Smart Vendor Management and Smart Robots – How CIOs Can Tackle the Litigation Challenge


By virtue of managing multiple service providers as well as overseeing IT processes and information flow, the CIO plays a central role in litigation. These responsibilities involve ensuring third-party compliance with basic legal and regulatory standards, as well as gathering and maintaining electronic data that can potentially be used as evidence in a legal action.

Lack of transparency into the service delivery framework therefore exposes any enterprise to significant legal risk on a variety of fronts. Recognizing the importance of oversight, CIOs are making vendor management a top priority. Also, many are applying emerging automation technologies to enhance significantly data management capabilities.

An effective Vendor Management and Governance (VMG) strategy combines a high-level overview of enterprise operations, together with detailed and granular insight into day-to-day operations, including data collection and information flow. A core responsibility of VMG is to ensure that the contractual, financial and operational services provided to a business by a third party are delivered according to the terms and conditions specified by the client organization. Since most large enterprises deploy complex multi-vendor arrangements, this responsibility extends to service integration and overseeing the touch points between the myriad providers in the service delivery mix.

Regarding data management, process consistency within and across service providers is imperative. However, maintaining consistency has traditionally presented a challenge for CIOs. Most client organizations and service providers adhere to process definitions developed by the Information Technology Infrastructure Library (ITIL) standards body.  These definitions cover processes related to basic IT activities such as incident, problem and change management.  However, because the standard definitions cover what has to be done but not how, different service providers interpret the standards a bit differently. Even the most subtle differences, meanwhile, can compromise the integrity of operational data that underlies a VMG strategy. By creating ambiguity around the meaning of data being collected, operational metrics become less actionable. In the case of a legal action, meanwhile, doubts about data integrity obviously present an issue.

Many CIOs seeking to improve their service provider oversight capabilities are exploring the potential benefits of engaging third-party specialists to take on the day-to-day oversight of transactional activity and data collection and management.  As with any sourcing decision, a strategy to outsource the management of an outsourcer must make a distinction between strategic, value-add activities on the one hand, and routine, administrative and tactical activities on the other. Generally speaking, the former should be retained, while the latter are ideal candidates to hand off to a third-party provider.

While the VMG function has traditionally been retained by the client organization, many enterprises are recognizing that outsourcing this function offers significant benefits.Cost savings is one .  To oversee an IT services contract valued at $25M to $30M a year, a typical in-house VMG function requires a management role supported by contract and financial analysts (approximately five FTEs), together with an investment in asset management and utilization tools. Under an outsourced services scenario, meanwhile, VMG activities are delivered largely by offshore resources, and client staffing requirements are limited to management (typically one FTE). Over a five-year contract period, annual savings average approximately 30 percent.

The outsourced model  is also more scalable  since a high proportion of additional workload can be absorbed by cost-efficient offshore resources While a retained VMG function can effectively replicate standards and process discipline across multiple contracts, an increased volume of work requires the hiring of additional retained – and more expensive – staff.

Another advantage of outsourcing transactional VMG functions is to offload responsibility for recruitment and retention. While talent management is a basic benefit of any outsourcing initiative, finding the rare breed of individual with the skills and inclination to be effective at VMG presents an especially daunting challenge.

Whether managed in-house or outsourced, effective vendor oversight is critical to data management and the ability to respond to a legal inquiry.  Robotic Process Automation (RPA) solutions offer another approach to improving data collection, regulatory compliance and legal transparency.

RPA solutions are software platforms that use “virtual robots” to manipulate existing application software in the same way that a person executes a process or transaction. While not “intelligent” in the sense of making decisions or learning from experience, RPA applies rules-based logic to automate repetitive tasks and eliminate “swivel-chair” work of transferring data from one program to another. By performing rote and routine functions faster, cheaper and more efficiently than human workers, RPA tools offer the potential to drive significant cost savings.

In terms of legal compliance and transparency, RPA also provides a more detailed, accurate and sustainable data record and audit log of activity, since every task is performed the same way, every time, and every action performed is repeatable and traceable.  In an environment of increased competition and stringent legal requirements, RPA offers pharmaceutical firms a compelling value proposition.