Eric,
In these instances, re-negotiating the MSA or terms as new SOWs are being reviewed by Legal and negotiated would be a good start. Older agreements may not have some of the basic privacy, data protection, insurance, right to audit, and other provisions that we may need or want to have, so addressing those as they come up for renewal or in some cases re-negotiating in term is a great idea. The more difficult task is identifying and determining all of the various components you need or want in an agreement and figuring out how to incorporate those (with your Legal teams) as part of the contract negotiation or renewal process. Just my thoughts, hope this is helpful.
------------------------------
Brandon Mayfield
Vendor Management
------------------------------
Original Message:
Sent: 01-19-2023 09:04 AM
From: Eric Poos
Subject: Aggregate Risk Exposure
Hello all! I'm reaching out to this group to solicit feedback, best practices, or lessons learned related to potential risk exposure associated with ever expanding relationships with third parties and how other organizations may address aspects of this exposure in terms of their agreements. I've provided a hypothetical example below:
The Really Great Co. (TRGC) is a third party to our organization and over time our relationship with them has expanded to include additional services. Each new service adds a new Statement of Work to the existing Master Services Agreement. The Master Services Agreement was negotiated when there was one service with TRGC meaning that some areas such as insurance requirements, as an example, were designed in consideration of just one service. Other contractual considerations may be in areas of indemnification, limitation of liability, etc. where the agreement may have not considered future engagements.
As we consider this scenario and any potential adjustments to our process we would like to understand if any other organization has addressed similar circumstances and if so, what was done? Should areas such as insurance, indemnification, limitation of liability, etc. be revisited or renegotiated with every new SOW, when certain triggers are met (number of services, dollars spent), or only at MSA expiration or renewal? Are there situations or considerations that I may be overlooking?
I appreciate any info!