Project Toolkit

Vendor & Contract Management

Vendor & Contract Management

Managing vendors, suppliers, and contracts throughout the project lifecycle including procurement, contract types, performance management, and relationship building.

Vendor & Contract Management

Effective vendor and contract management ensures third parties deliver quality work on time and within budget, while managing risks and maintaining productive relationships.

Why Vendor Management Matters

Key Insight: Poor vendor management is a leading cause of project overruns. Projects with strong vendor governance are 3x more likely to deliver on time and budget.

Effective vendor management:

  • Reduces delivery risk
  • Controls costs
  • Ensures quality
  • Protects intellectual property
  • Maintains compliance
  • Builds strategic partnerships

The Vendor Management Lifecycle

flowchart LR A[Define
Requirements] --> B[Select
Vendor] B --> C[Contract
Negotiation] C --> D[Onboard &
Mobilise] D --> E[Manage
Performance] E --> F[Close or
Renew] classDef blue fill:#108BB9,stroke:none,color:#fff class A,B,C,D,E,F blue
Phase Key Activities Outputs
Define Scope work, set criteria, budget RFP/RFQ, evaluation criteria
Select Evaluate proposals, due diligence Vendor selection, recommendation
Contract Negotiate terms, legal review Signed contract
Onboard Kick-off, access, ways of working Mobilised vendor
Manage Monitor, review, resolve issues Performance reports
Close Handover, lessons, renewal decision Closure/renewal

Procurement Process

Make vs Buy Decision

Before engaging vendors, decide whether to build in-house or buy externally:

Factor Make (In-house) Buy (Vendor)
Core competency Build if strategic Buy if commodity
Capacity If team available If no capacity
Speed If faster internally If vendor faster
Cost If cheaper long-term If cheaper short-term
Risk Keep control Transfer risk
IP Retain ownership Consider ownership

Request Types

Document Purpose When to Use
RFI (Request for Information) Gather market information Early exploration
RFQ (Request for Quotation) Get pricing for defined scope Clear requirements, price focus
RFP (Request for Proposal) Invite solutions and pricing Complex requirements
RFT (Request for Tender) Formal competitive bid Public sector, regulated

RFP Structure

Section Content
Introduction Project background, objectives
Scope of work Detailed requirements
Deliverables What must be produced
Timeline Key dates and milestones
Evaluation criteria How proposals will be scored
Submission requirements Format, deadline, contact
Terms and conditions Contract terms, legal requirements
Appendices Technical specs, templates

Vendor Selection

Evaluation Criteria

Category Weight Criteria
Technical capability 30% Solution fit, methodology, technology
Experience 20% Relevant projects, references, track record
Team 15% Skills, availability, key personnel
Price 20% Total cost, value for money
Commercial 10% Contract terms, flexibility
Risk 5% Financial stability, delivery risk

Scoring Matrix

Vendor Technical (30) Experience (20) Team (15) Price (20) Commercial (10) Risk (5) Total
Vendor A 24 16 12 18 8 4 82
Vendor B 27 18 14 14 7 3 83
Vendor C 21 14 10 20 9 5 79

Due Diligence Checklist

  • Financial stability (credit check, accounts)
  • References from similar projects
  • Insurance and liability coverage
  • Security certifications (ISO 27001, SOC 2)
  • Compliance with regulations
  • Key personnel CVs and availability
  • Subcontractor arrangements
  • Business continuity plans
  • Environmental/ethical policies

Contract Types

Common Contract Structures

Type Description Risk Allocation Best For
Fixed Price Set price for defined scope Vendor bears risk Well-defined work
Time & Materials Pay for actual time/resources Client bears risk Uncertain scope
Cost Plus Costs + agreed margin Client bears most risk R&D, uncertain work
Target Cost Shared savings/overruns Shared risk Partnership approach
Framework Agreed terms, call-off work Balanced Ongoing relationship

Fixed Price vs Time & Materials

flowchart TD A{Is scope
well-defined?} -->|Yes| B{Is scope
likely to change?} A -->|No| C[Time & Materials] B -->|No| D[Fixed Price] B -->|Yes| E{Can you define
change process?} E -->|Yes| F[Fixed Price +
Change Control] E -->|No| C classDef blue fill:#108BB9,stroke:none,color:#fff class A,B,C,D,E,F blue
Factor Fixed Price Time & Materials
Scope certainty High Low
Budget certainty High Low
Flexibility Low High
Vendor incentive Efficiency Billable hours
Client oversight Lower Higher
Change management Formal process Continuous

