This page is intentionally left blank
Value-led sourcing governance framework Page 45
This page is intentionally left blank
Value-led sourcing governance framework Page 46
4. Oversight and Control
To effectively and collaboratively manage the engagement, the parties will set up joint governance committees
and meeting structure.
In this chapter the division of duties within and between the standing governance committees is laid down.
These are complementary to the contractual provisions and applicable legal and regulatory rules and
regulations. Within the Value-led framework the following standing governance committees are recognized. A
standing committee is expected to exist during the term of the engagement. Sub-committees or ad hoc
committees are not included in the framework as they are too company and engagement specific.
Value-led sourcing governance framework Page 47
Principle 4.1 Joint governance boards and meeting structure
To effectively and collaboratively manage the engagement the parties will set up a serie of joint standing
governance boards and meeting structures for the term of the engagement. Sub-committees or ad hoc
committees are not included in the framework as they are too company and engagement specific.
Within the Value-led framework the following standing governance committees are recognized:
a) Supervisory Board
b) Managing Board
c) Audit & Risk oversight committee
d) Risk & Compliance Board
e) Contract and Commercial Board
f) Service Delivery Board
g) Project Delivery Board
The joint boards and committees have members from both the client and the service provider with the objective
to jointly manage the engagement. The members of the boards and committees shall perform their tasks in a
meticulous, expert and fair manner, taking into account contractual provisions, company policies, applicable law
and regulatory and professional requirements.
Value-led sourcing governance framework Page 48
4.1 Supervisory Board charter
The Supervisory Board is the highest governance body to the engagement and its members hold the final
responsibility for the engagement for their respective organisations. The Supervisory Board is a strategic decision
maker, next to the Managing Board.
4.1.1 Supervisory Board responsibilities
The Supervisory Board is responsible for supervising the Managing Board and the engagement’s general affairs
and for advising their respective Boards of Directors. In discharging its duties, the Supervisory Board shall be
guided by the contract and the interests of the members respective companies to the contract; it shall take into
account the relevant interests of all those involved in the engagement, including the companies’ stakeholders.
The Supervisory Board is responsible for the quality of its own performance.
The responsibilities of the Supervisory Board shall include:
a) Supervising and monitoring, and advising the Managing Board periodically on:
o performance of the engagement and the achievement of objectives;
o the risk policy pursued and the risk profile in the context of the adopted risk appetite;
o the design and effectiveness of the risk management and control systems;
o the organisational structure of the engagement, in particular monitoring its robustness,
transparency and the presence of effective communication and reporting channels;
o service and financial reporting;
o compliance with the contract, legislation and other regulations.
b) taking important decisions on strategic change that help the anagement adapt to important external
changes;
c) once per year, upon advice of the Audit and Risk committee, reviewing the risk profile and approving
the risk appetite as proposed by the Managing Board;
d) disclosing, complying with and enforcing the engagement’s governance structure;
e) reviewing and approving any specific high impact actions;
f) handling, and deciding on, reported conflicts of interest;
g) the Supervisory Board shall prepare and publish a report on its function and activities during the
preceding reporting year. The report will be included in the annual engagement report produced by the
Managing Board.
4.1.2 Number of members of the Supervisory Board
The client and each of the service providers to the engagement(s) will have a Supervisory Board representative.
4.1.3 Composition of the Supervisory Board
The composition of the Supervisory Board shall be such that it includes members of both the client and the
service provider(s), and that their experiences meet the managerial and professional requirements to best carry
out the variety of its responsibilities to the engagement and their respective companies consistent with
contractual provisions and applicable law and regulations. Members of the Supervisory Board are appointed by
the Board of Directors of the respective companies.
4.1.4 Chairman and secretary
The client’s member will chair the Supervisory Board. (The ‘Chairman’). The Chairman chairs the meetings of the
Supervisory Board, acts on behalf of the Supervisory Board as main contact and ensures, as chairman, the
orderly and efficient conduct of the Board’s meetings. The Chairman shall see to it that:
a) the Supervisory Board members shall timely receive all information which is necessary for the proper
performance of their duties;
b) there is sufficient time for consultation and decision-making by the Supervisory Board and the
co-ordination of the appropriate decision making process, including consultations by the members
within their respective organisations;
c) discussions are open, frank and critical within the decision making process;
d) the committees reporting into the Supervisory Board function properly;
e) meetings are minuted.
Value-led sourcing governance framework Page 49
4.1.5 Supervisory Board meetings
The Supervisory Board shall meet at least two times a year in a joint meeting in accordance with a
schedule drawn up during the previous year. Meetings can also be convened whenever two or more
members, or the Chairman of the Supervisory Board, have requested a meeting. Supervisory Board
meetings are generally held at the offices of the client, but may also take place elsewhere. In addition,
meetings may be held by telephone, videoconference provided all participants can hear each other
simultaneously.
The agenda of the meetings shall be drawn up in joint consultation between the Chairman of the
Supervisory Board and the members.
Members of the Supervisory Board who are frequently absent during meetings of the Supervisory
Board shall be asked by the Chairman to explain their absence. Attendance of the meetings of the
Supervisory Board is registered and reported.
Meetings shall be convened by the secretary. Where this is practically possible, notices convening a
meeting and the agenda of items to be considered and discussed therein shall be dispatched at least 5
working days before the meeting and sent to each member of the Supervisory Board.
Minutes of the meeting shall be prepared by the secretary of the meeting. They shall generally be
adopted within 5 working days after receipt of the draft minutes but no later than the next meeting.
Value-led sourcing governance framework Page 50
4.2 Managing Board charter
The Managing Board is subordinate to the Supervisory Board. For smaller engagement the Supervisory Board
may decide to take on the Managing Board responsibilities themselves.
4.2.1 Managing Board responsibilities
The Managing Board is responsible for the day-to-day management of the engagement. The Managing Board
develops a vision and a strategy on how to best realize the intents and objectives of the engagement. It should
ensure that the necessary financial, technical and human resources are in place to meet its objectives and
review management performance. The Managing Board should set the engagements values and standards, its
key performance indicators and ensure that its contractual obligations are understood and met. In discharging
its duties, the Managing Board shall be guided by the contract, the recipients of the service and the interests of
the members respective companies to the contract. The Managing Board is accountable to the Supervisory
Board.
The responsibilities of the Managing Board shall include:
a) Develop a strategy on how to best realize the intents and objectives of the engagement. In drafting the
strategy to following should be considered:
o feasibility and implementation of the strategy;
o capabilities and operating models of the service recipient and service provider;
o risks to the engagement, the sourcing partners and other stakeholders;
o operational and financial capabilities and objectives of the sourcing partners;
o other relevant factors such as commercial, social, environmental, political, legal, technical and
human resources.
b) design and implement effective risk management and control systems;
c) design and implement an effective governance information management system;
d) install subordinate committees to realise the objectives and strategies set out and provide them with
clear objectives, resources and mandates;
e) supervising, monitoring, and advising subordinate committees periodically on:
o Performance of the engagement and the achievement of objectives;
o working processes, procedures and tools applied to realise objectives;
o status, progress and quality of ongoing work, including the use of provided resources;
o risks to the engagement and associated Controls and mitigating actions;
o compliance with the contract, legislation and other regulations.
f) reviewing the risk profile and setting the risk appetite and risk control and mitigating approaches;
g) take decisions on proposals from subordinate committees;
h) reviewing and approving any specific high impact actions by subordinate committees;
i) handling, and deciding on, reported conflicts of interest;
j) maintaining an effective governance structure.
4.2.2 Number of members of the Managing Board
The Managing Board will have one principle member from the client and each of the service providers to the
engagement. On the client side this would typically be the Head of the Retained Organisation and on the
supplier side the Head of the Delivery Unit. It is to the discretion of the principle members to decide on the
number of members. However it is recommended to keep the number of members low to facilitate efficient
information exchange and decision taking.
4.2.3 Composition of the Managing Board
The composition of the Supervisory Board shall be such that it includes members of both the client and the
service provider(s), and that their experiences meet the managerial and professional requirements to best carry
out the variety of its responsibilities to the engagement and their respective companies consistent with
contractual provisions and applicable law and regulations. Members of the Managing Board are appointed by
the principle members Managing Board and are expected to include The Chairs of the Managing Board’s
subordinate committees. Should this lead to overrepresentation by one of the parties to the engagement,
the principle members may decide to balance this by inviting other members from the subordinate committees.
Value-led sourcing governance framework Page 51
4.2.4 Chairman and secretary
The client’s member will chair the Managing Board. (The ‘Chairman’). The Chairman chairs the meetings of the
Managing Board, acts on behalf of the Managing Board as main contact and ensures, as chairman, the orderly
and efficient conduct of the Board’s meetings. The Chairman shall see to it that:
a) the Managing Board members shall timely receive all information which is necessary for the proper
performance of their duties;
b) there is sufficient time for consultation and decision-making by the Managing Board and the
co-ordination of the appropriate decision making process, including consultations by the members
within their respective organisations;
c) discussions are open, frank and critical within the decision making process;
d) the committees reporting into the Managing Board function properly;
e) meetings are minuted.
