Critical requirements in establishing partnerships and executing projects with vendors in the Princeton environment

Context:

Many projects will require vendor engagements. Use this document to help:

Identify the “right” vendor for your Princeton project

Anticipate important contract/sow negotiation points so that a realistic timeframe can be incorporated into the project for these activities

Understand the biggest “make or break” factor once the contract/sow is in place and the project is being executed

The following are the most critical factors in establishing partnerships/working successfully with vendors for Princeton projects:

  1. Selecting a vendor
  1. Ivy+ and Common Solutions Group (CSG) experiences and recommendations
  2. What are their experiences and recommendations?
  3. What can we expect from the vendor?
  4. What kind of cost might be expect?
  1. Dun & Bradstreet analysis (esp. in instances involving technology solutions where the vendor has only been in business for under 10 years...is the company likely to be around for the next few years?). Please contact Becky Goodman in OIT for help on this.
  1. Complete the ASR questionnaire (to ensure that the solution meets security and technical standards).
  1. SSAE 16 SOC 2 report analysis for cloud/hosted solutions
  2. Context: This is an industry standard audit report performed on a cloud solution by a 3rd party. It helps entities like Princeton to understand the technologies in use, where the data might be stored, how the vendor would handle a data breach, etc.
  3. During the contract negotiation phase, Princeton will mandate clauses that a) this audit report will be generated annually, and b) Princeton can request this report from the vendor at any time
  1. Pre-contract “gut check”
  2. Does the vendor seem to want to develop a partnership/relationship with Princeton vs. just wanting to “make a sale”?
  3. Does it feel like the vendor is trying to understand our “business”, and are they thinking about the long term (beyond this immediate need that we’re exploring)?

Note: Vendors that you can answer “yes” about for i and ii are more likely to negotiate mutually beneficial contracts with Princeton; there is a much higher probability of getting a contract signed (in a reasonable amount of time) if a vendor that wants to partner with Princeton is selected.

  1. Contract/SOW derivation, negotiation, and execution
  1. Define and document in as much detail as possible:
  2. Deliverables (to the degree that it makes sense e.g. is this a contract where the vendor is bringing expertise that Princeton can act upon with our own resources vs. the vendor literally creating products and/or serving as “boots on the ground” for us?)
  3. Date for each deliverable
  4. Anticipated spend by deliverable/phase (and ideally tie the payment schedule to the deliverables vs. something generic like “50% up front and then 50% upon completion”)
  5. Roles and responsibilities - differentiate what work to be performed by the vendor vs. Princeton
  6. Protocol for communication of status updates and billing (how frequently, etc.)
  1. Negotiations (conducted by Becky but may require other input, including an Office of General Counsel (OGC) review)
  2. Ability to negotiate a fair compromise on the liability scale (vendor will want limited liability vs. Princeton wants unlimited liability: what can we agree upon?)
  3. Ability to negotiate a fair compromise on indemnification (compensation for loss or damage from the actions of either side)
  4. Ability to negotiate a fair compromise on causes for and consequences of contract termination
  5. Ability to negotiate favorable/fair pricing

Note: The above sets of activities typically span several weeks through several months, depending upon the size of the contract, and who will need to participate in it (Becky, Procurement, OGC). Please take this into account when planning your project.

  1. Project execution
  1. Identify the appropriate Princeton project team member that will be responsible for actively tracking the terms of the contract and communicating status/deviations to project stakeholders
  2. How are we tracking against budget?
  3. Are we receiving deliverables according to the agreed upon schedule?
  4. Do we still anticipate having enough funds through project completion?
  1. Agree upon frequency of reporting on the health/status/issues
  1. Agree upon target audience for health/status/issues communication