How do you know what you don’t know? How do you get vendors to tell you about potential problems with the project they are proposing?
One way is to introduce a paragraph into your RFP demanding risk management information. This simple act will markedly improve the quality of information you receive and your ability to evaluate the vendors and their proposals.
The management of risk is a standard business practice. Risk analysis is the process of assessing, managing and communicating risks. Because of the ubiquitous nature of risk, risk analysis is inherently an interdisciplinary subject with many content-specific applications in engineering, finance, health, transportation and military systems.
In recent years, risk analysis has emerged from the back room of insurance companies and disaster planners. It is now a popular and accepted business tool. The military has always included risk analyses in its RFPs. However, few non-military RFPs mention risk and even fewer have risk management as an evaluation factor.
Many government entities such as cities or counties have risk managers who concern themselves with activities such as subdivision development, provision of sewer services, and traffic management. But few deal with RFPs or projects.
In the U.S., at the federal level, the use of risk as an evaluation factor is well understood. For example, the Census Bureau includes risk in its determination of best value: “The Census Bureau’s source evaluation will be based on best-value principles. Accordingly, award will be made to the responsible and technically acceptable offeror whose proposal provides the greatest overall value to the government, price and other factors considered. This best-value determination will be accomplished by comparing the value of the differences in the technical factors for competing offers, based on their strengths, weaknesses, and risks, with differences in their price to the government.”
Likewise, the U.S. Air Force uses proposal risk as an evaluation factor: “In accordance with the RFP, award will be made to the offeror proposing the combination most advantageous to the government based upon an integrated assessment of the evaluation factors and sub factors. The evaluation factors are past performance, proposal risk, mission capability, and cost/price.”
In each case, the government assessed the risks inherent in the offeror’s approach, the effect on cost and schedule, the subcontractor relationships and arrangements, and the proposed personnel’s ability to implement the approach. It also evaluated how well the approach minimized the impact of those risks on the overall success of the defined requirements.
In contrast to U.S., RFPs issued by most other jurisdictions, including those in Canada, are woefully ignorant of risk analysis. A search of “risk” within an RFP often returns no hits.
One shining light is Nunavut. In its policy and procedures manual, it advises procurement staff to identify potential risk factors and ask proponents to provide risk management plans in their proposals.
For those few public sector RFPs that actually identify risk as an evaluation factor, there are two approaches. First, they can use risk as a totally separate evaluation factor with separate scoring and its own points. Here is some common language used to obtain the information from the vendor: “Identify the major risks associated with this project. For each risk, identify those activities that can be undertaken to reduce, mitigate or eliminate the risk. Identify the associated responsibilities. Ensure that these activities are reflected in your project and management plans.”
This approach certainly provides much more information than not having risk as an evaluation factor. By establishing a minimum score for this factor, high-risk proposals can be eliminated from further consideration.
The second approach is to use risk not as an evaluation factor but as a sub factor under each major factor. In this approach the RFP would state: “For each major evaluation factor stated above (cost, technical solution, project management), identify the major associated risks. For each risk, identify those activities that can be undertaken to reduce, mitigate or eliminate the risk.”
RFPs are the greatest risk for procurement people. Your next difficult RFP will attract better proposals if it deals with risk. Don’t ask vendors to describe “their understanding of the project.” Rather, ask them to provide a three-page analysis of risks. Let them identify each risk, its source, and the steps that can be taken by each stakeholder to eliminate or reduce the risk. Then instruct them to include these tasks in their project plan (and cost).
Finally, award some points for your evaluation of the probability of success with this proposal. Make risk one of the evaluation factors or part of each major evaluation factor.
Michael Asner is an independent consultant specializing is public procurement (firstname.lastname@example.org).