It's time for an
annual risk review of long term and critical contracts.
Here's why I think so;
As we move into a new year, conditions change - some
changes are market driven: competition, material sourcing,
freight bottlenecks, etc. Some changes are government
caused; tax rate changes, tariffs, import/export restrictions,
environmental regulations, etc. And some changes
could even be considered 'acts of god' e.g. severe weather,
storm damage, crop failures, etc.
All of these changing conditions could impact our
suppliers and contractors - and eventually become issues that
will affect their ability to perform. Changing conditions could
materialize as delays, disruptions or cost increases.
Suppliers may simply be unable to deliver, might seek equitable
adjustment and depending on how contracts are worded - might win
in court (if it comes to that). Sure the buyer might also
prevail, but a shrewdly written contract- that results in no
delivery - will nevertheless delay / cost your operation.
Regardless of the cause - we have to be prepared for the
risks to successful completion of our contracts. it is our job
as contracts administrators to know the contract, understand the
supply chain, be aware of the market conditions, and have a good
idea of the cost pressures on our key suppliers. As part
of the contract award process, we consider the contractor's
ability to perform and likelihood of successful performance.
As the old saying goes "we'll make it - God willing and the
creek don't rise." Thus, if our contract depends on the
contractor being able to "cross the creek" and we've had a lot
of rainy weather - we can probably anticipate a delivery
Over the past few months there have been a number of news
reports about items that will obviously affect some contracts
and some buyers. Unemployment tax rate changes, tariff changes
to Canadian Lumber, trade embargos in the east, severe
weather in the Midwest, work visa restrictions, family leave
policies, etc. As we listen to the news reports we can
considering which items might affect our contracts or
suppliers. We can be proactive about estimating the
impact and developing a mitigation strategy. We might
even decide to contact the supplier first and inquire about the
potential for problems, as a means of encouraging a languid
supplier to wake up and take remedial action.
Here's what I'm suggesting: [note links to related
- When placing new contracts and purchase orders
determine if a risk level ( you decide what the risks are -
price, performance, delivery pressure, critical need
(failure will shut us down or cost us money),
intellectual property, etc.).
- For high-risk contracts develop a simple risks
outline as part of the contract award process. This
might require additional
proposal information from potential suppliers, a more
cost or price analysis,
additional contract language (e.g. notifications,
scheduling, cancellation options, etc.)
- In the risk outline, identify each important risk and
the factors which might affect it. Also note any additional
analysis or contract language which you included at the time
of award to mitigate the risk.
- Make a plan to regularly review the risk analysis
outlines for critical contracts on a regular basis.
Review at the least often enough so that you are aware of
the potential impact issues and will recognize those when
the issue appears in the news.
- As issues arise, take proactive action to mitigate
the risk, develop a negotiation plan and prepare for the
Here's an example:
|Contract: xyz ACE company
||Term Jan 2016-Jan 2019
|Risk: Labor rate increase
Watch: Union labor negotiations in Florida
|Contractor uses significant amount of longshoreman
union labor in Miami. see price analysis for labor
|Risk: Delivery schedule
Watch: Severe Storms in Florida
|Mfg facility is in Miami. monthly delivery via barge
through Gulf of Mexico
It's our job to manage the supply chain for our companies.
Part of management is understanding and anticipating risks.
Being proactive with a simple risk analysis is one good way we
can add value.
It’s a valuable reminder for all of us and a recent interview on
the subject is worth listening to.
In the Podcast Something You Should
Know, host Mike Carruthers interviewed author Joel Schwartzberg
about his book, Get To The Point. The podcast was posted on
December 14 and the Schwartzberg Interview starts at about 3:45.
Why do I think this is important
even for folks who do not make professional presentations?
We are constantly communicating –
it’s a large part of our job as professionals.
As professionals in the workplace,
we evaluate data, formulate opinions, make decisions and take
action. If the action is to communicate by writing a report,
writing a contract, directing workers or conveying critical
information – we have to be clear and concise. If the decision
will be presented to senior management, then we have to be
articulate and compelling
- Obtuse, and verbose
communication styles, confuse your message. Regardless of
how important, if the message is misunderstood by the
listener, then you have wasted your time.
- Flowery prose is not a good
style for business correspondence. More words, more commas,
more qualifying caveats lead to more ambiguity.
- If our written or spoken word
is ineffectual – then we have done a poor job and are less
valuable in our profession. We all know coworkers who ramble
and never quite get to the point.
Being direct and succinct is not a
new concept. We’ve all heard similar messages in various
- With respect to business
letters – “What actions are your directing?”
- With respect to leading
meetings – “What is the goal of the meeting?
- With respect to managing
employees – “Tell the employee exactly what is expected.”
- With respect to presentations
and training – “Make your point several times in several
- With respect to resume’s –
“What makes you the best candidate?”
- With respect to job hunting –
“Develop a great ‘elevator’ speech”
Schwartzberg makes a number of
useful suggestions during the interview. I plan to read the
book, and I recommend listening to the interview.
Data Storage Policy Review
Ransom ware data breaches have
successfully targeted large companies. Thus I think it is
imperative that those of us in smaller organizations review
More specifically; Sensitive personal & private
information (PPI) about individuals we collect and store in our
systems, laptops and smart phones is risk-of-loss
Medical practices, manufacturing
companies, movie production studios, and government offices have
had their data locked for ransom or even worse, released
publicly. Even with layers of IT minions, nefarious hackers gain
access. Unfortunately, this means that those of us in smaller
organizations are likely vulnerable. Instead of just
concentrating on trying to protect our data – I think we must
take steps to mitigate the real possibility of data loss.
Yes! Having organizational data
revealed or encrypted and a ransom demanded for the unlocking
key is painful. It might cause lost time to reload backup data,
or impact profits, but that is a business risk for which we can
plan. However, consider the added risks if the data loss
includes sensitive personal & private information about members,
customers, marketing contacts and other individuals not-related
to business operation. Is there a chance that the lost data
includes a random social security or credit card number,
birthday, home address or names of spouses and children? If so
the risk of loss might also be an organization liability.
Losing control of personal & private
information you have collected and stored on your systems could
expose your organization to accusations that you did not take
reasonable steps to protect the data.
Consumers are targeted by pervasive
advertising reminding them about the risks of using sensitive
data online that can be lead to stolen identities or credit
cards. We need to extrapolate that warning message to include
sensitive data we store about other people in our personal
contact lists, messaging software, documents, spreadsheets, cell
phones, laptops, Outlook files, and management systems.
Some suggested actions:
- Make a management decision to
review data storage practices and policies with all key
personnel. NO! I am not talking about buying new firewall
software. I am referring specifically to reviewing the PPI
data-elements collected and stored within the organization.
True, improving data security is important and vendors spend
a lot of effort in marketing the latest security software.
But, as news stories demonstrate, a firewall defense is
- Consider: Does the organization
possess any information about individuals that might be
personal, private, sensitive or something else that
reasonable people would not want released to the public? Do
we need that data? Why store sensitive information at all?
Pare down data elements in our databases to the bare minimum
and reduce the risk of loss.
- Review PPI data collection
practices. Don't collect and store PPI that you don't
absolutely need. Does
the organization possess data that might have been
deliberately collected for some reason, but the risk of loss
now outweighs its usefulness? Do old forms ask for data
elements that are no longer used? Examples: Social
security numbers, birthdays, home addresses, family member
names, etc. Do we really need to know a customer birth date
or gender? Is it necessary to have home addresses and
emails? Even if a specific piece of information is needed at
one time – should it be retained and stored in our systems?
