It Vendor Management: Principles & Practices

Explore, Enable, Excel
IT VENDOR MANAGEMENT
PRINCIPLES & PRACTICES
INSTITUTE FOR DEVELOPMENT AND RESEARCH IN

BANKING TECHNOLOGY
(ESTABLISHED BY RESERVE BANK OF INDIA)
CONTENTS
1. Introducon 02
2. Procurement of IT Goods and Services 04
Purchase Manual 04
Fundamental Principles of Procurement 04
Mode of Purchase 04
Noce Inving Tender 06
Stages in Procurement 07
RFP/Tender Contents 12
Submission of Bids: Two-Bid System 13
Evaluaon of Bids and Selecon of Supplier 14
Other Terms and Condions 16
Award of Contract 18
3. Project Execuon, Maintenance and Support 19
Project Management 19
Conflict Management 20
Contract Agreement 20
Service Level Agreement 22
Technology Refresh 23
Terminaon of Contract 24
4. Outsourcing IT Works and Services 25
Value Proposions of Outsourcing 25
What Cannot Be Outsourced? 25
Common Areas of Concerns in Outsourcing 25
Outsourcing Maturity Model 26
Stages in Outsourcing 27
Risk Management in Outsourcing Arrangements 27
Risk Evaluaon and Measurement 28
Importance of IT Outsourcing and Management 28
References 28
AUTHORS
Dr. G. R. Gangadharan Shri B. Shandilya

Assistant Professor Senior Domain Expert
IDRBT IDRBT
© An IDRBT Publicaon, October 2015. All Rights Reserved.

For restricted circulaon in the Indian Banking Sector.
FOREWORD
IT VENDOR MANAGEMENT
ART AND SCIENCE
A S banks star ted adopting information

technology on a large scale during the past two
decades, they also started depending on IT
companies for implementation of technology
The challenges are not insurmountable. What banks
solutions. They have been adopting various
need is to equip their IT teams with the skills relating
approaches right from only procurement to
to vendor management. The skills are multifold. On
procurement and maintenance to total outsourcing.
one hand, the team should be able to specify the
With cloud becoming a feasible alternative, banks are
requirements in unambiguous terms. On the other,
also considering moving their applications to cloud
they should be able to select the right vendor
service providers.
following all the procurement policy approved by
Vendor management, though inevitable, is saddled their boards and, wherever applicable, adhering to
with several challenges. There are challenges in the extant guidelines from the Government, Reserve
identifying the right vendor and the right solution. Bank of India and CVC. Finally, they have to learn to
There are also challenges in ensuring that the vendor maintain a working relationship with the vendors so
maintains timelines and quality and that the solution as to ensure that the technology solutions run
meets their expected requirements. Mostly, there are smoothly.
challenges in continued support from vendors over a
There is both art and science in vendor management.
long period.
The art of management is not easy to document. What
is attempted in this booklet on IT vendor management
is to document the science part in the form of principles
and practices. Dr. G. R. Gangadharan and Shri B.
Shandilya deserve complements for painstakingly
compiling the booklet, with their knowledge and
experience.
The booklet is expected to serve as a handbook on IT

vendor management for IT teams across banks.
Dr. A. S. Ramasastri
Director, IDRBT
IT Vendor Management : Principles & Practices 01

CHAPTER 1
INTRODUCTION
I NFORMATION Technology (IT) is central to all

business functions. IT handles and processes large
volumes of transactions at a speed that is manually
impossible. Through generation of reports, and
analysis of data, IT provides timely information to the
top management to take informed business
decisions. However, IT not being the core function, all
banks are dependent on external vendors for
enabling technology to meet their business and
administrative needs. The success of a business is thus
directly related to the way IT and its vendors are
handled and managed. Vendor management has in it two words – vendor and
A supplier may provide same product or service to management. The word vendor means and includes
multiple institutions. But the buyer, who knows the art all the sellers/suppliers who supply/install/implement
of vendor management, will bring out the best out of /maintain the IT product/services and to whom IT
the vendor at the same price. In this context, vendor works, projects, processes and ser vices are
management refers to an underlying management outsourced. The word management refers to the
function that runs across all IT products/services knowledge and skill that is required and the processes
procured or outsourced. to be followed to ensure delivery of IT goods and
ser vices by the vendor, to meet contractual
Vendor management is a skill to be cultivated, to obligations.
ensure in the ultimate analysis, and a “win-win”
situation for both the buyer and supplier. The buyer Vendor management is thus the key to efficient and
must have the satisfaction of getting what they need effective functioning of an IT department in a bank
and sought at reasonable and affordable price and and can be defined as a process and skill required in
the seller must have the satisfaction of winning executing IT projects, works and services through
customers' goodwill. vendor as per the timelines set, to realize full value for
the money spent for supporting and realizing
Vendor management assumes importance, as an business objectives.
underlying management funcon that runs across Vendor management plays a crucial role in the success
all IT products/services procured or outsourced.
of large projects that are complex. The buyer-supplier
relationship is one that needs to be worked out for
things to happen in the way the buyer wanted to
happen. For complex and long-term IT projects, one
needs to be working towards long-term business
relationship that is mutually beneficial. Otherwise, it
will have a negative impact that adversely affects the
functioning of the banks.
02 IT Vendor Management : Principles & Practices

Vendor management is a process and skill required

in execu ng IT projects, works, and services
through vendors as per the melines set, to realize
full value for the money spent for supporng and
realizing business objecves.
All in all, one must note that:
¬ If the buyer knows his/her requirements fully and

the vendors' capabilities and products, one can
be certain about the success of IT project and
need not fear about its failure
¬ If the buyer knows only his/her requirements but
not about vendors' capabilities and products, the
chances of the IT project failing are as much as the
chances of success
¬ If the buyer knows neither his/her requirements
nor about vendors' capabilities or products, then Skills Needed for Vendor Management
the IT project is certain to fail.
Possession of thorough technical knowledge or
The key factors for successful vendor management expertise in information technology is not a must for
are mutual trust, commitment, openness, frank effective vendor management. However, it will be
communication, and managing delivery of goods and beneficial if one understands the basics of technology.
services through cooperation. Wherever necessary, the buyer can seek the guidance
of experts/consultants to understand the technical
Basic knowledge of technology and project details before taking a procurement decision.
management and relaonship building skills are
needed for effecve vendor management. What one needs is knowledge about their
requirements, project management skills, and
relationship building skills to drive an IT project to
ensure that what is agreed upon and promised by
the vendor is actually happening on the site.
IT Vendor Management broadly encompasses two

areas:
¬ Procurement of IT goods and services

¬ Outsourcing of IT works and services.
This document offer s broad guidelines on

procurement and sourcing management process and
indicates areas where care is to be taken by buyers,
while dealing with IT vendors in the banking industry.
Banks may adhere to the relevant guidelines issued

from me-to- me by Central Vigilance
Commission (CVC), Reserve Bank of India (RBI), and
Government of India.

CHAPTER 2
PROCUREMENT OF IT GOODS AND SERVICES

I T procurement refers to the process of acquiring
required IT goods or services from IT vendors in
right quantity and right quality at the best possible
¬ to promote competition and
¬ to get value for money spent.
price to secure full value for the money spent. The responsibility and accountability requires that the
basis for decision is demonstrably clear and objective
Transparency, competition, fairness and elimination of and the procurement authority is held to account for
arbitrariness must be ensured in the procurement the conduct of the procurement process.
process.
Procurement principle is to promote compeon,
Purchase Manual and ensure transparency, fairness, and equitable
treatment to suppliers.
Every organization must have a purchase manual
approved by the board. A purchase manual is a set of Mode of Purchase
instructions and procedures to be followed to ensure
consistency and uniformity across the organization in Each organization with the approval of the board, will
purchases/sourcing. The purchase manual must decide the cut-off amount, up to which procurement
contain detailed purchase procedures, delegation of of IT goods/services can be made without floating
powers to various authorities, and pro formas of tender. All other purchases that exceed the cut-off
various formats. The manual is to be reviewed and amount shall be made through tender process only.
updated at regular intervals say once in a year with the Such procurements may be made either through:
approval of the board. ¬ Global/open tender
In an inevitable situation, an organization in its larger ¬ Limited tender
interest may be compelled to deviate from the laid ¬ Single tender.
down procedures in manual or other guidelines. In
such cases, the organization must document explicitly Global/Open Tender
with logical reasons, the circumstances that
Procurement of non-standard items and purchases of
compelled them to deviate from the prescribed path
large value items of IT goods and services shall be
and the cons if the decision is taken otherwise.
done through global/open tender. Empanelment of
Procurement is acquiring required IT goods or vendors for procurement of standard items is also to
services, in right quanty and right quality at the be done through open/global tender.
best possible price to meet business requirements.
Every organizaon must have a purchase manual, In a global tender, opportunity is given to all the
approved by board. technically and financially competent bidders to
participate in the tender. In order to ensure this and to
Fundamental Principles of Procurement receive competitive bids, wide publicity is given.
It is the responsibility of people engaged in the Limited Tender