4.2.5 Managing Board meetings
The Managing Board shall meet at least 4 times a year in a joint meeting. In a dynamic business
environment however a meeting frequency of 12 time a year may be more appropriate. Meetings can
also be convened whenever two or more members, or the Chairman of the Managing Board, have
requested a meeting. Managing Board meetings are generally held at the offices of the client, but may
also take place elsewhere. In addition, meetings may be held by telephone, videoconference provided
all participants can hear each other simultaneously.
The agenda of the meetings shall be drawn up in joint consultation between the Chairman of the
Managing Board and the members.
Members of the Managing Board who are frequently absent during meetings of the Managing Board
shall be asked by the Chairman to explain their absence. Attendance of the meetings of the Managing
Board is registered and reported.
Meetings shall be convened by the secretary. Where this is practically possible, notices convening a
meeting and the agenda of items to be considered and discussed therein shall be dispatched at least 5
working days before the meeting and sent to each member of the Managing Board.
Minutes of the meeting shall be prepared by the secretary of the meeting. They shall generally be
adopted within 5 working days after receipt of the draft minutes but no later than the next meeting.
4.2.6 Annual engagement report
The Managing Board will inform the Supervisory Board and the Audit Oversight Committee regularly on the
overall status of the engagement. Information will be provided as frequently as the Supervisory Board or Audit
Oversight Committee deems necessary. It is recommended that there should be not fewer than 4 reports during
the year.
Once per year a more extensive report is submitted to the Supervisory Board in which includes a full
performance and financial overview and explanation over the past year, and an outlook of objectives, risks and
activities for the year to come. The report includes:
a) Compliance with the governance framework
b) Activities and functioning of the Managing Board and subordinate committees
c) Supplier performance based on agreed service levels
d) Customer (service recipient) satisfaction
e) Contract alignement to business needs and main changes to the contract
f) Annual spend and service volumes
g) Audit results and effectiveness of the audit
h) Risk appetite, main risks and effectiveness of risk management
i) Outlook for next year
The principle members of the Managing Board may decide to separately inform their company’s Supervisory
Board member on subjects sensitive to their company.
Value-led sourcing governance framework Page 52
4.3 Audit Oversight Committee charter
The Audit Oversight Committee is an independent subcommittee to the Advisory Board. For smaller engagement
the Supervisory Board may decide to take on the Audit Oversight Committee responsibilities themselves.
4.3.1 Audit Oversight Committee responsibilities
The Audit Oversight Committee is responsible for ensuring that the engagement’s reporting, risk management
and control systems are transparent, fair and unbiased so that informed decisions can be taken.
The responsibilities of the Audit Oversight Committee shall include:
a) to monitor the integrity of the performance reporting and any announcements or decisions that have a
major impact on the engagement or relationship between the parties to the contract;
b) to monitor effective use of information and communication technology underpinning the governance
function;
c) to review the engagement’s internal Controls and risk management systems;
d) to review and monitor the auditor’s independence and objectivity and the effectiveness of the audit
process, taking into consideration contractual provisions and relevant company, professional and
regulatory requirements;
e) to monitor and review the effectiveness of the engagement’s audit function;
f) to monitor compliance with recommendations by the auditor.
4.3.2 Number of members of the Audit Oversight Committee
The Audit Oversight Committee will have one principle member from the client and one from each of the service
providers to the engagement. It is to the discretion of the principle members to decide on the number of
members. However it is recommended to keep the number of members low to facilitate efficient information
exchange and decision taking.
4.3.3 Composition of the Audit Oversight Committee
The composition of the Audit Oversight Committee shall be such that it includes members of both the client and
the service provider(s), and that their experiences meet the managerial and professional requirement to best
carry out the variety of its responsibilities to the engagement and their respective companies consistent with
contractual provisions and applicable law and regulations. Members of the Audit Oversight Committee are
appointed by the principle members of the Audit Oversight Committee. Members of the Audit Oversight
Committee operate independently from the Managing Board.
4.3.4 Chairman and secretary
The client’s member will chair the Audit Oversight Committee. (The ‘Chairman’). The Chairman chairs the
meetings of the Audit Oversight Committee, acts on behalf of the Audit Oversight Committee as main contact
and ensures, as chairman, the orderly and efficient conduct of the Committee’s meetings. The Chairman shall
see to it that:
a) the Audit Oversight Committee members shall timely receive all information which is necessary for the
proper performance of their duties;
b) there is sufficient time for consultation and decision-making by the Audit Oversight Committee and the
co-ordination of the appropriate decision making process, including consultations by the members
within their respective organisations;
c) discussions are open, frank, unbiased and critical within the decision making process;
d) meetings are minuted.
4.3.5 Audit Oversight Committee meetings
The Audit Oversight Committee shall meet at least 2 times a year in a joint meeting in accordance with
a schedule drawn up during the previous year. Meetings can also be convened whenever two or more
members, or the Chairman of the Audit Oversight Committee, have requested a meeting. Audit
Oversight Committee meetings are generally held at the offices of the client, but may also take place
elsewhere. In addition, meetings may be held by telephone, videoconference provided all participants
can hear each other simultaneously.
Value-led sourcing governance framework Page 53
Formal meetings of the Audit Oversight Committee are at the heart of its work. However, they will
rarely be sufficient. It is expected that the Audit Oversight Committee chairman, and to a lesser extent
the other members, will wish to keep in touch on a continuing basis with the key people involved in the
engagement’s governance, including the Managing Board principal managers, the contract managers
and the auditor.
The agenda of the meetings shall be drawn up in joint consultation between the Chairman of the Audit
Oversight Committee and the members.
Members of the Audit Oversight Committee who are frequently absent during meetings of the Audit
Oversight Committee shall be asked by the Chairman to explain their absence. Attendance of the
meetings of the Audit Oversight Committee is registered and reported.
Meetings shall be convened by the secretary. Where this is practically possible, notices convening a
meeting and the agenda of items to be considered and discussed therein shall be dispatched at least 5
working days before the meeting and sent to each member of the Audit Oversight Committee.
Minutes of the meeting shall be prepared by the secretary of the meeting. They shall generally be
adopted within 5 working days after receipt of the draft minutes but no later than the next meeting.
4.2.6 Audit Oversight Committee report
The Audit Oversight Committee will inform the Supervisory Board periodically on its priorities and activities in
accordance with a schedule agreed with the Supervisory Board. Part of the Audit Oversight Committee’s
reporting role is in relation to the annual engagement report provided by the Managing Board and ensuring that
the information provided is appropriate, unbiased, complete and just. Practice however may vary largely by
company and engagement.
Value-led sourcing governance framework Page 54
4.4 Contract and Commercial Board charter
The Contract & Commercial Board is subordinate to the Managing Board. For smaller engagement the Managing
Board may decide to take on the Contract & Commercial Board responsibilities themselves.
4.4.1 Contract & Commercial Board responsibilities
The Contract & Commercial Board is responsible for the day-to-day management of the contractual and
commercial aspects of the engagement. The Contract & Commercial Board operates in close cooperation with
the Service Delivery Board and the Project Delivery Board to ensure that their activities take place in a
‘controlled’ contractual and commercial framework. In discharging its duties, the Contract & Commercial Board
shall be guided by the contract and the interests of the members respective companies to the contract and by
directions on priorities from the Managing Board to which it is accountable. The Service Delivery Board also
brings issues and recommendations to the Managing Board for its consideration.
The responsibilities of the Contract & Commercial Board shall include:
a) Develop and implement a plan on how to monitor and ensure compliance with intents, objectives and
obligations during the operational stage of the contract;
b) identify, eliminate or reduce ommisions and/or ambiguities in the contract;
c) ensure contractual compliance with changing business needs;
d) take decisions on proposed contract changes;
e) conduct or have conducted benchmarks in accordance with contractual provisions.
f) design and implement an effective contract information management system.
4.4.2 Number of members of the Contract & Commercial Board
The Contract & Commercial Board will have one principle member from the client and each of the service
providers to the engagement. The principle members are appointed by the principle members of the Managing
Board and would typically be the contract managers of the parties to the engagement. It is to the discretion of
the principle members to decide on the number of members. However it is recommended to keep the number
of members low to facilitate efficient information exchange and decision taking.
4.4.3 Composition of the Contract & Commercial Board
The composition of the Contract & Commercial Board shall be such that it includes members of both the client
and the sevice provider(s), and that their experiences and mandates meet the professional requirements to best
carry out the variety of its responsibilities to the engagement and their respective companies consistent with
contractual provisions and applicable law and regulations.
