ITIL Intermediate SOA - Supplier Management Tutorial

Supplier Management

Welcome to lesson 6 ‘Supplier Management’ of the ITIL Intermediate SOA tutorial, which is a part of the ITIL Intermediate SOA Foundation Certification course. This lesson is all about the purpose of the supply management process and how it contributes to SOA practices.

Let us look at the objectives of this lesson.


By the end of this ‘Supplier Management’ lesson, you will be able to:

  • Explore the objectives, scope, and importance of supplier management as a process to generate business value.

  • Describe supplier management policies, principles, concepts, activities, methods, and techniques in relation to SOA practices as well as at how these relate to the service lifecycle.

  • Explain the evaluation of new suppliers, the use of supplier categorization and maintenance of the supplier and contract database.

  • Review the efficient use of supplier related measures and metrics.

Purpose of Supply Management

The purpose of the supplier management process is to obtain value for money from suppliers and to provide seamless quality of IT service to the business by ensuring that all contracts and agreements with suppliers support the needs of the business and that all suppliers meet their contractual commitments.

Let us learn the main objectives of the Supplier Management process.

Preparing to become an expert in ITIL Intermediate SOA? Watch our Course Preview here!

Objectives of Supplier Management

The main objectives of the supplier management process are to:

  • Obtain value for money from suppliers and contracts

  • Ensure that contracts with suppliers are aligned with business needs, and support and align with agreed targets in SLRs and SLAs, in conjunction with SLM

  • Manage relationships with suppliers

  • Manage supplier performance

  • Negotiate and agree on contracts with suppliers and manage them through their lifecycle

  • Maintain a supplier policy and a supporting supplier and contract management information system (SCMIS).

In the next section, we will understand the scope of the supplier management process.

Scope of Supplier Management

The supplier management process should include the management of all suppliers and contracts needed to support the provision of IT services to the business. Each service provider should have formal processes for the management of all suppliers and contracts.

However, the processes should adapt to cater to the importance of the supplier and/or the contract and the potential business impact on the provision of services.

Many suppliers provide support services and products that independently have a relatively minor, and fairly indirect, role in value generation, but collectively make a direct and important contribution to value generation and the implementation of the overall business strategy.

The greater the contribution the supplier makes to business value, the more effort the service provider should put into the management of the supplier and the more that supplier should be involved in the development and realization of the business strategy.

The smaller the supplier’s value contribution, the more likely it is that the relationship will be managed mainly at an operational level, with limited interaction with the business. It may be appropriate in some organizations, particularly large ones, to manage internal teams and suppliers, where different business units may provide support of key elements.

The supplier management process should include:

  • Implementation and enforcement of the supplier policy

  • Maintenance of a SCMIS

  • Supplier and contract categorization and risk assessment

  • Supplier and contract evaluation and selection

  • Development, negotiation, and agreement of contracts

  • Contract review, renewal, and termination

  • Management of suppliers and supplier performance

  • Identification of improvement opportunities for inclusion in the CSI register, and the implementation of service and supplier improvement plans

  • Maintenance of standard contracts, terms, and conditions

  • Management of contractual dispute resolution

  • Management of sub-contracted suppliers. IT supplier management often has to comply with organizational or corporate standards, guidelines and requirements, particularly those of corporate legal, finance and purchasing.

In the next section, let us discuss the Value to the business of supplier management.

Value to the Business

The main objectives of the supplier management process are to provide value for money from suppliers and contracts and to ensure that all targets in underpinning supplier contracts and agreements are aligned to business needs and agreed on targets within SLAs.

This is to ensure the delivery of the business of end-to-end, seamless, quality IT services that are aligned with the business’s expectation.

The supplier management process should align with all corporate requirements and the requirements of all other IT and service management processes, particularly ISM and ITSCM. This ensures that the business obtains value from supporting supplier services and that they are aligned with business needs.

Let us look into the diagram in the next section describes the basic concepts of Supplier Management Process.

Basic Concepts

When dealing with external suppliers, it is strongly recommended that a formal contract with clearly defined, agreed and documented responsibilities and targets is established and managed through the stages of its lifecycle, from the identification of the business need to the operation and cessation of the contract.

This activity is performed in line with the established supplier strategy and supplier policies. The Supplier Management process attempts to ensure that suppliers meet the terms, conditions, and targets of their contracts and agreements while trying to increase the value for money obtained from suppliers and the services they provide.

All Supplier Management process activities should be driven by a supplier strategy and policy from Service Strategy. To achieve consistency and effectiveness in the implementation of the policy, a Supplier and Contracts Management Information System (earlier called SCD) should be established, as illustrated in the figure, together with clearly defined roles and responsibilities.

