For managed service providers (MSP), choosing the right IT partners isn’t just critical, it could be life or death for the business.
While the MSP presumably knows the ins and outs of their particular services, the IT services that support or augment these service can make customers smile – or run for the hills. No matter how good your core expertise and specific features may be, if the service is flaky, offers poor support, and is just too dang slow, clients can walk right over to your competitor. And if there is a security breech, forget it.
Now, Modulo hopes to take the guesswork out of judging IT partners and cloud providers with its Modulo Risk Manager 8.1, a vendor risk management (VRM) tool.
The software offers a standardized way to evaluate prospective vendors, an easier way to compare them, and a single place to store all your vendor evaluation data.
“The cost of failing to manage vendor risk is high: from quality of service to financial, audit, and reputation risk. Many organizations don’t know who their high-risk vendors are which makes it nearly impossible to target assessments, prioritize risks and create mitigation plans,” said Modulo Technical Services Director John Ambra. “Vendor Risk Management has emerged as a leading use case for our powerful and flexible IT GRC (governance, risk management and compliance) platform, which harmonizes risk scoring across all IT risk management projects for a holistic enterprise risk profile.”
The new Modulo Risk Manager 8.1 bases its analysis largely through key risk indicators (KRIs), somewhat akin to key performance indicators (KPI).
The software is available as a SaaS, subscription, or packaged on-premises software.
Due Diligence
Those that buy mission critical products or services know the frustration of trying to figure out how good and reliable a vendor might be. Instead of solid, insightful information, you are bombarded with marketing. And the Internet is so full of falsehoods it might as well be a Drew Peterson deposition.
Much of what a VRM does in the IT space is examining security risks – for instance are the products safe and secure, if the vendor holds your data, what their policies and safeguards?
Besides a VRM, good old fashioned hard questioning and a demand for information is critical, especially when dealing with startups and small companies. As much as you can, you’ll want to get details about their financials. In the case of software, what happens if the company goes under? Can you get their source code put in escrow so you can support it yourself if need be?
Talking to real customers is essential for vendors about whom you have doubts. The good news is that these customers tend to give the straight story, whether the vendor likes it or not.
And if the vendor offers up impressive ROI studies, do your own analysis. In particular, think about if the vendors assumptions truly match your business, or do they overreach?
Edited by
Brooke Neuman