4.4.4 Chairman and secretary
The client’s member will chair the Contract & Commercial Board. (The ‘Chairman’). The Chairman chairs the
meetings of the Contract & Commercial Board, acts on behalf of the Contract & Commercial Committee as main
contact and ensures, as chairman, the orderly and efficient conduct of the Committee’s meetings.
The Chairman shall see to it that:
a) the Contract & Commercial Board members shall timely receive all information which is necessary for
the proper performance of their duties;
b) there is sufficient time for consultation and decision-making by the Contract & Commercial Board and
the co-ordination of the appropriate decision making process, including consultations by the members
within their respective organisations;
c) discussions are open, frank and critical within the decision making process;
d) meetings are minuted.
4.4.5 Contract & Commercial Board meetings
The Contract & Commercial Board shall meet at least 4 times a year in a joint meeting in accordance
with a schedule drawn up in accordance with the Managing Board. In a dynamic business environment
however more frequent meetings may be more appropriate. Meetings can also be convened whenever
two or more members, or the Chairman of the Contract & Commercial Board, have requested a
meeting. Contract & Commercial Board meetings are generally held at the offices of the client, but may
also take place elsewhere. In addition, meetings may be held by telephone, videoconference provided
all participants can hear each other simultaneously.
Value-led sourcing governance framework Page 55
Formal meetings of the Contract & Commercial Board are at the heart of its work. However, they will
rarely be sufficient. It is expected that the Contract and Commercial Board principle member (the
contract managers), will wish to keep in touch on a continuing basis with the key people involved in the
engagement’s governance, including the contract owner, service owner, project managers, service
managers and the auditor.
The agenda of the meetings shall be drawn up in joint consultation between the Chairman of the
Contract & Commercial Board and the members.
Members of the Contract & Commercial Board who are frequently absent during meetings of the
Contract & Commercial Board shall be asked by the Chairman to explain their absence. Attendance of
the meetings of the Contract & Commercial Board is registered and reported.
Meetings shall be convened by the secretary. Where this is practically possible, notices convening a
meeting and the agenda of items to be considered and discussed therein shall be dispatched at least 5
working days before the meeting and sent to each member of the Contract & Commercial Board.
Minutes of the meeting shall be prepared by the secretary of the meeting. They shall generally be
adopted within 5 working days after receipt of the draft minutes but no later than the next meeting.
4.4.6 Reporting
The Contract & Commercial Board will inform the Managing Board regularly on the overall statics of the
contractual and commercial aspects of the contract, their priorities, actions and decisions. Information will be
provided as frequently as the Managing Board deems necessary. It is recommended that there should be not
fewer than 4 reports during the year.
Once per year a more extensive report is submitted to the Managing Board in which includes a full performance
and financial overview and explanation over the past year, and an outlook of objectives, risks and activities for
the year to come. The report includes:
a) activities and functioning of the Contract & Commercial Board;
b) contract alignment to business needs and main changes to the contract;
c) annual spend and service volumes;
d) annual healthcheck;
e) outlook for next year.
The principle members of the Contract & Commercial Board may decide to separately inform their company’s
Managing Board member on subjects sensitive to their company.
Value-led sourcing governance framework Page 56
4.5 Service Delivery Board charter
The purpose of the Service Delivery Board is to ensure that external service delivery - services performed under
the contract -, are in accordance with service requirements and service levels in terms of quality, cost and time.
The Service Delivery Board is subordinate to the Managing Board. For smaller engagement the Managing Board
may decide to take on the Service Delivery Board responsibilities themselves.
4.5.1 Service Delivery Board responsibilities
The Service Board is responsible for the day-to-day delivery of contracted services and the monitoring of
supplier performance. The Service Delivery Board operates in close cooperation with Contract & Commercial
Board to ensure that its activities take place in a ‘controlled’ contractual and commercial framework.
In discharging its duties, the Service Deliver Board shall be guided by the contract and the needs of the service
recipients and by directions on priorities from the Managing Board to which it is accountable. The Service
Delivery Board also brings issues and recommendations to the Managing Board for its consideration.
The responsibilities of the Service Delivery Board shall include:
Periodical review of external service delivery based using a dynamic mix of risk based Controls;
inform the Managing Board about operational issues related to the external service delivery and
escalate issues as appropriate;
ensure appropriateness of Controls (KPI’s and other metrics);
Seek continuous improvements in customer satisfaction (this is not about extracting more from service
providers against their will, but about working together to improve service quality in such a way that it
benefits both parties);
provide recommendations to the Managing Board for service management process improvements
efforts.
monitor and facilitate the development and implementation of service improvements
conduct an annual review of the external service portfolio and provide recommendations to the
Managing Board for adding, changing, and removing services and for any associated recommended
changes in investment levels;
determine the appropriate introduction and sunsetting of services based on both value and costs.
Monitor and optimize the effectiveness of shared delivery processes (typically captured in the DAP).
4.5.2 Number of members of the Service Delivery Board
The Service Delivery Board will have one principle member from the client and each of the service providers to
the engagement. On the client side this would typically be the Head of the Service Management Organisation or
the Service Owner and on the supplier side the Service Delivery Manager. It is to the discretion of the principle
members to decide on the number of members. However it is recommended to keep the number of members
low to facilitate efficient information exchange and decision taking.
4.5.3 Composition of the Service Delivery Board
The composition of the Service Delivery Board shall be such that it includes members of both the client and the
service provider(s), and that their experiences meet the managerial and professional requirements to best carry
out the variety of its responsibilities to the engagement and their respective companies consistent with
contractual provisions and applicable law and regulations. Members of the Service Delivery Board are appointed
by the principle members Service Delivery Board and are expected to include The Chairs of any subordinate
committees. Should this lead to overrepresentation by one of the parties to the engagement,the principle
members may decide to balance this by inviting other members from the subordinate committees.
Value-led sourcing governance framework Page 57
4.5.4 Chairman and secretary
The client’s member will chair the Service Delivery Board. (The ‘Chairman’). The Chairman chairs the meetings of
the Service Delivery Board, acts on behalf of the Service Delivery Board as main contact and ensures, as
chairman, the orderly and efficient conduct of the Board’s meetings. The Chairman shall see to it that:
a) the Service Delivery Board members shall timely receive all information which is necessary for the
proper performance of their duties;
b) there is sufficient time for consultation and decision-making by the Service Delivery Board and the
co-ordination of the appropriate decision making process, including consultations by the members
within their respective organisations;
c) discussions are open, frank and critical within the decision making process;
d) the committees reporting into the Service Delivery Board function properly;
e) meetings are minuted.
4.5.5 Service Delivery Board meetings
The Service Delivery Board shall meet at least 12 times a year in a joint meeting in accordance with a
schedule drawn up during the previous year. Meetings can also be convened whenever two or more
members, or the Chairman of the Service Delivery Board, have requested a meeting.
Service Delivery Board meetings are generally held at the offices of the client, but may also take place
elsewhere. In addition, meetings may be held by telephone, videoconference provided all participants
can hear each other simultaneously.
The agenda of the meetings shall be drawn up in joint consultation between the Chairman of the
Service Delivery Board and the members.
Members of the Service Delivery Board who are frequently absent during meetings of the Service
Delivery Board shall be asked by the Chairman to explain their absence. Attendance of the meetings of
the Service Delivery Board is registered and reported.
Meetings shall be convened by the secretary. Where this is practically possible, notices convening a
meeting and the agenda of items to be considered and discussed therein shall be dispatched at least 5
working days before the meeting and sent to each member of the Service Delivery Board.
Minutes of the meeting shall be prepared by the secretary of the meeting. They shall generally be
adopted within 5 working days after receipt of the draft minutes but no later than the next meeting.
4.5.6 Reporting
The Service Delivery Board will inform the Managing Board regularly on the overall status of the external service
delivery. Information will be provided as frequently as the Manging Board deems necessary. It is recommended
that there should be not fewer than 12 reports during the year.
Once per year a more extensive report is submitted to the Managing Board in which includes a full performance
overview of external services and explanation over the past year, and an outlook of objectives, risks and
activities for the year to come. The report includes:
a) compliance with the governance framework;
b) activities and functioning of the Service Delivery Board and subordinate committees;
c) supplier performance based on agreed service levels;
d) customer (service recipient) satisfaction;
e) service volumes;
f) outlook for next year;
The principle members of the Service Delivery Board may decide to separately inform their company’s Managing
Board member on subjects sensitive to their company.
Value-led sourcing governance framework Page 58
4.6 Project Delivery Board charter
The purpose of the Project Delivery Board is to ensure that external project delivery - projects performed under
the contract -, are in accordance with agreed requirements in terms of quality, cost and time. The Project
Delivery Board is subordinate to the Managing Board. For smaller engagement the Managing Board may decide
to take on the Project Delivery Board responsibilities themselves.