Key Contract Terms

Essential Clauses

Clause Purpose Key Points
Scope of work Define deliverables Clear, measurable, complete
Pricing Payment terms Fixed/variable, milestones, rates
Timeline Delivery schedule Milestones, dependencies, penalties
Acceptance criteria Quality standards How work is accepted/rejected
Change control Managing changes Process, pricing, approval
IP ownership Intellectual property Who owns what, licensing
Confidentiality Protect information NDA terms, data handling
Liability Risk allocation Caps, exclusions, indemnities
Termination Exit provisions Notice, for cause, consequences
Dispute resolution Resolving conflicts Escalation, mediation, jurisdiction

Service Level Agreements (SLAs)

SLA Component Example
Availability 99.9% uptime
Response time Critical: 1 hour, High: 4 hours
Resolution time Critical: 4 hours, High: 1 business day
Reporting Monthly performance report
Penalties Service credits for breaches
Escalation Contact matrix by severity

Contract Review Checklist

  • Scope clearly defined and complete?
  • Pricing clear and competitive?
  • Payment terms acceptable?
  • Milestones aligned with project plan?
  • Acceptance criteria measurable?
  • Change process defined?
  • IP ownership clear?
  • Confidentiality adequate?
  • Liability caps acceptable?
  • Termination rights fair?
  • Insurance requirements met?
  • Key personnel named?
  • Subcontracting controlled?
  • Compliance requirements included?
  • Dispute resolution practical?

Vendor Onboarding

Onboarding Checklist

Category Tasks
Contract Signed contract, purchase order raised
Access Systems access, building passes, VPN
Documentation Project brief, standards, templates
Introduction Meet the team, stakeholder introductions
Ways of working Communication, meetings, reporting
Tools Project tools, collaboration platforms
Security Security briefing, compliance training
Kick-off Formal kick-off meeting

Kick-off Meeting Agenda

Topic Time Owner
Introductions 10 min PM
Project overview and objectives 15 min PM
Scope and deliverables review 20 min Vendor
Timeline and milestones 15 min Vendor
Governance and reporting 10 min PM
Risks and issues 10 min Both
Communication and escalation 10 min PM
Q&A 10 min All
Next steps 5 min PM

Performance Management

Governance Structure

flowchart TD A[Steering
Committee] --> B[Project Board] B --> C[Working Group] C --> D[Day-to-Day
Management] classDef blue fill:#108BB9,stroke:none,color:#fff class A,B,C,D blue
Level Attendees Frequency Focus
Steering Executives both sides Quarterly Strategic, relationship
Board Senior managers Monthly Performance, escalations
Working Group Project leads Weekly Delivery, issues
Day-to-Day Team members Daily Tasks, blockers

Performance Metrics

Category Metrics
Delivery On-time delivery %, milestone completion
Quality Defect rate, rework %, acceptance rate
Cost Budget variance, cost per deliverable
Responsiveness Issue resolution time, communication
Collaboration Team feedback, relationship health
Innovation Value-add suggestions, improvements

Vendor Scorecard

Metric Target Actual Status Trend
On-time delivery 95% 92% Amber
Defect rate < 5% 3% Green
Budget variance < 5% 2% Green
Issue resolution < 2 days 1.5 days Green
Stakeholder satisfaction > 4/5 4.2/5 Green

Performance Review Meeting

Agenda Item Content
Progress update Work completed, milestones achieved
Metrics review Scorecard, trends, comparisons
Issues and risks Current problems, mitigations
Change requests Pending changes, impacts
Upcoming work Next period activities
Relationship health Feedback both ways
Actions Agreed next steps

Managing Vendor Relationships

Relationship Health Indicators

Healthy Unhealthy
Open communication Defensive responses
Proactive issue raising Problems hidden until late
Collaborative problem-solving Blame and finger-pointing
Flexibility on both sides Rigid contract interpretation
Trust and transparency Suspicion and checking
Invested in success Going through motions

Building Strong Relationships

Practice Description
Regular contact Don’t just meet when there’s a problem
Fair treatment Pay on time, reasonable demands
Clear expectations No surprises, consistent messaging
Recognition Acknowledge good work
Constructive feedback Address issues directly but fairly
Partnership mindset Win-win, not zero-sum

Handling Poor Performance

flowchart LR A[Performance
Issue] --> B[Document &
Raise] B --> C[Agree
Remediation] C --> D[Monitor
Improvement] D --> E{Improved?} E -->|Yes| F[Continue] E -->|No| G[Escalate/
Terminate] classDef blue fill:#108BB9,stroke:none,color:#fff class A,B,C,D,E,F,G blue
Step Actions
Document Record specific issues with evidence
Raise formally Written notice to vendor management
Root cause Understand why performance is poor
Remediation plan Specific actions with dates
Monitor closely Increased oversight during remediation
Escalate if needed Invoke contract provisions