Let us discuss a complete set of reference information for all Supplier Management procedures and activities, provided by the SCMIS.

Supplier and Contracts Management Information System (SCMIS)

To achieve consistency and effectiveness in the implementation of the supplier policy, a SCMIS should be established, together with clearly defined roles and responsibilities.

Ideally, the SCMIS should form an integrated element of a comprehensive CMS or SKMS, recording all supplier and contract details, together with details of the type of service(s) or product(s) provided by each supplier, and all other information and relationships with other associated CIs.

The services provided by suppliers will also form a key part of the service portfolio and the service catalog. The relationship between the supporting services and the IT and business services they support are key to providing quality IT services.

This information within the SCMIS will provide a complete set of reference information for all supplier management procedures and activities like:

  • Definition of new supplier and contract requirements

  • Evaluation and set up of new suppliers and contracts

  • Supplier categorization and maintenance of the SCMIS

  • Establishing new suppliers

  • Management of suppliers and their performance and of the associated contracts

  • Contract renewal or termination.

Let us look into different activities of supplier management in a summarized way.

Process Activities

Following are the different activities of supplier management which can be summarized in this way:

The first activity would be to define new supplier and contract requirements, which includes:

  • Identifying the business need and prepare for the business case, including options (internal and external), costs, timescales, targets, benefits, risk assessment

  • Producing a statement of requirement (SoR) and/or invitation to tender (ITT)

  • Ensuring conformance to strategy/policy

  • Next would be the evaluation of new suppliers and contracts which includes

  • Identifying method of purchase or procurement

  • Establishing evaluation criteria – for example, services, capability (both personal and organization), quality and cost

  • Evaluating alternative options

  • Selecting the right one

  • Negotiating contracts, targets and the terms and conditions, including responsibilities, closure, renewal, extension, dispute, transfer

  • Agreeing and award the contract

One of the other activities would be the Supplier and contract categorization and maintenance of the SCMIS, which includes:

  • Assessing or reassessing the supplier and contract

  • Ensuring changes progressed through service transition

  • Categorizing the supplier

  • Updating SCMIS On-going maintenance of the SCMIS

The next activity would be establishment of new suppliers and contracts, which includes:

  • Setting up the supplier service and contract, within the SCMIS and any other associated corporate systems

  • Transitioning the service

  • Establishing contacts and relationships

One of the most important activities would be the Supplier, contract and performance management, which includes:

  • Managing and controlling the operation and delivery of service/products

  • Monitoring and reporting (service, quality, and costs)

  • Reviewing and improving (service, quality, and costs)

  • Managing the supplier and the relationship (communication, risks, changes, failures, improvements, contacts, interfaces)

  • Reviewing, at least annually, service scope against business need, targets and

  • Agreements Planning for possible closure/renewal/extension

The next important activity would be Contract renewal or termination, which includes:

  • Reviewing (determine benefits delivered, on-going requirement)

  • Renegotiating and renewing or terminating and/or transferring

  • Transitioning to the new supplier(s) or to internal resources.

The business, IT, finance, purchasing, and procurement need to work together to ensure that all stages of the contract lifecycle are managed effectively. All areas need to be jointly involved in selecting the solution and managing the on-going performance of the supplier, with each area taking responsibility for the interests of their own area, while being aware of the implications on the organization as a whole.

Let us understand the Factors to be considered for evaluation.

Are you curious to know what ITIL Intermediate SOA is all about? Watch our Course Preview for free!

Evaluation of New Suppliers and Contracts

When selecting a new supplier or contract, some factors need to be taken into consideration, including:

  • Track record

  • Capability

  • References

  • credit rating and

  • Size relative to the business being placed.

Also, depending on the type of supplier relationship, there may be personal issues that need to be considered. Each organization should have processes and procedures for establishing new suppliers and contracts.

While it is recognized that factors may exist that influence the decision on the type of relationship or choice of supplier (e.g., politics within the organization, existing relationships), it is essential that in such cases the reasoning is identified and the impact fully assessed to ensure costly mistakes are avoided.

Services may be sourced from a single supplier or multi-sourced. Services are most likely to be sourced from two or more competing suppliers where the requirement is for standard services or products that are readily available ‘off-the-shelf.’

Multi-sourcing is most likely to be used where cost is the prime determinant, and requirements for developing variants of the services are low, but may also be undertaken to spread risk. Suppliers on a multi-source list may be designated with ‘preferred supplier’ status within the organization, limiting or removing the scope for the use of other suppliers.

