Category Archives: Guest Author

Can we stop calling cost avoidance “soft savings”?

Today’s guest post is from Torey Guingrich, a Senior Consultant at Source One, a Corcentric company, who focuses on helping global companies drive greater value from their expenditures.

I’ve heard it time and time again “we don’t count soft savings” — which at times translates to “we don’t consider value beyond unit cost and volume reduction“. In recent years, many companies seem to have taken an overly broad definition of soft savings to include cost avoidance, budgeted-cost reduction, and other ways that Procurement adds value to the organization through their sourcing and negotiation efforts. Much of the work that Procurement does isn’t just reducing costs on recurring purchases, and what we consider a strategic partner from a sourcing and procurement standpoint, is helping business units to source and put in place solutions that meet their evolving needs.

So should Procurement not get any “credit” for this work?

Below are a few scenarios where Procurement professionals may struggle in quantifying savings/impact and where the bottom line cost may actually see an increase (gasp!)

New Recurring Purchases: When a new need arises for a department, Procurement can add value by helping to support the requirements definition, RFI and eventual RFP process — this is where Procurement’s role is to help business users understand the options in the market and make the best-fit decision based on their needs. Consider an organization that is growing and needs to implement an applicant tracking system to better manage their recruitment process. This is certainly a process improvement measure to better the recruitment process for the HR department, hiring managers, and the applicants themselves — but one that is not going to yield a tangible cost reduction result (and is going to add a new expense to total cost).

Should Procurement not support the RFP to put the solution in place because they cannot quantify the process improvement or completely offset the new expense?

Capital Purchases: Organizations typically define a capital plan for the year based on upcoming large-scale purchases. For instance, within the Facilities spend category, there are a number of systems that get replaced infrequently, but that represent a large financial outlay. Say an organization is looking to replace the HVAC system at a given facility or perhaps changing the doors at a warehouse — these are both scenarios that should have some degree of competitive bid associated to ensure the project is cost competitive.

Should Procurement really be comparing proposed pricing to the cost paid 10 (or more) years ago or not support the effort because there are no “hard savings”?

Increased Volume: As organizations grow, or most obviously, as they increase production, their volumes associated with direct and indirect goods will scale to some degree. Procurement may have negotiated a great deal on electricity price per kWh in the deregulated market, but once production ramps up your total electricity cost is going to increase.

Should Procurement not bother negotiating a price reduction because the total cost will increase anyway? Note, this is probably the most extreme view of “soft savings”, but is something that Procurement should align on with Finance to ensure savings are being calculated based on unit cost reduction against actual volumes!

Dynamic Requirements: Plenty of categories are driven by constantly changing requirements or where similar services may be required, but the specifications drive the cost. Commercial print is a common area for this — the print needs of an organization may be driven by their specific campaigns, events, or one-off marketing needs. Print costs don’t get broken down into the cost per coloured pixel — they are made up of various specs that come together for a complete need.

Should Procurement not support an RFP for a large scale print campaign because they can’t count savings or be forced to measure outcomes against different specifications?

Market Changes: Certain products and categories within direct and indirect spend are more prone to price fluctuation due to the raw materials that make up the final product. Take packaging for example — due to some of the extreme weather scenarios in 2017, we saw many packaging suppliers pushing increases on final product given the rise in the pulp and paper costs as the supply market was impacted. Many times these increases were mitigated or minimized through negotiation, but that did not actually result in reduced unit cost.

Should Procurement not negotiate with these suppliers or in these markets because the mitigated increases “don’t count” or wait for the cost increase to be billed just to show tangible savings?

I hope you’re all yelling a collective “no!” to these questions, but so often ideas like cost avoidance or reduction from first proposal are written off as “not real“. Understandably, as a Procurement organization looks to build its credibility within the organization and invest in new talent and solutions, hard-dollar cost reduction tends to be a big focus. But once the group moves from a tactical to strategic approach and supports business units in managing their suppliers and sourcing events, the way value and results are measured needs to reflect this changing dynamic. For the scenarios above, maybe it’s measuring impact/value from the average of bids received, or from first proposal to final value, or coming up with a NPV for that HVAC system from 10 years ago — Procurement should define the methodologies for these common scenarios and define for finance and leadership how they will be capturing value and what it means to budgets and bottom lines.