procurement process –
If IT goods and services are to be purchased under
¬ to bring efficiency, economy, and transparency limited tender, then vendors are first empanelled by
¬ to ensure fair and equitable treatment of issuing global/open tender and thereafter at the time
suppliers of procurement, limited tender is issued to the

empanelled vendors. Purchases through limited tenders, in principle, clearance/approval may be

tender may be done for standard items in IT goods obtained from the board/IT sub-committee.
like PCs, printers, etc., that are commonly used across
Proof of Concept
all branch/office units, and which are needed at
regular intervals. In order to meet the recurring IT industry is a dynamic industry, and regularly new
demand of such IT goods, empanelment of eligible products/concepts are developed and introduced
and competent suppliers shall be done by inviting into the market. Say for example, a new brand router is
expression of interest, through global/open tender. introduced. Their usage may be not only cost-
Empanelment of all such suppliers who satisfy the pre- effective, but may also reduce the process time or
qualification criterion shall be done. If supplies are to bring in some new features. However, there is no prior
be made to various units/branches of the buyer across experience or information in the market as to how
the country, the presence of service outlets of the they function in live environment, and whether their
suppliers in all key places of the country must also be functioning is trouble-free. In all such cases, before
one of the factors to be included in pre-qualification purchase is made and released to production
criterion. In case no single supplier has the capacity or environment, Proof of Concept is conducted (POC).
the required number of service outlets across the The purpose of POC in this context is to test often in a
country, then empanelment may be done region-wise production environment, to establish and show as an
based on their presence and facilities for after sales evidence that the new concept/idea/process/product
service to bank units in respective regions. The is feasible. POC is therefore a prototype targeting a
empanelment can be made valid for one or two years limited scope of the intended solution to demonstrate
depending on the nature of IT goods/services. On its feasibility.
expiry of the validity period, fresh empanelment is to Rate Contract
be done through open tender. Purchase of goods by
limited tender method may be adopted when the Rate contract is an agreement between the purchaser
estimated value of the goods to be procured is up to a and supplier for supply of specified goods at specified
defined amount. price and terms and conditions during the period
covered by rate contract. No quantity is mentioned
Large New Projects nor any minimum drawal is guaranteed in rate
Purchase through limited tender enquiry may be contract. Rate contract price is fixed item-wise and the
adopted even for other than standard items and for procurement authorities shall procure goods at a
large new projects. In all such cases, banks must invite price not exceeding the rate contract price during the
expression of interest through global/open tender period of contract. The period of rate contract is
and shortlist the bidders based on their past generally one or two years.
experience, technical and financial capabilities, etc. The following are the advantages of rate contract:
In some large projects, multiple solutions may be ¬ Goods can be procured as and when required
available and the buyer is aware about the availability thereby reducing inventory cost
of such products in the market, but may not have
¬ It reduces lead time required for procurement
complete knowledge either about its functional
features or technical features. In all such cases, the ¬ Goods will be available at competitive prices due
buyer may first issue global/open tender to shortlist to bulk purchase.
the tenders based on their past experience, technical Rate contracts shall be awarded to the firms who are
and financial capabilities, etc.; and then issue limited registered for the goods in question and fulfil the laid
tender to the shortlisted vendors for procurement. In down eligibility and qualification criteria including
all high value and large projects, before floating

availability of ISI mark, service centres across the

countr y, etc. Suitable stipulations are to be
incorporated in the tender enquiry documents to this
effect.
In case, it is observed that a single supplier does not

Under such circumstances, where proprietary
have enough capacity to cater to the entire demand
procurement is unavoidable or where circumstances
of an item, the rate contract issuing authority may
warrant the previous supplier to be continued for
enter into more than one rate contract with different
extension of work, the bank should take precautions
suppliers for the same item. Such rate contracts are
and record in detail the inevitability of dealing with
known as Parallel Rate Contracts.
such single supplier. It should also establish through
Fall clause is a price safety mechanism in rate price discovery, how reasonableness of the prices has
contracts. The fall clause provides that if the rate been ensured in the contract to the single supplier.
contract holder reduces its price or sells or even offers
to sell the rate contracted goods, the following Global tender, limited tender, and single tender are
the three modes of purchase. Global tender is
conditions of sale similar to those of the rate contract,
issued for purchases above cut-off amount. Limited
at a price lower than the rate contract price, to any
tender is issued to empaneled and shortlisted
person or organization during the currency of the rate vendors in other procurements. Single tender is
contract, the rate contract price will be automatically resorted in exceponal cases.
reduced with effect from that date for all the
subsequent supplies under the rate contract and the Notice Inviting Tender
rate contract amended accordingly.
Notice inviting global tender/request for proposal is
Single Tender to be given wide publicity to ensure participation by
Procurement from a single source may be resorted to, all eligible suppliers. Advertisement for global
in exceptional cases in the following circumstances: tender/request for proposal should be released at
least in one national daily and in bank's website. The
¬ Only one particular firm/company is the bank should also post complete bidding document in
manufacturer/supplier of required IT hardware or its website and permit prospective bidders to
software download and use the document downloaded from
¬ In case of emergency, the required goods are the website for bid submission. It is advisable to
necessarily to be procured from a particular dispatch a copy of tender notice to all the past/likely
source and the reason for such a decision is to be and known suppliers in the form of advance
recorded and approval of competent authority is intimation. Wherever it is necessar y to seek
to be obtained competitive offers from abroad, the bank may send
¬ Standardization of machinery or spare parts to be copies of the tender notice to the Indian embassies in
compatible to the existing sets of equipment on foreign countries as well as to foreign embassies in
the advice of a technical expert and approved by India. In all large projects, expression of interest is first
competent authority, that the required item is to invited to shortlist the bidders based on
be purchased only from a selected firm/company. prequalification criteria and thereafter to the
shortlisted bidders limited tender is issued.
Noce inving tender is to be given wide publicity

to ensure all competent and eligible bidders can
parcipate.

Stages in Procurement
Fig. 1 illustrates the different stages in procurement.
Procurement
Pre-Tender Tender Post-Tender

v Indent v Release of Tender v Contract Agreement
v Esmates v Pre-bid Meeng v Execuon
v Requirements & Specificaons v Evaluaon v Maintenance
v Preparaon of Tender v Selecon of Vendor v Renew/Terminate
v Award of Contract
Fig. 1. Procurement Stages
Pre-Tender
Indent
Every procurement starts with indent. No procurement

shall be made without indent. No indent to be made trends, last purchase made, and assessment based on
without requirement. Requirement is to be “need intrinsic value.
based” and not “want/wish/fancy based”.
Esmates are to be worked out in a realisc and
A business case is to be made for the requirement that objecve manner.
shall answer the following:
Requirements & Specifications
¬ What do we need?
¬ Why do we need it? While gathering functional or technical requirements,
it is to be kept in mind to include only such
¬ When do we need it?
requirements that are essential and that add value to
¬ How does it benefit business?
the business.
The indent is to be placed on IT procurement group by Cosmetic requirements that can be termed as
concerned business/user group. “desirable” or “good to have” may be avoided as they
lead to escalation in cost with no tangible benefit to
Indent is to be need based.
business. Hence, one must focus on “business needs”
Estimates and not on “wants”. This necessitates the buyer to
understand fully the needs and benefits thereon
Costing of IT goods and services to be procured shall before they initiate steps to buy.
be done in a scientific manner and not in an arbitrary
manner. Requirements that are essenal and add value to
business alone are to be included.
Estimates are to be worked out in a realistic and
objective manner on the basis of purchases made by Requirement specifications are classified into two
other banks/organizations, prevailing market rates, types: functional and technical.

Functional Requirements
Functional requirements are to be obtained from

user/business groups. Technical requirement while sizing the solution. In order to rightsize
specifications are to be given by IT group. Specifications hardware, it is the responsibility of the buyer to furnish
are to be clear and unambiguous. The specifications necessary and correct inputs as required by the
shall be complete in all respects to facilitate the vendor vendor. The hardware vendor will size the hardware
to understand all major and minor requirements. All based on the inputs provided by the buyer and such
necessary granular details of specifications should be sizing document is to be validated and approved by
furnished to provide abundant clarity to the the application software provider.
requirement. No specification should be either
assumed or left to the assumption of supplier. In large installations, benchmarking test to confirm
that hardware is rightsized to support the transaction
Specificaons should be clear, unambiguous, and volumes and comply with performance criteria can be
complete in all details to reflect business needs. undertaken. Such benchmarking test is to be
conducted with the proposed hardware of same
Technical Requirements configuration by the hardware supplier within
reasonable time preferably after signing the contract.
Many financial IT solutions are customer critical, and
If the results of benchmark prove that the hardware is
customers expect services to be available through
inadequate to meet the performance criterion set by
multiple delivery channels, 24 hours a day and 7 days
the bank, then the service provider must enhance the
a week (24x7). Non-availability of a service for
hardware or bring additional hardware.
unreasonably long period will adversely affect the
business and reputation of the organization. Hence, in The hardware should be sized for peak load and not
customer critical IT product/solutions, key for average load. The utilization of the hardware
requirement will be “high availability of the solution.” resources should preferably be within 70% or 80% of
the available CPUs/processing power. 20% or 30%
The systems in customer critical applications should
processing power is held in reserve to meet any future
be “fault tolerant”, such that systems/hardware can
sudden spurt or increase in transactions.
respond to an untoward incident or fault, by
recovering all processing that was in progress when The buyer must avoid purchasing hardware that has
fault occurred. reached or likely to reach end of sale/end of support
within a short period.
“High availability” will have significant impact on cost
of the project. To meet this requirement, the vendor IT soluon and hardware are to be rightsized to meet
must provide server/solution for failover in the performance criteria and business requirements.
primary site and replicate the solution in disaster
recovery site to ensure business continuity to meet Software Licenses
any contingency/failure. The basic principle behind software licence is based on
Rightsizing of hardware is the key for the smooth that of literary copyright. The customer procuring
running of the systems. If the hardware is undersized, licence will have the right to use the software but not
it will adversely affect the performance of the IT own the software or its intellectual property rights.
solution impacting business. If the hardware is Software licensing includes all transactions between the
oversized, it will lead to unnecessary escalation in the licensor and the licensee in which the licensor agrees to
total cost of ownership. Hence, due care is to be taken grant the licensee the right to use some specific
software for a specific tenure under pre-defined terms