Let us discuss the Partnering relationships.

Partnering Relationships

Partnering relationships are established at an executive level and are dependent on a willingness to exchange strategic information to align business strategies. Many strategically important supplier relationships are now positioned as partnering relationships.

This reflects a move away from traditionally hierarchical relationships, where the supplier acts subordinately to the customer organization, to one characterized by:

  • Strategic alignment: Good alignment of culture, values, and objectives, leading to an alignment of business strategies

  • Integration: A close integration of the processes of the two organizations

  • Information flow: Good communication and information exchange at all levels, especially at the strategic level, leading to close understanding

  • Mutual trust: A relationship built on mutual trust between the organizations and their staff

  • Openness: When reporting on service performance, costs and risk assessment

  • Collective responsibility: Joint partnership teams taking collective responsibility for current performance and future development of the relationship

  • Shared risk and reward: For example, agreeing how investment costs and resultant efficiency benefits are shared, or how risks and rewards from fluctuations in material costs are shared. Both parties derive benefits from partnering.

An organization derives progressively more value from a supplier relationship as the supplier understands the organization as a whole increases, from its IT inventory architectures through to its corporate culture, values and business objectives.

With time, the supplier is able to respond more quickly and more appropriately to the organization’s needs. The supplier benefits from a longer-term commitment from the organization, providing it with greater financial stability and enabling it to finance longer-term investments, which benefit its customers.

In the next section, we will learn what the contents of a basic underpinning contract or service agreements are.

Contents of Underpinning Contract

The contents of a basic underpinning contract or service agreements are as follows:

  • Basic terms and conditions: This incluse the term (duration) of the contract, the parties, locations, scope, definitions and commercial basis.

  • Service description and scope: This aspect refers to the functionality of the services being provided and its extent, along with constraints on the service delivery, such as performance, availability, capacity, technical interface, and security. Service functionality may be explicitly defined, or in the case of well-established services, included by reference to other established documents, such as the Service Portfolio and the Service Catalogue.

  • Service standards: This include the service measures and the minimum levels that constitute acceptable performance and quality, e.g., IT may have a performance requirement to respond to a request for a new desktop system in 24 hours, with acceptable service deemed to have occurred where this performance requirement is met in 95% of cases. Service levels must be realistic, measurable and aligned with the organization’s business priorities and underpin the agreed targets within SLRs and SLAs.

  • Workload ranges: The workload ranges includes the volume ranges within which service standards apply, or for which particular pricing regimes apply.

  • Management information (MI): This states that the data that must be reported by the supplier on operational performance – take care to ensure that MI is focused on the most important or headline reporting measures on which the relationship will be assessed. Key Performance Indicators (KPIs) and Balanced Scorecards (BSCs) may form the core of reported performance data.

  • Responsibilities and dependencies: This includes the description of the obligations of the organization (in supporting the supplier in the service delivery efforts) and of the supplier (in its provision of the service), including communication, contacts, and escalation.

Now, we will discuss Supplier Categorisation, which is very important for the supplier management process.

Supplier Categorization

The supplier management process should be adaptive, and managers should spend more time and effort managing key suppliers than less important suppliers.

This means that some form of categorization scheme should exist within the supplier management process to categorize the supplier and their importance to the service provider and the services provided to the business.

Suppliers can be categorized in many ways, but one of the best methods for categorizing suppliers is based on assessing the risk and impact associated with using the supplier, and the value and importance of the supplier and its services to the business.

The amount of time and effort spent managing the supplier, and the relationship can then be appropriate to its categorization.

The Suppliers are categorized as shown below:

  • Strategic:

For significant ‘partnering’ relationships that involve senior managers sharing confidential strategic information to facilitate long-term plans. These relationships would normally be managed and owned at a senior management level within the service provider organization and would involve regular and frequent contact and performance reviews. These relationships would probably require the involvement of service strategy and service design resources and would include on-going specific improvement programmes (e.g., a network service provider supplying worldwide networks service and their support).

  • Tactical Suppliers:

For relationships involving significant commercial activity and business interaction. These relationships would normally be managed by middle management and would involve regular contact and performance reviews, often including on-going improvement programmes (e.g., a hardware maintenance organization providing resolution of server hardware failures).

  • Operational:

For suppliers of operational products or services. These relationships would normally be managed by junior operational management and would involve infrequent but regular contact and performance reviews (e.g., an internet hosting service provider, supplying hosting space for a low-usage, low-impact website or internally used IT service).

  • Commodity:

For suppliers providing low-value and/or readily available products and services, which could be alternatively sourced relatively easily (e.g., paper or printer cartridge suppliers).

