The pros and cons of

pre-contract

gap analyses

State governments regularly negotiate contracts with vendors. Unfortunately, these negotiations are often prolonged, which can have major downstream effects on projects, procurements, and implementations—including skewed timelines, delayed milestones, and increased costs. Here are five suggestions for shortening contract negotiations. 

1. Limit project scope. Leaner project scope equals shorter contract negotiations. Conversely, the sheer number of requirements, terms, and conditions for larger projects naturally inflate negotiations. Limiting scope means being conservative in what you are looking to achieve. Planning a core systems modernization? They can cost tens of millions of dollars. Limit scope (and cost) to just certain modules. If, for example, you have an ERP modernization, limit projects and procurements to key modules and milestones. 
2. Use project management techniques. Treat the negotiation like a small project. For example, compile a list of tasks and deadlines, as well as names for necessary signatures. Develop a project plan and hold weekly check-ins to keep things on track. Assign someone in your organization as a single point of contact to help shepherd the contract through the process. 
3. Make the vendor’s proposal part of the contract?verbatim. Some states still require copying the proposal response into a contract document, and that often requires modification of proposal language, which slows things down. Attach the solution proposal to the contract cover pages(s) so that the proposal is there, word for word. 
4. Have vendors define deliverables, except for the minimum deliverables you must have. Vendors should know how to deliver their product and services and should include items they expect to be paid for, such as completion of a development cycle, software licenses, and a gap analysis report. Rather than define what deliverables you need, let the vendors define them, except for any mandatory ones, such as a training or testing plan. Ask for interim or draft versions of training or testing plans as part of proposal submission. 
5. Tell vendors ahead of time what the payment constraints are. As a state government, you are bound by budget cycles and authority to spend. You also want working product tied to payment. With both factors in mind, tell vendors up front how much of the contract can be paid in a certain year and how much you are willing to tie to what deliverables. Don’t want to pay more than, say 40% of the project cost for non-software deliverables? Say so. Vendors can then plan their paydays and deliverable sequence accordingly. 
   
   You can also save time and effort by not negotiating at all. States often assume there will be, or allow for, negotiation periods. Yet states can make clear that no negotiation will occur after contract award—or limit what can be negotiated to a small, finite number of items. To prepare for this approach, states should gleam vendor stipulations ahead of time, and perhaps even score vendors on the number or type of stipulations. Use a pre-award proposal clarification period to clarify any terms or demands that are unfavorable to the state and consider ranking or evaluating proposals on the number of objections to terms/conditions raised. 

States should feel empowered to shorten (or, when appropriate, even eliminate) contract negotiations. After all, state time is state money.

The day-to-day work of providing government services involves collecting, using, and storing large amounts of data. The data that government agencies accumulate is a critical asset — it holds answers about which programs perform best, which interventions are most effective, and how to improve service delivery. Data can also be a liability when it falls into the wrong hands or is misused, even unintentionally. Data governance is a great place to start gaining control of your data.

Establishing data governance can be intimidating. Between resource constraints, multiple and different data policies within large organizations, cultural reluctance to change, and lack of knowledge, it can be difficult to even know where to begin. Start with the fundamentals: understand what data governance is, and why it is so important.

These initial guidelines will help you validate the need for data governance at your organization, and recognize the correlation between reaching your strategic goals and governing data.

So, what is it?
Data governance is an ongoing, evolutionary process driven by business leaders where they establish principles, policies, business rules, and metrics for data sharing. They manage priorities and resources such as data stewards and technologists to acquire, harmonize, summarize, and produce data-rich analyses of data assets required to meet agency goals.

At a high-level, data governance has two main components: 

Why is data governance so important, and why NOW?

• Data ownership is a responsibility. Properly governing data is not only important for organizational strategy, it is also important to produce high-quality client outcomes and levels of satisfaction. When you establish proper data policies and procedures, clients receive a better level of service. 

• The amount of data collected is increasing. Many organizations collect an abundance of data, with no real vision of how to use it. A framework of data governance assists with developing a strategy to take advantage of data and use it effectively. 

• The demand for data is growing. Organizations, especially in the public sector, are required to analyze and submit data for reporting to funders and oversight bodies. Without data governance, these reports can be inaccurate, contain gaps, or be manipulated improperly to produce false reports. 

• The concern for security surrounding data is increasing. Mandates across both public and private sectors constantly evolve, because the more technical our world becomes, the more secure our data needs to be. If an organization does not implement foundational data security measures across all jurisdictions, it can become easy to fall behind the curve, and out of compliance. 

