Download your IT & Cybersecurity Buying Guide just in time for Cybersecurity Awareness Month

20 Vendor Contracting Terms To Know

Blog Home » Vendor Management » 20 Vendor Contracting Terms To Know


Top 20 Vendor Management and Contracting Terms To Know

Looking for an IT or cyber security vendor or have an upcoming meeting with your IT and security service provider? Study the terms below to prepare yourself for the engagement. This will help you avoid becoming overwhelmed by all the vendor management lingo and contracting jargon. With the list below, you’ll easily be a knowledgeable expert.

  • Cure Notice: a letter of expectation sent out when vendor a is not living up to contractual agreements

  • Evergreen Contract: an agreement to automatically renew the two year contract

  • Formal Bid: a bid that must be submitted in a sealed envelope and in conformance with a prescribed format to be opened in public at a specified date and time

  • Forward Purchasing: making purchasing to adjust to future charges in the market

  • Fourth Party: the service provider of the vendor or when the third party outsources

  • GLBA-Gramm-Leach-Bliley Act: consumers right to limited protection from shared private information by financial institutions

  • Governance: the activity of having authority to conduct the policy, actions, and affairs of a state, organization, or people

  • Joint Administrative Purchasing: joint purchasing office buying some or the entire purchases

  • Limitation of Liability: a disclaimer that limits the parties ability to bring a legal claim against each other or to recover damages

  • Matters Requiring Attention or MRA: issues that have potential to lead to enforcement actions, they need to be addressed as soon as possible

  • Mitigation Action: steps taken to reduce or eliminate long term risk

  • Right to Audit Provision: buyers right to look over the vendors records to see if they are staying on track with company policy and not violating contract

  • Recovery Point Objective or RPO: data retrieved from backup storage after system failure

  • Recovery Time Objective or RTO: examining the amount of time a system needs to reboot after system failure

  • Reputation Risk: risking your reputation and image by partnering with companies

  • Request for Proposal or RFP: also known as business requirements or scope of work - a document for a company to request a service or good

  • Statutory Law: a written law passed by legislation - state or federal

  • System and Operations Control Reports: statement on controls at service company

  • Secondary Control: purpose is to decrease losses in, maintain, and add to current levels of primary control

  • Tertiary Control: in a host power system this is the highest level, non-essential control that can still be applied effectively to a business process

We know vendor contracting can be a bit daunting. Here’s a few more tips to help you implement successful contracts.

Tip #1

Provisions for vendor contract relationships

  • Always have a contract readily accessible for key stakeholders
  • Get it in writing
  • Have a clear understanding of requirements for vendors
  • Set measurable service levels

Tip #2

Managing vendor contracts

  • Find a direct contact
  • Keep track of renewal status
  • Do research and be knowledgeable of contracting terms
  • Set reporting expectations whether quarterly, annually or other

Tip #3

Four key areas for IT vendor management

Bala Kudaravalli, sales force Director of Marketing Technology, says the four key areas to focus on include:

  1. The contract - use it to help manage the intricacies of IT procurement
  2. Performance is key to eliminating disruptions in customer service and internal operations, while ensuring the highest level of quality
  3. The relationship where you assess the value of the entire partnership
  4. Risk must be evaluated and mitigated for potential impact

In short, Bala Kudaravalli describes vendor management as “a process that allows organizations to control costs, strengthen service, and reduce risk throughout the process of outsourcing to vendors while extracting the most value from the investment.”

For more IT vendor management tips, download our Secrets to IT Outsourcing e-book.

Need help scoping your work or finding a new IT managed security provider? Talk with a TechStak adviser today. We’re here to help.

Check out related blog posts

7 Mistakes to Avoid When Choosing an IT Vendor

7 Mistakes to Avoid When Choosing an IT Vendor

## **7 mistakes people make when choosing their IT vendors and other types of technology providers** ![7_Mistakes_to_Avoid_When_Choosing_an_IT_Vendor.png](/uploads/7_Mistakes_to_Avoid_When_Choosing_an_IT_Vendor.png) Organizations of all sizes outsource some aspect of...

7 Communication Tips to Ensure a Successful IT Partnership

7 Communication Tips to Ensure a Successful IT Partnership

![7-Communication-Tips.png](/uploads/7-Communication-Tips.png) The [shift to remote work]( is here, possibly to stay. Some businesses made the transition smoothly and successfully, others experienced hiccups along with way,...

Best Practices for Vendor Management

Best Practices for Vendor Management

Step One - Finding the Perfect Match Carefully selecting the right vendor or service provider is only the first step in effective outsourcing. You...

Ready to get started?
Engage with your new tech provider today
Find A Provider