Procurement Risk Levels

Transcription

1 Strategic Planning, J. Kost Research Note 16 April 2003 Managing Risk in Public-Sector Procurement Risk mitigation drives public-sector procurement, but the mitigation processes for the different types of risk often are vague or target the least-important risks. Governments should focus on project success, not process politics. Core Topic Government: Government Processes Key Issue How will government transform IT procurement? Strategic Planning Assumptions Through 2007, public-sector IT project managers who assess political, contractual and programmatic risks and develop risk mitigation strategies prior to the start of the procurement process will reduce the time required to conduct procurement by 40 percent, and the risk of selecting the wrong solution by 50 percent (0.8 probability). Through 2006, the news media will be 70 percent less likely to write a negative story about a procurement decision if the decision resulted in a successful project outcome, regardless of what procurement process was used (0.7 probability). Through 2006, government jurisdictions that develop "dynamic contracting" strategies will reduce procurement process time-tomarket by 20 percent and increase successful project outcomes by 30 percent (0.7 probability). Governments tend to be risk-averse, including in their acquisition of technology. What is not clear is if government would be innovative in its use of technology were it not for the fact that its processes at mitigating risk often also kill innovation. Procurement Risk Levels There are three levels of government procurement risks: political, contractual and programmatic. A disproportionate number of many government risk management efforts focuses on political risks for example, elected officials will be embarrassed by a decision, such as media reports of an official rewarding a contract to a campaign contributor, or a decision of an evaluation committee results in protracted litigation. However, focusing so much energy on avoiding political embarrassment leaves too little energy, or interest, to mitigate the challenges of programmatic risks, thus threatening the project's success. Table 1 lists the issues and mitigation approaches associated with each type of risk. Gartner Reproduction of this publication in any form without prior written permission is forbidden. The information contained herein has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The reader assumes sole responsibility for the selection of these materials to achieve its intended results. The opinions expressed herein are subject to change without notice.

2 Table 1 Common Risks and Mitigation Strategies Risk Type Issue Mitigation Approaches Political Contractual Will I be embarrassed by the decision? Will losing vendors challenge the outcome, leading to embarrassment for me? Will I have to pay additional costs for things that I thought were included in the contract, but are not? Will the vendor take advantage of me? Will I get sued? If I get sued, will I lose? Programmatic Do I understand what is the correct solution? Can I make what I asked for work? Source: Gartner Research (April 2003) Competitive bidding Acquisition process led by nonprogram personnel "Arms-length" relationships Highly proscriptive bid documents Highly quantitative evaluation models Teams of evaluators no single decision maker Heavy emphasis on fairness to vendors in process Protest process Cumbersome contractual change processes Firm, fixed-price contracts Non-negotiable terms and conditions Onerous contractual terms and conditions A focus on the easily quantifiable price, rather than the more-difficult-tomeasure total cost of ownership Post-contractual scope dispute resolution process Outsourcing negotiations Proscriptive bid solicitations Teams of evaluators Third-party evaluators/oversight Many risk mitigation approaches used in public-sector procurement primarily mitigate political risk. In most jurisdictions, procurement is a function administered as a command and control process, separate from the "beneficiaries" of the technology being purchased. This process usually is part of the culture and is meant as a "check and balance" to ensure integrity in government. This process assumes that: Government officials who need to purchase technology are not smart enough to buy it themselves or are too corrupt to be trusted Elected leaders would rather be protected from corruption accusations than get something done quickly (when a tradeoff is necessary between the two options) In most cases, both assumptions are at least partly incorrect. There are remarkably few incidences of procurement-related corruption in government (at least in industrialized nations). Many management controls exist to easily handle the rare instances when they do occur. Government invests too many resources and creates too many processes to prevent something that is rare. Although many government officials are not trained to be buyers, particularly of complex IT solutions, they are close enough to the project's goals to best understand what technology 16 April