• Organizations miss many opportunities to leverage data more efficiently. Organizations report being unable to provide a high level of confidence to produce accurate data reports, resulting in inefficient resource distribution. A standardized framework for governing data helps produce higher levels of data quality and integrity, and improves report accuracy.

How can your organization start the process?
The first step in a data governance initiative is to assess your organization’s data environment and maturity level. Start by analyzing your organization’s data policies, usage, documentation, and management processes to gain a true understanding of the current data landscape and management maturity level. CMMI’s Data Management Maturity Model (DMMM) and the Data Management Association’s Data Management Body of Knowledge (DMBOK) are great reference resources to assist with understanding the role and definition of data governance.

The time for data governance is now.
BerryDunn’s Government Consulting Group works with state agencies to develop data governance initiatives as well as specific processes and policies to help states take control of data, increase confidence in its quality, and reach strategic goals. 

In July 2016, we wrote about how the booming microbrewery scene in Maine is shaking up the three-tier system of alcohol distribution, which dates back to the 1930s.

A month later, three Texas microbreweries — Live Oak Brewing Company, Peticolas Brewing, and Revolver Brewing — argued against the three-tier system in district court, seeking to circumvent parts of the system and allow craft breweries in Texas to sell their distribution and territorial rights. The State countered that assertion, and claimed that the three-tier system was necessary because it allowed the Texas Alcoholic Beverage Commission to easily monitor the distribution of products, and have a greater sense of the inventory of retailers, restaurants, and bars.

A few weeks following the initial court appearance, the presiding judge ruled in favor of the three Texas microbreweries, granting them the right to distribute their own product — and, as a result, allowing these and other Texas microbreweries to maximize their profits. This ruling opined that the three-tier system unfairly benefits distributors at the expense of microbreweries.

One could argue that microbreweries wouldn’t exist in such force today if not for the three-tier system, which allows for competition and the creation of new producers. On the other hand, the three-tier system imposes burdens on microbreweries, as the Texas suit demonstrates. Yes, the number of microbreweries is growing—but because microbreweries are forced to sell directly to a shrinking number of distributors, the former tend to suffer slow revenue growth, while the latter tend to enjoy steady or increased sales.

The co-existence of microbreweries and the three-tier system in the United States merits observation. It will be equally fascinating to see if the methods for producing and distributing alcohol will drastically change. Is it time for a modified regulatory model that will better accommodate the growing craft beer landscape? Or do the tried-and-true policies dating back to before World War II still serve their original intent? It’s too soon to know, but we’ll see what ferments in the months to come.

Editor's note: this article was co-written with Amanda Findlay. 

There is plenty of media coverage of Maine’s, and specifically Portland’s, burgeoning microbrew scene. It’s good economic development and complements the already established “foodie” scene Portland is renowned for. What’s more, microbrewers are increasingly avoiding the middle man, and offering tastings directly to consumers, onsite at their breweries. All who sell beer by the glass in Maine need a license, just as with other states. But the licensing cost for breweries and their tasting rooms is much less expensive than it is for bars and taverns, earning a charge of unfairness from those entities that have to go through a more stringent and expensive process of getting a liquor license. Read here for more detail. As you read, you may enjoy the irony of Maine being the first state to prohibit the sale of alcohol in 1851.

There is another facet to the boom in tasting room sales that is higher up the legal food chain than licensing fees: the three-tier system. First, a quick primer: the three-tier system was instituted at the time of the repeal of Prohibition (December 1933) to remove the problem of a “tied house”. Prior to Prohibition, a tied house was not an uncommon occurrence, where one regional entity had entire control of brewing or distilling, distribution, and retail sale of intoxicating beverages. This resulted in, it was argued, excessive alcoholic beverage sales by larger manufacturers and thus excessive consumption of alcohol. Following Prohibition, states instituted laws establishing a three-tier system whereby manufacturers, distributors and retailers are required to have separate licenses. This separation was designed to prevent dominance of one tier over the others. Gone are the days of saloons that were associated with drinking excess and loyalty to only one regionally dominant brand.

The three-tier system, by many opinions, works well. The National Alcoholic Beverage Control Association (NABCA) has published a paper on the virtues of the system. The Supreme Court, in the landmark case Granholm vs. Heald, declared that the three-tier system was “unquestionably legitimate”^[1]. The Alabama Brewers Guild supports the three-tier system, but feels exceptions should be made, notably direct sales (presumably to include both on-premise and off-premise sales, the latter occurring when a consumer takes beer to go, just like a grocery or package store).