- If sensitive personal data is
under your control, have you deliberately decided to assume
the risk of loss? Have you taken steps to mitigate the
risks? Can we store sensitive information separately or
encrypted? Is access limited on a need-to-know basis?
- Is there a clear PPI
data-access and security policy? Establish and communicate a
clear organizational policy that sensitive personal
information will not be collected or stored. Give
priority and elevate data retention policies and processes
to management discussions. Review data collection, storage
and security policies regularly. Then conduct meaningful
training with all personnel who have access to the data.
- Ask everyone to identify and
examine lists of people they might have in all of their
systems and devices. Search for and remove PPI wherever
possible. Get IT help with search tools or parameters
to seek out forgotten tidbits that should be deleted.
- Don’t assume everyone in your
organization understands, or agrees with the perceived
risks. It does little good to scrub the organization‘s
customer database, if a random employee keeps sensitive
information on a laptop or in a personal-contact list.
- Conduct regular discussions and
training about data storage risks to keep everyone in
IMO: This is not an IT task!
Understanding the risks; then establishing, communicating,
implementing and enforcing a clear personal data collection and
storage policy is a management responsibility.
Card Program Audit
Is your organization worried about
purchasing card program fraud and abuse? If this topic is on
your management dashboard then I recommend you review GAO report
17-276. This new audit looks at micropurchases transactions
(<$3500) using purchasing cards in a number of government
agencies. The auditor was seeking evidence of fraud and abuse
and evaluating compliance with OMB control requirements.
The good news is that little
evidence of potential fraud was found although a number of
weaknesses were identified.
The report is worth reading because
it describes useful process controls and potential weaknesses in
purchasing card programs.
- The auditor identifies
specific control points required by OMB- Circular A-143
Appendix B. *
- Figure 2 - actions taken
by Govt. in last 10 years to strengthen credit card
- Figure 7 – high risk
- Table 4 – targeted data
review & comments for each agency
- Table 5 - agency
compliance & process description
Raise some questions? Yes, I had a few. Here are my
comments and questions along with GAO
1- Appreciate you inclusion and
comments about high-risk transactions. It seems like a good
differentiator when discussing micropurchases in general.
2- I think your references to property
management practices could use some more explanation. As in
the case of high-risk transactions, I think the purchase of
items identified as “property” vs. supplies is another
differentiator that gets confused at the implementing level.
Also gets confusing when talking about ‘property’ which
requires formal property management procedures ( tagging,
inventory, etc.) vs. items which are sensitive ( a
specialized torque wrench) vs. supplies (o-rings, seals,
3- Are you aware of any analysis which
discusses the control costs vs. risk in credit-card
micropurchases? I’ve seen one case, where an organization
added so much documentation and control procedures to
credit-card purchases, that I think the overall cost-savings
was nearly nil.
A: No, we are not aware of
any specific analysis. This particular topic was out of
scope due to the size of the engagement and our available
4- Are you aware of a good report which
documents that various agency processes which would be
considered best practice? Your Appendix II is
interesting but misses Energy for example. Also interested
in which practices establish a reasonable balance between
auditability vs cost effective. That is which practices
establish a reasonable balance and could be a model for
other agency improvements? I know of several organizations
which use pretty good software and electronic documentation
systems but it seems like many agencies have differing
processes and procedures. Might be helpful if they had a
best-practice target - other than just an abstract “complete
A: No, we did not
encounter a report that could be used as best practices. In
our report, we were only able to present the information we
gathered that highlighted the policies in place and how
agencies followed them.
5- Also, are you aware of any guidance
for internal auditors relative to identifying “high-risk”
transactions? Seems like that might be one way that agencies
can help protect themselves – that is, by doing a better job
of defining and validating high-risk purchases vs. all the
A: No, we are not aware of
any guidance on how to identify types of “high-risk”
transactions. GSA and several IGs have identified several
specific types of transactions as “high-risk” and in some
cases have developed additional guidance and controls for
those specific types of transactions, but there is no
overall guidance on how to identify “high-risk”
6- Did you look at the guidance
provided to agency contractors?
A: No, we did not
specifically examine guidance provided to contractors.
However, we did review some contractor-related transactions
during the course of our audit.
7- I didn’t see an average transaction
value – might have missed it – but it seems relevant to
A: As the scope of our
review was micro-purchases, we did not report on an average
In addition to identified process
weaknesses; I think the report raises a number of issues
appropriate for a management policy discussion: - That is; at
what value should we establish controls? The auditor
specifically cites several transactions valued at less than $10.
Really? When does it cost more to audit than the risk is
worth? How can we set up a cost effective policy to preclude
auditors having to waste everyone’s time looking at $10
transactions? At what point do added documentation requirements
outweigh the benefits of a purchasing card program? However, how
long can you ignore a minor leak before it grows into a large
loss? A good subject for debate at a management retreat.
Other topics worth discussion:
- Are there new and more
cost-effective ways to prevent fraud? Do new software and
data tools provide better opportunities for detecting fraud?
Example: credit cards that send an email confirmation for
each transaction. Would that provide a way to automatically
gather a real-time audit population in a secure location?
- What sort of training should we
have? Most programs train purchasing card users. However,
should we also be training management at all levels about
identifying and detecting signs of fraud? What training
should we provide to supporting organizations about
observing and questioning anomalous transactions? [e.g.
Receiving dock worker hears from a delivery driver about
deliveries to an unauthorized location]
- What management policy
regarding purchasing cards is appropriate for our
organization and our circumstances? Are managing the company
based on being ultra-conservative and surviving a nitpicky
audit? Or, are we going to perform a risk analysis, do a
cost-benefit review and set appropriate policies?
IMO: Some organizations wait
until after auditors have spent weeks pulling detailed data and
grilling staff before responding with opinions about appropriate
thresholds and policies. Thus the time and effort of staff and
auditors has already been wasted. A more effective process would
be to establish complete policies and set audit parameters well
in advance of the actual fieldwork. Management should be able to
anticipate audit concerns (reports like this one help) and
address potential issues with appropriate policies before the
* OMB Circular A-143 outlines
Management's Responsibility for Enterprise Risk Management and
Internal Controls [ in government agencies] . It was
one of the directives that the government strengthened [and
continues to revise] as a result of the SOX Act around the
time of the Enron debacle [Remember that? It wasn't
just publicly traded companies that got a management wakeup
call] Read more….
||Are you a
fan of financial statements?
Like to see the detail and read between the lines about
Here is an interesting
read; GAO audit of FY15 and FY16 financial statements of the
GAO summary says in part;
1- Certain material weaknesses in internal control over
financial reporting and other limitations on the scope of its
work resulted in conditions that prevented GAO from expressing
an opinion on the accrual-based consolidated financial
statements as of and for the fiscal years ended September 30,
2016, and 2015.