4.6.1 Project Delivery Board responsibilities
The Project Delivery Board is responsible for the day-to-day delivery of contracted project and the monitoring of
supplier performance. The Project Delivery Board operates in close cooperation with Contract & Commercial
Board to ensure that its activities take place in a ‘controlled’ contractual and commercial framework.
In discharging its duties, the Project Deliver Board shall be guided by the contract and the project objectives and
by directions on priorities from the Managing Board to which it is accountable. The Project Delivery Board also
brings issues and recommendations to the Managing Board for its consideration.
The responsibilities of the Project Delivery Board shall include:
Periodical review of external project delivery based using a dynamic mix of risk based Controls;
inform the Managing Board about issues related to the external project delivery and escalate issues as
appropriate;
ensure appropriateness of Controls (KPI’s and other metrics);
provide recommendations to the Managing Board for project management process improvements
efforts.
4.6.2 Number of members of the Project Delivery Board
The Project Delivery Board will have one principle member from the client and each of the service providers to
the engagement. On the client side this would typically be the internal project manager, project director or
service owner and on the supplier side the Project Delivery Manager. It is to the discretion of the principle
members to decide on the number of members. However it is recommended to keep the number of members
low to facilitate efficient information exchange and decision taking.
4.6.3 Composition of the Project Delivery Board
The composition of the Project Delivery Board shall be such that it includes members of both the client and the
service provider(s), and that their experiences meet the managerial and professional requirements to best carry
out the variety of its responsibilities to the engagement and their respective companies consistent with
contractual provisions and applicable law and regulations. Members of the Project Delivery Board are appointed
by the principle members Project Delivery Board and are expected to include The Chairs of any subordinate
committees. Should this lead to overrepresentation by one of the parties to the engagement,the principle
members may decide to balance this by inviting other members from the subordinate committees.
4.6.4 Chairman and secretary
The client’s member will chair the Project Delivery Board. (The ‘Chairman’). The Chairman chairs the meetings of
the Project Delivery Board, acts on behalf of the Project Delivery Board as main contact and ensures, as
chairman, the orderly and efficient conduct of the Board’s meetings. The Chairman shall see to it that:
a) the Project Delivery Board members shall timely receive all information which is necessary for the
proper performance of their duties;
b) there is sufficient time for consultation and decision-making by the Project Delivery Board and the
co-ordination of the appropriate decision making process, including consultations by the members
within their respective organisations;
c) discussions are open, frank and critical within the decision making process;
d) the committees reporting into the Project Delivery Board function properly;
e) meetings are minuted.
Value-led sourcing governance framework Page 59
4.6.5 Project Delivery Board meetings
The Project Delivery Board shall meet at least 12 times a year in a joint meeting in accordance with a
schedule drawn up during the previous year. Meetings can also be convened whenever two or more
members, or the Chairman of the Project Delivery Board, have requested a meeting.
Project Delivery Board meetings are generally held at the offices of the client, but may also take place
elsewhere. In addition, meetings may be held by telephone, videoconference provided all participants
can hear each other simultaneously.
The agenda of the meetings shall be drawn up in joint consultation between the Chairman of the
Project Delivery Board and the members.
Members of the Project Delivery Board who are frequently absent during meetings of the Project
Delivery Board shall be asked by the Chairman to explain their absence. Attendance of the meetings of
the Project Delivery Board is registered and reported.
Meetings shall be convened by the secretary. Where this is practically possible, notices convening a
meeting and the agenda of items to be considered and discussed therein shall be dispatched at least 5
working days before the meeting and sent to each member of the Project Delivery Board.
Minutes of the meeting shall be prepared by the secretary of the meeting. They shall generally be
adopted within 5 working days after receipt of the draft minutes but no later than the next meeting.
4.6.6 Reporting
The Project Delivery Board will inform the Managing Board regularly on the overall status of the external project
delivery. Information will be provided as frequently as the Manging Board deems necessary. It is recommended
that there should be not fewer than 12 reports during the year.
Once per year a more extensive report is submitted to the Managing Board in which includes a full performance
overview of external services and explanation over the past year, and an outlook of objectives, risks and
activities for the year to come. The report includes:
a) compliance with the governance framework;
b) activities and functioning of the Project Delivery Board and subordinate committees;
c) supplier performance based on project performance;
d) outlook for next year;
The principle members of the Project Delivery Board may decide to separately inform their company’s Managing
Board member on subjects sensitive to their company.
Value-led sourcing governance framework Page 60
4.7 Risk & Compliance Board charter
The purpose of the Risk & Compliance Board is to ensure that external project delivery - projects performed
under the contract -, are in accordance with agreed requirements in terms of quality, cost and time. The Project
Delivery Board is subordinate to the Managing Board. For smaller engagement the Managing Board may decide
to take on the Risk & Compliance Board responsibilities themselves.
4.7.1 Risk & Compliance Board responsibilities
The Risk & Compliance Board is responsible for ensuring that the day-to-day delivery of contracted project and
the monitoring of supplier performance. The Risk & Compliance Board operates in close cooperation with
Contract & Commercial Board to ensure that its activities take place in a ‘controlled’ contractual and commercial
framework. In discharging its duties, the Risk & Compliance Board shall be guided by the contract and the project
objectives and by directions on priorities from the Audit Oversight Committee and Managing Board to which it is
accountable. The Risk & Compliance Board also brings issues and recommendations to the Managing Board and
Audit Oversight Committee for its consideration.
The responsibilities of the Risk & Compliance Board shall include:
periodical risk assessment;
annual audit of the supplier’s Quality Management System;
periodical assessment of risks to the contract and external service and project delivery;
maintain Risk Register in coordination with the Contract & Commercial Board;
conducts investigations to ensure the adequacy of Controls and compliance procedures
inform the Managing Board and Audit Oversight Committee about issues related to the external project
delivery and escalate issues as appropriate;
provide recommendations to the Managing Board and Audit Board for risk and compliance
management process improvements efforts.
4.7.2 Number of members of the Risk & Compliance Board
The Risk & Compliance Board will have one principle member from the client and each of the service providers
to the engagement. On the client side this would typically be the internal Risk & Compliance Officer and on the
supplier side the Risk & Compliance Officer. It is to the discretion of the principle members to decide on the
number of members. However it is recommended to keep the number of members low to facilitate efficient
information exchange and decision taking.
4.7.3 Composition of the Risk & Compliance Board
The composition of the Risk & Compliance Board shall be such that it includes members of both the client and
the service provider(s), and that their experiences meet the managerial and professional requirements to best
carry out the variety of its responsibilities to the engagement and their respective companies consistent with
contractual provisions and applicable law and regulations. Members of the Risk & Compliance Board are
appointed by the principle members Risk & Compliance Board and are expected to include The Chairs of any
subordinate committees. Should this lead to overrepresentation by one of the parties to the engagement,the
principle members may decide to balance this by inviting other members from the subordinate committees.
4.7.4 Chairman and secretary
The client’s member will chair the Risk & Compliance Board. (The ‘Chairman’). The Chairman chairs the meetings
of the Risk & Compliance Board, acts on behalf of the Risk & Complaince Board as main contact and ensures, as
chairman, the orderly and efficient conduct of the Board’s meetings. The Chairman shall see to it that:
a) the Risk & Compliance Board members shall timely receive all information which is necessary for the
proper performance of their duties;
b) there is sufficient time for consultation and decision-making by the Risk & Compliance Board and the
co-ordination of the appropriate decision making process, including consultations by the members
within their respective organisations;
c) discussions are open, frank and critical within the decision making process;
d) the committees reporting into the Risk & Compliance Board function properly;
e) meetings are minuted.
Value-led sourcing governance framework Page 61
4.7.5 Risk & Compliance Board meetings
The Risk & Compliance Board shall meet at least 4 times a year in a joint meeting in accordance with a
schedule drawn up during the previous year. Meetings can also be convened whenever two or more
members, or the Chairman of the Risk & Compliance Board, have requested a meeting.
Risk & Compliance Board meetings are generally held at the offices of the client, but may also take
place elsewhere. In addition, meetings may be held by telephone, videoconference provided all
participants can hear each other simultaneously.
The agenda of the meetings shall be drawn up in joint consultation between the Chairman of the Risk &
Compliance Board and the members.
Members of the Risk & Compliance Board who are frequently absent during meetings of the Risk &
Compliance Board shall be asked by the Chairman to explain their absence. Attendance of the meetings
of the Risk & Compliance Board is registered and reported.
Meetings shall be convened by the secretary. Where this is practically possible, notices convening a
meeting and the agenda of items to be considered and discussed therein shall be dispatched at least 5
working days before the meeting and sent to each member of the Risk & Compliance Board.