In Portland’s microbreweries (and distilleries, too), direct sales are over the counter, just like a bar. Is it reasonable to make exceptions to the three-tier system and let manufacturers become retailers at a certain level? Probably. A brewery in Portland making under 50,000 gallons of beer a year is no corporate monolith. Neither are craft distillers in North Carolina, where a state senate bill was under consideration recently to allow purchase of one bottle of spirits per year from distilleries^[2]. But it does blur the lines of the three-tier system and its original reason for being. In addition to making those in the industry who pay for a full license upset, the spirit of the three-tier system may be challenged as breweries grow larger. The situation is certainly worth keeping an eye on as the microbrewery revolution continues.

[1] http://repository.law.umich.edu/cgi/viewcontent.cgi?article=1127&context=mlr&sei-redir=1&referer=http%3A%2F%2Fwww.bing.com%2Fsearch%3Fq%3Dargument%2Bagainst%2Bthe%2Bthree%2Btier%2Bsystem%26src%3DIE-SearchBox%26FORM%3DIENTTR%26conversationid%3D#search=%22argument%20against%20three%20tier%20system%22 , page 822.
[2] http://www.wral.com/distilleries-could-sell-more-bottles-direct-to-tourists/15760834/

Read this if you are a State Medicaid Director, State Medicaid Chief Information Officer, State Medicaid Project Manager, or State Procurement Officer—or if you work on a State Medicaid Enterprise System (MES) certification effort.

On October 24, 2019, the Centers for Medicaid and Medicare Services (CMS) published the Outcomes-Based Certification (OBC) guidance for the Electronic Visit Verification (EVV) module. Now, CMS is looking to bring the OBC process to the rest of the Medicaid Enterprise. 

The shift from a technical-focused certification to a business outcome-focused approach presents a unique opportunity for states as they begin re-procuring—and certifying—their Medicaid Enterprise Systems (MES).

Once you have defined the scope of your MES project—and know you need to undertake CMS certification—you need to ask “what’s next?” OBC can be a more efficient certification process to secure Federal Financial Participation (FFP).

What does OBC certification entail?

Rethinking certification in terms of business outcomes will require agencies to engage business and operations units at the earliest possible point of the project development process to define the program goals and define what a successful implementation is. One way to achieve this is to consider MES projects in three steps. 

Three steps to OBC evaluation

Step 1: Define outcomes

The first step in OBC planning seems easy enough: define outcomes. But what is an outcome? To answer that, it’s important to understand what an outcome isn’t. An outcome isn’t an activity. Instead, an outcome is the result of the activity. For example, the activity could be procuring an EVV solution. In this instance, an outcome could be that the state has increased the ability to detect fraud, waste, and abuse through increased visibility into the EVV solution.

Step 2: Determine measurements

The second step in the OBC process is to determine what to measure and how exactly you will measure it. Deciding what metrics will accurately capture progress toward the new outcomes may be intuitive and therefore easy to define. For example, a measure might simply be that each visit is captured within the EVV solution.

Increasing the ability to detect fraud, waste, and abuse could simply be measured by the number of cases referred to a Medicaid fraud unit or dollars recovered. However, you may not be able to easily measure that in the short-term. Instead, you may need to determine its measurement in terms of an intermediate goal, like increasing the number of claims checked against new data as a result of the new EVV solution. By increasing the number of checked claims, states can ensure that claims are not being paid for unverified visits. 

Step 3: Frequency and reporting

Finally, the state will need to determine how often to report to measure success. States will need to consider the nuances of their own Medicaid programs and how those nuances fit into CMS’ expectations, including what data is available at what intervals.

OBC represents a fundamental change to the certification process, but it’s important to highlight that OBC isn’t completely unfamiliar territory. There is likely to be some carry-over from the certification process as described in the Medicaid Enterprise Certification Toolkit (MECT) version 2.3. The current Medicaid Enterprise Certification (MEC) checklists serve as the foundation for a more abbreviated set of criteria. New evaluation criteria will look and feel like the criteria of old but are likely to be a fraction of the 741 criteria present in the MECT version 2.3.

OBC offers several benefits to states as you navigate federal certification requirements:

1. You will experience a reduction in the amount of time, effort, and resources necessary to undertake the certification process. 
2. OBC refocuses procurement in terms of enhancements to the program, not in new functions. Consequently, states will also be able to demonstrate the benefits that each module brings to the program which can be integral to stakeholder support of each module. 
3. Early adoption of the OBC process can allow you to play a more proactive role in certification efforts.

