The pain of procurement.

Maybe this is a taboo topic but I think it need to be discussed.

Our contract approval and procurement process could use some improvement.

The workflow for buying a product or service that requires a contract or that includes any sort of agreement goes something like this (at least from my perspective and experience):

  • Get contract from vendor.
  • Have OIT contract person review.
  • He asks for some basic changes which are sent to the vendor.
  • Changes are negotiated and either made or not made.
  • Send back to OIT contract person.
  • He forwards to general counsel for review. (All contracts, even for a product evaluation and free software, need to be run through the office of general counsel.)
  • They sometimes suggest further changes.
  • Negotiate the changes. (There are often things they won’t change.)
  • Tell general counsel that we have to have this and the vendor will not agree to the changes.
  • Get contract approved by general counsel. (Most of the time.)
  • Get someone at the VP level to sign. (Usually the CIO.)
  • Submit signed contract to vendor to countersign.
  • Get signed contract back.
  • Get vendor added to the purchasing system.
  • Get billing and tax information.
  • Determine which account is going to get charged.
  • Submit a PO using the signed contract.
  • PO gets approved by 2-4 people depending on the value.
  • PO is sent to the vendor.
  • Check with vendor to ensure that they received the PO.
  • Finally receive product.

If you’re very lucky and have recently sacrificed a bucket of chicken to Jobu, this is a 4-week process before the PO is sent.

jobu

Not included in the steps above are the inevitable delays in responding to email, voicemails that aren’t returned, vacations, sick days, etc. This happens on both sides of the coin. ND and the vendor. Often I’m the hold up because I forgot some crucial step and now the process is on hold.

Banging your head on your desk, crying and drinking are also not on that list.

If you need new software installed on a large number of classroom computers you really need to allow 3-4 months if you want to be 100% sure it will get done and work well.

Once the software is approved, we have to create a deployment strategy. We have disk protection on the machines so changes users make get erased at reboot. This can cause some issues with software deployment. It’s not just “blast out the msi and call it a day”. Sometimes you have to deploy the software then deploy fixes and/or additional files. It’s tedious in a multi-user environment. I’ve done the job and it’s not easy. much of the time these requests come in at the last minute as the image is being finalized so the software has to be pushed later, not as part of deploying the image. On more than one occasion I went through weeks of effort and then found out that the faculty member never used the software. Sigh.

Right now I’m asking for a freeware open source product called curl to be approved for use on a few machines but potentially all machines in the classrooms. The question that gets asked every time you need something approved is, “When do you need it?” “If you need it sooner than 20 business days, please explain why.”

20 days to get a freeware open source product approved just seems like too long. It seems like there should be a faster track for free and open source stuff than for complex contract negotiations.

Also, every time a new version of a piece of software comes out with a new or different license, it has to be re-examined and possibly re-approved.

At various times I’ve heard differing opinions about whether or not anything on the Apple app store needs to be approved before purchase and installation on a university owned device. Same with the chrome web store. Extensions, apps, etc. all need to be approved if it’s going on a device that Notre Dame purchased.

This all seems like a completely unscalable and unsustainable system. It seems as if we’re actually relying on people to not get everything approved so we don’t completely bog the pipeline down and break the system.

I understand that we have these processes in place to protect ourselves and to mitigate the risk. I’m just not sure we’re accurately assessing the risk. We seem to treat the risk of a lawsuit as the same across all products and it’s not.

Compare the risk associated with a faculty member installing Explain Everything on his iPad, to that of purchasing and deploying a new data analysis software package on classroom PCs. The risk profiles are completely different but the process might be the same depending upon who you believe. At the same time, we can’t just suggest to everyone in our organization that they install some Chrome plugin that’s free for personal use but not for business use. Untangling that can be very difficult. Sometimes it’s even hard to find the license agreements.

Here are a few problem this approval process creates:

  • People ignore it or are unaware of it: Sometimes willfully unaware. Faculty buy software all the time using their discretionary funds or just using their own money. Staff and faculty alike install extensions, apps and freeware on their computers all the time. None of that ever goes through this process and we’re now exposed as a result.
  • The time lost is huge: I’m now at a standstill on my project until that software is approved. Of course we could operate on the theory that “what is the likelihood that the software will be approved?” and proceed anyway.
  • People don’t feel free to experiment: I know that there have been instances where people just don’t want to go to the hassle and don’t bother.

I’m no procurement expert but I have to believe that the software and contract approval process could be sped up and improved upon. The idea that it can’t is almost too much to bear.

I_Want_to_Believe