Minutes of the meeting shall be prepared by the secretary of the meeting. They shall generally be
adopted within 5 working days after receipt of the draft minutes but no later than the next meeting.
4.7.6 Reporting
The Risk & Compliance Board will inform the Managing Board and the Audit Oversight Committee regularly on
the engagement’s risk and compliance status. Information will be provided as frequently as the Managing Board
and Audit Oversight Committee deems necessary. It is recommended that there should be not fewer than 4
reports during the year.
Once per year a more extensive report is submitted to the Managing Board in which includes a full performance
overview of external services and explanation over the past year, and an outlook of objectives, risks and
activities for the year to come. The report includes:
a) a summary of the boards activities over the past year;
b) audit results;
c) compliancy statement;
d) current risk profile - main risks to the engagement;
e) outlook for next year.
The principle members of the Risk & Compliance Board may decide to separately inform their company’s
Managing Board or Risk Committee member on subjects sensitive to their company.
Value-led sourcing governance framework Page 62
Principle 4.2 Roles and responsibilities
Clarity of accountability is fundamental to effective governance. It should be very clear who is involved in the
communication and coordination of the various processes and activities. By “clear” we mean defining how,
when, and whom is involved; how and by whom decisions are made throughout the engagement; and who
arbitrates when a decision can’t be reached.
How and where these roles are positioned within the organisation’s hierarchical structures and functions differs
by company. Also the number of individuals performing these roles depends on the complexity of the
engagement and will differ by organisation. As a general principle however we recommend to keep the number
of people involved in overseeing and managing the engagement low. Also, the more people involved, the more
opinions, meetings, handovers, memos and reports which will complicate and slow down decision making
processes. Ideally the governance team is composed of a small team of broadly oriented and experienced people
that can quickly respond to changing circumstances. Some roles can also be performed on a temporary basis. An
(external) specialist for example may only be hired as a service controller for a short period of time to review the
quality of a specific process or product. Also, Leadmark’s managed governance service may take on some of the
burden of non-core activities, enabling clients to focus on more critical activities and strategic decision-making,
instead of time-consuming data crunching.
The following primary roles are common in executing governance activities:
Contract owner
The contract owner is a role assigned to a line manager within the organisation with the authority to
enter into a contract with a third party on behalf of the organisation. Both the client and the service
provider have assigned a contract owner with overall accountability for the engagement and the
business case (benefits received). On the supplier side this could be a board member or account
manager. On the client side this would often be a business unit manager or a CIO, CFO en CEO.
The client’s supervisor is also expected to chair the supervisory board.
Contract manager
The contract manager is, on behalf of the contract owner, responsible for operational / day-to-day
control of the contract based with the objective of ensuring that obligations are executed in
accordance with the contract and commitments made otherwise. Beyond that the contract manager is
responsible for the drafting, maintenance and execution of the sourcing governance plan.
Furthermore he is responsible for invoice validation and incorporating all applicable changes into the
contract.
Contract administrator
The contract administrator is, on behalf of the contract manager, responsible for maintaining records
of all information relevant to the management of the engagement. This includes formal contract
documents and agreements including the contract hierarchy, meeting minutes and decisions.
Service owner
The service owner is responsible for the provision of a service or product to the service recipients.
The service owner is responsible for user satisfaction and for setting service levels and key
performance indicators.
Service (level) manager
The service manager is, on behalf of the service owner,responsible for ensuring that the quality of the
services provided is in accordance with the agreed service levels. Beyond that the service manager
needs a deep understanding of internal performance requirements in order to articulate critical
thresholds for service levels to continuously align the contracted service levels with changing business
requirements. In doing so he works closely with the contract manager to ensure that the contract
reflects the current requirements of the service recipients. Additionaly the service manager
contributes to the drafting of the Performance Control Plan.
Value-led sourcing governance framework Page 63
Service control coordinator
The service control coordinator is responsible for the effective set up, execution and coordination of
the Controls captured in the Performance Control Plan.
(Lead) service controller
The service controller is responsible for technical substantive preparation and execution of the
Controls. The service controller has to collect independent factual evidence on the quality of the
supplier’s performance based on information provided by the service provider. For larger reviews a
team can be set up with a lead service controller and collaborating subject matter experts addressing
specific areas.
Risk manager
The risk manager is responsible for conduction regular risk assessments and maintaining the Risk
Register. The risk manager also contributes to the drafting of the Performance Control Plan.
Auditor
The auditor is responsibility to plan and perform audits to obtain reasonable assurance about whether
the information provided by the service provider are free of material misstatement, to enable fair,
transparent and fact-based decision making.
Legal counsel
The legal counsel is not a basic role in the day-to-day governance of the engagement but should kept
aligned and up to date on the general performance of the engagement. The legal counsel can provide
(unsolicited) guidance and support to the contract manager or contract owner.
Procurement officer
The procurement officer does not have a basic role in the day-to-day governance of the engagement
but should kept aligned and up to date on the general performance of the engagement.
The procurement officer can provide (unsolicited) guidance and support to the contract manager and
contract owner.
In addition to these primary roles two other roles need to be identified.
Head of the retained organisation
The Head of the retained organisation is the hierarchical head of the retained organisation. As such he
or she is leading the people working within the retained organisation. Typically the contract managers
and service managers. From this perspective the Head of the retained organisation has no direct
governance role. In practice however the Head of the retained organisation often also acts as service
or contract owner.
Subject matter expert (SME)
Although services may be provided by an external service provider, it is critical for the client to
maintain a thorough understanding of the sourced services. The fact that a service is sourced does
not excuse the client from keeping knowledge about this service up toe date. This knowledge
maintained by a domainexpert who can perform indepth assessments of service quality and/or guide
the service provider in developing and implementing new services. An IT-Architect or service manager
are examples of a subject matter expert.
Value-led sourcing governance framework Page 64
Principle 4.3 Information management and record keeping
The governance of sourcing and third-party engagements involves high volumes of documents and information
being exchanged between the client and the service provider. To effectively manage all this information takes
significant amounts of time and ineffective information management can lead to misunderstandings, risks and
mistakes, and takes a lot of time and effort to correct. Also in highly regulated industries like the banking,
insurance and the healthcare sector, information management plays a critical role to be compliant with
regulatory requirements on the management of third-party service providers.
To comply with the principle of fact based governance information management is of critical importance.
It requires a strong record keeping of all matters related to managing the engagement. This includes not just the
contract and contract changes but also records on supplier performance, the risk and issue logs, meeting
minutes, actions and decisions. All this information needs to be available on a ‘need to know’ basis to all those
involved in managing and auditing the engagement. Incomplete, ambigious or disputed information can be a
considerable risk resulting in confusion,delayed decisions, irritations and undermining of trust.
4.3.1 Minutes of meetings
Minutes of meetings are important from both a compliance and a record-keeping perspective. They also
constitute a formal record of the particular meeting which can be used in audits or as evidence in legal and
regulatory proceedings. Minutes can also serve as valuable evidence that a company or its directors have
fulfilled their obligations under the contract, company policies or legal or regulatory requirements.
What minutes should in fact contain will vary from company to company and from circumstance to
circumstance. However, minutes should at least provide sufficient detail (such as background information and
the rationale for the proposed decision) so that they can be understood by a person who didn’t attend the
relevant meeting. Also, special rules apply to certain companies such as banks and insurance undertakings.
It is not required to keep minutes of every meeting under the engagement but under the Value-lead governance
framework it is recommended that minutes are kept for the meetings of the Supervisory Board, the
Management Board, the Audit Oversight Committee and the standing committees reporting into the Managing
Board.
While the level of detail in minutes may be individual to a company or engagement we recommend that basic
minutes should include:
a) certain meta information about the meeting, including the company name, the type of meeting and the
place, date and time at which it was held;
b) the names of those present;
c) the names of those absent;
d) the name of the member who chaired the meeting;
e) the title or description of any meeting papers or reports that were considered;
f) the items discussed;
g) the decisions taken;
h) the actions agreed.
Sometimes companies struggle with the level of detail to include in their minutes. As mentioned, there are few
legal or regulatory requirements and so the level of detail is generally a matter for the preference of the relevant
companies and committee members. Nontheless, best practice in corporate governance suggest that minutes
should:
a) be concise yet also complete;
b) capture all relevant information;
c) be impartial and provide a balanced account of what was discussed and agreed; and
d) reflect accurately what happened at the relevant meeting.
The level of detail actually required in the minutes will depend further on the type of transaction or resolution
that is being approved and the level of challenge and debate at the meeting.
Value-led sourcing governance framework Page 65
4.3.2 Supporting technology
To streamline and empower the governance function Leadmark makes use of it’s cloud based platform TRAC.
TRAC is short for Transparent Real time Agreement Control. It is a collaborative tool that streamlines processes
between the client and its service providers and provides a single source of trustworthy information.