and conditions. Software licencing policies are not the

same across the industry and vary from manufacturer
to manufacturer and from product to product.
Software licences are offered by vendors based on per Changes are initiated through change request from
user or per transaction or based on number of CPUs or the buyer. Changes within the scope of Request for
hybrid approach or so forth. Hence, before acquiring Proposal (RFP) are to be provided at no cost; changes
any software, the buyer must make discreet market beyond the scope of RFP will be on time and material
enquiries, understand the licensing policies, assess basis. However, change control procedure will be
their actual requirement of licenses as per the applicable in both these cases. After examining the
supplier's policy and then initiate steps for technical feasibility, the supplier submits the
procurement. commercial quote for carrying out change request on
time and material basis. The buyer must obtain the
The buyer should be abundantly clear about the total
details of number of resources to be deployed,
no. of licences needed, to avoid under/over
number of days required and per man day cost to
procurement of software licenses. The application
verify the reasonableness of commercials.
software must also be scalable to meet the growth in
business and consequent increase in number of Customizaon is to be carried out only when
accounts and transactions. The buyer must avoid essenal and the buyer should keep it as minimum
purchasing any software that is not under support. as possible.
The buyer must understand soware licencing Support and Maintenance

policy and procure appropriate number of licences.
The buyer shall enter into Annual Maintenance
Soware must also be scalable to meet the growth
and future needs of business. Contract (AMC) and Annual Technical Services (ATS),
to support and maintain hardware and software
Customization and Change Requests respectively. The AMC and ATS normally commence
after the expiry of warranty period if any.
Banking industry is witnessing fast changes and this
trend is likely to continue. Consequently, there is often Under AMC for hardware, the vendor must provide
demand from the users to enhance the features of maintenance of hardware, including preventive
application sof tware or customize the new maintenance; repair or replacement of hardware/
requirements. par ts of hardware in case of a problem or
malfunctioning. Vendor must ensure trouble-free
While customization cannot be avoided to meet the
functioning of hardware during maintenance period.
new business requirements of banks, the banks must
make conscious efforts to minimize customization. The scope of ATS for software normally includes bug
Frequent customization to the software will pose correction, rectifications wherever necessary and
problems and challenges to migrate to the next delivery of patches/updates effected by the vendor. It
version of the software when released. Further, it will also covers normally the deliver y of version
escalate the Total Cost of Ownership. All customizations releases/upgrades by the vendor during the support
are to be released only after proper testing. period. It does not cover any enhancements or new
Customization may impact existing features. Hence, requirements sought by the buyer.
regression test is to be done before release, to know
The buyer under ATS will normally be eligible for any
for sure that no existing features are impacted.
new version release of the software. Until bank moves
Change control procedure is to be followed whenever to higher version, the bidder must continue to
any changes are to be carried out in the software. support the current version.

In the event of moving to the new version, the vendor

must ensure before delivery and porting, that the new
version contains all the buyers' specific customization
done in the current version. Whenever any person is replaced by vendor, it must
be with the consent of the buyer and buyer must have
Hardware AMC must cover prevenve maintenance right to accept or reject such request/replacement.
also. ATS covers bug correcon and new version
releases and does not cover any enhancement or The buyer must have the right to seek replacement of
new requirements. any resource if not found adequate.
Flexibility The success of facilies management services

depends on the quanty and quality of personnel
The product, service, and solution should be flexible
that the supplier provides.
enough to meet not only the present but also the future
needs of the business. It should be scalable in capacity Training
and performance to meet the growth. It should have
the ability to cope up with change and new trends. It Any IT product/solution that is procured will give
should facilitate introduction of new functionalities and benefits only when it is put to effective use. This makes
features and facilitate implementation in stages. It imperative the need to train the end users on the
should support interoperability with other applications product and its features. The bid document should
implemented. therefore specify the number of training sessions
required, the number of days each training is to be
The products, services, and soluon should have conducted, and the number of trainees per session. It
the ability to cope up with change and new trends. is also necessary that the buyer indicates the type of
training to be imparted since the training needs vary
Facilities Management
from users to users. For example, the core team may
Buyers seek onsite support and services of suppliers have to be trained on technical features of the
for helpdesk, database administration and network software, the users may have to be trained on the
administration and so forth. These onsite services are functional features of the software, and the top
not normally covered under ATS/AMC. The success of management is to be trained on how the software
these services depends on the quantity and quality of supports in reaching business goals and in taking
personnel that the supplier provides. Hence, buyers informed decisions.
must satisfy themselves that the supplier provides
adequate number of qualified and experienced When a new applicaon soware is introduced,
training to user to absorb and leverage the
personnel in the field to meet the requirements of
technology for business should be arranged
bank.
invariably.
It is advisable that the buyer provides in the bid
document abundant clarity to the vendor about the Interfaces
quantity and quality of the personnel required, and Any new application/service introduced normally
the nature of works to be carried out by them. needs an interface with the existing transaction
The buyer must also indicate clearly for how many engine to facilitate processing of transactions
days in a calendar week and how many hours/shifts in seamlessly. In all such cases where transactions flow
a day the onsite support is required. from one application to another application, manual
intervention is to be eliminated and straight-through
processing is to be ensured as best practice.

The bid document therefore may contain a w The RFP may have an overriding clause that in case
requirement to provide a suitable middleware to of any dispute, the RFP clauses will prevail.
support interfaces with existing software and those
that may come in future. The tender/RFP must be self contained,
comprehensive, complete and clearly define in
When there is a need for a multi-supplier approach, unambiguous terms, details of IT goods and services
there must be appropriate standardization to ensure to be procured/outsourced; their quality and
interoperability. quantywith specificaons.
Standardiza on of interoperability must be Expression of Interest (EOI)

ensured.
Expression of Interest is issued to either empanel or
shortlisted vendors for issuing tender/RFP document.
Preparation of Request for Proposal (RFP)/
In case of green-field projects or the projects of a
Tender/Bid Document complex nature when the bank is not clear about
Preparing the tender document is a complex exercise solutions, or does not have complete knowledge, or
and meticulous care is required in drafting it. It lacks clarity regarding the exact requirements
requires intimate and specialized knowledge of the regarding size or scope of the project, it is advisable
tender process besides knowledge of IT service and that the bank first invites Expression of Interest (EOI).
function to be acquired. Prior experience and The pre-qualification criterion is a yardstick to
expertise within the bank may be drawn upon while empanel/shor tlist/qualify/allow suppliers to
preparing the tender document. All essential participate in the bidding process. Wherever
information which a bidder needs for sending expression of interest is not issued, pre-qualification
responsive bid, should be clearly spelt out in the criteria may be included in RFP/tender. Bids of only
bidding document in simple language. those bidders who satisfy the pre-qualification criteria
will be taken for further evaluation.
The bidding document should confirm inter alia:
Pre-qualification Criteria
¬ The procedure as well as closing date and time
and the location for submission of the RFP Pre-qualification criterion is to be fixed in a manner
document that enables all technically and financially competent
¬ The tender/RFP must be self-contained,
suppliers to participate and compete in the bidding
comprehensive and clearly define in unambiguous process. Pre-qualification criteria should be specific
terms, details of IT goods and services to be and clear.
procured/outsourced; their quality and quantity The following can be considered while framing the
with detailed specifications basic pre-qualification criteria:
¬ It must also contain all other key terms and
¬ Experience and past performance in contracts of
conditions like Earnest Money Deposit (EMD),
similar size and magnitude
performance guarantee, evaluation criterion,
delivery and payment terms, maintenance and ¬ Technical capabilities to undertake the project
support requirements, acceptance terms, with reference to their skilled personnel, hardware/
liquidated damages, non-disclosure agreement, software capabilities, support infrastructure, etc.;
solicitation, termination and exit clause, etc. especially across the country
¬ The RFP may include the draft contract (with ¬ Financial capabilities as evident from annual
major clauses and broad terms of contract) and reports, balances sheets and profit and loss
pro forma of performance guarantee accounts