2- Material weaknesses resulted in ineffective internal
control over financial reporting for fiscal year 2016
3- The comprehensive long-term fiscal projections
presented in the Statement of Long-Term Fiscal Projections and
related information show that absent policy changes, the federal
government continues to face an unsustainable long-term fiscal
After years of dealing with auditors and government
regulations, I have reservations about taking auditor statements
at face value. Auditors tend to review and write in hard-line,
good or bad analysis. Wherein regulations, agency management and
guidance tends to be ambiguous and open to interpretation. IMO:
Unfortunately this leads to management policies intended to
survive audits rather than optimize performance. [and that’s
a whole other discussion]
In this audit, you can see some of the audit
interpretations leading to ambiguities; example- the value of
assets. Look at the note 5 on page 85 about the value of
inventories, property and equipment and then also at note 24 on
page 165. Obviously in valuing a corporation you would consider
the value of equipment and real property the company owns.
However, how would you value it, if the equipment was an
aircraft carrier or the real property was Everglades National
Park? Even more confusing would be the value of a historically
value item such as the Declaration of Independence. Corporations
might have a similar problem in valuing a trademark and supply
chain managers in determining the cost vs benefit of switching
to new supplier management software.
People tend to focus questions about the fiscal health of
our country by looking at cash-flow topics. But, as this audit
points out, the subject is a lot deeper. The report presents
details and raises management questions that are much more
interesting than just what we hear in the news. Regardless of
our opinions about auditors and U.S. fiscal policies, the audit
and underlying data is truly an interesting read.
Price Increases - Are You
As Supply Chain Specialists, it’s our
job to think strategically about issues that will affect our
contract prices. Contract prices for critical supplies and
services are affected by market pressures, shortages,
transportation disruptions, global competition, sustainability
policies, environmental regulations, lower-tier human rights
concerns, etc. In the news lately is a major supply chain
cost-pressure we can’t overlook; minimum wage increases.
Minimum wages are due to increase in
many locations. I’ve also heard that unemployment insurance
rates in some states may rise. Many contractors will seek to
pass along the increased costs to buyers.
Astute procurement professionals
will already be preparing for the inevitable negotiation with
suppliers about the impact of wage increases to contract prices.
Why? Because suppliers need to recover cost increases and buyers
want to limit increases to a reasonable and allocable amount.
But much of a supplier’s claimed cost increase is reasonable and
allocable vs. how much is unearned profit?
This is a key question which forms the basis of
many contract negotiations. Remember the sharp fuel-oil
price rise a few years ago. Some suppliers reacted with the
unreasonable negotiation position that a 10% rise in
transportation fuel cost entitled them to raise contract
prices by 10%.
“If direct labor wages rise by $1.00
per hour - and we have a service contract with 10 workers,
providing weekly service - the supplier’s cost to provide the
service may rise – thus the supplier will want to negotiate an
appropriate increase on current or future contracts, but how
much of the $1.00 increase is directly allocable to our
In this case the cost increases is
out of the hands of suppliers. Wages and payrolls costs are due
to increase; we know that suppliers have to cover costs to
survive, thus we can anticipate a negotiation with some of our
suppliers resulting from direct labor wages. An astute supply
chain professional will anticipate and prepare for the
inevitable negotiation in advance.
What can we do to prepare? Here are
a few suggestions:
- Find out exactly what wage and
payroll cost increases are planned for your area. Don’t
guess, your HR staff probably already knows.
- Train supply chain staff about
how seller’s costs are compiled into a selling price. Large
organizations can add a cost-analyst to the staff – or
obtain outside training. Smaller organizations can solicit
the expertise of the accountants in their own finance
organization who track and compile costs. Basically, the
more buyers know about how costs are compiled and
liquidated, the more they can defend against a “10% fuel oil
price increase” negotiation.
- Mangers can schedule a regular
discussion with Supply chain staff about strategic issues.
Help staff see the big picture and apply their industry and
pricing knowledge by raising questions like: “Knowing that
minimum wages are going to rise, how much will that affect
our contracts for xyz?”, “Which of our current suppliers use
minimum-wage labor?” “Which of our current contracts and
orders could be subject to renegotiation resulting from a
- When soliciting new proposals,
ask suppliers to provide a breakdown of key cost elements.
Even if you can’t get specific details, just knowing the
relative weight of materials vs labor costs and separating
ODCs [e.g. shipping] charges can help with negotiating
Supply chain specialists can add
significant value in the contracting process by thinking
- By not waiting for the
solicitation process; and building a picture of potential
suppliers’ cost-drivers during sales calls and while fact
finding long before the specific contract negotiation
Negotiation strategy presentations
- By gaining a thorough
understanding of the business factors affecting key
commodities and suppliers.
- By proactively seeking
alternative ways to reduce supply chain costs and sellers
Senior managers can also assist in
the process by having regular ‘strategic thinking’ discussions.
Rather than trying to force planning as a policy, encourage
strategic thinking by leading a collaborative process. A
successful organization uses combined knowledge and expertise of
all departments to work as a team.
Strategic planning is valuable trait
for supply chain specialists. Here is a good essay on the topic
published in Linkedin by David Hearn [https://www.linkedin.com/in/david-hearn-44aa01
Buyers; Don’t let a
flakey contractor continue to string you along.
We have a contract problem such as a missed deadline. In
the ensuing telephone conversation the seller makes a new
delivery promise. Later, the seller misses the new delivery
promise and we have another discussion with new promises – ad
By acquiescing to the contractor’s new delivery promise,
it could be argued in court that we have made a constructive
change to our contract. Also, we have established a practice of
allowing late deliveries that could become a winning position in
future contract disputes if we try to enforce a delivery date.
Send a confirming notice after each important contract discussion
and draw an enforceable line in the sand. An email could work,
although a formal letter is better for higher risk situations.
Do so in language that clearly documents, the contractual
failures, promises made, deadlines, action items, etc. I would
also make it clear you are depending on that promise and
describe how the conversation relates to the contract.
The confirmation notice documents:
- FACTS about missed deadlines, contractual problems
and failures to perform.
- That the contractor has been notified about failures
to comply with the contract
- Mitigating actions and promises made by the
- Informs all appropriate parties [such as contractor’s
management because we copied them]
- Forces all recipients to respond with objections or
acquiesce to your interpretation of the situation
Even if the situation doesn’t seem dire, a confirming
notice documents facts [e.g. a clarification about delivery
requirement paragraph [****]
- Confirming our telephone conversation at
approximately 3:00 p.m. on Sept 16, 2014 regarding [contract
- Contractor agreed to do [****] by no later than
10:00 a.m. on Sept 17, 2014.
- Contractor agreed to delivery [****] by [****]
to [****] and take action [****]
- Contractor promised to [****]
- Contractor will [****} to recover delivery
delinquency; PO 23 paragraph 6.3
- We discussed steps contractor is taking to
recover from failure to deliver/perform in accordance with
contract 23 par. 6.3 and 10.5 [****]
- We are depending on your promise/agreement to
mitigate the impact of [contractor’s] failure to perform in
accordance with contract requirement 
- This does not constitute a change to the
contract, it confirms buyers agreement to allow contractor
to mitigate the failure by [****]
- [Buyer] will consider [contractor’s] actions
and attention to this matter in evaluating the impact of
this situation to this contract and to contractor’s
eligibility for award of future contracts.
- Each confirmation documents new commitments that the
contractor will either keep or miss.
- If the contractor misses new promises, the
confirmation(s) document a pattern of failure.
- The confirmation preempts the classic interrogatory;
“Who knew what, and when did they know it?”