It allows organisations to have full visibility and control of its sourced services and supplier relationships.
TRAC supports all critical governance processes and offers a ‘single source of truth’ for both the client and the
service provider. The Value-Led framwork, underpinned by the flexibility of TRAC, offer a highly responsive and
agile combination to continuously meet objectives and deliver results. It radically simplifies day-to-day
governance efforts and structurally improves the productivity of client-supplier cooperation, making it a highly
cost effective solution.
For more information on TRAC visit our website (www.leadmark.nl/services/trac-governance-cloud).
Value-led sourcing governance framework Page 66
This page is intentionally left blank
Value-led sourcing governance framework Page 67
Appendix A - 18 Health check points
Even a seemingly healthy sourcing arrangements benefits from an annual check, for example to see if all
information gives sufficient insight in the actual performance of a supplier, to be informed about the day-to-day
operation of the service provider and how well they run, or to make sure you still get what is laid down in the
contract. If the cooperation is not as smooth, such a check up is a basis for discussions with the service provider
to see what lacks in the relationship and where improvement is required.
1. Staff obligations
Many sourced services agreement have specific terms with regards to the number of staff included in the
deal. In most cases these relate to obligations around productivity or certain volumes. For the client
company it’s worth to validate if the number of employees, and the related production, match what was
agreed for that year.
2. Productivity obligations
Check if all KPI’s and service levels are met and how they relate to service volumes and total spend.
3. Rates and prices
Validate if the right rates and prices are applied. Also check if any price changes are to be expected.
4. Reimbursable expenses
This control point relates to the reimbursed expenses or exceptional invoices. Validate if all expenses are
justified and look for opportunities to reduce these costs or simplify the invoicing and checking process.
5. Ongoing improvements and innovation
Many service providers have agreed to implement service improvements or innovations. Check if the
supplier provides the expected service improvements and innovations, and if they were valuable and
implemented.
6. Benchmarking
Benchmarking surely isn’t free, but if the contract has a benchmark clause it’s worth considering to call this
option.
7. SLA and reporting
Services and business needs change over time and SLA-s and reporting requirements should be periodically
reviewed. Check if all agreements are met, and consider if an audit is needed to validate that all
performance indicators are measured and reported correctly. Also check if a change to the control
obligations is required.
8. Process and procedure documentation
Service providers are usually required to maintain a quality control system and documentation for all
processes and procedures. Check if the quality system is still current and that documentation is up to date.
9. Audits and Controls
Many service providers are required to follow client’s company policies, laws and regulations, and
standards. Check if all policies are correctly followed and whether additional Controls and audits are
required.
10. Technical configuration
The technical specification of the service, usually captured in the agreement, can change over time which
may impact service performance. Some contracts hold obligations for the supplier the keep hardware and
software versions up to date. Check if the suppliers meets these obligations.
Value-led sourcing governance framework Page 68
11. Certification
In some cases it’s required that supplier’s staff or services are certified. This could relate to
training/knowledge, security, quality or safety. Make sure the suppliers complies with these requirements.
12. Information management and record keeping
Most sourcing arrangements have clauses on data storage, security and retention based on company
policies, laws and regulations, and standards, which all can be subject to change. Verify if current operations
still comply with today’s requirements.
13. Disaster recovery and business continuity
For business critical services the supplier is required to have up to date business continuity and disaster
recovery plans to minimize service disruptions. Check if these plans are up to date and if they’re recently
tested.
14. User access
Some industries have high levels of staff attrition. Verify that the supplier has adequate processes in place to
deploy new employees, making sure that only authorized people have access to systems and data.
15. Key personnel
Most outsourcing contracts include agreements on key personnel, and rights and restrictions regarding
employees in general. Check that the supplier complies with these agreements.
16. Competition
Some contracts limit the suppliers capability to provide similar services to competitors. Verify that the list of
competitors is still up to date and that the supplier complies with the agreement.
17. Governance
Verify the effectiveness of the governance system. (frequency, representation, focus, impact)
18. Business change
Verify that the contract (still) complies with current and foreseeable business needs.
Value-led sourcing governance framework Page 69
Appendix B - Glossery of Terms
Acceptance
A written communication in which the client informs the service provider that he acknowledges the documents,
activities, deliverables, results of work or changes, issued for acceptance.
Acceptance Test
A test developed (following reasonable consultation with service the provider) and conducted by the client to
test each deliverable to ensure that it complies with the performance/acceptance criteria
Agent of the client
A party that has express (oral or written) or implied authority to act on behalf of the client. The agent is under
the control (is obligated to) the client, and (when acting within the scope of authority delegated by the client)
binds the client with his or her acts.
Agreement
A negotiated and usually legally enforceable understanding between the client and service provider with regard
to the delivery of products or services. An agreement typically documents the deliverables and specifies the
minimum acceptable standard of performance.
Arbitration (binding and Nonbinding)
Arbitration is a legal process for resolving contractual disputes outside the courts When the client and the
service provider are unable to resolve any controversy or dispute arising under the agreement between the two
parties the dispute may be subject to arbitration. Arbitration is where a mutually agreed upon independent
party is contracted to hear both parties position and make a recommendation on the solution. Arbitration may
be either binding or nonbinding. Binding arbitration is where the parties are required to accept the
recommendation of the arbitration. Nonbinding arbitration is where both parties are not required to acception
the recommendation, however it is suggested that they accept it.
Annualized/Annual Contract Value (ACV)
Annual Contract Value (ACV) is the potential annual revenue associated with the transaction and estimated at
the commencement of the contract (e.g., sum total of revenues accrued to the service provider from the
transaction over the entire transaction term, usually measured in thousands of millions of Euros, divided by the
duration of the contract)
Assessment
Activity by to client to get insight in the realization of a defined goal; typically the performance of a system,
process or product. Peparation, execution and reporting of an assessment is based on the Performance Control
Plan.
Objective evidence can be obtained through reviews, tests and inspections.
Assesment plan design activities
The evaluation by the client of design documents issued for review by the service provider. The evaluation will
not be limited to the documents but will be based on a mix of system, process and product Controlst.
Assessment plan
See Performance Control Plan
Assign
The act of transferring/assigning any of the management, risks or obligations of a contractual agreement from
one party to another.
Audit
A formal indepth evaluation by the client to get core assurance around the supplier’s business process risks and
Controls to achieving the objectives of the engagements.
Value-led sourcing governance framework Page 70
Audit criteria
Audit criteria are used as a reference point and include policies, (contractual) requirements, and other forms of
documented information. They are compared against audit evidence to determine how well they are being met.
The client uses audit evidence to determine how well policies are being implemented and how well
requirements are being followed by the service provider.
Audit evidence
Audit evidence includes records, factual statements, and other verifiable information that is related to the audit
criteria being used.
Audit findings
Audit findings result from a process that evaluates audit evidence and compares it against audit criteria.
Audit findings can show that audit criteria are being met (conformity) or that they are not being met
(nonconformity). They can also identify best practices or improvement opportunities.
Baseline
A snapshot of the state of inputs/outputs frozen at a point in time for a particular process. A baseline should be
recorded to establish a starting point to measure the changes achieved with any process improvement
Baseline period
The period during which a client's current services are documented. These results become the yardstick that
determines what services the service provider is obligated to provide to the client. Typically, the service provider
will charge a premium for services above and beyond the baseline — unless otherwise negotiated
Benchmark
A study in which components of a client’s contracted services, such as price, service levels and terms &
conditions are compared to those of peer companies.
Best practice
A way or method of accomplishing a business function or process that is considered to be superior to all other
known methods. A lesson learned from one area of a business that can be passed on to another area of the
business or between businesses
Business case
A type of decision-making tool used to determine the effects a particular decision will have on profitability.
A business case should show how the decision will alter cash flows over a period of time, and how costs and
revenue will change. Specific attention is paid to internal rate of return (IRR), cash flow and payback period.
In many organisations the business case encompasses more than commercial criteria. In those cases it is a
detailed and structured proposal for improvement in terms of costs, benefits and risks, justified for changing the
way that business is conducted.
Client
The contractual party that has entered into an agreement with a service provider to get a specified products or
services delivered.
Configuration
Functional and material attributes of a system, process or product.
Configuration management
A set of activities aimed to control the configuration.
Conformity
Conformity is the "fulfillment of a requirement". To conform means to meet or comply with requirements and a
requirement is a need, expectation, or obligation.
Value-led sourcing governance framework Page 71
Contract management
Contract management covers all operational activities by the client organisation, during the operational stage of
the contract, aimed to ensure supplier delivers the services according to the terms in contract and to ensure that
associated risks are effectively controlled. This includes managing ambiguity, omissions and changes or revisions
to the contract to realize the overall intents and objectives of the engagement.