If we expect Procurement to support the evolving needs of the organization, then we must also evolve the way that Procurement and the broader organization as a whole sees and communicates the value of the sourcing and negotiation outcomes from the Procurement team.

Thanks, Torey.

GDPR: The Dreaded DPIA (Part XV)

Today’s guest post is from Tony Bridger, an experienced provider of Procurement Consulting and Spend Analysis services across the Commonwealth (as well as a Lean Six Sigma Black Belt) who has been delivering value across continents for two decades. He is currently President of UK-based TrainingWorx Ltd, a provider of a wide range of Procurement and Analytic business training programs (inc. GDPR, spend analysis, project management, process improvement, etc.) and focussed short-term consulting solutions. Tony can be contacted at tony.bridger@data-trainingworx.co.uk.

One of the key changes in the GDPR legislation involves the creation of DPIAs or Data Protection Impact Assessments.

At first glance this appears to be what can only be termed as a “mindless piece of bureaucracy”.

However, perhaps not.

Historically, it may be hypothesised that many personal data breaches have been the result of “mindless planning” neatly followed by badly managed execution.    It has been incredibly easy to obtain data, endlessly spam individuals — and share that data around.   Often, little or no thought, planning or impact assessment has been conducted in the process of managing this type of data.

Conceptually, the DPIA is a very good idea.   However, like many EU regulations the “how” is more obtuse and intricate.

The United Kingdoms ICO site (Information Commissioners Office) states that:

“You must do a DPIA for processing that is likely to result in a high risk to individuals”.

High risk is hard to define in the procurement world.   Many hosted procurement technologies contain considerable volumes of personal data as we are all aware – both controllers and processors need to stop and carefully assess any new data management proposals.   A DPIA creates a structured approach and framework that can be used to help define if the targeted processing could breach the regulation.

A DPIA is effectively a combined project brief and risk assessment of any new data processing activity that an organisation intends to conduct.   The DPIA contains a variety of what appears to be simple requirements.   The DPIA must:

  • describe the nature, scope, context and purposes of the processing;
  • assess necessity, proportionality and compliance measures;
  • identify and assess risks to individuals; and;
  • identify any additional measures to mitigate those risks.

If you think about it carefully, it is eminently sensible in its approach.

However, deductively there are several core organisational processes that need to be in place to achieve the outcome.   In many respects, this is the point at which the DPIA becomes a little more complex in the implementation and management.   If the organisational processes do not currently exist – then these are likely to add to the complexity.

In response to this, supervisory authorities have attempted to provide guidance and checklists that can help organisations manage this process and reduce risk.   We have left the discussion on DPIAs until this stage as there are options to use the process to overcome some of the risks with personal data in this domain.  However, there may be some good news.

In our next post we will start to evaluate how procurement data could be managed through the DPIA process.

Thanks, Tony!

GDPR – Consents (Part XIV)

Today’s guest post is from Tony Bridger, an experienced provider of Procurement Consulting and Spend Analysis services across the Commonwealth (as well as a Lean Six Sigma Black Belt) who has been delivering value across continents for two decades. He is currently President of UK-based TrainingWorx Ltd, a provider of a wide range of Procurement and Analytic business training programs (inc. GDPR, spend analysis, project management, process improvement, etc.) and focussed short-term consulting solutions. Tony can be contacted at tony.bridger@data-trainingworx.co.uk.

You will have to forgive us for this post – this is not an easy topic. The topic is quite broad and, as with most elements of the GDPR, takes a little thought and consideration.

Consents need to be considered as a key privacy factor across many elements of procurement business.

There are several ways we can discuss consents – but we thought that to demonstrate the complexity of the legislation – and some of the care that needs to be taken, we would use a fictional human resource or temporary labour company in Europe.

