It’s no secret that industry analysts note enterprises worldwide are fraught with low adoption of legacy procurement software. As a result, one of the main problems Chief Procurement Officers (CPOs) face is the lack of visibility and control of transactions. Procurement needs technology vendors with vision who can deliver the ability to combat rogue buying and improve spend management and contract lifecycle management (CLM) with more functionalities.
CPOs today want products and solutions with source-to-pay features that are easy to use, integrated with CLM.
Both Gartner and Forrester indicate that demand for CLM is projected to grow 12% – 15% in 2022. Contributing to that growth are technology-enabled solutions integrated or linked to applications such as revenue management, pricing, project management, risk management, and e-procurement.
Our strategy in acquiring Sourcing Force is to create and deliver an extensible collaborative process with contract management at the center of procurement. Fully integrating both upstream and downstream functionality will produce an all-in-one suite that provides the tools to meet the demands of procurement. Our goal is to drive the procurement process, generating sound strategic sourcing and supplier management activities that will impact the bottom line. CLM, when integrated with procurement applications and applied across the organization, can boost procurement’s contribution to the organization. It’s no different than how CRM enhances the contributions and effectiveness of the sales and marketing functions or ERP collects and organizes data to facilitate efficient enterprise management.
If you think about it, the role of procurement is to acquire products, goods, and services for the entire enterprise. These purchased items are crucial to run the business, enabling departments to meet their objectives and to achieve company business goals. CPOs want solutions that allow them to fulfill end-to-end upstream and downstream objectives.
As a pioneer in CLM, we know the importance of contracts at the core of e-sourcing and e-procurement strategy.
Our customers have told us how CLM helps optimize supply management by simplifying and automating the contract process. Enterprises today demand visibility into the key elements of the contracts, they want compliance from the supplier, and rapid time to value. By listening to the demands of the market and including a robust CLM as part of the procurement process, CPOs can consistently realize the full value of contracts, resulting in lower legal and financial risk along with improved profits.
The net net: a procurement process to power the global market to ensure execution and operation of a profitable organization. This process demands collaboration, integration and deployment of technology between heterogeneous systems that drive the procurement lifecycle and allow procurement professionals to meet the needs of business. With the capabilities Sourcing Force brings to the table, Sourcing Force can provide the full suite of integrated CLM and procurement solutions to enable enterprises to successfully achieve their goals.
Three Ways CLM (Contract) Can Help You Comply With GDPR
There is a constant stream of information coming out about GDPR – the General Data Protection Regulation – most of it with a sense of urgency, if not doom, about it. A recent article by Efficio, one of the valued organizations in the Sourcing Force’ Contract Lifecycle Management, laid out a very clear and rational explanation for how to approach GDPR compliance. In essence, you need to see where your risks are so you can plan for them.
Penalties for non-compliance can be up to €20 million or 4% of annual global turnover – whichever is higher.
This fact gets a lot of airtime. And it should – it’s a stiff penalty by any measure. While the need for compliance is the biggest factor on any companies’ to-do list, there are also advantages in terms of building customer trust and enhancing organizational reputation. What follows are three ways contract lifecycle management can play a key role in ensuring your organization is ready on the May 25, 2018 deadline.
Review of your third-party agreements with suppliers and vendors that have access to your EU personal data to ensure those agreements comply with the GDPR.
While there is a delineation between data controllers and data processors, your company as the controller (or owner?) is responsible overall. According to Efficio, the first step is to know which of your third parties is affected by the GDPR rules, and what you want the outcome of the contract relationship to be. A CLM or contract management solution – especially if it is linked with a supplier management solution sharing integrated data – would make this task simple with one-click access to all supplier contracts in the enterprise repository.
This allows you to quickly determine the precise flows of personal data across your supply chains in order to see who has access to that data, all the sub-processors and where data is actually being processed. In other words, where are the potential greatest risks. From there you can review each suppliers’ data protection provisions, as well as highlight which ones are in need of more stringent risk profile criteria.
Items that you must include in contracts with suppliers who have access to EU personal data based on Article 28.
There are a lot of articles in the GDPR, but not always a lot of clarity about them. Article 28 is one of those that is comparatively straightforward. It states that any suppliers (processors) with access to applicable data must provide sufficient guarantees that they have appropriate technical and organizational measures in place to meet GDPR requirements. And that it must all be detailed in a binding contract. If that vendor wants to enlist a subcontractor, the controller company has to approve everything first, and in an ongoing fashion. That means your third-party risk has third-party risk potential as well, all of which needs to be monitored. There is no way to effectively do this without contract lifecycle management in place.
Contract Management, like Sourcing Force for instance, should enable you to control multiple contract families, types and extensions. Including real-time master data and metadata integration is necessary to achieving the transparency – and risk management – that the GDPR demands for your data inventory. You can’t manage what you can’t see – as long as you have the tools to know exactly what’s in your contracts you’ll be able to ensure that new requirements are in there, from 72-hour data breach notification to data protection impacts and the ultimate return of data.
Prioritizing your GDPR strategy to ensure compliance when the time comes.
According to IAPP research – the non-profit global information privacy community – approximately six in 10 organizations report they will not be in full compliance with the GDPR when it comes into force. It is admittedly a massive task to achieve compliance, but even so, that is a huge percentage of companies that are going to risk the consequences. There aren’t really best practices yet, but developing a risk triage approach will help go a long way to meeting requirements.
It starts in-house, by working with enterprise legal teams to ensure contracts include protection against GDPR-related risk. It also means categorizing suppliers so you can work with them in the right order of priority on issues like liability, indemnities, adequate protections, and so forth. This of course means knowing with suppliers are most exposed to the regulations, and which are most business critical. A robust CLM provides that information as a matter of course. That could be the reason why, after training, the most likely response to GDPR risks in the IAPP research is investment in technology. There’s been a spike in companies using vendor management systems, and those considered “most thorough” include contract management to ensure proper compliance.
Organizations of all sizes are scrambling to with GDPR compliance mandates, and will continue to do so even after the May 25 deadline. Now, if you are based in the UK under the looming cloud of Brexit, how does that add to the complexity? The word “exponential” doesn’t begin to describe it.
Successfully managing all of this without a comprehensive CLM solution that aligns people, processes and data internally, enables transparency of third-parties and their inherent risk, and provides a large measure of process automation, is next to impossible. In fact, it is impossible.
Our latest articles
Introduction to SIM & CLM: Why supplier risk isn’t just a Fortune 100 company issue.The responsibility for managing suppliers and supplier contracts has taken on a heightened level of interest and concern in recent years. Highly regulated industries including...
A blog by Spend Matters yesterday caught my eye, as it’s a topic that’s very top of mind here at Sourcing Force: the procurement technology user experience – or UIX. Coming hot on the heels of the Spend Matters’ E-Procurement SolutionMap, it’s a perfect time to look...
Let’s consider this familiar situation: it’s the last day of the fiscal quarter, and everyone in your company involved in the contract process is frantically working on extensions, approvals, and special requests. Since each contract is being reviewed and adjusted...