- The confirmation gets you closer to an actionable
If you don’t send confirmations – when it comes time to
take legal action all you have is an ambiguous chain of
undocumented discussions which are open to interpretation and
1. This is a simple confirmation notice; this is NOT a
show cause notice. Don’t include threats that you might later
regret or decide are not appropriate. Based on the situation at
hand and the contractor’s performance we will take whatever
actions are appropriate and allowed. In fact the more you say,
the more likely you’ll open up a can of worms. If the time comes
for official action we will discuss with management and send a
legal notice if appropriate.
2. Don’t use language that changes your contract and lets
the contractor off the hook. We are not agreeing to change the
delivery date of the contract. We are confirming the fact that
the contractor missed the contractual requirement and has
promised to do something to mitigate the impact.
What safety and security precautions do
you take when contracting for services which will be performed
in your facilities? Consider what would happen if; a copier
repair technician sexually harasses one of your employees, or a
janitor inserts a thumb drive containing nefarious code into an
unattended PC, or a delivery driver negligently crashes into as
essential piece of equipment?
Even in simple service contracts, we
are opening our doors and granting contractor personnel access
to our facilities which could easily be abused (or worse).
Examples: Do your current contract terms prohibit contractors
form sending service personnel who are intoxicated? Do your
contact terms require that contractors verify that personnel are
legally entitled to work in the U.S.? Do your contract terms
give you the right to send contractor personnel home who you
believe to be unsafe at the contractor’s expense? Do your
contracts prohibit contractors from subcontracting work in your
facility without your express consent? Etc.
So what can supply chain folk do to
better protect ourselves from risks when contracting for
services that will be performed in our facilities? Here are some
- Assemble a cross functional
team and consider the risks before contracting for services
which will include contractor personnel gaining unescorted
access to our facilities. Recent stories about workplace
violence, computer security losses, industrial espionage and
negligent safety incidents should help generate some scary
- Prepare a separate addendum of
terms and requirements for contracts that require facility
access and ensure that all contractors seeking to perform
work in your facilities are familiar, and are contractually
required to comply with them.
- Discuss reasonable, rational
and enforceable processes for vetting contractors and their
personnel with your HR and legal staff. HR goes through
similar processes when they hire new employees; background
checks, W-9 clearance, substance abuse checks, etc.
Some ideas for your new document
- Require potential service
contractors to describe their internal processes for
vetting, training and supervising personnel as part of their
proposal. Include solicitation language that would
disqualify offerors who are not taking reasonable and
appropriate steps to ensure that qualified and vetted
personnel will be sent to your facility.
- Require contractors to use the
government’s e-verify process for all personnel. E-verify is
a requirement for government agencies and contractors, but
can also be used by non-government organizations. Your HR
department may already use it as part of their W-9 process.
- Require contractors to certify
that all personnel sent to perform work in your facility
will be; adequately trained, drug free, safety conscious,
qualified for the job, well-supervised, etc.
- Requires contractors to
identify in advance personnel who will be assigned to work
in your facilities and notify you when changes are made.
[I am not going to let just any weirdo into our
building who shows up and says he is the copier repair
- Include conditions under which
you have the right to refuse access to contractor personnel.
- Require contractors to provide
suitable replacement personnel and allow you to cancel the
contract, should the contractor be unable to do so.
Yes, you could claim breach of contract – but sometimes
it’s not cost-effective to do so… just easier to move on to
a better contractor.
- Require notice and consent for
any proposed lower-tier subcontractors and flowdown of
similar terms to any who will also be working in your
- Search for some sample language
in standard terms and conditions posted online by many
government contractors. Search for “on-site service” terms
or “facility access” requirements
Here are several places to get some ideas:
There is no magic panacea. Obviously
the bigger the risk and more sensitive the facility, the more
background work we will have to do. Keep in mind, we don’t want
to interfere with the employment relationship between
contractors and their employees – but we do want to reasonably
limit which contractor personnel will be granted access to our
We often contract for services
performed in our buildings but sometimes forget to consider who
the contractor will send to perform the work. Of course if there
is a problem we would sue the contractor, but I suspect the
plaintiff’s lawyers will also seek damages from our company
based on our process (or lack thereof) for granting access and
vetting contractor personnel. After all, we selected the
contractor and granted access….
GSA Report - negotiating before award
GSA-IG review of GSA
contracting process for schedule 70 (IT) services and equipment.
Interesting discussion of negotiating before awarding
contracts. A good set of references and rational to capture in
policy and training guidance for staff.
- Audit cites a number of key FAR references relative to
price reasonableness and negotiation. Introduction and
- Auditor maintains, and provides a good rational for
negotiating contracts prior to award – even in competitive
- Audit turned up examples where negotiations improved an
already competitive proposal.
- Auditor clearly states that FAR part 15 does NOT clearly
require negotiations to take place in all awards. (page 5)
- Interesting response from GSA management – basically
stating that they have good processes for obtaining price
reasonableness [even if they don’t negotiate].
In My Opinion:
I agree with the auditor. Buyers can improve contracts
by "negotiating" prior to award in most instances. I've seen
many examples where competitive proposals have been improved in
value, reduced price, better terms, enhanced delivery, etc.
Unfortunately, I've also witnessed a number of examples wherein
potentially valuable preaward discussions or negotiations were
skipped and rationalized because competitive proposals had been
obtained, time constraints, lack of policy requirement and lack
Suggestion: Add value to the process, as a personal
goal, negotiate all contracts prior to award. Consider that:
- Negotiations don't have to be formal - a lot can be
accomplished just by asking the right questions.
- Negotiations should target more than just the price or
profit. Contracts can be more valuable to buyers in many
- Even a discussion of the specifications or contract
"boiler plate requirements" can yield
opportunities to solve
problems, reduce costs or avoid future change orders -before
awarding a malformed contract.
||A Case for
Price and Cost Analysis
... programs I will be
presenting at the Pacific Northwest Purchasing Conference in
October 2016 for
Understanding the principles
behind a “baker’s dozen” is a buyer’s negotiation advantage.
e.g. A seller can afford to give you one item at (or
below) his cost if he makes up the difference or profit by
selling other items. A baker can give away the 13th donut
because he covers his cost (and probably makes a profit) on the
A few pricing observations worth
considering when negotiating a fair and reasonable price:
- A supplier’s cost for a product
or service is usually less than the selling price.
a. Ex.: an item might cost the seller $80 to produce but he
is selling it for $100
b. Thus the purchase is more expensive for the buyer – than
cost to the seller.
c. The $20 difference is profit for the seller and how
sellers remain in business – but all of a seller’s profit
doesn’t have to happen in the sale of one item.
d. Good to know: What is the
seller’s cost to produce and provide the item or service?
- The supplier’s cost almost
always includes an indirect cost component which is added to
the direct cost to when selling a product or service.
a. Thus the value of an item to a seller is less before it’s
sold than it is when it is sold.
b. Ex.: G&A costs (like insurance bills, payroll for the
purchasing department, etc.) are incurred even if nothing is
c. When a contractor “throws it away” they don’t write off
the same cost as they would book income if they sold it.
d. Good to know: What did the
seller have to pay out to produce or provide this specific
item or service vs what are the costs generally added to the
sale of all items?
- Indirect costs sometimes relate
to intangible elements that enhance the transaction which,
if not itemized in the contract, can be lost-value to the
a. Ex.: Installation, regular maintenance checkups, service
manuals, training, etc. are often touted by sellers as
advantages for purchasing their product or service.
b. These benefits are generally more expensive to buy as
separate items, than if they are included in the initial
selling price and agreement.
c. Good to know: What
“benefits” are available, how can our company take advantage
of those benefits and how are they specified in the sales
agreement or contract!