If you have any doubts whatsoever as to the complexity of the legislation for this category of supplier, drop on to the site of one of the larger UK based recruitment company websites and enjoy a leisurely afternoon coming to terms with their Privacy notice.   All of them have had to:

  • Map out where personal data is held – files, paper, spreadsheets, databases;
  • Understand who they share it with;
  • Centralise and control their access to personal data;
  • Define the who, what, why, when and where of holding candidate data – and make that clear to candidates;
  • Ensure candidates are informed of how their data is managed – stored and used;
  • Provide consent to send their personal resumes to clients as needed – however, for differing clients, it is likely that individual consents will be required
  • If the recruiter provides psychological testing, they will need to be clear how long those results are retained for, their use and how the results are used.

For example, in 2016-17, the New South Wales government allowed psychological testing of candidates for key roles.  However, the results of these tests were made available across all government agencies on demand – some 30+ of them.    If this was Europe – and a breach occurred – it could be a costly exercise.  Is the Government the agency – or each individual state agency or body?   The differences in how data is used (and associated consents) varies considerably across the globe.   Ironically, the NSW Department of Industry has just issued a warning to candidates that may have applied for roles could have has their personal details exposed in a potential breach – a breach that may have occurred on a much wider basis.

For procurers, if temporary labour agencies are used (and consultants are in the same domain , whether they like it or not)), many will insert contractor or employee names into invoices.   As the initial consent to disclose, and offer of work would have been consent based, it does rely on all parts of the consent process working to specification.   Perhaps that, as the old saying goes, could be a verloen hoep or “forlorn hope”.

With spend analysis data, recruitment agencies would no doubt use the legitimate processing clause – in combination with contractual processing requirements.  No harm there we suspect.   The customer would have the data – and for analysis purposes would need to review that data for contractual reasons.   All seems sensible enough.

However, if you think about the number of if-then-else processes and sub-processes that need to comply, then statistically it will be hard to ensure that all consents are in place in a fast-moving business.   At a later date, if a contractor submits a Data Subject Access Request this could involve recovering information that an agency has supplied to former contractor employers – again it is unclear.  It could be made worse if relationships between agency and customer have broken down.

We don’t have the answers, sadly.  However, it is, sadly, almost inevitable that someone will fall foul of the legislation in a supply chain as complex and high volume as temporary labour.  We shall see.

Thanks, Tony.

Agile Procurement? Or just go faster?

Today’s guest post is from Tony Bridger, an experienced provider of Procurement Consulting and Spend Analysis services across the Commonwealth (as well as a Lean Six Sigma Black Belt) who has been delivering value across continents for two decades. He is currently President of UK-based TrainingWorx Ltd, a provider of a wide range of Procurement and Analytic business training programs (inc. GDPR, spend analysis, project management, process improvement, etc.) and focussed short-term consulting solutions. Tony can be contacted at tony.bridger@data-trainingworx.co.uk.

Yves St Laurent was an outstanding fashion designer in very many respects.   However, he had very clear views on how fashion works.   He summarised it in five words:

“fashions fade, style is eternal”.

There is little or no doubt that the procurement world has (once again) jumped on a fashion trend.     In the fashionista world, everyone is busy being a transformer, a value-adder, a people empoweree – and now agile.   This must leave so little room in the day for saving money – it is costly to keep up with fashion trends as we all know.

Agile is an interesting word.   Agile applied to procurement is a very interesting word.

Agile springs from an alternative approach to software development.   However, it seems to have neatly morphed in to a word that seems to express some form of new, vague approach to sourcing.   Mark C. Layton in the Dummies Guide to Agile Management and Procurement Practices (2012) focuses on software acquisition and development as the basis for an agile approach – and how vendors can be managed in agile technology driven development projects.

CIPS published a paper in their Knowledge Summary series (undated) where some four pages of (unfocused) discussion results in the conclusion that:

“As this paper makes clear, ‘lean’ and ‘agile’ concepts have been, and continue to be, the subject of academic research………… (and) that ‘lean’ and ‘agile’ are not simply theoretical concepts.