In the next section, we will explain the Triggers of supplier management.

Triggers of Supplier Management

The triggers of Supplier Management include:

  • New or changed corporate governance guidelines

  • New or changed business and IT strategies, policies or plans

  • New or changed business needs or new or changed services

  • New or changed requirements within agreements, such as SLRs, SLAs, OLAs or contracts

  • Review and revision of designs and strategies

  • Periodic activities such as reviewing, revising or reporting, including review and revision of Supplier

  • Management policies, reports, and plans

  • Requests from other areas, particularly SLM and Security Management, for assistance with supplier issues

  • Requirements for new contracts, contract renewal or contract termination

  • Re-categorization of suppliers and/or contracts.

Let us understand the inputs of supplier management process in the next section.

Inputs of the Supplier Management Process

Inputs of the Supplier Management Process comprises of:

  • Business information: From the organization’s business strategy, plans and financial plans, and information on its current and future requirements

  • Supplier and contracts strategy: This covers the sourcing policy of the service provider and the types of supplier and contract used. It is produced by the service strategy processes

  • Supplier plans and strategies: Details of the business plans and strategies of suppliers, together with details of their technology developments, plans and statements and information on their current financial status and projected business viability

  • Supplier contracts, agreements, and targets of both existing and new contracts and agreements from suppliers

  • Supplier and contract performance information of both existing and new contracts and suppliers

  • IT information: From the IT strategy and plans and current budgets

  • Performance issues: The incident and problem management processes, with incidents and problems relating to the poor contract or supplier performance

  • Financial information: From financial management for IT services, the cost of supplier service(s) and service provision, the cost of contracts and the resultant business benefit; and the financial plans and budgets, together with the costs associated with service and supplier failure

  • Service information: From the SLM process, with details of the services from the service portfolio and the service catalog, service level targets within SLAs and SLRs, and possibly from the monitoring of SLAs, service reviews and breaches of the SLAs. Also customer satisfaction data on service quality.

  • CMS: Containing information on the relationships between the business, the services, the supporting services and the technology.


The outputs of supplier management are used in all other parts of the process, by many other processes and by other parts of the organization. Often this information is supplied as electronic reports or displays on shared areas or as pages on intranet servers to ensure the most up-to-date information is always used.

The information provided is as follows:

  • SCMIS: This holds the information needed to execute the activities within supplier management – for example, the data monitored and collected as part of supplier management. This is then invariably used as an input to all other parts of the supplier management process.

  • Supplier and contract performance information and reports: These are used as input to supplier and contract review meetings to manage the quality of service provided by suppliers and partners. This should include information on shared risk where appropriate.

  • Supplier and contract review meeting minutes: These are produced to record the minutes and actions of all review meetings with suppliers.

  • Supplier SIPs: These are used to record all improvement actions, and plans agreed between service providers and their suppliers, wherever they are needed and should be used to manage the progress of agreed improvement actions, including risk reduction measures.

  • Supplier survey reports: Often many people within a service provider organization have dealings with suppliers. Feedback from these individuals should be collated to ensure consistency in the quality of service provided by suppliers in all areas. These can be published as league tables to encourage competition between suppliers.

Let us discuss the main Interfaces of the supplier management.


The key interfaces that supplier management has with other processes are:

  • SLM: Supplier management provides assistance with the determining of targets, requirements, and responsibilities for suppliers. It then sees to their inclusion within underpinning agreements and contracts to ensure that they support all SLR and SLA targets. SLM assists supplier management in the investigation of SLA and SLR breaches caused by poor supplier performance. SLM also provides invaluable input into the supplier management review process.

  • Change management: Supplier contracts and agreements are controlled documents and therefore subject to appropriate change management procedures. When changes are proposed, the involvement of suppliers should be assessed and reflected in planning.

  • ISM: ISM relies on supplier management for the management of suppliers and their access to services and systems, and their responsibilities in conformance to the service providers’ ISM policies and requirements.

  • Financial management for IT services: This process provides adequate funds to finance supplier management requirements and contracts and provides financial advice and guidance on purchase and procurement matters.

  • Service portfolio management: This process looks to supplier management input to ensure that all supporting services and their details and relationships are accurately reflected in the service portfolio.

  • ITSCM: This process works with supplier management about the management of continuity service suppliers.

Moving ahead, let us learn about the Information Management in the next section.

Information Management

Let us now understand the information management in the supplier management process:

  • All the information required by Supplier Management should be contained within Supplier and contracts Information system.

  • All information relating to suppliers and contracts and to the operation of the supporting services provided by supplier should be included.