¬ Adherence to standards, as evidenced from In the case of AMC/ATS and facilities management,
certifications related to the standards in the area the prices quoted are spread over a period of 3 to 5
of products/ser vices and discussions/ years and prices quoted may vary every year. Hence in
presentations made by suppliers order to arrive at the present value of commercials,
net present value method of evaluation is to be
¬ The pre-qualification criteria should not be too
adopted.
stringent to restrict competition nor tailor-made
to permit entry to one bidder and restrict others. Commercial bids of only those bidders who qualify
under technical evaluaon alone are to be opened
Expression of Interest is issued either to empanel or and evaluated.
shortlist vendors for issuance of tender document
based on pre-qualificaon criteria. Pre-qualificaon
criteria should neither be too stringent to restrict RFP/Tender Contents
compeon nor too liberal to permit entry to the Broadly the RFP/Tender document should include
inexperienced and incompetent suppliers.
the following:
Commercial Bid ¬ Brief Background: Mention about the buyer and

business. Describing the bank, its size and
The buyer must provide Bill of Material (BOM)
customer base and the environment in which the
specifying the goods/works/services for which prices
service provider is expected to render the service
are to be quoted. BOM must also contain the details of
and a brief description of the IT project
number of units required, unit price, taxes and duties,
undertaken and its requirement.
etc.
¬ Product/Service Description: Detailed technical
As part of technical bid, the supplier must submit a and functional requirements with specifications,
copy of the commercial bid that he/she submitted, that the service provider is expected to provide.
masking the prices, to know during evaluation of This should include quantity, quality, time
technical bid that he/she quoted for all items. schedule and performance requirements and the
measures used to assess them. The reporting
Commercial bids of only those bidders, who qualify
requirements and the process as well as the
under technical evaluation, are to be opened and
performance monitoring mechanism must be
evaluated.
mentioned. The requirements should include
The bidders should avoid committing arithmetical broad as well as granular details and must be
errors in price bid. However, in the event of bidder clear, precise and must be unambiguous.
committing mistakes either in addition, subtraction or ¬ Roles and Responsibilities: The structure, role
multiplication, the buyer may correct such errors in and responsibilities of the relationship between
addition, multiplication and so forth to arrive at the the bank personnel and the service providers’
correct price. Such provision to rectify the arithmetical personnel should be clearly spelt out.
errors is to be pre-disclosed in the tender document.
¬ Establish Evaluation Process: The scheme for
All the applicable components of costs, as quoted in marking the RFP documents should be made
the bid response are to be added to arrive at the total transparent and explicit in the document.
cost of ownership (TCO). L1, L2 and so forth ranking is Objective measurable criteria should be used for
to be declared based on TCO. rating the bids. Respective weighting for different
measures and the ranking formula should be
specified. Mandatory and desirable criteria
should be distinguished. The evaluation/loading

criteria with respect to each measure should be

specified in unambiguous terms in the bid
documents.
¬ Time for Submission of Bids: Sufficient time for
submission of bids say 4-6 weeks in case of global
tenders and 3-4 weeks in case of limited tenders is
to be allowed. The minimum time to be allowed
for submission of bids should be three weeks box needs to be adopted. In cases where the tenders
from the date of publication of tender notice or are required to be submitted by hand due to bulky
availability of bidding document for sale size of bids, it is to be ensured that the names and
whichever is later. designations of at least two officers are mentioned in
the bid document for receiving the tenders by hand.
¬ Pre-bid Meeting: Pre-bid meeting is to be
The information about these officers should also be
conducted for clarifying any doubts and issues if
displayed at the entrance/reception of premises
any about the specifications and other allied
where the bids are deposited so as to ensure a
technical details. The date, time, and place of pre-
convenient approach for the bidders. Bids should be
bid meeting should be pre-disclosed in the
accepted only up to specified date and time for
document. This date should be sufficiently ahead
submission of bids, pre-disclosed in the tender
of bid opening date. Replies to all clarifications
document. Late bids or bids received after specified
sought during pre-bid meeting and any change in
date and time should not be considered for opening
tender terms and conditions specifications and
and evaluation.
tender opening date, etc., is to be notified to all
bidders and posted in website sufficiently in Proper arrangement should be made for receipt of
advance, of the original/revised tender opening bids. Bids are to be accepted up to specified date
date. and me menoned in the bid document.
Submission of Bids: Two-Bid System Opening of Bids

Bids must be obtained in two parts as under: Bids should be opened, in a transparent manner, in the
presence of authorized representatives of bidders.
¬ Technical bid, consisting of all technical details
Location date and time of opening of bids needs to be
along with masked commercial bid
pre-disclosed in the bid document.
¬ Financial/commercial bid indicating item-wise
price of items mentioned in the technical bid. It is advisable to open the bid documents on the
concluding day of receiving bids. The authorized
In the two-bid system, the technical bid and representative of the bidders must be permitted to
commercial bid are to be made separately, with the attend the opening of bids. The technical bids are to
name of the tender duly superscribed in separate be first opened and thereafter financial bids of only
sealed covers and both are to be enclosed in a larger those bidders, qualified under technical evaluation
cover and submitted. The technical bid should are to be opened. After opening financial bids, the
contain Earnest Money Deposit and the masked item-wise details of prices are to be read out for
commercial bid. information to bidders.
Receipt of Bids
Bids are to be opened in the presence of bidders.
A proper arrangement for receipt of tenders on Aer opening financial bids, price details are to be
scheduled date at specified location through tender read out for informaon to bidders.

Evaluation of Bids and Selection of Supplier

Evaluation of tender must be carried out by a suitable Guidelines from Department of Financial Services,
and competent team. The evaluation and award Ministry of Finance, Government of India
process must be demonstrably objective and Department of Financial Services, Ministry of Finance,
transparent and based solely on criteria pre-disclosed Government of India in March 2014, through its
in the bid document. This is best achieved by the use communication intimated all public sector banks,
of a scoring system based on all relevant weighted financial institutions and public sector insurance
criteria, indicating a comparative assessment of companies to adopt uniform procurement guidelines
tenders under each criterion. from 01-04-2014, with an objective to ensure
No new criteria or parameters beyond what is pre- procurement of goods, works and services based on a
disclosed in RFP should be considered or entertained. fair, transparent efficient and competitive framework
Similarly, no criteria mentioned for evaluation in the with emphasis on quality on pre-determined
bid documents shall be excluded during evaluation. standards, specifications and outcomes.
The evaluation criterion for selection of supplier on a The summary of guidelines is as follows:
common uniform level playing field should be made
transparent and explicit in the bid document. ¬ If the standards, specifications and outcomes in
Evaluation by study of offer, additional resources, respect of goods or works can be laid down
expert literature, industry global body ratings, site clearly and the procurement is less than 100 (one
visit and functional verification, reference site visits hundred) crores, a single stage process may be
etc., can be done. followed as per extant policies and procedures.
It is a good practice to fix the questions, verification ¬ In case, procurement of goods and works or
process and their scores beforehand among the services exceeds hundred crores, a two-stage
evaluating group members, during reference site bidding process may be adopted.
visit/presentation/demonstrations. After evaluation Single Stage Bidding
the ranking of the bidders should be displayed in the
¬ In a single stage two envelope bidding where the
notice board and website of the bank.
quality of procurement is important and is also
Two aspects of a bid need to be evaluated – the considered to be dependent on the capacity and
technical and the commercial. One of the following credentials of the supplier, a single stage two
two methods may be adopted in evaluation and envelope system may be followed
selection of the successful bidder:
¬ In such a case, the eligibility criteria of the supplier
¬ The successful bidder may be the one who may be specified in the tender notice with a clear
quoted the lowest price among the qualified bench mark of minimum technical capacity. The
technical bidders bidder should be asked to submit their technical
OR bid in one envelope and the financial bid in
¬ The successful bidder may be the one who another envelope
secures highest marks where the evaluation is ¬ The envelopes containing the technical bids should
carried on the combined basis of technical score be opened and scrutinized first. Those bidders who
and the price quoted. The weights for techno- meet the eligibility criteria should be pre-qualified
c o m m e rc i a l e v a l u a t i o n s h o u l d b e p re - and the financial bids of only such pre-qualified
determined and disclosed in the bid document. supplier should be opened and evaluated. The
lowest bidder should normally be selected.