Continue to check back for a series of our project case studies. Additionally, if you are considering an OBC effort and have questions, please contact our team. You can read the OBC guidance on the CMS website here. 
 

Editor's note: read this blog if you are a state liquor administrator or at the C-level in state government. 

Surprisingly, the keynote address to this year’s annual meeting of the National Alcohol Beverage Control Association (NABCA) featured few comments on, well, alcohol. 

Why? Because cannabis is now the hot topic in state government, as consumers await its legalization. While the thought of selling cannabis may seem foreign to some state administrators, many liquor agencies are―and should be―watching. The fact is, state liquor agencies are already equipped with expertise and the technology infrastructure needed to lawfully sell a controlled substance. This puts them in a unique position to benefit from the industry’s continued growth. Common technology includes enterprise resource planning (ERP) and point-of-sale (POS) systems.

ERP

State liquor agencies typically use an ERP system to integrate core business functions, including finance, human resources, and supply chain management. Whether the system is handling bottles of wine, cases of spirits, or bags of cannabis, it is capable of achieving the same business goals. 

The existing checks and balances on controlled substances like alcohol in their current ERP system translate well to cannabis products. This leads to an important point: state governments do not need to procure a new IT system solely for regulating cannabis.

By leveraging existing ERP systems, state liquor agencies can sidestep much of the time, effort, and expense of selecting, procuring, and implementing a new system solely for cannabis sales and management. In control states, where the state has exclusively control of alcohol sales, liquor agencies are often involved in every stage of product lifecycle, from procurement to distribution to retailing.

With a few modifications, the spectrum of business functions that control states require for liquor—procuring new product, communicating with vendors and brokers, tracking inventory, and analyzing sales—can work just as well for cannabis.

POS

POS systems are necessary for most retail stores. If a state liquor agency decides to sell cannabis products in stores, they can use a POS system to integrate with the agency’s ERP system, though store personnel may require training to help ensure compliance with related regulations.

Cannabis is cash only (for now)

There is one major difference in conducting liquor versus cannabis sales at any level: currently states conduct all cannabis sales in cash. With cannabis illegal on the federal level, major banks have opted to decline any deposit of funds earned from cannabis-related sales. While some community banks are conducting cannabis-related banking, many retailers selling recreational cannabis in places like Colorado and California still deal in cash. While risky and not without challenges, these transactions are possible and less onerous to federal regulators. 

Taxes 

As markets develop, monthly tax revenue collections from cannabis continue to grow. Colorado and California have found cannabis-related tax revenue a powerful tool in hedging against uncertainty in year-over-year cash flows. Similar to beer sold wholesale, which liquor agencies tax even in control states, cannabis can be taxed at multiple levels depending on the state’s business model.

E-commerce

Even with liquor, few state agencies have adopted direct-to-consumer online sales. However, as other industries continue shifting toward e-commerce and away from brick and mortar retailing, private sector competition will likely feed increased consumer demand for online sales. Similar to ERP and POS systems, states can increase revenue by selling cannabis through e-commerce sales channels. In today’s online retail world, many prefer to buy products from their computer or smart phone instead of shopping in stores. State agencies should consider selling cannabis via the web to maximize this revenue opportunity. 

Applying expertise in the systems and processes of alcoholic beverage control can translate into the sale and regulation of cannabis, easing the transition states face to this burgeoning industry. If your agency is considering bringing in cannabis under management, you should consider strategic planning sessions and even begin a change management approach to ensure your agency adapts successfully. 

Best practices for financial institution contracts with technology providers

As the financial services sector moves in an increasingly digital direction, you cannot overstate the need for robust and relevant information security programs. Financial institutions place more reliance than ever on third-party technology vendors to support core aspects of their business, and in turn place more reliance on those vendors to meet the industry’s high standards for information security. These include those in the Gramm-Leach-Bliley Act, Sarbanes Oxley 404, and regulations established by the Federal Financial Institutions Examination Council (FFIEC).

On April 2, 2019, the FDIC issued Financial Institution Letter (FIL) 19-2019, which outlines important requirements and considerations for financial institutions regarding their contracts with third-party technology service providers. In particular, FIL-19-2019 urges financial institutions to address how their business continuity and incident response processes integrate with those of their providers, and what that could mean for customers.