The aim is to perform these activities as efficiently (with the lowest possible effort) and effectively (focusing on
high risks and impacts) as possible. Contract management will also ensure just and fair payment of delivered
performances. Contract management is part of the governance function.
Control
An existing process, policy, device, practice, report or action that acts to minimise a threat. A control can be
focused on reducing the threat’s impact or likelihood of occurrence, and/or to miximise the likelihood of
detection.
Sourcing governance plan
A formal document designed to guide and control the execution of a sourcing engagement. A contract
mananagement plan is critical to the success of the engagement and is the most important document that needs
to be created when entering into the operational stage of the engagement.
A sourcing governance plan should typically answer the following basic questions:
Why? - What are the critical objectives of the engagement?
What? - What are the activities required to meet the contracted obligations?
What are the main products or deliverables?
Who? - Who are responsible for delivering and accepting the products and/or deliverables?
When? - What exactly service delivery schedule, when can milestones be completed and what are
the associated payments?
A key element of the sourcing governance plan is the Performance Control Plan which will be detailed and
maintained when the risks and Controls have been identified in consultation with the service provider.
Control measure
An action aimed to address the risks associated with achieving a defined goal at agreed performance attributes
in terms of quality, cost and time. A control measure can have two forms:
Mitigating actions by the supplier including avoiding, reducing or transferring the risk; and
Assessment actions by the client to obtain insight in the realization of the defined goal.
Conciliation
See mediation.
Corrective (measure)
An action to resolve an unwanted situation.
Cost management
Management of cost related activities achieved by collecting, analyzing, evaluating, and reporting cost
information used for budgeting, estimating, forecasting, and monitoring costs.
Customer satisfaction
Customer satisfaction is a perception of a service recipient. It's also a question of degree which can vary from
high satisfaction to low satisfaction. Since satisfaction is a perception, customers may not be satisfied even
though all contractual requirements are met.
Daily Agreed Procedures (DAP)
The DAP is a formal dossier describing the joint operational processes between the service provider and the
client. Joint processes are characterized through interfaces with both organisations. The DAP is typically drafted
and maintained by the service provider. Examples of joint operational processes are: Incident Management,
Problem Management, Service Request Management and Escalation Management.
Value-led sourcing governance framework Page 72
Data
The term data is defined as any factual information about an object.
Declaration of performance (DoP)
A formal statement by the client which gives the service provider the right to receive payment. To issue a DoP
the client needs to have evidence that the products or services are delivered in accordance with requirements.
Defect
A defect is a type of nonconformity. It occurs when a product or service fails to meet specified or intended use
requirements.
Deviation
Variance from a requirement or specification that does not alter the basis of a contract or adversely affects its
performance.
Documents
All information produced during the delivery of services or resulting from governance activities, irrespective of
the way the information is captured.
Documented information
The term documented information refers to information that must be controlled and maintained and its
supporting medium. Documented information can be in any format and on any mediumand can come from any
source. Documented information includes information about the management system and related processes.
It also includes all the information that the parties need to operate and all the information that they use
to document the results that they achieve.
Due diligence
A detailed study to verify the capability and quality of service providers prior to contract award.
There is no legal definition of due diligence. However, it is generally understood to mean the extent to which a
prudent person would carry out investigations on behalf of the party they represent in determining whether a
contract they intend to enter into is sound and that all reasonable checks have been carried out to verify
information provided by the other party.
Evaluation criteria
A benchmark, standard, requirement or service level against which accomplishments, performance or
deliverable is measured.
Effectiveness
Effectiveness refers to the degree to which a planned effect is achieved. Planned activities are effective if these
activities are actually carried out and planned results are effective if these results are actually achieved.
Finding
A fact indentified through a control. A finding can be positive or negative.
Governance
The term management refers to all the activities by the parties to the engagement that are used to coordinate,
direct, and control the engagement with the aim to maximize value whilst minimizing risks and costs.
It includes developing policies, setting objectives, and establishing processes to achieve these objectives.
Governance system
A governance system is a set of interrelated or interacting elements that the client and service provider use to
maximize the value from their engagement whilst minimize risk and costs.
Improvement
Improvement is a set of activities that organisations carry out in order to enhance performance (get better
results). Improvement can be achieved by means of a single activity or by means of a recurring set of activities.
Value-led sourcing governance framework Page 73
Information management
All activities aimed to collect and capture information and communicate it when required. correctly,
appropriately and confidentialy to the parties in the engagement to enable quicker and better decision making.
Management
See governance
Management system
See governance system
Mediation
Conciliation and mediation are often terms used interchangeably. Both involve the appointment of a third party
to assist the disputing parties to reach a settlement of their contractual difference. The mediator is not given any
power to impose a settlement. Although mediation has no legal standing per se, the disputing parties may make
the settlement legally binding by entering into a formal agreement
Measurement
Measurement is a process that is used to determine a value. In most cases this value will be a quantity.
Measuring equipment
Measuring equipment includes all the tools needed to carry out a measurement process.
Accordingly, measuring equipment includes instruments and apparatuses as well as all the associated software,
standards, and reference materials
Monitoring
To monitor means to determine the status of an system, process, product or activity at different stages or at
different times.
Objective
An objective is a result you intend to achieve.
Observation
An active acquisition of information from a primary source, which may refer to a process or carrying out an
operation. Observations can be visual or involve the recording of data via the use of instruments. Observations
can be qualitative, that is, only the absence or presence of a property is noted, or quantitative if a numerical
value is attached to the observed phenomenon by counting or measuring. Observations are conducted by the
client when business critical activities are performed by the service provider.
Outsourcing
An arrangement where an organisation contracts with an external service provider for a continuous period for
the provision of services specified and usually paid for by the outsourcing organisation.
Payment on planning
Method of payment with a linear payment schedule.
Payment on product
Method of payment with a payment schedule based on delivered products or services.
Payment on progress
Method of payment with a payment schedule based on progress of the work committed
Performance
The term performance refers to a measurable result achieved by the service provider. It refers to the
measurable results that activities, processes, products, services, systems and organisations are able to achieve.
Whenever they perform well it means that acceptable results are being achieved (met) and whenever they
perform poorly, the results are unacceptable (not met).
Value-led sourcing governance framework Page 74
Performance notice
Information issued by the service controller on the findings and deviation of a performance review
Performance indicator
A performance indicator (metric) is a characteristic that is used to measure how well outputs are realized.
It is a tool to translate an desired business outcome or requirement into a quantifiable, measurable objective.
Metrics should be applied at a system, process and product level.
Performance report
A performance indicator (metric) is a characteristic that is used to measure how well outputs are realized.
These metrics should be applied at a system, process and product level.
Preventive measure
An action to contain the risk a future deviation. See also risk-based thinking.
Principle
A basic idea or rule that explains or Controls how something happens or works.
Process
A process is a set of activities that are interrelated or that interact with one another. Processes use resources to
transform inputs into outputs. Processes are interconnected because the output from one process often
becomes the input for another process. It is expected that supplier’s processes are planned and carried out
under controlled conditions.
Process assessment
A review activity by the client, based on information provided by the service provider, to get insight in the
capalibility of a process to achieving the established objectives. Peparation, execution and reporting of an
assessment is based on the Performance Control Plan.
Product
A product is a tangible or intangible output that is the result of a process that does not include activities that are
performed at the interface between the supplier (provider) and the client.
Product assessment
A review activity by the client, based on information provided by the service provider, to get insight in the extent
to which the product meets its requirements. Peparation, execution and reporting of an assessment is based on
the Performance Control Plan.
Quality
The degree to which a set of inherent characteristics fulfils requirement.
Quality management
A comprehensive and coordinated set of management activities and functions involved in determination of
quality policy and its implementation through means such as quality planning and quality assurance.
Quality management systems
A quality management system (QMS) is a set of policies, processes and procedures required for planning and
execution (production/development/service) in the core business area of an organisation.
ISO 9001:2015 is an example of a Quality Management System.
Regulatory requirement
A regulatory requirement is an obligation that is specified by an authority which gets its mandate from a
legislative body.
Value-led sourcing governance framework Page 75
Requirement
A requirement is a value attribute, implied or stated by the client, which can be a need, expectation, or
obligation. A specified requirement is one that has been explicitly stated (in the contract or an other document),
whereas an implied requirement is a need, expectation, or obligation that is common practice or customary.
There are many types of requirements. Some of these include quality management requirements, process
requirements, product or requirements, statutory requirements, and regulatory requirements.
Reassessment
A review by the client to see if corrective measures taken by the service provider, following a previously
identified deviation, has been effective.
Relationship management
The management of the outsourcing contract relationship between the service provider and the department.
Retained organisation
A small and dynamic group of people within the client organisation which manages the service provider and that
responds quickly to business needs. The main responsibility of the retained organisation is to continually align
the business units, which are in fact the customers of the retained organisation, and service provider
expectations and furthermore to manage the service provider relationship on a daily basis in order to ensure
that the sourced services engagement delivers the expected value to the business.