  • Information relating to these supporting services should also be contained within the Service Portfolio, together with the relationships to all other services and components.

  • This information should be integrated and maintained in alignment with all other IT information management systems, particularly the Service Portfolio and the CMS.

In the next section, we will understand what the main Critical Success Factors and Key Performance Indicators (KPIs) are in supplier management.

Wish to have in-depth knowledge of ITIL Intermediate SOA? Check out our Course Preview now!

Critical Success Factors and KPIs

The following list includes some sample CSFs for supplier management. Each organization should identify appropriate CSFs based on its objectives for the process. Each sample CSF is followed by a small number of typical KPIs that support the CSF. These KPIs should not be adopted without careful consideration.

Each organization should develop KPIs that are appropriate for its level of maturity, its CSFs and its particular circumstances. Achievement against KPIs should be monitored and used to identify opportunities for improvement, which should be logged in the CSI register for evaluation and possible implementation.

The following table lists the CSF and their corresponding KPIs:



Business protected from poor supplier performance or disruption

  • Increase in the number of suppliers meeting the targets within the contract

  • Reduction in the number of breaches of contractual targets.

Supporting services and their targets align with business needs and targets.

  • Increase in the number of service and contractual reviews held with suppliers

  • Increase in the number of supplier and contractual targets aligned with SLA and SLR targets.

Availability of services is not compromised by supplier performance.

  • Reduction in the number of service breaches caused by suppliers

  • Reduction in the number of threatened service breaches caused by suppliers.

Let us now learn about the Challenges that the Supplier management faces.


Supplier management faces many challenges, which could include:

  • Continually changing business and IT needs and managing significant change in parallel with delivering existing service

  • Working with an imposed non-ideal contract, a contract that has poor targets or terms and conditions, or poor or non-existent definition of service or supplier performance targets

  • Legacy issues, especially with services recently outsourced

  • Insufficient expertise retained within the organization

  • Being tied into long-term contracts, with no possibility of improvement, which has punitive penalty charges for early exit

  • Situations where the supplier depends on the organization in fulfilling the service delivery (e.g., for a data feed) can lead to issues over accountability for poor service performance

  • Disputes over charges Interference by either party in the running of the other’s operation

  • Being caught in a daily fire-fighting mode, losing the proactive approach

  • Poor communication – not interacting often enough or quickly enough or not focusing on the right issues

  • Personality conflicts and/or cultural conflicts

  • One party using the contract to the detriment of the other party, resulting in win-lose changes rather than joint win-win changes

  • Losing the strategic perspective, focusing on operational issues, causing a lack of focus on strategic relationship objectives and issues.

Key elements that can help to avoid the above issues are:

  • A clearly written, well-defined and well-managed contract

  • A mutually beneficial relationship

  • Clearly defined (and communicated) roles and responsibilities on both sides

  • Good interfaces and communications between the parties

  • Well-defined service management processes on both sides

  • Selecting suppliers who have achieved certification against internationally recognized certifications, such as ISO 9001 and ISO/IEC 20000.

Now, we will discuss the major areas of risk associated with the supplier management.


Risks The major areas of risk associated with supplier management include:

  • Lack of commitment from the business and senior management to the supplier management process and procedures

  • Lack of appropriate information on future business and IT policies, plans, and strategies

  • Lack of resources and/or budget for the supplier management process Legacy of badly written and agreed contracts that do not underpin or support business needs or SLA and SLR targets

  • Suppliers agree to targets and service levels within contracts that are impossible to meet, or suppliers fail or are incapable of meeting the terms and conditions of the contract

  • Supplier personnel or organizational culture are not aligned with that of the service provider or the business

  • Lack of clarity and integration by the supplier with service management processes, policies, and procedures of the service provider

  • Suppliers are not cooperative and are not willing to partake in and support the required supplier management process

  • Suppliers are taken over, and relationships, personnel, and contracts are changed

  • The demands of corporate supplier and contract procedures are excessive and bureaucratic

  • Poor corporate financial processes, such as procurement and purchasing, do not support good supplier management.


This brings us to the end of this learning unit. The next lesson talks about Financial Management for IT Services.

  • Disclaimer
  • PMP, PMI, PMBOK, CAPM, PgMP, PfMP, ACP, PBA, RMP, SP, and OPM3 are registered marks of the Project Management Institute, Inc.

Request more information

For individuals
For business
Phone Number*
Your Message (Optional)
We are looking into your query.
Our consultants will get in touch with you soon.

A Simplilearn representative will get back to you in one business day.

First Name*
Last Name*
Work Email*
Phone Number*
Job Title*