Risk Management for Vendors


By Tarron Gartner-Ilai

Of the risks associated with a construction project, the tried and true are time and money: is the project on schedule and will the costs of completion exceed the projected bid, or not? Dozens of factors, both within and outside the project manager’s control, can affect the project’s outcome. 

Staying on the critical path is much like traversing a tightrope on a unicycle … while juggling elephants. Add to those concerns the risks of data breaches, which are no longer a matter of private concern between the key players of a construction project, but have legal and regulatory consequences, as well. With all those issues competing for priority, the importance of establishing a comprehensive risk management program for vendors and suppliers cannot be overstated. Key to the company’s overall risk management strategy, the company should:

  • Identify the company’s population of vendors, including vendors necessary for the company’s internal operations and vendors who may provide materials or labor on a particular project.
  • Establish benchmarks for potential vendors, including price, service levels, and project/company objectives.
  • Set the parameters for the contracting/procurement process, including standardized information-gathering questionnaires.
  • Classify the vendors by tiers identified by risk.
  • Establish a regulatory compliance and safety program identified with specific vendors or trade.
  • Coordinate with the company’s legal team to establish uniform contract forms, modified by addendum to accommodate state-specific requirements.
  • Coordinate with counsel to determine if the company’s risks can be allocated through an indemnity provision or insurance in the state where the project is located.
  • Identify information provided to vendors and suppliers who have access or control over the company’s data or the data of the company’s project co-participants, map the data, and establish and monitor appropriate data management controls.
  • Identify the chain-of-command within the company to manage vendor relationships.
  • Hold regular project meetings with various vendors and suppliers. Establish a process to respond to vendor concerns.
  • Implement benchmarks to measure vendor performance.
  • Develop risk or incident response plans.
  • Establish financial controls for verifying vendor invoices, coordinating with project managers, reconciling contract and change order pricing, and paying pursuant to the contract terms.
  • Procure insurance covering the company’s risks, including liability arising from vendor-related risks, and, where necessary, policies applicable to specific projects. The cost of insurance should be considered in negotiating contract prices with vendors.

While this may seem overwhelming to a small to medium size contractor or design professional, many of the recommendations can be implemented in phases. Some are just a matter of establishing new habits, which become part of the company’s operational routine over time. If you are going to traverse a tightrope on a unicycle, it’s better to have a safety net in place.

Tarron Gartner-Ilai is a principal in Amy Stewart Law, a Dallas-based insurance coverage law firm. She represents insurance policyholders, including commercial and residential builders, in everything from coverage analysis to litigation over coverage disputes. She is an active member of TEXO, the largest commercial contractors association in Texas. She can be reached at [email protected]

Have an idea for a guest blog for Construction Today? Contact [email protected] or [email protected].  

Current Issue

Check out our latest edition!


alan blog ct

Contact Us

Construction Today Magazine
150 N. Michigan Ave., Suite 900
Chicago, IL 60601


Click here for a full list of contacts.

Latest Edition

Spread The Love

Back To Top