Risk
Risk is the effect of a potential failure mode, resulting in a deviation from what is expected. In sourcing a risk
becomes relevant to the client when it has the potential to jeopardize the realization of an objective.
This definition recognizes that all sourcing initiatives operate in an uncertain world. There is always the change
that objectives are not being met. Because of this, parties to the engagement need to reduce uncertainty as
much as possible.
Uncertainty (or lack of certainty) is a state or condition that involves a deficiency of information and leads to
inadequate or incomplete knowledge or understanding. In the context of risk management, uncertainty exists
whenever the knowledge or understanding of an event, consequence, or likelihood is inadequate or incomplete.
Risk appetite
Risk appetite or risk tolerance is ‘the amount and type of risk that an organisation is willing to take in order to
meet their sourcing objectives. Organisations will have different risk appetites depending on their sector, culture
and objectives. A range of appetites exist for different risks and these may change over time.
Risk assessment
The identification, evaluation, and estimation of the levels of risks involved in the realization of an objective,
their comparison against requirements and, and determination of an acceptable level of risk.
Risk-based thinking
Risk-based thinking refers to a coordinated set of activities and methods that organisations use to manage and
control the risks that affect its ability to achieve objectives. It’s an approach critical to both the client and service
provider.
Risk Register
A current overview of risks, Controls and their status. The status refers to the control schedule, execution and
residual risk.
Risk management
Risk management is an ongoing set of activities aimed to assure uncertainties and potential failures do not
jeopardize the achiement of sourcing objectives. Risk management is the identification, assessment, and
prioritization of risks (defined in ISO 31000 as the effect of uncertainty on objectives) followed by coordinated
and economical application of resources to minimize, monitor, and control the probability and/or impact of
unfortunate events or to maximize the realization of opportunities.
Value-led sourcing governance framework Page 76
Risk profile
An evaluation of a client’s willingness to take risks, as well as the threats to which it is exposed.
A risk profile is important for determining an appropriate set of Controls for the sourcing services portfolio.
Risk tolerance
See risk appetite
Risk treatment
The process of modifying a risk.
Risk velocity
Risk velocity or speed of impact refers to the time it takes for a risk to take effect after it materializes.
High velocity risks call for automated Controls to enable early detection.
Service
A service is defined as a valuable action or intangible product such as accounting, banking, cleaning or
consultancy. When services are sold there is no transfer of ownership, and they cannot be stored or transported.
They come into existence at the same time they are produced and consumed. Some engagements involve a
combination of closely associated physical products and services.
Service continuity
The performance of the service in accordance with its defined service levels. The performance of the service
must continue throughout the outsourcing process and beyond the transition and implementation phases
regardless of the circumstances.
Performance Control Plan
A dynamic document, used by the client, aimed to describe, plan and execute control measures (assessments) to
obtain insight in the realization of defined goals by the service provider. The Performance Control Plan is critical
to the performance review activities and needs to be maintained during its full operational stage.
A Performance Control Plan should typically answer the following basic questions:
Why? - What are the critical risks to the engagement?
What? - What objective is at risks and what types of Controls a applied? System, process or product?
Who? - Who are responsible for conducting the assessment and based on what materials?
When? - When do the reviews take place?
Service levels
Service levels are the standards of service with which the service provider must comply. They must be clear and
measurable.
Service level agreement (SLA)
A document that defines the service performance standards that a contractor should deliver, how they will be
measured, who will measure them, who will report on them and how frequently they will be reported upon
Service provider
The organisation that provides the sourced services to the client.
Service recipient
The person or persons that use or consume the services provided by the service provider. These can be
employees of the client or its external customers. See also third-party beneficiaries.
Service report
See performance report
Statement of service requirements
The documented scope of the service that the department requires from the outsourcing arrangement.
Value-led sourcing governance framework Page 77
Shortcoming
A negative deviation or defect from the required outcome. A short coming may by weighted by the contract
manager as being severe or minor. Based on the shortcoming a part or the full payment term may be suspended
until the shortcoming is restored.
Specifications
A formal detailed description of requirments.
Subject matter expert
A subject-matter expert (SME) or domain expert is a person who is an authority in a particular area or topic.
The term domain expert is frequently used in software development, and there the term always refers to the
domain other than the software domain. A domain expert is a person with special knowledge or skills in a
particular area of endeavour. (An accountant is an expert in the domain of accountancy, for example.)
Success
When results are delivered at the required quality, the right time and cost, and according to the right processes.
System
A system is defined as a set of interrelated or interacting elements. A management system is one type of
system. It is a set of interrelated or interacting elements that a service provider uses to formulate policies and
objectives and to establish the processes that are needed to ensure that policies are followed and objectives are
achieved.
System assessment
A review activity by the client, based on information provided by the service provider, to get insight in the
effectiveness of the supplier’s management system to achieving the sourcing objectives. This included the
management structure, quality management, project and service delivery plans. It specifically is focused on
areas involving risks to the client.
Term-sheet
An overview in which is indicated what the payment terms are for the contract price.
Third-party beneficiaries
A third-party beneficiary, is a person or group of persons who benefit from the services provided under the
engagement, without being an active party to the contract.
Value
The benefit to the organisation resulting from the sourcing engagement.
Value management
The process of making explicit the benefits of the engagement and continuous efforts to realizing the anticipated
benefits. Value management should focus on function and value for money over the whole of the life of the
engagement rather than on reducing cost – although this can be a by-product.
Value-led sourcing governance framework Page 78
This page is intentionally left blank
Value-led sourcing governance framework Page 79
Literature list
Aberdeen Group (2007); Contract lifecycle management and the CFO – Optimizing revenues and capturing savings
Beckum en Vlasveld (2014); CATS CM editie 2014: Contractmanagement voor opdrachtgever en leverancier.
Van Haren publishing
Carnwell and Carson (2009); Effective Practice in Health, Social Care and Criminal Justice – A partnership approach.
Chapter 1 - The concepts of partnership and collaboration. Open University Press
Coaton (2003); Contract management: control value and minimise risk – a necessary response to the overwhelming
quantity and complexity of contracts. PriceWaterhouseCoopers
Commissie Maas (2010); Code Banken. Nederlandse Verening van Banken
Doz and Hamel (1998); Alliance Advantage – The art of creating value through partnering. Harvard business school
Financial Reporting Council (2016); The UK Corporate Governance Code
Financial Reporting Council (2012); Guidance on Audit Oversight Committees
Gewald and Helbig (2000); A governance model for managing outsourcing partnerships. 39th Hawaii international
Conference on System Sciences
Google Aristotle Project (2016); Five keys to a successful team
ICSA (2016); Guidance on minute-taking. Institute of Chartered Secetaries and Administrators
McKinsey (2007); Cracking the complexity code
Monitoring Commissie (2016); De Nederlandse Corporate Governance Code
NASA (2010); Standard for Performing a Failure Modes and Effects Analysis
NEN-ISO 9001:2015 – Quality Management Systems
NEN-ISO 19011:2011 – Management Systems Auditing
NEN-ISO 37500:2014 – Guidance on Outsourcing
O’Neill (2002); A Question Of Trust. Cambridge University Press
Pena (2012); Dissertation: IT Outsourcing Governance – A conceptual framework for theory and practice
Peperkamp (2016); Master’s thesis: Successful IT sourcing constructs – The tension between trust and formal contract
PWC (2012); Boardroom professional development derde editie - Auditcommissies: Toezicht op basis van feiten
Rantakari (2010); Master’s thesis: Governance in business process outsourcing – case study on call center outsourcing
Rijkswaterstaat (2011); Systeemgerichte contractbeheersing | high trust – high penalty
Salonen (2012); Design collaboration. MA Communication design
Start en Smit (2015); Bouwstenen voor een goed outsourcingcontract. Keynotes
Covey (2008); The Speed of Trust
Vitasek (2010); Vested outsourcing. Palgrave Macmillan
Value-led sourcing governance framework Page 80
Further information is available from:
John Smit Julia Start
Managing Partner Managing Partner
+31 6 2153 7675 +31 6 2639 5545
[email protected] [email protected]
www.leadmark.nl www.leadmark.nl
Value-led sourcing governance framework Page 81
Notes
Value-led sourcing governance framework Page 82
Notes
Value-led sourcing governance framework Page 83
Notes
Value-led sourcing governance framework Page 84
Notes
Value-led sourcing governance framework Page 85
Notes
Value-led sourcing governance framework Page 86
Value-led
A framework for effective sourcing governance
Value-led sourcing governance framework Page 87
The words you are searching are inside this book. To get more targeted content, please make full-text search by clicking here.
ValueLed Governance Framework 1.0
Discover the best professional documents and content resources in AnyFlip Document Base.
Search