Issue Resolution

Common Vendor Issues

Issue Cause Response
Delayed delivery Capacity, dependencies, scope creep Assess impact, recovery plan
Quality problems Skills, process, requirements Root cause, remediation
Cost overrun Scope change, estimation error Change control, negotiation
Key person leaves Attrition, reassignment Replacement plan, knowledge transfer
Communication breakdown Process, relationship Clear escalation, regular touchpoints
Scope disputes Unclear requirements Contract review, negotiation

Escalation Path

Level Issue Type Escalation To
1 Day-to-day problems Vendor team lead
2 Delivery/quality issues Vendor project manager
3 Contract/commercial issues Vendor account manager
4 Relationship/strategic Vendor senior management
5 Dispute resolution Formal mediation/legal

Change Management

Change Control Process

flowchart LR A[Change
Request] --> B[Impact
Assessment] B --> C[Quote/
Estimate] C --> D[Approval
Decision] D --> E[Update
Contract] E --> F[Implement
Change] classDef blue fill:#108BB9,stroke:none,color:#fff class A,B,C,D,E,F blue

Change Request Template

Field Content
Change ID Unique identifier
Description What is being changed
Reason Why the change is needed
Impact - Scope What additional work
Impact - Cost Price for the change
Impact - Time Schedule effect
Requester Who is requesting
Approver Who can approve
Decision Approved/Rejected/Deferred

Contract Closure

Closure Activities

Activity Purpose
Deliverable acceptance Confirm all work complete
Documentation handover Receive all project documents
Knowledge transfer Capture operational knowledge
Asset return Equipment, access, credentials
Final payment Process remaining invoices
Warranty period Confirm support arrangements
Lessons learned Capture what worked/didn’t
Formal closure Sign-off and close contract

Handover Checklist

  • All deliverables received and accepted
  • Source code/documentation transferred
  • Training completed
  • Support arrangements in place
  • Access credentials returned/revoked
  • Equipment returned
  • Final invoice agreed and paid
  • Warranty terms understood
  • Escalation contacts for warranty
  • Lessons learned captured
  • Formal closure letter issued

Vendor Risk Management

Risk Categories

Category Risks
Delivery Late delivery, incomplete work, quality issues
Financial Vendor insolvency, cost overruns
Operational Key person dependency, capacity constraints
Security Data breach, access control
Compliance Regulatory violations, audit failures
Strategic Vendor acquisition, market exit

Risk Mitigation Strategies

Risk Mitigation
Single vendor dependency Multi-vendor strategy, exit clauses
Key person risk Knowledge transfer, backup resources
Financial instability Credit monitoring, milestone payments
Data security Security requirements, audits
IP disputes Clear contract terms, escrow
Poor performance SLAs, penalties, termination rights

Best Practices

Do’s

Practice Benefit
Define scope clearly Reduces disputes and changes
Invest in selection Better fit, fewer problems
Document everything Evidence if needed
Communicate regularly Early warning of issues
Build relationships Partnership, not adversarial
Monitor continuously Catch issues early
Plan for exit Smooth transition when needed

Don’ts

Practice Consequence
Rush procurement Wrong vendor, poor terms
Vague requirements Scope disputes, change orders
Set and forget Problems escalate unnoticed
Adversarial approach Damaged relationship, poor service
Ignore red flags Issues become crises
Skip due diligence Financial or capability surprises

Vendor Management Checklist

Pre-Contract

  • Requirements clearly defined?
  • Make vs buy decision made?
  • RFP/RFQ issued?
  • Evaluation criteria agreed?
  • Proposals evaluated objectively?
  • Due diligence completed?
  • Contract negotiated and reviewed?
  • Legal approval obtained?

During Contract

  • Onboarding complete?
  • Governance structure in place?
  • Performance metrics defined?
  • Regular reviews scheduled?
  • Issues tracked and resolved?
  • Changes controlled?
  • Relationship healthy?
  • Risks monitored?

Contract End

  • All deliverables accepted?
  • Knowledge transferred?
  • Documentation received?
  • Access revoked?
  • Final payment made?
  • Lessons learned captured?
  • Formal closure complete?
  • Renewal decision made?
Last updated: 13 January 2026
Themes

Delivery

Governance

Control