VMO Platform Decision Matrix – Article #3

TVMES experts continues to strive by working together with industry experts to identify simplified solutions to the problems faced by VMO leaders. It is our pleasure to present you a robust and logical solution which will help you choose the right VMO platform of your choice.

VMO Platform Decision Matrix - DOR Tracking

TVMES has identified 5 primary criteria VMO leaders need to utilize when considering selection of a VMO platform. The following is the Second Criteria of the five we will cover in this series. You will find links to the previous articles at the end.

Precise Deliverable, Obligation & Risk Tracking

This is an important factor to drive contract compliance for VMO leaders. The VMO Platform need not act as a RISK solution but is important to maintain and track actions against risk register. This will make the VMO leaders be ready for any internal or external audit response related to vendor controls.



Your contracts or vendors might have several deliverables, but it is important for your governance platform to understand the critical ones and keep your vendor focused to deliver on time with the right precision and quality. We have seen up to ~45-50 deliverables per contract out of which ~20% are critical deliverables. The VMO platform should have the ability to categorize, Track compliance through proactive remainders and approval workflows.


Obligations are bi-product of contract and service delivery /Business operations which can be as simple as an outcome of an executive meeting, Delivering a Proof of Concept to business. By tracking obligations, VMO platforms ensures that discussions turn into actions and actions are monitored and completed on time. Even though Obligations does not have an direct cost impact, It prevents value leakage and promotes accountability to vendor actions.


Risks are everywhere, and it takes a different eye or lenses to look at. The earlier we identify risk, the quicker we devise a plan. Risks are determined by events, priority, probability and impacts. Based on the organizations risk appetite and strategy,  Risks can be Accepted, Avoided, Differed, Enhanced, Exploited, Observed, Mitigated, or Transferred. Even though, this function is owned by enterprise/chief risk officers supported by Internal Audit teams to get the fundamentals straight, it is important to track the following Qualitative and Quantitative risks categories at minimum from an vendor standpoint.

  • Contractual Risks
  • Operational Risks
  • Business Risks
  • Third Party Risks
  • 4th Party Risks
  • Compliance Risks

TVMES Team shall be covering Third Party Risk Management more in detail through our tprmmaturity.com learning series for which VMO and Enterprise risk experts are working on the Microservice’s driven framework. Hence, this site is under construction.

Please share your opinions and comments Or write to me at suresh.subbu@tvmes.com

Please follow and like us:

Leave a Reply

Your email address will not be published. Required fields are marked *