Choose and manage your IT supplier

Unless you have extensive IT expertise in-house, it's generally best to use a single supplier for all hardware, software, services and support.

If you buy from multiple suppliers, you'll have to decide which one is responsible when there's a problem - unless you have a service provider prepared to support your whole system.

Identifying and contacting potential IT suppliers

At the outset of any IT system procurement exercise you should establish and document your requirements. You can provide potential suppliers with these details. It will also provide a framework to compare the different quotations you may receive.

The next stage is to research the potential solutions and suppliers. Try to identify three to five suppliers who are able to propose a solution for the budget you have set.

Having identified the potential suppliers you can put in a request for proposal (RFP) or a request for quotation (RFQ).

The RFP asks suppliers to submit formal proposals. This is usually followed by a shortlisting of candidates who are required to provide a series of presentations and/or demonstrations. The RFP should include:

• the agreed statement of requirements
• what format the proposal should follow
• the level of detail required in the proposal
• the timescales for submittinig the proposal
• the procedure for dealing with suppliers' queries

The RFQ asks potential suppliers to provide a cost for the product or service in question. This typically involves providing potential suppliers with a list of requirements. These can include:

• part descriptions, specifications or numbers
• quantities or volumes
• a description or drawings of the product needed
• personnel skills or competencies for the product or service
• terms and conditions
• term of the contract
• any other value-added requirements or terms
• delivery requirements
• a draft contract

Review the proposals you have received in detail and come up with a shortlist.

Compare proposals on a like-for-like basis. Take into account:

• financial viability
• implementation track record
• quality and relevance of reference sites
• project management capability
• ability to understand your business at both the strategic and process levels
• technical knowledge and expertise
• confidence that the supplier will be able to provide the solution into the foreseeable future
• the cost of the proposed solution

Rank the suppliers and eliminate those that do not meet your technical requirements or fall outside your agreed budget.

This process should usually include a demonstration of their proposed offering by each of the suppliers. This gives you the opportunity to evaluate the system being proposed and the supplier.

Invite the potential suppliers to visit your company. Do they understand your business needs and have experience of your industry? Do you feel comfortable dealing with them?

Get references from the shortlisted suppliers and contact them as part of the evaluation process. Try to obtain references from businesses similar to your own as this is a useful way to assess the system and the supplier.

If you are happy with the proposed solution of the preferred supplier, you can move to the contract stage. You will need to formally agree on factors such as the levels of system maintenance and support, as well as the overall cost of the proposed solution.

System maintenance and management are essential parts of managing risks. Your IT supplier will probably offer you a range of hardware-maintenance contracts. Many suppliers can monitor problems remotely and take action to prevent a system failure.

Many different types of maintenance contract are available. Most are on-site, however, some contracts will require you to return the equipment for repair. Costs can vary considerably.

Contracts may seem expensive, particularly for standard PCs and peripherals with extended on-site warranties. You may decide not to get a maintenance contract and simply hold spares or purchase new parts when necessary.

However, the value of a contract is that someone else takes the responsibility for system maintenance but some suppliers may be reluctant to offer helpdesk, software support and other services unless they're also maintaining the hardware.

Software maintenance contracts

Ensure any new software you buy is compatible with your existing equipment and operating system.

Many IT software suppliers offer maintenance contracts when you purchase their products. These can include recurring licensing fees, product upgrades, new versions, and patches and bug fixes. Some vendors charge for these, while others will include them for free with your purchase. Look for a supplier who gives you the original disks and licences if your software is coming pre-installed.

If you don't have in-house experience, then look for a supplier that offers maintenance. Costs will vary depending on the type of software you're using, but the general rule of thumb is to have costs below 15 per cent of the purchase price. If using cloud computing, maintenance and other upgrades will be managed 'off site' by the service provider.

System management is usually the biggest cost over the lifetime of an IT system. It includes installation, upgrades, expansion, maintenance, support, training and the time your staff spend dealing with system problems.

So it's essential to consider full system lifecycle costs. Saving on initial purchase costs could mean that you end up paying significant ongoing costs. Cutting back on services could end up costing you money in waste a fortune in staff-time or lost business.

Initial costs could include:

• consultancy
• hardware costs
• software licence fees
• software configuration and customisation work
• installation
• staff training
• infrastructure costs
• compliance with health and safety law

Ongoing IT management costs could include:

• software support contracts - fees for licence renewals and upgrades
• hardware upgrades
• expansion of memory, disk size, communications capacity
• support - telephone, email, online, on site
• maintenance and replacements
• compliance with health and safety legislation relating to computer use
• staff training
• costs of consumables, such as printer cartridges, ink and paper
• communications charges - telephone and internet access costs

Agreeing a budget and contract with a supplier can be a lengthy process. You need to specify every aspect of the project in as much detail as possible. This will help to control costs and highlight any problems you encounter during the project.

Suppliers will usually expect payment upon delivery. However, it might be worthwhile trying to extend the payment period until the system is actually installed and working to your satisfaction.

Make sure you're completely clear about exactly what the contract with your supplier includes. Hidden extras can be expensive.

Check whether you'll receive:

• on-site service calls
• preventative maintenance, eg anti-virus software and firewalls
• remote monitoring and diagnosis of system problems
• telephone support
• warranties - check what warranties, if any, are included
• software upgrades - check if upgrades are free software support - can you report problems and receive help?
• user training
• manuals - you may need them if you end the relationship with your supplier in future

When purchasing IT services, you should draw up a service-level agreement (SLA) with the supplier, which specifies precisely what you expect from the supplier. A typical SLA should cover:

• scope - details of the hardware and software that will be covered
• range of services - the services that the supplier will provide
• service availability - when the service should be available
• response times - an important aspect of the SLA - usually the faster the response times, the greater the cost
• escalation procedures - agreed actions to ensure problems are dealt with quickly
• record keeping - problems and solutions must be properly documented
• performance review - to maintain acceptable levels of service
• supplier obligations - such as the provision of spare parts, the qualifications of support staff and the need to meet response times
• customer obligations - outlines your responsibilities
• termination of agreement - defines the specific terms and conditions under which the contract may be terminated

Read our guide Risk management and business continuity planning.