Though there are numerous headaches associated with IT procurement, one challenge – risk management – can be particularly difficult to tackle.

According to a survey conduced by the National Association of State Chief Information Officers (NASCIO) in 2012, 46 percent of state CIOs expressed “some dissatisfaction” with their state’s current procurement system. The main reason given is that, often, a state’s standard procurement methods do not address the complexities and subtleties of IT systems.

Risk management is one particular challenge associated with IT procurement that a state’s standard practices may not directly address. In a brief, NASCIO offers several methods CIOs can use to solve the IT procurement problem.

After potential risks have been identified and analyzed, states can avoid IT setbacks by implementing the following steps:

  • Contact IT staff in other areas that have worked with similar situations before issuing a request for project proposals. 
  • Write contracts with clear deliverables, itemizing milestones with payments made upon completion
  • Prohibit the use of smaller, inexperienced vendors in critical governmental infrastructures
  • Require independent verification of work as it is performed by an independent vendor

If a disruptive event occurs, NASCIO recommends preventative methods that should be in place for risk mitigation:

  • Construct contracts that define arbitration processes
  • Implement clear definitions of a solution’s required functionality
  • Include associated penalties for performance failures

For more information on IT risk management, download the report.