3 is required. Divorcing project management from procurement decisions is a recipe for disaster. Although some elected officials are more concerned about political perceptions than with project success, rarely are these officials asked by procurement managers to explain if the outcome or the process is most important, and why. Elected officials seldom understand procurement policies or processes, or the impact that these have on the success of their administration. If officials are educated about these processes and given a choice between process or project success, many would probably prefer the latter. Focus on Project Outcome Table 1 attaches various procurement control processes to risks to show what motivates purchasing decisions, such as: Fear of scandal Ensuring "fairness to vendors" during the selection process Quantifying qualitative factors Ensuring objectivity in the procurement process These motivations are well intended, but they often are misguided because they raise the value of the procurement process over the value of a successful project outcome. Many contractual risks are byproducts of political risk mitigation. Officials use onerous terms and conditions for vendor compliance to reduce the appearance of having been taken advantage of by a vendor, possibly at the expense of morecompetitive bids. Inflexible statements of work and changemanagement processes may increase process integrity, but they may decrease the likelihood of project success. More-effective tools must be considered to address each type of risk. Political risk increasingly must be addressed through improved management techniques. In addition, more attention must be given to programmatic risks for each procurement. Table 2 offers alternative risk considerations and tools for risk mitigation. 16 April

4 Table 2 Alternative Risk Mitigation Strategies Risk Type Issue Mitigation Approaches Political Contractual Will the project be successfully completed? Will it be completed during the term of my administration? What is the appropriate relationship with the vendor to ensure a "win-win" relationship? How can the vendor be driven to ensure our success? Programmatic What's the right solution to the problem that I've been assigned to address? Does the vendor understand me and my business problem? What are the riskiest elements of this project, and how do I manage these risks without creating an antagonistic relationship between parties? Source: Gartner Research (April 2003) Strong "ethics and corruption" legislation that clarifies the consequences of malfeasance Understanding of the relative value of time and competition A single, accountable project leader Project team has consistent goals and effective motivation Pre-qualified vendor candidates with realistic approaches An effective (time-sensitive) internal change management process Competitive negotiation Phased implementation Opt-out provisions built into contract phases Use of "dynamic contracting," in which scope changes are assumed and their negotiation processes are in the contract Bonuses and accelerators for meeting or exceeding goals (time, budget and functionality) Shared risk/reward contracts Strategic partnerships Best-practice models developed prior to bidding Intent-driven, rather than technically proscriptive, bid solicitations Product "fit-gap" analysis prior to awarding a contract "Best and final offer" process Third-party evaluators/oversight Phased implementation Evaluation of programmatic risks Separate evaluation of technical risks A focus on total cost of ownership rather than price The risks inherent in each project include the risks created by the government's culture. Many political risks, such as fear of corruption or embarrassment, must be addressed at a policy, or perhaps even a legislative, level. Thus, personnel involved in a project and its related procurement can focus more attention on the project's outcome than on risk mitigation processes. As a project team is assembled, and before it prepares a bid solicitation, it must assess how each type of risk affects the project. Assuming that sufficient safeguards and best practices are in place, the team should target programmatic, rather than political or contractual, risk mitigation to ensure that the best solution is selected. The team should focus on: 16 April

5 Related Research "Competition vs. Time in Government Procurement" "Transparency in Government Procurement: Pros and Cons" "Evaluating Technical Risk in Government Procurement" "Government's Hierarchy of Challenges" "California Purchasing Reform: Solving the Wrong Problem?" "Why Governments Lag in Systems Adoption" Vendor due diligence Product gap analysis Internal best-practice development Change management These efforts will have a more-significant impact on project success than tangential issues such as selection and negotiation processes, as well as terms and conditions. The project team should be most concerned about and motivated to deliver a successful project, not process politics. Dynamic Contracting Governments must develop dynamic contracting strategies to successfully mitigate procurement risks. Dynamic contracting assumes that: At the beginning of a project, the government and vendor(s) have imperfect information about what is needed to complete the project. Technology will change over time. What is perceived to be needed now will change as the project evolves. The statement of work in the initial contract will be out of date within six months. Rather than focusing on writing a comprehensive statement of work, the contract should focus on a scope change and negotiation process to allow modifications that all parties agree are desirable as the project is implemented. The initial vendor may not be appropriate as the project evolves; a process must be included to add or change vendors. Table 2 suggests different techniques that governments should consider using, depending on the project. Other methods may require altering a government's laws, policies or culture. In all cases, Gartner recommends that governments understand the three types of risks, as well as the appropriateness of approaches to mitigate them. Bottom Line: Public-sector procurement processes must ensure project success by facilitating a good outcome, rather than only trying to prevent bad processes. More attention must be paid at the project's start to all of the risks political, contractual and programmatic that are associated with procurement, especially those that will have a material effect on the project's outcome. 16 April