- Most sales agreements generally
do not include all of the possible ways a seller can be of
value to the buyer
a. Aggressive marketing strategy touts creative ways a
seller can differentiate themselves from their competitors,
(industry expertise, support staff, marketing experience,
b. Most extras are never included in the “price list’ or
offered as part of a sale.
c. Good to know: What are the
seller’s added values and how are we going to take advantage
- Selling prices may vary for
reasons not related to seller’s costs.
a. A seller could be selling at less than cost –
discontinuing old stock, aggressively fight competitors, a
loss-leader to get buyers to buy other items, etc. etc. etc.
b. A seller could be setting prices based on market
conditions (or other factors) and not considering or seeking
to reduce his actual costs.
c. Good to know: How is the
seller setting the price? What could, or should the price
Buyer’s negotiation strategies:
- Compare the proposed selling
price to the general market. If the offer is significantly
higher or lower than other prices figure out why. The
seller’s price could be different for many reasons- which
could be critical. If the proposed price is a fair market
value, that’s good – but don’t stop analyzing.
- Consider the significant cost
elements which contribute to the selling price. Look for
cost-saving opportunities. Seek cost-drivers that can be
changed to reduce the price. Example: seeking a better
shipping method, grouping purchases, use less-expensive
packaging, change materials, etc.
- Consider ways to change the
purchase that might also reduce the overall acquisition
cost. Example: buy larger quantities to get a price break,
schedule long-term deliveries, consolidate requirements,
time purchases to coincide with production lulls, etc.
- Consider all of the additional
ways the seller could add to the purchase and structure the
purchase to include or take advantage of them.
IMO, problems inherent in how
data-overload affects decision making are no longer limited to
managers in large companies. Online news sources, podcasts,
social media, group sourcing web sites, texting, etc. can
overload individuals with information. Filtering input and
making appropriate decisions is not as obvious as it once was.
This Wall Street Journal article shows an example; Blue Feed,
In a similar way, new
business-management software tools can bury management in
reports and data. More data is not always helpful. Accordingly,
the business-decision process cannot be static. Management must
adapt their business operations to analyze and filter mounds of
data so important information surfaces and becomes easy to
It wasn’t always that way; in
some small businesses management planning questions are obvious
and easy to answer;
- How many pumps did we sell last
month? Which type of pumps sell better than the
But as a business grows into larger
markets additional analysis is helpful;
- Which cities purchased
more of our pumps? Do different cities use more of one kind
Answering these questions helps
management plan for business productivity and growth. However,
as markets expand and business complexity increases, the
available data grows exponentially.
In world-class markets the need for
more timely data is an imperative. World-class competition and
product innovation make cost cutting and reduced time-to-market
critical for survival. Unfortunately making good decisions using
large tables of data isn’t always easy for management. Thus, the
rise of data analytics as an industry and a profession.
This is not a new innovation. Using
graphics to help decision makers better understand data has a
long history. Read this article in Smithsonian Magazine about
the history of displaying data using graphics; The Surprising
History of Infographic
But as we learned the hard way
during the explosion of electronic commerce vendors starting in
1999, new software tools are not a panacea. Yet assembling huge
data tables into easier to understand charts and graphs is a
business-survival imperative. Thus, the growing need for data
analysts who can create visualizations of business data.
Before jumping on the data analysis
bandwagon, Caveat Emptor (buyer beware). There are significant
pitfalls inherent to the collection, analysis and presentation
of business data.
- Gathering data has to be done
by someone who understands the source of the information.
ERP software tools assemble huge amounts of data across the
entire enterprise. However, the resulting large relational
databases may include thousands of tables with similar data
elements using various collection processes. Select data
from the wrong table or join information using inappropriate
fields and the resulting charts and analysis will be flawed.
Even worse – the problem in the data collection will not be
visible to management.
- Example: In collecting pump
sales by city we might use buyer’s zip codes from the
customer tables. However, if some of the buyer data in
the tables includes corporate offices or banking
remittance addresses, a flawed analysis about sales
locations could easily result.
- Creating meaningful graphical
representations of raw data is a skill which must be learned
and practiced. With new software tools, anyone can click on
a table of data and create a graph. But does the graph
highlight the right data elements or does it make trends
easier to see? Could the graph inadvertently select wrong
formulas or only pieces of the whole list [absolutely]?
- Assembling the data into
tables, charts and graphs can also by misleading. Charts
make data trend easy to see. But turn the chart upside down
and the exact same data can look very different. Invert the
axis, change the scale and large changes can look
insignificant. Misplace the range and a major problem can be
“off-the charts”. Thus it is important that analysts and
managers who will be reading the charts understand the
potential for problems. Years ago I read a great book that I
think should be mandatory reading for all data analysts and
managers who will be using the data for decision making.
How to Lie with Charts by Gerald E. Jones ISBN
- Locate, train and support staff
members who can assemble, analyze and present business data
to management in a meaningful way. It is not an incidental
part of the organization and not a function that can be
performed well as fill-in work.
- Train managers and staff about
how organizational data is collected and reported using the
charts and graphs. Ensure a common understanding of what the
charts mean and where the conclusion might be weak,
misleading or less certain. Use the book I recommend above
as the source for an internal management training program
about the perils of depending on charts without
understanding the source data.
- Include data analyst staff in
management planning so that the analysts understand which
information is critical for business decisions and can help
design data collection processes. Analysts who are involved
can also suggest additional data analysis that might be
available, but untapped.
- Don’t rely on software
suppliers to provide canned reports from management
information systems unless you have made sure they
understand your business needs and that you understand the
data that the reports are collecting and analyzing. Even
after you have reporting systems running; give data
analysts the mandate, the time and the support needed to
constantly test results, investigate data anomalies and
control system configuration.
- Ask your data analysts to
provide a senior management overview about data gathering
and graphical outputs. In words that everyone will
understand, ask for descriptions of terms like: GIGO,
relational data bases, data integrity, normalizing data
inputs, data definitions, configuration control, real-time
vs batched data, etc. In addition to defining these terms
your analysts should be able to explain why they are
important to your business and how the resulting analysis
could go very wrong.
GAO is changing the process
for filing a protest in a government solicitation. According to
the GAO announcement the process will change this summer.
Here is a link to the GAO proposed rule change.
This summer, GAO will establish a
secure and easy-to-use web-based electronic bid protest
filing and dissemination system (EPDS). EPDS will also
provide automatic notice of a protest to the agency.
Once it is live, all protesters will be required to use
the system to file new protests, and there will be a
$350.00 filing fee…….
While most Supply Chain managers are not directly
affected, I think all of us should be interested. The GAO bid
protest process and legal decisions give all of us on the
procurement side, a look into the sensitivities of contractors
to the solicitation process. A well-formed competitive
solicitation is one of our most powerful procurement tools. When
contractors feel like the solicitation process is unfair, we
directly affect the competitive environment for current and
Thus I recommend all procurement organizations take the
time to review GAO protest decisions. Most of the cases will
revolve around the interpretation of arcane government
regulations – however, a few will be enlightening and worth
using as training tools. In addition to the nature of the
argument, GAO cases often include numerous regulation references
as well as an analysis of what the buyer might have done wrong
(and could have done better).
