The first thing that should be done to address the issue of duplicate support contracts and underutilization of IT services is to review the enterprise IT procurement policy. This is because the IT procurement policy is a document that defines the rules, guidelines, and procedures for acquiring and managing IT products and services in an organization1. A well-designed IT procurement policy can help to:
Align IT procurement with business strategy, objectives, and priorities1
Optimize IT spending and maximize IT value1
Ensure IT quality, security, and compliance1
Avoid IT duplication, waste, and inefficiency1
Define IT roles and responsibilities and assign accountability1
By reviewing the enterprise IT procurement policy, the organization can identify and address any gaps, issues, or inconsistencies that may have led to the problem of business divisions approaching technology vendors for cloud services without proper coordination or approval. The review can also help to update and improve the IT procurement policy to reflect the current and future needs and expectations of the organization and its stakeholders. Some of the best practices for developing an effective IT procurement policy are2:
Involve all relevant stakeholders in the policy development process
Conduct a thorough analysis of the current and future IT requirements
Establish clear criteria and standards for selecting and evaluating IT vendors and services
Implement a robust approval and authorization system for IT purchases
Incorporate risk management and contingency planning into the policy
Communicate and educate the policy to all employees and stakeholders
Monitor and measure the policy implementation and outcomes
The other options, re-negotiating contracts with vendors to request discounts, requiring updates to the IT procurement process, and conducting an audit to investigate utilization of cloud services are not as effective as reviewing the enterprise IT procurement policy for addressing the issue. They are more related to the implementation and execution of the IT procurement policy, rather than its design. They may also be reactive or corrective measures, rather than proactive or preventive ones. They may not address the root cause of the problem, which is the lack of a clear and comprehensive IT procurement policy that guides and governs the acquisition and management of IT products and services in the organization.
