RFx Management: The First Step in the Third-Party Risk Lifecycle

Consider a common purchasing scenario: A procurement manager is engaged by a line-of-business team to help source and evaluate a new IT solution for the enterprise. That activity will likely involve the procurement manager convening an internal team of potential users, gathering and finalizing technical and business requirements, developing a scoring model, and identifying vendor candidates.

Once the vendors have been identified, the procurement or sourcing manager will invite them to complete a (usually spreadsheet-based) request for proposal (RFP). Procurement will send multiple emails to multiple vendors, answer seemingly endless questions, gather responses, and collate answers to enable comparison.

Then, the procurement and sourcing manager will work with the line-of-business team to evaluate and compare vendor responses based on the technical and business requirements, and select a final candidate. Once the vendor is notified, procurement moves to negotiate the contract and pricing, and the vendor relationship begins.

The Problem with Existing RFx Approaches

This scenario all too common in enterprises today. Teams utilize a highly manual process focused solely on determining whether the solution is fit for purpose and fit for use. However, they often ignore the potential risks that a new vendor could introduce into their environment until after the contracting process has begun (or worse, after it’s completed). This raises a clear need for:

1. Automation to simplify and speed the evaluation process
2. Intelligence to match a vendor’s risk with the organization’s risk appetite

The problem is, there have been few options available that enable teams to efficiently accomplish both objectives. Until now.

Introducing RFx Essentials: Strengthening Vendor Selection Processes with Automation and Intelligence

Today, Prevalent is announcing RFx Essentials, a SaaS solution that centralizes and automates the distribution, comparison, and management of requests for proposals (RFPs) and requests for information (RFIs). RFx Essentials makes it easy for procurement teams to not only select solutions and vendors that meet your organization’s functionality and risk requirements, but also take a critical first step in managing risk throughout the third-party lifecycle with built-in vendor intelligence.

Comprehensive Risk Intelligence for Vendor Selection

Unique risk intelligence capabilities in the RFx Essentials vendor profile include:

• Vendor demographics, such as geographic location, which can help refine data privacy considerations or understand regional corruption and geo-political risks
• Fourth-party technologies in use, providing much-needed visibility into technology concentration risk and to uncover peripheral technologies
• Environmental, social, and governance (ESG) scores to determine if the vendor is aligned with your enterprise’s core values

Additional insights available in line with RFx responses include:

• Business updates, like recent M&A activity, news, regulatory and legal information, and operational updates that could signal vendor instability
• Reputational insights such as adverse media, sanctions, state-owned enterprise screening, and politically exposed persons (PEPs) screening
• Financial insights, including credit rating, payment history, and financial performance to ensure the vendor is on a solid footing
• Data breach history and disclosures, to help determine whether the vendor is vulnerable to cyber attacks

This comprehensive risk intelligence model adds context vendor selection decisions and can eliminate the need for multiple, siloed tools.