Common gaps in technology service provider contracts

As auditors of IT controls, we review lots of contracts between financial institutions and their technology service providers. When it comes to recommending areas for improvement, our top observations include:

• No right-to-audit clause
  Including a right-to-audit clause encourages transparency and provides greater assurance that vendors are providing services, and charging for them, in accordance with their contract.
• Unclear and/or inadequate rights and responsibilities around service disruptions
  In the event of a service incident, time and transparency are vital. Contracts that lack clear and comprehensive standards, both for the vendor and financial institution, regarding business continuity and incident response expose institutions to otherwise avoidable risk, including slow or substandard communications.
• No defined recovery standards
  Explicitly defined recovery standards are essential to ensuring both parties know their role in responding and recovering from a disaster or other technology outage.

FIL-19-2019 also reminds financial institutions that they need to properly inform regulators when they undertake contracts or relationships with technology service providers. The Bank Service Company Act requires financial institutions to inform regulators in writing when receiving third-party services like sorting and posting of checks and deposits, computation and posting of interest, preparation and mailing of statements, and other functions involving data processing, Internet banking, and mobile banking services.

Writing clearer contracts that strengthen your institution

Financial institutions should review their contracts, especially those that are longstanding, and make necessary updates in accordance with FDIC guidelines. As operating environments continue to evolve, older contracts, often renewed automatically, are particularly easy to overlook. You also need to review business continuity and incident response procedures to ensure they address all services provided by third-parties.

Senior management and the Board of Directors hold ultimate responsibility for managing a financial institution’s relationship with its technology service providers. Management should inform board members of any and all services that the institution receives from third-parties to help them better understand your operating environment and information security needs.

Not sure what to look for when reviewing contracts? Some places to start include:

• Establish your right-to-audit
  All contracts should include a right-to-audit clause, which preserves your ability to access and audit vendor records relating to their performance under contract. Most vendors will provide documentation of due diligence upon request, such as System and Organization Control (SOC) 1 or 2 reports detailing their financial and IT security controls.
  
  Many right-to-audit clauses also include a provision allowing your institution to conduct its own audit procedures. At a minimum, don’t hesitate to perform occasional walk-throughs of your vendor’s facilities to confirm that your contract’s provisions are being met.

• Ensure connectivity with outsourced data centers
  If you outsource some or all of your core banking systems to a hosted data center, place added emphasis on your institution’s business continuity plan to ensure connectivity, such as through the use of multiple internet or dedicated telecommunications circuits. Data vendors should, by contract, be prepared to assist with alternative connectivity.

• Set standards for incident response communications 
  Clear expectations for incident response are crucial  to helping you quickly and confidently manage the impact of a service incident on your customers and information systems. Vendor contracts should include explicit requirements for how and when vendors will communicate in the event of any issue or incident that affects your ability to serve your customers. You should also review and update contracts after each incident to address any areas of dissatisfaction with vendor communications.

• Ensure regular testing of defined disaster recovery standards
  While vendor contracts don’t need to detail every aspect of a service provider’s recovery standards, they should ensure those standards will meet your institution’s needs. Contracts should guarantee that the vendor periodically tests, reviews, and updates their recovery standards, with input from your financial institution.
  
  Your data center may also offer regular disaster recovery and failover testing. If they do, your institution should participate in it. If they don’t, work with the vendor to conduct annual testing of your ability to access your hosted resources from an alternate site.

As financial institutions increasingly look to third-party vendors to meet their evolving technology needs, it is critical that management and the board understand which benefits—and related risks—those vendors present. By taking time today to align your vendor contracts with the latest FFIEC, FDIC, and NCUA standards, your institution will be better prepared to manage risk tomorrow.

For more help gaining control over risk and cybersecurity, see our blog on sustainable solutions for educating your Board of Directors and creating a culture of cybersecurity awareness.
 

Law enforcement, courts, prosecutors, and corrections personnel provide many complex, seemingly limitless services. Seemingly is the key word here, for in reality these personnel provide a set number of incredibly important services.

Therefore, it should surprise no one that justice and public safety (J&PS) IT departments should also provide a well-defined set of services. However, these departments are often viewed as parking lots for all technical problems. The disconnect between IT and other J&PS business units often stems from differences in organizational culture and structure, and differing department objectives and goals. As a result, J&PS organizations often experience misperception between business units and IT. The solution to this disconnect and misperception? Defining IT department services.