[In one of my favorite cases the
GAO judge chastised the government contracting officer
for not being coherent and not in command of the facts
about the contract …. a timely lesson for young staff}
In addition to the GAO protest decisions, there are a
number of other government web sites that provide good training
and reference materials for procurement organizations. Here is a
recent presentation where I talked a little more on this topic
as well as some of the web sites I think are worth following.
Experienced supply chain specialists
know that the total cost of acquiring (TCA) a product or service
goes way beyond just the purchase price. We also know that the
purchase price is influenced by many factors, some of which are
in our control [e.g. purchase timing or competitive
specification]. World-class organizations appreciate TCA and
leverage all the many ways a supply chain organization can add
value. Some ideas:
* Expand organizational training so
that everyone (including the end-user) understands TCA and how
acquisition costs can affect budgets, profitability and company
* Enable cross-functional collaboration by providing informal
opportunities for staff in various organizations to meet and
build professional networks
* Expand supply-chain staff and management training to include
negotiating internally, establishing long-term supplier
relationships and reducing the costs of products or services
* Rewrite supply-chain procedures, case-file documentation and
process checklists to address valued–added actions at a
big-picture level, not just price negotiations
Here is a partial list of elements to consider in reducing TCA
when acquiring products and services:
Find more articles and comments about supply chain negotiation
and costs on this page:
||Management Controls and
Employee Responsibility to raise ethics questions
interaction in this TV movie between Bernie and the SEC – then
have a training discussion with staff about management controls
and when it’s time for employees to raise questions.
Auditors can only do so much to detect fraud. Unfortunately,
just as in this example and at ENRON, employees sometimes fail
to raise questions and challenge legality when they should.
Getting in Front of Regulation Compliance
Government Procurement Regulation
Compliance isn't easy. Keeping up with proposed changes, legal
protests and audit findings is an important organizational
policy. In a new presentation for our local NCMA chapter,
I discuss the strategy and share some examples and the web links
that I use. Presentation and references posted for my colleagues
I’m just back from the
Northwest Purchasing Conference in Portland. A
number of the world-class speakers talked about the significant
changes Big Data, Cloud Data Services and the Internet of Things
are already making to our supply chains. They expect an
accelerating rate of change in business operations pushed by new
Organizations face cost and competition imperatives to use
new technologies in their supply chains. A large percentage of
the new technology will be outsourced or incorporated directly
into our contracts and purchasing agreements. And, as we know
all too well, jumping in to new contract relationships without
completely evaluating and mitigating the risks is unwise at best
and a big risk.
Technology changes in business processes have already
spawned a huge growth industry in legal discovery software and
forensic accounting. Electronic “dust bunnies” reproduce
exponentially and [as many public legal battle demonstrate],
electronic records will be discovered and will be used against
My Opinion – Supply Chain
Professionals have to get on board the technology train now. We
need to gain at least a basic understanding of the buzzwords and
issues related to using new processes. We have a very short
window of opportunity to help manage implementation planning
before management, IT folks and potential suppliers make the
Need a basic introduction to the buzzwords?
This presentation might
Warning: Don’t expect the legal profession to lead or be
much help with changes to business processes. As we have seen in
the past with fax machines and electronic signatures; the laws
and legal profession will lag way behind business
implementation. Our business needs cannot and will not wait for
legal clarity. Confusion abounds.
Electronic data management is already governed by a number
of different government regulations (e.g. HIPPA, personal
privacy, etc.). Data privacy regulations between the United
States, Canada and Europe are different and changing frequently.
The risks in using new technologies are large.
Fraud-detection, Data Analytics, Forensic Accounting and
Electronic Discovery software are big growth markets. That takes
care of finding the mistakes and problems AFTER they happen.
Unfortunately, many organizations don’t have an adequate
information governance plan nor have they educated staff about
the legal discovery process as it relates to electronic
documents, information governance and records.
What are some of the issues in legal discovery?
Here is a basic description
Also – a real eye opener was this recent vendor-sponsored
webinar I attended about the latest in legal discovery and
information governance in a cloud computing environment. Check
out this web site:
Also view a few of the recorded webcasts on this page
Supply Chain Fraud -
development note: Preventing Supply Chain Fraud using system and
management controls is a very important topic in all industries.
Also the new hot buzzwords ‘ Advanced Analytics’ as it applies
to automated systems used to detect and prevent fraud. As you
advance in your career, familiarity with these are subjects will
differentiate you from other candidates and improve your value
to the organization.
Here are some previous references for your reading list:
Cloud Computing Strategy Safe?
Trivia Question: What well-known family
is in the news [again] with problems exacerbated by electronic
information and emails stored in the “Cloud” and on personal
devices? As exciting as the new problem might be, I suggest that
the important lesson to be learned is how vulnerable we all are
to problems with electronic communications and data.
Imagine working in an organization
embroiled in a nasty lawsuit with a vendor, customers or even
former employees. All of the related electronic data is subject
to discovery demands as well as authenticity questions by
opposing counsel. This includes emails stored on personal as
well as company or cloud-based servers, text messages,
documents, backup storage, thumb drives, CD’s, DVDs and of
course all the paper remaining in the file cabinet.
- There are numerous potential
problems and implications. Here are just a few examples,
from the perspective of the buyer involved in contracting
for electronic communication services:
- If our defense rests on being
able to produce authentic electronic records of transactions
and agreements, was the electronic record maintained by our
cloud-based data service maintained in a way that preserved
the appropriate META data and that will meet court
requirements for evidence? [if not – it’s all legally
- Will our data service provider
be able to produce all of the records within the
court-directed discovery period? [If not – our company will
be penalized and may lose by default
- Will the data-service provider
respond to requests at a reasonable cost? [you think so;
- Will the data-service provider
be able/willing to certify that all Backup Tapes and Storage
areas have been searched for relevant data? [more money +
more time = no guarantees]
- If a 3rd party subpoenas our
company data stored by the data-service provider, will they
refuse access until our company grants permission? [ I hope
- If the data is stored in a
different country, what laws govern protection of the data?
[Hint – it may not be U.S. law]
- Considering that email and text
messages also travel through, and are stored on service
provider computers – how protected is that data from
accidental release, or erasure? [Been watching the news
- Is a planned
retention/release/destruction procedure followed? Who else
has access to the data? [Edward Snowden, WIKI Leaks and ?]
- Do we have any legal recourse
for unauthorized release of failure to support a legal
challenge? [great question = what does the contract say?]
And the list goes on…
A few minutes searching on the web
(or watching national news) should help identify issues and
concerns. Here is some food for thought:
Bottom line: Just like any
significant purchase – companies take a risk if they do so with
proper planning and a good solid statement of work. It’s easy to
say “let’s use G-Mail for all our correspondence”, much harder
to understand, plan for and contractually address all of the
As Always; Caveat Emptor
Comma That Costs 1 Million Dollars
Can misapplied punctuation in a
contract (or Purchase Order) be the deciding factor in a
Simple answer is YES! In fact – this
case was about simple option-year language that many of us
frequently use in contracts and purchase orders.
Does this sound familiar?
“This agreement shall be effective from the date
it is made and shall continue in force for a period of five
(5) years from the date it is made, and thereafter for
successive five (5) year terms, unless and until terminated
by one year prior notice in writing by either party.”
When lawyers argue about a contract
– any and all ambiguity, lack of clarity or lack of precision
can (and probably will ) be used as an argument..