Two-stage Bidding
It will be adopted where procurement of goods, works

or services exceeds hundred crores.
In the first stage, Request for Qualification (RFQ)

should be issued for pre-qualification and shortlisting
of prospective bidders. On receiving application for
pre-qualification, the same may be scrutinized with a
view to pre-qualify and shortlisting the eligible
In case of pre-decided splitting, if L1 has the capacity
bidders who meet the specified benchmark of
to meet the entire order, the rates of other bidders (L2,
technical and financial capacity.
L3... so on) have to match with L1 rates. This condition
In the second stage, the RFP may be issued to the pre- that rates have to match with L1 rates should be
qualified bidders for inviting financial bids based on a mentioned upfront in RFP.
single bidding parameter.
Splitting the quantity after opening bids without
At this stage, only financial offer shall be relevant for mention of such provision in RFP is to be discouraged
purposes of evaluation and the contract is awarded to unless L1 after selection for awarding contract
the lowest financial bidder who is technically expresses his/her inability to meet the order due to
qualified. inadequate capacity. Under such circumstances,
where L1 has less capacity than required, the order can
Bids are to be evaluated based on terms and be split amongst vendors in a fair and transparent
condions set out in the bid document. No new
manner. It is possible in such cases, L1 and L2 prices
condion can be introduced during evaluaon.
Department of Financial Services, Ministry of may be different.
Finance, Government of India issued guidelines
stang that for procurements less than 100 crores, The rao in which the order will be split amongst
a single stage process may be followed and for vendors is to be pre-disclosed in the bid document.
procurements above 100 crores, a two-stage The rates of other bidders have to match with L1
bidding process may be adopted. rates. Where it is done aer opening of bids due to
inadequate capacity on the part of L1 to meet the
Splitting of Quantity order, spli ng is to be done amongst vendors in a
fair and transparent manner.
Normal practice is to place order for supply of entire
quantity mentioned in the bid with the bidder who Normalization Process
quoted the lowest. However, where purchase involves In large complex projects during evaluation of
large quantities and if such quantities are beyond the technical bids, in some cases, it may be noticed that
ability of one particular supplier (due to time there is no common level playing field amongst the
constraints and production capacity constraints) of bids submitted. In all such cases, to ensure fairness
one single supplier to supply the quantity required and common level playing field, the buyer may hold
within the time prescribed, the bank can split the discussions with the bidders and conduct
quantity and distribute to multiple suppliers.In such a normalization exercise and release an addendum to
case, the ratio that will be applied for splitting the the RFP incorporating the terms of normalization.
order among suppliers shall be pre-disclosed in the
bid document. The bank can seek resubmission of both technical and
commercial bids in the addendum to the tender
containing normalization terms and conditions.

Other Terms and Conditions should be immediately verified with the issuing bank
before acceptance. The buyer must ensure that
Earnest Money Deposit (EMD)
performance guarantee is valid and in force
Earnest money deposit is obtained from the bidders throughout the contract period by renewing it in time.
with their bids. The purpose of obtaining EMD is to Similarly in case of encashment of guarantee, the
establish the earnestness of bidder in participation of same is to be taken up with the issuing bank before
bid process and to safeguard against the bidder the expiry of guarantee.
withdrawing/altering the bid during validity period.
EMD may be furnished in the form of account payee Performance guarantee should be obtained from
the successful bidder to ensure due performance
demand draft, fixed deposit receipt, or bank
as per the terms of the contract.
guarantee. The EMD amount should ordinarily be
around 2% to 5% of the estimated value of the Delivery Schedule/Project Timelines
procurement to be made.
Time is the essence of any contract/IT project. Total
EMD submitted by the bidder will be forfeited, if: project time is to be properly worked out by taking into
¬ The bidder withdraws or amends the bid consideration, time for delivering IT equipment, their
submitted in any respect within the validity installation and commissioning, testing, customization,
period of the tender porting of software and so forth. If timelines given are
too less and aggressive compared to actual
¬ The successful bidder fails to furnish performance requirements, it may result in damage to quality in
guarantee as required, or fails to accept the order implementation of the project. It may also result in
within the specified period. conflicts as supplier may fail to meet the contractual
No interest is payable on the EMD. EMD of obligations.
unsuccessful bids may be refunded 30 days after the Delivery period is to be properly specified in the
contract is signed. EMD of successful bidder should be contract with definite dates. If a project has various
returned, after acceptance of order and submission of activities/stages/phases, timelines have to be indicated
performance guarantee by the bidder. for each activity such as delivery of hardware,
commissioning of hardware, pilot implementation,
EMD is obtained to establish the earnestness of
training, etc. The timelines given are to be closely
bidder in parcipaon of bid process and to safe
guard against the bidder withdrawing/altering the monitored with the supplier at regular intervals to
bid during validity period. ensure that the project is completed as planned.
Abnormal delays in completion of the project will result
Performance Guarantee in cost overruns.
Performance guarantee is to be obtained from the Payment Terms

successful bidder to ensure due performance as per
Payment terms are to be pre-disclosed in the tender
the terms of the contract. The amount of performance
document. Payment terms should include amounts to
guarantee will ordinarily range between 5% to 10% of
be paid, payments schedule, payment procedure, etc;
the contract value and during the maintenance
Payments should be made in phases to match with the
period for 5% or 10% of the ATS/AMC value.
progress in the project as specified in the payment
Performance guarantee is to be obtained for a schedule in the contract. Lumpsum payment on
minimum period up to the expiry of warranty period. completion of the project is to be avoided. If there is any
Performance guarantee submitted by the bidder delay in delivery of the goods or service or if
performance criteria as agreed like uptime maintenance

are not met, penalties as agreed are to be levied and

deducted from the payments to be made.
Liquidated Damages (LD)

In the case of single vendor situaon, price discovery
Service providers are expected to deliver IT goods and mechanism is to be adopted for negoaon.
services within the time stipulated. There must be a
provision in the contract agreement to collect E-Tendering
liquidated damages from the supplier to take care of E-tendering is procurement auction performed
the delays in delivery/execution of the contract and in online. The most common type is reverse auction.
meeting the performance parameters. Liquidated
damages will be applicable both during implementation E-tendering is a very effective procurement tool for
and post implementation. During implementation, LD both buyer and supplier; the buyer benefits from
will be levied for delays in delivery, implementation and significant price reduction and the supplier benefits
commissioning. Post implementation, LD will be levied because an e-auction is effectively a very open and
for non-compliance to the performance criteria and transparent competitive system where he/she can bid
uptime requirements. There can be an appropriate against other bidders.
maximum cap for deduction of such liquidated E-tendering will have two stages:
damages. This may be as a certain percentage of the
total contract value. ¬ The first stage is where the tender is evaluated
against the non-price criteria
Time is the essence of any IT project and the project ¬ The second stage is where those suppliers who
me is to be properly worked out by considering
qualify from stage one are invited to compete in
various acvies involved in the project. Delivery
period is to be specified in the project. Payment an electronic auction generally on price only.
should be made in phases to match with the In order to conduct e-auction, the buyer must have an
progress in the project. Liquidated damages will be e-auction software, or may hire the services of a
levied for the delays in delivery and execuon and
service provider.
non-compliance to the performance criteria and
upme requirements. Reverse Auction
Reverse auction is a procurement tool to fetch

Negotiations
competitive price through multi-bidding online
Post-tender negotiations with L1 should not be done as negotiation among shortlisted bidders. Through this
per CVC guidelines. In the case of single vendor process, the shortlisted bidders get an opportunity to
situation or where procurement is to be done from the reduce their prices online in a transparent and fair
existing vendor say for upgradation of hardware, etc., manner without the identity of bidder being disclosed
the buyer must satisfy themselves about the to either other bidders or to the buyer. Some items like
reasonableness of price. maximum starting quote (floor price), incremental
slabs for stepping down price quoted, etc., can be
Price discovery mechanism to ascertain reasonableness
auction specific each and announced at the time of
of prices may include the following: 1. Current market
commencement of the auction. The entire process is
prices; 2. Last purchase price; 3. Price at which other
designed to bring complete transparency as under:
organizations purchased & 4. Intrinsic value of the
item. After price discovery, if the rates quoted by ¬ To minimize human involvement
vendor are found to be high, the buyer may negotiate ¬ To give equal opportunity to all shortlisted
with the vendor to reduce the rates. suppliers to be most competitive

¬ To help bidders to know their price/position

dynamically vis-à-vis the other suppliers and
providing them an opportunity to react to it
¬ The final lowest bid will be determined from
among the online bids made, and the lowest offer
will be awarded the contract.
Reverse aucon is a process where the bidders get

an opportunity to reduce the prices online in a
transparent and fair manner without the identy of
the bidder being disclosed either to the other
bidders or the other bidders.
Rejection of Bids
Bid/s received may be rejected under the following

circumstances:
¬ If only one bid is received, then the bid may be

rejected and fresh tender may be floated
¬ There is a lack of effective competition
¬ The bids submitted deviate largely from the RFP Award of Contract
terms
The evaluation process must select the most
¬ The prices quoted are unduly high and not appropriate service provider who can deliver goods
acceptable to the bank, when compared to the and services as per specifications at the most
estimates prepared, market prices or last affordable and reasonable cost. No negotiations are
purchase. to be made with the lowest bidder (L1). The successful
bidder may be chosen based on techno-commercial
evaluation (T1-L1 criteria) or on commercial bid
evaluation (L1 criteria). However, as per latest
guidelines issued by Ministry of Finance, the
successful bidder in all IT purchases/projects is to be
chosen based on L1 criteria only. Techno-commercial
evaluation will be applicable for selection of
consultants only. The contract is awarded to the
successful bidder. Initially, the letter of intent may be
issued to the successful bidder. Thereafter, the order
may be placed and other formalities, like acceptance
of the order by supplier, submission of performance
guarantee, and execution of contract agreement may
be completed.
The successful bidder is selected based on

commercial bid evaluaon and the contract is
awarded to the L1 bidder.