The benefits of defined IT services

1. Increased business customer satisfaction. Once IT services align with customer needs, and expectations are established (e.g., service costs and service level agreements), customers can expect to receive the services they agreed to, and the IT department can align staff and skill levels to successfully meet those needs.
2. Improved IT personnel morale. With clear definition of the services they provide to their customers, including clearly defined processes for customers to request those services, IT personnel will no longer be subject to “rogue” questions or requests, and customers won’t be inclined to circumvent the process. This decreases IT staff stress and enables them to focus on their roles in providing the defined services. 
3. Better alignment of IT services to organizational needs. Through collaboration between the business and IT organizations, the business is able to clearly articulate the IT services that are, and aren’t, required. IT can help define realistic service levels and associated services costs, and can align IT staff and skills to the agreed-upon services. This results in increased IT effectiveness and reduced confusion regarding what services the business can expect from IT.
4. More collaboration between IT and the organization. The collaboration between the IT and business units in defining services results in an enhanced relationship between these organizations, increasing trust and clarifying expectations. This collaborative model continues as the services required by the business evolve, and IT evolves to support them.
5. Reduced costs. J&PS organizations that fail to strategically align IT and business strategy face increasing financial costs, as the organization is unable to invest IT dollars wisely. When a business doesn’t see IT as an enabler of business strategy, IT is no longer the provider of choice—and ultimately risks IT services being outsourced to a third-party vendor.

Next steps
Once a J&PS IT department defines its services to support business needs, it then can align the IT staffing model (i.e., numbers of staff, skill sets, roles and responsibilities), and continue to collaborate with the business to identify evolving services, as well as remove services that are no longer relevant. Contact us for help with this next step and other IT strategies and tactics for justice and public safety organizations.

Writing a Request for Proposal (RFP) for a new software system can be complex, time-consuming, and—let’s face it—frustrating, especially if you don’t often write RFPs. The process seems dogged by endless questions, such as:

• How specific should the problem statement and system requirements be?
• How can the RFP solicit a response that proves the vendor is qualified?
• Should the RFP include legal terms and conditions? If so, which ones? 
• Is there another strategy that can help cut down on size without forfeiting a quality response?

The public RFP process can be onerous for both the issuer and the respondents, as they can reach lengths upwards of 100 pages. And, while your procurement department would probably never let you get away with developing an RFP that is only one page, we know a smaller document requires less labor and time devoted to writing and reading. What if you could create a lean, mean, and focused RFP? Here are some tips for creating such a document: 

Describe the problem as simply as possible. At its core, an RFP is a problem statement—your organization has a particular problem, and it needs the right solution. To get the right solution, keep your RFP laser-focused: adequately but briefly convey your problem and desired outcomes, provide simple rules and guidelines for respondents to submit their proposed solutions, and clarify how you will evaluate responses to make a selection. Additional information can be white noise, making it harder for respondents to give you what you want: easy-to-read and evaluate proposals. Use bullet points and keep the narrative to a minimum.

Be creative and open about how vendors must respond. RFPs often have pages of directions on how vendors need to write responses or describe their products. The most important component is to emphasize vendor qualifications. Do you want to know if the vendor can deliver a quality product? Request sample deliverables from past projects. Also ask for the number of successful past projects, with statistics on the percent deviation to client schedule, budget, including explanations for large variances. Does your new system need to keep audit trails and product billing reports? Rely on a list of pass/fail requirements and then a separate table for nice-to-have or desired functionalities.

Save the legal stuff until the end. Consider including legal terms and conditions as an attachment instead of in the body of an RFP. If you’re worried about compliance, you can require respondents to attest in writing that they found, read, and understand your terms and conditions, or state that by responding to the RFP they have read and agreed to them. State that any requested deviations can be negotiated later to save space in the RFP. You can also decrease length by attaching a glossary of terms. What’s more, if you find yourself including language from your state’s procurement manual, provide a link to the manual itself instead.

Create a quality template to save time later. Chances are your organization has at least one RFP template you use to save time, but are you using that template because it gets you the best responses, or because you’re in the habit of using it? If your answer is the latter, it may be to time review and revise those old templates to reflect your current business needs. Maybe the writing style can be clearer and more concise, or sections combined or reordered to make the RFP more intuitive.

Qualify providers in advance and reduce the scope. Another time-saver is a pre-qualification, where solution providers propose on an RFP focused primarily on their experience and qualifications. Smaller statements of work are then issued to the qualified providers, allowing for shorter drafting, response, and award timelines. If procurement rules allow, break the procurement up into a requests for information (RFI) and then a smaller RFP.

Need additional RFP assistance?
A simplified RFP can reduce long hours needed to develop and evaluate responses to RFPs, while vendors have more flexibility to propose the solutions you need. To learn more about how BerryDunn’s extensive procurement experience can help your organization develop effective RFPs.