While we can’t all have the wisdom
of lawyers (thankfully) - we can do our best to keep the lawyers
at bay. We do this by writing clearly, making sure our
language is not ambiguous, ensuring our
intent matches the written agreement
and documenting both parties concurrence
and understanding of all complicated terms.
When writing agreements simplify
your language and avoiding compound sentences. See how this
example sounds instead of the preceding paragraph:
When drafting agreements, I suggest:
- Use simple language
- Be direct and clear
- Use the same term consistently;
"delivery" is always used when talking about delivery
- Ask someone to review to find
out if the wording is clear and truly says what you want
- Discuss and document agreement
on complicated issues and terms
- REWRITE if needed to clarify,
do not depend on a contemporaneous discussion
- Replace pronouns with proper
- Confused about using "WILL" vs
- More thoughts about
What are the ramifications of sloppy
language or processes, and how to do a better job of preparing
and documenting our contracts and purchase orders? How
could the buyer/seller done a better job of wording the option
language to avoid the legal dispute?
Want to read more about the million
How can participation
in a professional organization help my professional career?
Obviously, the old cliché about
taking advantage of opportunities is apropos when it comes to
participation in all professional organizations. But consider
that there is significantly more to be gained than just learning
new facts at a seminar. Active participation can payoff in your
job, and at the same time improve professional marketability in
many more ways. Think of the ways that participation can
improve a resume. Here are some examples that could result:
- I’ve learned xy z in seminars
which helped our company improve abc process.
- I’ve participated in
web-enabled learning session at my office without having to
incur travel costs, thus enhancing my skills in a
- Innovations I’ve learned about
at conferences have helped me implement abc
- I’ve met and established a
network of professionals in other organizations that I can
call on for ideas and advice.
- I have used templates, samples
and examples that are shared on the ISM web site in order to
improve our business process abc
- I have a better understanding
of international business trends
- By getting involved with
leading and operate the organization we can professional
depth well beyond the current job at the office.
- I have experience organizing
and leading a work team to successfully
- I have accepted and
successfully completed task assignments related to writing,
researching, and reporting .
- I have experience planning and
controlling a budget of $$$
- I have experience preparing and
presenting programs and public speaking
- I’ve become acquainted with
various organizational management structures through my
interactions with people from both small and very large
- I have experience planning,
organizing and presenting educational programs
- I have been recognized by other
professionals for my leadership skill
Thinking about it like this: By
taking full advantage to help manage a professional
organization, I could be getting back much more than I’m putting
Career Development ideas:
Big Data Analytics
is the Holy Grail for large organizations.
enlightenment by being able to compile, analyze and mine
information from all of our systems in all of our factories,
sales locations, warehouses and support organizations. Once we
have all that information, we also want to integrate that data
with our suppliers, shippers and distributors.”
Example: We’ve noticed that productions costs at factory
x, have increased slightly each January for the past 3 years.
That traces back to a cost increase in raw material z each
December. Since the contract price remains unchanged, the cost
increase is due to a freight cost change in December. Looking at
the available inventory space and carrying cost, we would see a
savings if we double-up shipments in November. However, what are
the risks of overproduction, extra inventory or cost increases
at the raw material supplier’s facility?
Despite the profusion of software companies that claim to
be able to help (for a price) – there are numerous inherent
problems in the task. Just compiling lots of data into a big
pile doesn’t come close to providing intelligent information for
analyzing and decision making.
One insidious problem in the process is data
normalization. That is, trying to get everyone in all the
locations to use the same terminology, standards and data entry
protocols. It’s a problem we ran into back when converting to
ERP software solutions. Those problems are exacerbated by
crossing international borders, customs and languages. Example:
Consider how differently a date or length measurement could be
expressed by different cultures.
New software tools can do a lot of automatic conversion or
force some standards by using drop-down data entry options. But
the cultural differences will continue to cause confusion in
conversations, emails, hand-written forms, reports, etc.
Procedures, data-entry rules, standard formats and some serious
training will help. In addition processes to find and normalize
errors and anomalies will also be needed.
Thus, an organization seeking the holy grail of Big Data
Analytics can’t just purchase a piece of magic software.
Decision making with big data will require big changes in
business processes, lots of training, a considerable amount of
analysis and ongoing support.
Big Data Analytics will require
people who understand the big picture
We can position ourselves to ride
the big data wave into the future;
On a personal level by forming
cross-functional teams to normalize and standardize the data and
processes used internally. We can develop the skill set to
become the knowledgeable analyst able to manage the expansion of
the standards to other locations and organizations.
a company level, we can start requiring contractors and
suppliers to provide information and data in standard formats.
Instead of accepting random feedback from suppliers, we can
intervene and start the normalization process. It will take a
while – but the sooner we start climbing the learning curve the
Not only is Big Data Analytics a
growth industry for software suppliers – it’s a long-term career
opportunity for individuals who understand and can decipher Big
Data business issues.
Pay particular attention to the language used in
correspondence with contractors. Even though most contracts say
that changes have to be in writing – most also say that the
Buyer can give the contractor direction. Thus the contractor
might literally rely on direction, notices and instructions
received from the Buyer. This could become contentious in a
dispute where the contractor might argue that he depended on the
notice provided by the buyer.
Here are some example notices:
- “…Attached is a revised specification. The only
change is to the dimension in section 7.2…”
- “…Attached is a revised contract with the most
important updates on page 4…”
- “…Attached is the new statement of work, the
significant change is in the delivery schedule…”"
- …Attached is a redline copy showing all the changes…”
See the problem? In the language used above, the buyer
transmitted the change, but at the same time directed the
contractor about what changed. Thus relieving the contractor
from responsibility for reviewing the entire document and
complying with Any and All other changes that might also be
included. A change or revision that was missed or did not seem
important to the Buyer could have a big impact on the
contractor. In court, the contractor might argue that he
depended on the notice provided by the Buyer and did not review
the rest of the document since “…it did not change…”
A more cautious way of communicating changes could be
something like this:
“…Attached is the [change / update / revision]. For your
reference notice the change in [section/page/paragraph]. This
reference is provided for convenience only. Contractor is
responsible for reviewing the full text of the revision and
complying with the entire document including all changes.
Contractor is also responsible to request clarification if the
intent or applicability is not clear….”.
Another way to word it might be; “…changes include…[but
are not limited to] ...”
Important buzzwords include a reminder of contractor
responsibility to review and comply with the entire document.
You should also be very hesitant to use words like “only” or
“all” and limiting adjectives like “significant” and “most
Help the contractor by providing
information – if you must. But DO NOT relive the contractor of
responsibility to read and comply with the written contract and
Storing data in the “cloud” has risks. Developing a
strategy to protecting access to the data across international
borders with conflicting privacy and Legal Discovery laws is an
important prerequisite to jumping onto the Cloud Computing band
wagon. Think your data is safe because you are using a
U.S. company? Not so. Microsoft is still arguing a case about
releasing email messages stored in Dublin Ireland.
Interestingly, in this case Microsoft is trying to prevent
access to customer data.
Consider the implications if disgruntled employees or
dissatisfied customers could access company records to build
their lawsuit. Encryption? That works until company officials go
to jail for defying a Legal Discovery order. Read a layman’s
view of Legal Discovery issues.
Woody Leonard posted a great article about the case:
Electronic Frontier Foundation postings:
More of my thoughts about Cloud Computing risks.
Like any new business tool, Cloud
Computing strategies should be thoroughly evaluated for risks,
and mitigating safety precautions taken BEFORE implementation.
