Home/Vendor & Contract Governance
Pillar 05 of 09

Vendor & Contract
Governance

$800M contracts. $3.9M recovered. Rigorous commercial discipline.

Managing large-scale IT services contracts, establishing third-party risk programs, and recovering millions in vendor overcharges through disciplined commercial audit, SLA governance, and contract compliance monitoring across global operations.

TPRMSLA GovernanceCommercial AuditRFP ManagementStrategic SourcingOCG ComplianceISO 27036
TPRM Lifecycle
Third-Party Risk Management Program

My TPRM programs establish a complete vendor risk lifecycle — from commercial risk criteria definition through ongoing compliance monitoring and issue remediation. Aligned to ISO 27036, NIST 800-161, and financial services TPRM best practices.

01
Risk Criteria
Define commercial & data risk thresholds
02
Vendor Assessment
Evaluate & approve third parties
03
Contract Controls
Enforce compliance in contracts
04
Performance Monitoring
SLA tracking, KPIs, escalation
05
Audit & Recovery
Commercial audit, issue recovery
Practice Areas
Vendor Governance Capabilities

Enterprise TPRM Program

Cross-functional TPRM partnering Legal, Cybersecurity, and Supply Chain — commercial risk criteria, vendor evaluation, and OCG-equivalent compliance standards.

  • Commercial risk criteria and thresholds
  • Vendor evaluation and approval workflows
  • Contractual compliance standards enforcement
  • OCG-equivalent client requirement alignment

SLA Governance & Performance

Designing and enforcing SLA frameworks with accountability structures — KPI dashboards, performance reviews, escalation pathways, and consequence management.

  • SLA framework design and implementation
  • KPI dashboard development and tracking
  • Performance review cadence governance
  • Vendor performance improvement plans

Commercial Audit & Recovery

Structured commercial audits against contract terms — identifying billing discrepancies, overcharges, and compliance gaps; recovering value through disciplined governance.

  • Contract compliance review methodology
  • Invoice and billing audit practices
  • Overcharge identification and recovery
  • $3.9M in overcharges recovered

RFP & Source Selection

End-to-end procurement cycles — requirements development, RFI/RFP creation, evaluation criteria, source selection, and award governance for large-scale IT services contracts.

  • Requirements and SOW development
  • RFI, RFP, and IDIQ development
  • Evaluation criteria and scoring frameworks
  • GOCO vs. COCO acquisition modeling

Strategic Sourcing

Developing strategic sourcing approaches for major technology categories — telecom, infrastructure, cloud, and managed services — including market analysis and negotiation strategies.

  • Telecom optimization (48% cost reduction)
  • Should-cost and market pricing analysis
  • Category strategy and supplier rationalization
  • Negotiation and contract structuring

Vendor Alliance Management

Managing strategic technology alliances — aligning vendor roadmaps with enterprise strategy, governing contract performance, and identifying go-to-market opportunities.

  • Microsoft alliance governance (M365, Azure, Purview)
  • ServiceNow partnership governance
  • AvePoint, Proofpoint, Moveworks relationships
  • Go-to-market strategy with vendors
Results
Vendor Governance Outcomes
$3.9M
Vendor overcharges identified and recovered through disciplined commercial audit against $800M IT services contract
Commercial Audit
48%
Global telecom cost reduction through strategic contract renegotiation and vendor transition at Bristow Group
Strategic Sourcing
50%+
Issue resolution speed improvement through KPI dashboards and SLA governance framework
SLA Governance

Continue Exploring

GRC & Risk Management → Digital Transformation IT Strategy ← Home