CHAPTER 3
PROJECT EXECUTION, MAINTENANCE

AND SUPPORT
Project Management
A large complex IT procurement is different from

other purchases as it has multiple and different
deliverables, works and services. In the case of Project Monitoring and Review
hardware, the hardware should be delivered, installed,
The successful and timely execution of any large and
and commissioned. In the case of application
complex IT project depends on how it is monitored
software, the basic version is to be delivered, tested to
and reviewed at regular intervals. The aim of
identify bugs and gaps, and thereafter bugs are to be
monitoring will be to oversee progress in execution of
fixed and gaps are to be customized. Customized
the project vis-à-vis the project schedule and to
software is to be then ported and made operational.
monitor overall service quality, take improvement
Infrastructure and networking have similar processes
initiatives, and resolve any issues blocking the
and activities. IT procurements are hence considered
progress of the project.
IT projects that run for long duration involving large
number of resources. For successful project Reviews may be done at three levels:
completion, meticulous planning and execution is
¬ Project group/core team level
essential. This necessitates constant and close
¬ IT department level
monitoring on day-to-day basis of all the deliverables
by the vendor. ¬ Organizational level with top management.
The key task in project management is ensuring that At the core team level, daily activity plan, progress and
all planned activities of the project are undertaken micro-level issues, if any, will be discussed. A
and completed as per specifications in time. The buyer committee may be formed drawing members from
must also deploy adequate resources from their end. both buyer and supplier teams to review the progress
Resources must be identified and allocated. Activities on a day-to-day basis and plan the work for the
must be properly organized and structured in coming days. At the department level, the progress
accordance with business and technical requirements. may be reviewed once in a week to know the progress
It is essential that both buyers' team and vendors' and issues to be resolved. The supplier in such
team coordinate with each other to reach the meetings must ensure that the reporting authority of
common goal of executing the project as per time the vendor's onsite IT team is involved and present in
schedule without compromising in quality. In this all such meetings. This will facilitate escalation of the
relationship, the vendor and the buyer need to issues if any to them, so that they can be sorted out
transfer, exchange and develop knowledge on a speedily. Further, local team of the vendor will make
continual basis. For effective management, “plan, do, serious attempts to resolve maximum issues before
check, and act” (PDCA) approach may be adopted. the meeting if their higher authority attends the
review meetings. A steering committee is to be
It is essenal that both buyers' team and vendors' constituted drawing key persons from user wings and
team coordinate with each other to reach the vendor's office. Such meetings may be preferably
common goal of execung the project as per me presided by the chairman/executive director and may
schedule without compromising in quality. be conducted once in a month.

The top management will review the progress to

know whether the implementation is in-line with the
time schedule drawn. All macro-level issues to be
resolved and sorted out are brought to the notice of
the committee to seek their guidance. Regular review
by the steering committee will not only enable the top
management to know the status of the project, but
will also have positive impact on the functioning of
both vendors and buyers' IT team to complete the ¬ If the issue is unresolved and the conflict
project in time. continues, then the issues are to be escalated to
the next level and so forth, till an amicable
The aim of monitoring will be to oversee progress solution is found
in execuon of the project vis-à-vis the project
¬ If the onsite staff is unable to resolve the issue, it
schedule, to monitor overall service quality, take
improvement iniaves, and resolve any issues may be necessary for the supplier to depute
blocking the progress of project. experts in the field on to the site to identify,
analyze, and resolve the issue
Conflict Management
¬ Still if a solution is not in sight, the buyer may
If the buyer and supplier establish long-term resort to other remedial measures as listed in SLA
relationship that is mutually beneficial, then conflicts and contract agreement.
can be avoided to a very large extent and when there
is genuine urgent need, the supplier will endeavor to The buyer and supplier together must pay a enon
accommodate request of the buyer. However, in case to what has gone wrong rather than who went
wrong and define the problem clearly with causes
of a conflict, the following procedure may be
so that it can be fixed.
followed:
¬ Root Cause Analysis (RCA): The buyer with the Contract Agreement
help of supplier must do root cause analysis and
Any procurement will culminate as contractual
know what went wrong and the causes for it
relationship and shall be reduced to writing by signing
¬ The buyer and supplier together must pay a contract agreement and a Service Level Agreement
attention to what has gone wrong rather than (SLA). In the finalization of contract agreement and
who went wrong and define the problem clearly SLA, it is recommended to involve the legal
with causes so that it can be fixed department of the buyer and in all big projects to seek
professional advice from solicitors. It is to be ensured
¬ Most of the problems/conflicts are resolvable if
that the contract agreement does not vary from the
both the parties sit together, deliberate and talk
terms and conditions in the bid document. The
reasonably after RCA
contracted agreement needs to be vetted and
¬ Problem may need two solutions. (i) a temporary fix approved by legal department of the buyer to
to be applied immediately to ensure that systems are approve the legal effect and enforceability of terms
up and running to do business; (ii) a permanent fix and conditions. Tender document/RFP can be made
that needs some time to identify the bug/fault and one of the documents of the contract to refer to in
apply remedies so that it does not occur again. The case of any dispute. The contract must clearly spell out
buyer must monitor the problem/issue till a the rights, responsibilities, and liabilities of both the
permanent fix is given and applied buyer and supplier.

A contract agreement shall normally include the following:
CLAUSE BRIEF OUTLINE OF CLAUSE
Parties and terms The names of parties involved and length of contract.
Definitions Explanations and definitions of various words used in the contract.
Supporting documentation RFP and any other document, for clarifying the terms and conditions and to
facilitate dispute resolution.
IT assets Details of all hardware and software alongwith model, version to be delivered
by vendor, details of licenses, etc.
Services and resources Description of services and facilities management to be delivered by vendor
and also the quantity and quality of human resources to be provided, details of
key personnel of vendor and banks team.
Metrics for performance Descriptions of service levels and uptime requirements that vendor has to meet
and SLA and the method of measuring them.
Statement of Works (SOW) Statement of Works to be carried out by the vendor (Buyer must go through the
SOW and find them in-line with the RFP specifications.).
Disaster recovery and Backup and disaster recovery, replication plans and methods, etc.; for business
business continuity continuity, Recovery Time Objective (RTO) and Recovery Point Objective (RPO).
Role and responsibilities Details of facilities to be provided by the bank and other support to be
of the bank and vendor to vendor for project implementation and the responsibilities of vendor at each
stage.
Benchmarking of solution Details of tests to be carried on proposed solution to confirm that solution is
rightsized to meet the performance criteria.
Monitoring of the project Details of how monitoring of the project will be done and escalation
mechanism.
Payments and schedule Procedure for claiming payments and the stages when payments will be
released.
Liquidated damages Details of when and how liquidated damages will be levied, and the cap if any.
Taxes Applicability of taxes and their structure.
Change control and Procedure for changing the services or for seeking new requirements.
management
Dispute resolution Procedure for dispute resolution.
Termination and exit clause Terms and conditions when a contract can be terminated or either party can
exit. The support to be extended during transition period by vendor and
payment terms during the period.
Source code Method of depositing source code, escrow account, terms for sharing fee
towards depositing source code.
Confidentiality Terms of maintaining confidentiality.
Indemnity Limited and unlimited liability.
Annexure Exhibits to be enclosed to contract.

Long-term contracts lead to supplier lock-in. This can

create an uneasy relationship between the service
provider and the bank. It locks the banks with older
technologies and banks may pay the service provider
above market prices for computer resources Exit Clause
(computing costs normally come down as technology
evolves rapidly). Hence, the duration of the contract The contract must contain clauses as to when a buyer
may be for a reasonable period of 3 to 5 years. can exit and the procedure to be followed for exit. In the
event of termination of contract, the exit provisions
Source Code must provide for the supplier to support and ensure
As the source code for application software is not smooth transition of the services, either back in house
normally provided, the buyers' business is at risk if to the customer or to a third party vendor/service
anything happens to the supplier. Hence, the buyer provider with minimum disruption to the business.
and supplier shall mutually agree to appoint an The supplier should also agree to train the bank
escrow agent and the supplier agrees to deposit officials and incoming suppliers to assist in a smooth
current version of source code of software application transition until total and successful migration
with the escrow agent. The vendor must also deposit happens.
the new version releases/upgrades. In the event of the
supplier going out of business, the buyer will have The contract agreement should not vary from the
access to the source code from the escrow agent and term and condi ons men oned in the bid
maintain it. The buyer must also ensure that the document. The contract must clearly spell out the
rights, responsibilies, and liabilies of both buyer
customizations carried out in the software are also
and supplier. The contracted agreement needs to
deposited.
be ve ed and approved by legal department of the
Indemnity buyer to approve the legal effect and enforceability
of terms and condions.
The supplier must agree to indemnify the buyer
against any and all losses, liabilities, claims, actions Service Level Agreement
costs, and expenses relating to resulting directly or
indirectly from or in any way arising out of any claim, Service Level Agreement (SLA) contains the terms and
suit or proceeding brought against the bank as a conditions for support and maintenance. It details
result of: how support and maintenance is to be carried out, the
levels to be achieved, and penalties to be levied for
¬ Breach of any of the terms of contract not meeting them. The SLA should broadly include:
¬ Any or all deliverables or services infringing any
¬ Services to be delivered and their description
patent, trademarks, copyrights or such other
intellectual property rights. ¬ Service hours: For how many days in a week and
for how many hours in a day; by how many
In the event of breach of terms of contract, the
persons and what services are to be done
aggregate liability of the supplier will normally be
limited to overall total cost of the ownership. The ¬ Ser vice availability: The uptime to be
liability of the supplier will be unlimited for claims guaranteed shall be specified as a percentage of a
against infringement of intellectual property rights, given time period. The method of calculation of
patents, etc.; and for reasons other than breach of uptime and penalties to be levied in the event of
terms of contract. not meeting the uptime requirements should be
specified