Don’t assume old strategies – such as locked doors or paper
shredders - will protect electronic records.
Managers are not autonomous [even though some like to
Inexperienced employees will request training, seminar
attendance or reimbursement for participation in a professional
organization and assume their manager will make a positive
- Unfortunately, more often than not, managers will have to
justify and defend their actions and decisions
- Experienced managers realize they may have to defend
their decisions and judgment from questions by senior
management, HR, Finance, Internal Audit, external auditors,
regulators, etc., etc. etc. It may not be a formal audit and
could just be a “friendly” discussion - but a defense
- Successful managers ensure they have supporting
rationale before making decisions.
Example 1: A meeting runs several hours into the evening and
I plan to request some extra personal time to compensate. It
will be much easier for management to allow the extra time, if I
had provided a summary of the meeting before leaving. That is my
manager has an email message from me at 7:30 p.m. about the
meeting, thus documenting the situation in a way that supports
my manager’s decision to approve my comp. time. I’ve documented
my participation and provided details about the work-related
Example 2: Several people in the organization would benefit
from and want to attend a new training program. Management can
only authorize one person. The person who provides rationale
about benefits accruing to the organization in return for
participation is more likely to be selected.
Example 3: I want to participate in a professional
organization and request support. It’s likely my manager will
have to justify approval relative to budget expenditure, staff
training development and organizational benefits. I may even
have competition for participation from other members of the
organization. If I leave it up to my manager to develop the
justification, the easy answer is no decision or perhaps the
wrong decision. If I provide a solid rationale along with the
request, then I have improved my chances of gaining approval.
Perceptive employees, seeking a
management decision and support, will provide management with
justification and information supporting the decision at the
same time they make the request.
Best People are the Busy People
Managers depend on the best performers to get the
difficult and high-priority work done. Many managers and
team leaders will tell you, "If you really want it done, assign
the work to the busy person." Of course, that often means the
busy person keeps getting piled on with a lot of important work.
It’s also a fact that priorities for an organization change
like the weather. So the work changes and tomorrows priority
will be different than today's. Frustrating! Unfortunately, it
is also a fact that organizations can’t afford to employee
excess resources. Idle time or slow-paced productivity, is an
excess-cost target for budget cutting.
Does this sound like
Employee: How can these assignments all be my highest
priority? That’s an impossible contradiction.
assignment was your highest priority at the time I gave it
to you. The fact that you let them all pile up is your
problem. If you had accomplished each one as I gave it to
you, there would be no conflict.
Employee: The pace that you are assigning projects is fast
than I can finish them.
Manager: You are correct. You should strive to complete
the highest priority project; before I assign another
highest priority project.
Employee: This doesn’t make sense, how can these all be
your highest priority.
Manager: These are not my highest priority, I said they
were your highest priority. My highest priority is helping
you demonstrate your extraordinary skills and ability to
accomplish high-priority tasks in a very short period of
Employee: So you are saying that because I’m a good
employee; I am assigned more high priority work at a faster
Irksome, I know – but consider the alternative. Maybe
you’ve never had the feeling that your manager was assigning you
too many high-priority or critical assignments. Why? Maybe your
manager (and your organization) is more dependent on other
people. That's not a good thing when it comes to budget cuts.
Become a valued member of the organization
In my career I have
interviewed and recommended the hiring of many procurement folks. A number of
those people were unexpectedly seeking employment. Unfortunately, it showed.
Some had resumes that fail to highlight skills and experience which would be
important to a hiring manager. Yes you worked for an important company for 15
years – but why does that make you a good candidate?
Another disappointing observation: Applicant who listed professional
associations or certifications – but couldn’t articulate the value they received
from participation. I’m a member of the Audubon society – but why does that
qualify me to tend Emus?
My suggestion; write or rewrite your resume like you were explaining your
job to your elderly parents. I’m important because I contribute x and perform y
and always do z. I spend my personal time participating in this organization
because I get a and learn b and improve my c.
- What can I do to demonstrate my value to the
- What can I do to enhance my marketability?
- What can I do to remain competitive in the job
Here are a few ideas
Plug & Play
negotiation is not a one-time event focused on price. We can do a more effective
job of negotiating if we:
1- Make our goal for negotiation to create a “better contract”,
2- address all important elements of the agreement - not just price and,
3- negotiate continuously - instead of as a one-time event.
A copy of the full presentation is posted here:
a Buyer's Sharpest Tool
Whether by invitation for bid (IFB) or request for proposals (RFP), a
solicitation is our best chance to get more than just prices. A solicitation is
an opportunity to get information that will help us select the best proposal
and/or reject offerors who are likely to fail. Even in a very rigid IFB
situation, procurement has an obligation to weed out proposals that are not responsive
or from offerors who are not responsible and who do not understand the specification. We can
do that if we have requested sufficient information to make that
Read the rest of
the article on www.mltweb.com
Let's Plan a Meeting...
Better a face-to-face discussion instead of endless emails; right? Not
necessarily. A poorly planned and executed meeting can be a costly waste
of time and leave participants more irritated than informed. Planning and
conducting an effective meeting is an important skill; well worth developing.
Here are a few of my pet peeves about poorly run meetings,
Is a teleconference a better idea? NO! Not unless you plan to avoid the many
technical irritants that will spoil your meeting. Here is a great example of
what can go wrong in a teleconference (so very true to life...)
E-Mail Pitfall -
The problem: It is too easy to rant and rave in an email message! It’s
also too easy to express opinions, take a poorly considered stand on issues and
accuse people of failures.
The Issue: Email messages are a prime target of the legal discovery
process. Electronic searching and discovery of a corporation computers, network
servers, backup servers, jump drives and mailboxes is a huge and growing
business. Do a lousy job of searching for all the electronic dust bunnies and
our company could lose the legal case by default. Read more comments and
concerns about electronic records here
www.mltweb.com/news/news0907.htm and here
Even Worse: Nearly all email messages will be around forever.
www.mltweb.com/news/news0902.htm . It's kind of like the embarrassing
high school year-book comment. An email message is most likely to turn up just
when you least expect it.
The Impact: All email messages will be found during the legal
discovery process and they will be used in court. Whatever has been
mentioned about the subject by anyone (not just between the Buyer-Seller) will
be found and exposed in the lawsuit. This could include email messages
which argue about plans, express differing opinions about compliance issues,
discuss contractor's abilities, raise safety concerns, etc.
A notable exception would be messages that are allowed to be attorney-client
privileged - if they are properly identified and culled from the email archive
before being turned over to the court. Software to help find, review, cull and
de-duplicate is a hot growth industry.
Lesson: Don’t say anything in an email message you don’t want to hear
in court. Use email to communicate facts. Keep your ill-considered opinions,
expletives, criticisms, etc. out of the electronic record.
Consider how these examples would sound in court:
- Email: The contractor is inept and couldn’t build a proper bozat
no matter how long we gave him.
Cross-examination: Was your rejection of the contractor's product
arbitrary? Did you give appropriate consideration to the request for a
- Email: If we reject the parts, then we’ll save the overspent
Cross: How long did you plan to cancel the contract before notifying
- Email: I’ve weasel-worded the contract so we can do whatever we
want when the time comes.
Cross- Is the contract intentionally ambiguous?
- Email: Why can’t you be more like your brother?
Cross: You always liked my brother better, isn't that why you dropped
me as a child.