
New vendors will be onboarded using the following process:
Vendor performance will be managed through:
Relationships with key vendors will be managed through:
The following documentation will be maintained for procurements:
| Document | Purpose | Required For |
|---|---|---|
| Procurement Request | Document procurement need and justification | All procurements |
| Statement of Work (SOW) | Define scope, deliverables, and acceptance criteria | Services procurements |
| Request for Proposal (RFP) | Solicit vendor proposals | Procurements > $50,000 |
| Vendor Proposals | Document vendor offerings and commitments | Competitive procurements |
| Evaluation Matrix | Document vendor selection criteria and scores | Competitive procurements |
| Contract | Establish legally binding agreement | All procurements |
| Purchase Order | Authorize purchase and payment | All procurements |
| Vendor Performance Reports | Document vendor performance against requirements | Ongoing services |
| Change Requests | Document and approve contract changes | As needed |
| Acceptance Documents | Verify deliverable acceptance | All deliverables |
| Closeout Report | Document procurement completion | All procurements |
Procurement documentation will be:
Regular procurement reports will include:
[Requirements Definition] → [Market Research] → [Solicitation] → [Proposal Evaluation] → [Vendor Selection] → [Contract Award] → [Contract Implementation]
[Change Request] → [Impact Analysis] → [Approval] → [Contract Amendment] → [Implementation] → [Documentation]
[Performance Measurement] → [Performance Analysis] → [Performance Discussion] → [Improvement Planning] → [Follow-Up Review]