Well, no help there then.   After a little rummaging through much word-smithing (I hope I don’t start a new fashion with that phrase), I found an article on Rev-International (Source) – so, quite recent.  The article states:

“To be agile means to be able to think, understand, and move quickly and easily. To be agile, according to Cornell, procurement organizations need to have the knowledge and ability to move quickly.”

Sadly, this deductively implies that unless they adopt the new fashion, procurement teams will remain inherently slow and unfashionably nerdy.   It gets worse:

 “It’s about using market knowledge and business intelligence to exploit profitable opportunities,”

From experience both as a member of, and supplier, to a wide range of procurement organisations, this is pretty much what most seem to do for a living.   However, admittedly, there is still a major capability gap in the use of business data intelligence in many procurement teams.   Many writers still focus on Agile as a procurement technology driven function – not much to do with “the rest” of the sourcing portfolio.   So where does this leave us?   I am now really not sure what to wear.

Don’t you just hate it when a piece of music gets in to your thinking….and you can’t turn it off?   The Kinks, in 1966, wrote a song called “Dedicated follower of fashion”.   There is one line that he/she is:

“……. Eagerly pursuing all the latest fads and trends”

It is too easy to become distracted by the fashionable and the pursuit of a silver bullet – by all means learn new techniques – and adapt if it fits.     However, it would be much better to see good procurement teams (continuing) to deliver quickly, using business intelligence and supplier collaboration – but with style – and a perhaps a little panache.    It’s really business as usual, save money, avoid chasing fashions.   Who knows, perhaps I am just plain old-fashioned and too focused on style.

[1] https://www.jaggaer.com/agile-procurement-achieve/

Thanks, Tony.

GDPR: Record … Record … Record (Part XIII)

Today’s guest post is from Tony Bridger, an experienced provider of Procurement Consulting and Spend Analysis services across the Commonwealth (as well as a Lean Six Sigma Black Belt) who has been delivering value across continents for two decades. He is currently President of UK-based TrainingWorx Ltd, a provider of a wide range of Procurement and Analytic business training programs (inc. GDPR, spend analysis, project management, process improvement, etc.) and focussed short-term consulting solutions. Tony can be contacted at tony.bridger@data-trainingworx.co.uk.

On of the key failings of the EU legislation is the apparent lack of standard EU approved clauses. They will arrive – at some point. For now, many vendors both inside and external to the EU will need to manage as best they can. We have covered the main contractual relationships required between processors and controllers. However, in brief they are:

  • Controllers must only use processors which are able to guarantee that they will meet the requirements of the GDPR and protect the rights of data subjects.
  • Controllers must ensure that they put a contract in place which meets the requirements set out in the available guidance.
  • They must provide documented instructions for the processor to follow.
  • Controllers remain directly liable for compliance with all aspects of the GDPR, and for demonstrating that compliance. If this isn’t achieved, then they may be liable to pay damages in legal proceedings or be subject to fines or other penalties or corrective measures

One of the major contractual changes between Controller–Processor is going to be the need to keep processing records. Given the nature of the change, if the provider is outside of the European area, this would be an important contractual requirement. It is also an important record of activity if a breach or error occurs.

It seems logical that most companies in the data business would see keeping records of processing activity as a normal standard business practice. Not so it seems.

For analytics (or any procurement platform provider), it may well be worth keeping some form of record of processing activity — if this is not currently a part of operational management. This may cover elements like data refresh receipt, refresh activity, new report generation and any other activity that takes place on the data. Remember, it would make sense to have one processing record for every processing requirement made by a controller. What would this take? A simple spreadsheet entry in most cases.

This may seem onerous, but if suppliers are anonymising or removing data from the transactions records, the who, what, why, where and when of processing maintained in records will allow tracking and follow up of errors if a breach occurs. It is an overhead – but is the basis of managing data more carefully and being able to cope with an audit.
However, as we will explain in a later post, the bureaucracy of the EU knows no bounds. We will introduce the concept of the DPIA, (Data Protection Impact Assessment) shortly.

The DPIA is an interesting concept — quite what anyone would do with these assessments at Supervisory Bodies (given the likely volumes) has to be questionable.

However, prior to that, we have to cover the thorny subject of consents.

Thanks, Tony.