Good governance is key in tenders

Gregg Barrett GOVERNANCE in procurement can be complicated at the best of times. A colleague of mine, Tim Cummins, chief executive of IACCM, was re cently asked what governance in procurement was about. His response was: Is governance in procurement being referred to in terms of functional oversight and controls or process oversight and controls? The two are very different because many procurement groups do not have accountability for the entire process. In many companies, it is unclear what constitutes the procurement process. Cummins said best-practice organisations are those that have defined to process and where governance does not mean control, but does mean transparency and a defined point of accountability. The topic governance in procurement not only must ensure value from relationships, it must also monitor performance in areas like ethics, innovation and integrity. How this is achieved will vary, but it raises challenges and questions regarding skills and information systems, demanding new metrics and a quality of procurement leadership that is often lacking today. Critical is that organisations need to define and implement a comprehensive and structured Governance, Risk Management and Compliance (GRC) model that is consistent with the organisations strategy and risk management objectives and properly aligns people, process and technology capabilities. In the US and the UK, while politicians argue over the need for new regulations and controls on bonuses and pay, top global corporations continue to steer their own path to enhance governance. They understand the need to balance risk and opportunity, ensuring the trust of key stakeholders and that making and managing responsible commitments is fundamental to the issue of trust. As governments worldwide debate regulatory responses to the banking and credit crisis, they should consider the extent to which contracting policies and practices represent a key line of defence for corporate behaviour and ethics, says Cummins. Contracts are a primary vehicle through which companies identify and define opportunities and manage risk. In a complex, networked world, many believe the quality of contract management has become a key indicator of a companys performance and integrity. Todays contract management techniques stretch far beyond the largely administrative

tasks of the past. Leaders in this area understand its critical role in relationship and corporate governance. The IACCM recently released the results of its study of the 25 Most Admired Companies in post-award contract management. It showed that leading organisations understand that every transaction undertaken entails some level of risk and that it is prudent to protect against this risk. But the challenge is to decide what level of protection is necessary. At what point does protection turn to unwarranted caution, causing us to lose healthy and profitable business? The contracting process provides a framework for regulatory compliance, reputational risk management and effective change control and offering a source for added value and innovation. Top companies realise that added value goes much further than simple price cuts or cost reduction. For leading organisations, the issue is of probability, consequence and outcome that are fundamental to good risk management. Todays speed of change and market volatility with the dramatic shift in areas like reputational risk, have generated a sensitivity to risk that encourages increased review and approval, more governance and potential regulation. The real point is that we must learn to adapt our attitudes and systems to cope with the new world. So we need to adjust and develop innovative risk management techniques that equip us for the future, rather than the past. The techniques that were revealed at the recent IACCM EMEA Conference in London, revealed that a better use of technology was a key element. Networked technology lies at the root of this new world so it must also be part of the answer. Specialist applications are part of the solution, but as important is the need to focus on more holistic and integrated systems . These must be further supplemented by powerful analytical tools. A new risk regime demands collaboration across specialist groups which means management must support (or demand) a new shared service delivery system. Specialists must adopt a common language and tools that span the length and breadth of the entire organisation, to make the risk process seamless. There also need to be clear goals and a shared sense of purpose which must be based on corporate strategies and objectives . So governance in procurement needs to be aligned and implemented as part of the organisational GRC framework, where transparency and accountability is defined and embedded as a culture into the underlying business fabric, supporting organisational efficiency with repeatable and sustainable processes. For success, a GRC framework needs: - A formal communications channel to provide a constant mechanism for generating,

transmitting, receiving, storing and acting on information in an environment of compliance. - To be viewed as an opportunity to make positive changes throughout the organisation. - As an ongoing process of continuous improvement with a holistic view across the enterprise. - As an investment and a way to improve the overall efficiency and effectiveness of internal business processes and ultimately to reduce costs. - Technology plays an important role in achieving sustained compliance. My thanks to Tim Cummins and the IACCM (www.iaccm.com) for producing the thought-leading content that made this article possible