¬ Customer support and service performance,

tracking and reporting: This should contain
terms such as Mean Time to Respond (MTTR) and
Mean Time to Fix (MTTF) for attending to any
incident/problem. It may also contain the time
within which batch processes are to be carried
out, End of Day (EOD) operations and so forth are
to be completed. It also details the reports and
statements to be placed by the supplier at pre-
determined time intervals towards support
extended by them.
¬ Service reviews: This should state how, when

and where services rendered will be reviewed vis-
à-vis the SLA stipulations
¬ Escalation matrix: In the event of problems/issues

not getting resolved within reasonable time, the
details of escalation mechanism by furnishing the
names of the persons and their contact details and The buyer must always explore the possibility of
the procedure to be followed are to be stated in floating tender for refresh of technology to ensure
SLA. competition. The buyer must avoid placing orders
through nomination. However, in the interest of the
SLA must detail how support and maintenance is to bank, if it is inevitable and if hardware needs to be
be carried out, the levels to be achieved and
refreshed (enhanced) through the existing hardware
penales to be levied for not meeng them.
provider, to meet the growth in business, the buyer
must record logical reasons for opting to go with the
Technology Refresh
existing hardware provider, and for not following the
Technology refresh happens under the following normal procedure, and obtain the approval of
circumstances: competent authority. Since it is a single bid situation,
the buyer through price discovery mechanism must
¬ Current technology in use is becoming obsolete
ensure the price quoted is reasonable and not high.
and new technologies that adds value to business
Banks must exercise utmost care to satisfy themselves
and performance are now available in the market
that the hardware proposed is not over and above the
¬ Upgradation/End of sale/End of life/End of actual requirement and the existing investment is
support of various existing IT hardware or protected by redeployment wherever possible.
software
For standard items refresh should not be from the
¬ Growth in business and requirements of the same supplier and the buyer must follow the normal
organization, warranting technology to be tender procedure.
upgraded
Technology refresh happens when current
¬ Cost of upgradation and maintenance of old
technology becomes obsolete or the vendor
technology supported IT systems is exorbitant. declares end of sale/support or due to growth in
business or cost of maintenance of exing soluon
goes high.

Terminaon of Contract
When the vendor commits breach of contract, and
fails to remedy such breach within reasonable time
after notice from the buyer, the buyer as per the terms
of contract will have the right to terminate the
contract either in whole or part, for breach of contract
under the following circumstances:
¬ Failure or delay or deficiency in the completion or

implementation of the project or any activity
contemplated under the contract
¬ When the supplier becomes bankrupt or

otherwise insolvent
¬ When the buyer terminates the contract due to

breach of terms of contract by the vendor, the
buyer may take recourse to any one or more of
the following actions:
Forfeiture of performance guarantee
When the buyer through an alternative

vendor gets the undelivered goods/
works/services delivered/completed, the
vendor shall be liable for all available
actions against it in terms of the contract.
Apart from the above, subject to suitable provisions in

the contract, after entering to contract and placing
order, the buyer due to unforeseen and compelling
situation may terminate the contract wholly or
partially. In such a case, the buyer may have to suitably
compensate the vendor on mutually agreed terms for
terminating the contract.
When the vendor commits breach of contract, and

fails to remedy such breach within reasonable me
aer noce from the buyer, the buyer as per the
terms of contract will have the right to terminate
the contract.

CHAPTER 4
OUTSOURCING IT WORKS AND SERVICES

I T outsourcing is defined as the significant
contribution by external vendors in the physical and
human resources associated with the entire or specific
Outsourcing reduces the cost of a project. Capital
costs get reduced to a minimum and much of the
expenditure will be revenue in nature. Outsourcing
components of the IT Infrastructure in the user helps to deploy IT and services more efficiently and
organization. It is defined as turning overall or part of an effectively. Outsourcing permits redeployment of own
organizational activity to an outsider. resources in core activities. Outsourcing improves
Organizations outsource the works because in the service levels and contributes towards process
market there are others who can do it cheaper, faster, innovation. Organization will have access to well-
and better, facilitating these organizations to focus and qualified and experienced workforce of sourcing
allocate their resources to core business activities. partners.
Outsourcing allows an organization to have access to
expertise, knowledge and capabilities that are not Outsourcing is defined as turning overall or part of
an organiza onal ac vity to an outsider.
found within the organization. IT outsourcing covers
Outsourcing allows an organizaon have access to
wide spectrum of works and services like data centre experse, knowledge and capabilies that are not
infrastructure management, hardware and software found within the organizaon.
maintenance application management, network
management, ATM services, information security What Cannot be Outsourced?
management and so forth.
Particularly, decision-making functions like determining
Since banks specialize in financial intermediation, they
compliance with KYC norms for opening deposit
implement IT by engaging external suppliers who can
accounts, accordingly sanction for loans and
provide them IT expertise. Specialization and
management of investment portfolio and audit
economies of scale ensure that banks get better quality
functions are not allowed to be outsourced to
products and services at lower costs. Outsourcing has
suppliers as per guidelines laid down by the Reserve
thus become a business imperative and success of
Bank of India.
outsourced IT services depends on banks' ability to
manage and monitor sourcing partners to maximize Decision making funcons shall not be outsourced.
benefits from IT deployment. However, it may be noted
that banks can outsource services or processes but Common Areas of Concerns in Outsourcing
never the responsibility and accountability.
Outsourcing, if proper care is not taken, will cause
Outsourcing is defined as turning overall or part of concerns about data security. The IT department may
an organiza onal ac vity to an outsider. perceive loss of control as the project is handled by
Outsourcing allows an organizaon have access to vendors. The internal IT team will focus on
experse, knowledge and capabilies that are not administration and monitoring, and thereby over
found within the organizaon. period of time in-house expertise of IT will be lost.
Value Propositions of Outsourcing Some common problems faced during the sourcing
management process include:
Successful sourcing relationships allow bankers to
focus their internal and financial resources on tackling ¬ Continually changing business needs and
business priorities to leverage their core competencies. emergence of new IT services

¬ Working with an imposed non-ideal contract, with

The outsourcing management maturity model has
poor performance targets or terms and conditions
five stages: 1. ad hoc; 2. reactive; 3. appreciative;
¬ Interference of either party in the running of the 4. organized and 5.maximisation.
others' operations
The journey from ad hoc stage to maximisation
¬ Not interacting often enough or quick enough or basically rests on two key activities, viz., a) Knowledge
not focusing on the right issues and personality Management and b) Development of Metrics.
conflicts Knowledge management means and includes
capturing experiences, both good and bad in
¬ Suppliers agree to targets and service levels within
outsourcing activity and thereafter analysing the
contracts that are impossible to meet or suppliers
experiences to constantly improve the sourcing
fail or are incapable of meeting the terms and
processes. Metrics is meant to develop criteria to
conditions of the contract.
measure the performance process and take steps to
In the implemented solutions in large banks, there are improve it.
silos of products, different ownerships of several
Stage 1: In ad hoc stage, the organization will not
surround systems managed by a variety of service
have clarity on what constitutes outsourcing, what to
providers around large core systems. This necessitates
expect from outsourcing and how to manage and
many differing interfaces, technology lock-ins,
monitor sourcing contracts. Outsourcing processes
dependant replacements (updates and growth
are carried in ad hoc manner in trial and error method
decisions). It has become very difficult to assess the
without any knowledge on their details.
value of a service/association and this also gives rise to
integration issues. Stage 2: Based on experience gained from stage 1,
and owing to constant pressure internally and
In-house technical expertise is insufficient to assess
externally, the organization reacts by improving some
different products and services provided by the
of the outsourcing processes.
suppliers with respect to the benefits they offer and
their current status in the market compared with Stage 3: The organization improves the overall
other providers. outsourcing life cycle process to basic level where
various stages are connected and linked to get a
Outsourcing, if proper care is not taken, will throw complete view of the outsourcing programme.
some concerns and challenges in meeng business Stage 4: The organization gains adequate
objecve.
knowledge and experience and therefore will have
abundant clarity and well-defined processes in place.
Outsourcing Maturity Model The organization will move towards documenting
The sourcing relationship should be treated as a and implementing best practices.
meaningful partnership (see Fig. 2) that helps realize Stage 5: At this stage, constant and conscious efforts
business value, decreasing operational costs and are put in place to improve outsourcing methodology.
improving efficiency, improving time-to-market and The organization starts realising maximum benefits
customer responsiveness, improving flexibility and through knowledge management and metrics
adaptability to changing market dynamics, access to development. This stage is very critical to sustain and
critical skills and ability to reallocate resources maintain the optimum level it reached. The
dynamically, improved processes and standardization organization at this stage needs to constantly update
and improved competitiveness. and workout ways to improve.

