November 21, 2017

Strategic Partnerships Group Recap: Risk of Rogue Sourcing

Last week during our Strategic Partnership Group meeting, we had a great open discussion on the risks of rogue sourcing and how to mitigate those risks. A huge thank you to Mart Mettert, Manager of IT Vendor Management at 3M, for facilitating this discussion.

We started off by defining what rogue sourcing is. Essentially, rogue sourcing is similar to Shadow IT in that standard agreements or types of sourcing and their processes are not used as defined by company policies and procedures. As mentioned in our discussion it includes things like, someone hitting “yes” on an agreement, acquisition of a service without a process in place, and bringing your favorite vendor along with you to a new company. With that being said, as a leader within IT, you are not the only person who is dealing with rogue sourcing and the difficulties it may bring. 

Mark asked the group, “In your experience, what are some examples of things that went wrong?” They came up with examples such as a business department within their organization making purchases relating to a cloud service without the knowledge of the IT department. In another example, someone mentioned an experience where scorecard results were never shared with the IT department. It is important for the IT department to be involved in areas such as those mentioned above, especially, when it leads to risks like the ones mentioned below.

The focus of our meeting was based on the risks of rogue sourcing and how to mitigate them. Through a collaborative discussion, here’s what the group came up with. 

Risks of Rogue Sourcing 

Loss of ownership or leverage Contractual issues
Loss of buying power Lack of due diligence 
Security and data risks No SLAs
Confidentiality risks Inability to track assets
Data privacy/legal exposure Support and maintenance terms
Agreements done after the fact Decreased vendor competition
Non-compatible system sourcing Not seeing the best technology for a given situation
Speed analytics and reporting issues Increased cost


How to Mitigate Rogue Sourcing 

Communication (reporting process) Pro-active planning with business teams
Need formal documented process Limit spending methods
Simplify processes Limited admin rights
Build relationships (make it easy) Develop mature purchasing with sourcing department
Champion team Develop vendor management program
Consequences for “rogue” procurement Executive sponsorship and buy-ins
Restrict signing authorities Continuously do these steps
Define policy and procedures  

What consequences has your organization experienced as a result of rogue sourcing and did you work to mitigate those risks in the future? 


Become A Member ! (1)



Posted by: Anna Wischmann

Tags:  Meeting Recap, SPG Group, Rogue Sourcing

Social Media Policy

No comments yet. Be the first!

Your Comment:

*This will not be displayed.