Relaonal
Maximizaon
High Maturity
Organized
Well-defined process with
Appreciave KM and metrics defined
Reacve Complete view of programme
Ad hoc Minimum improvement
Trial and Error
Transaconal
Maturity
Fig 2. Outsourcing Maturity Model
Stages in Outsourcing
Stages in outsourcing is similar to stages in
procurement (see Chapter 2). In procurement, the
buyer procures IT products and goods to meet the
needs, whereas in outsourcing, the buyer turns to Risk Management in Outsourcing
external vendor to get the job done to meet the needs. Arrangements
Material Outsourcing Risk management is the process of identifying,
measuring, monitoring and managing risk. Risks
As per RBI guidelines, banks need to assess the degree of
inherent to process outsourcing include Strategic risk,
'materiality' inherent in the outsourced functions.
Reputation risk, Operational risk, Compliance risk,
Whether an outsourcing arrangement is 'material' to the
Legal risk, Counter party risk, Country risk, Contractual
business context or not is a qualitative judgment and may
risk, Access risk, Concentration and Systemic risk, and
be determined on the basis of criticality of service,
Exit strategy risk.
process, or technology to the overall business objectives.
Failure of a service provider in providing a specified
As per RBI guidelines, outsourcing of non-financial
service, a breach in security/confidentiality, or non-
processes, such as technology operations, is 'material'
compliance with legal and regulatory requirements
and if disrupted has the potential to significantly impact
among others may lead to reputation/financial losses
business operations, reputation and stability of the
for the bank and may also result in systemic risks
bank. Hence, all IT outsourcing is material outsourcing.
within the banking system in the country.
All IT outsourcing is material outsourcing. Pervasive use of technology in banking operations
further amplifies the risk impact.

Risk Evaluation and Measurement

Risk evaluation should be performed prior to entering
into an outsourcing agreement and reviewed periodically
in the light of known and expected changes, as part of the
strategic planning or review processes.
Risk evaluation should include the following steps:
¬ Identification of the role of outsourcing in the

overall business strategy and objectives, and inter-
linkages with corporate strategic goals Managing IT outsourcing relationship to realize
business objectives is related to exploiting outsourcing
¬ Comprehensive due diligence on the nature, scope
opportunities and effectively managing the risks in it.
and complexity of the outsourcing to identify the
key risks and risk mitigation strategies The key factors that contribute for the success are
¬ Analysis of the impact of such arrangement on the aligning IT outsourcing with business strategy; clarity on
overall risk profile of the bank, and whether service deliverables by sourcing partner, knowledge
adequate internal expertise and resources exist to management and developing metrics to measure the
mitigate the risks identified performance of vendor vis-à-vis the parameters set;
legally effective and enforceable contract agreement
¬ Analysis of risk-return on the potential benefits of
with suitable termination and exit clauses; participation
outsourcing vis-à-vis the vulnerabilities that may
of the top management of both vendor and banks by
arise.
effectively reviewing the progress and resolving the
Banks should evaluate vendor managed processes or issues as and when they come and finally adoption of
specific vendor relationships as they relate to win-win strategy.
information systems and technology. All outsourced
information systems and operations may be subject to The success of outsourcing ulmately depends on
risk management and security and privacy policies that monitoring and managing relaonships.
meet the bank's own standards.
All outsourcing acvies have risks a ached to it. REFERENCES

Banks should evaluate risks prior to entering to any
outsourcing agreement and review it periodically ¬ Ce n t r a l V i g i l a n ce Co m m i s s i o n (C VC )
to idenfy, measure, monitor, and manage risks. Guidelines, h p://cvc.nic.in
Importance of IT Outsourcing and Management ¬ IT Procurement Handbook for SMEs by David

Nickson. Brish Computer Society.
IT outsourcing in financial organizations like banks has
¬ Ministry of Finance, Government of India,
become a business imperative as it brings with it the
h p://finmin.nic.in/
knowledge, expertise and skills of sourcing IT partners
for adopting technology to realize business objectives. ¬ Reserve Bank of India, h ps://www.rbi.org.in/
The success of an outsourcing ultimately depends on ¬ The Outsourcing Handbook - How to

effectively managing IT outsourcing relationship. Implement a Successful Outsourcing Process
Managing the relationship constantly and consciously by Mark John Power, Kevin C Desouza, Carlos
is very demanding, but at the end will reap benefits to Bonifaz, Kogan Page Publishers.
match expectations.

FRAMEWORKS FROM IDRBT
All the above menoned Frameworks can be downloaded from

www.idrbt.ac.in/bp.html
INSTITUTE FOR DEVELOPMENT AND RESEARCH IN BANKING TECHNOLOGY

(ESTABLISHED BY RESERVE BANK OF INDIA)
CASTLE HILLS, ROAD NO. 1, MASAB TANK, HYDERABAD - 500 057

EPABX NO: +91 - 40 - 2329 4000/4999; FAX : +91 - 40 - 2353 5157
WEB: WWW.IDRBT.AC.IN; E-MAIL: PUBLISHER@IDRBT.AC.IN

It Vendor Management: Principles & Practices

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

It Vendor Management: Principles & Practices

Uploaded by

Copyright:

Available Formats

Explore, Enable, Excel

INSTITUTE FOR DEVELOPMENT AND RESEARCH IN

Dr. G. R. Gangadharan Shri B. Shandilya

© An IDRBT Publicaon, October 2015. All Rights Reserved.

A S banks star ted adopting information

The booklet is expected to serve as a handbook on IT

IT Vendor Management : Principles & Practices 01

I NFORMATION Technology (IT) is central to all

02 IT Vendor Management : Principles & Practices

Vendor management is a process and skill required

All in all, one must note that:

¬ If the buyer knows his/her requirements fully and

IT Vendor Management broadly encompasses two

¬ Procurement of IT goods and services

This document offer s broad guidelines on

Banks may adhere to the relevant guidelines issued

IT Vendor Management : Principles & Practices 03

PROCUREMENT OF IT GOODS AND SERVICES

It is the responsibility of people engaged in the Limited Tender

04 IT Vendor Management : Principles & Practices

empanelled vendors. Purchases through limited tenders, in principle, clearance/approval may be

IT Vendor Management : Principles & Practices 05

availability of ISI mark, service centres across the

In case, it is observed that a single supplier does not

Noce inving tender is to be given wide publicity

06 IT Vendor Management : Principles & Practices

Fig. 1 illustrates the different stages in procurement.

Pre-Tender Tender Post-Tender

Fig. 1. Procurement Stages

Every procurement starts with indent. No procurement

IT Vendor Management : Principles & Practices 07

Functional requirements are to be obtained from

08 IT Vendor Management : Principles & Practices

and conditions. Software licencing policies are not the

The buyer must understand soware licencing Support and Maintenance

IT Vendor Management : Principles & Practices 09

In the event of moving to the new version, the vendor

Flexibility The success of facilies management services

10 IT Vendor Management : Principles & Practices

Standardiza on of interoperability must be Expression of Interest (EOI)

IT Vendor Management : Principles & Practices 11

Commercial Bid ¬ Brief Background: Mention about the buyer and

12 IT Vendor Management : Principles & Practices

criteria with respect to each measure should be

Submission of Bids: Two-Bid System Opening of Bids

IT Vendor Management : Principles & Practices 13

Evaluation of Bids and Selection of Supplier

14 IT Vendor Management : Principles & Practices

It will be adopted where procurement of goods, works

In the first stage, Request for Qualification (RFQ)

IT Vendor Management : Principles & Practices 15

Performance guarantee is to be obtained from the Payment Terms

16 IT Vendor Management : Principles & Practices

are not met, penalties as agreed are to be levied and

Liquidated Damages (LD)

Reverse auction is a procurement tool to fetch

IT Vendor Management : Principles & Practices 17

¬ To help bidders to know their price/position

Reverse aucon is a process where the bidders get

Bid/s received may be rejected under the following

¬ If only one bid is received, then the bid may be

The successful bidder is selected based on

18 IT Vendor Management : Principles & Practices

Forfeiture of performance guarantee

When the buyer through an alternative

All outsourcing acvies have risks a ached to it. REFERENCES