The IT procurement process explained in nine steps


Discover the nine most important steps in an IT procurement process and learn how to use them in your company to drive compliance and improve purchasing ROI.

Vendr | IT procurement
Written by
Vendr Team
Published on
June 9, 2023
Read Time

Vendr | TwitterFacebook iconVendr | LinkedIn

Employees with a corporate credit card can sign up for a SaaS tool that renews annually into perpetuity. They don’t need to go through procurement, seek sign-off from IT, or perform any market or risk analysis.

That is unless you have a solid IT procurement process in place.

An effective software buying process cuts costs, reduces risk, and maximizes your return on IT spending.

Discover the nine most important steps in an IT procurement process and learn how to use them in your company to drive compliance and improve purchasing ROI.


What is IT procurement?

IT procurement is the systematic process by which organizations evaluate, acquire, and manage technology resources and services to meet their business needs effectively. This process involves a series of strategic activities including identifying technology needs, conducting market research, selecting vendors, negotiating contracts, and managing the lifecycle of IT assets. The goal of IT procurement is to secure high-quality IT products and services at the best possible cost, while ensuring compliance with company policies and enhancing operational efficiency.

Why you need a process for IT procurement

An IT (information technology) procurement process is essential for managing SaaS purchasing in today’s business environment.

A few decades ago, software was sold on a perpetual license. Procurement teams purchased tools outright for the whole company and collaborated with IT to determine how to host, integrate, and manage the software.

Today, most software is cloud-hosted and sold on a subscription basis. That means IT doesn’t need to be consulted prior to purchase, and any department leader can sign up for a platform by charging the monthly fee to their corporate card. This can lead to huge inefficiencies in how companies acquire and use technology. An IT procurement process can help mitigate this and ensure companies buy and use tech properly.

1. Prevent shadow IT

The first is that it creates shadow IT—software tools a company uses that the IT department has no idea about. There is an obvious security risk inherent here. If IT doesn’t know about all the software used in their company, they cannot control data security protocols. This also means that IT cannot take advantage of the integration between software tools, which causes data silos to emerge across departments.

2. Prevent redundancies in your tech stack

Secondly, many companies that don’t have a well-documented IT procurement process pay for multiple software tool subscriptions that do similar or identical things. For instance, if customer support doesn't know that sales already have an SMS messaging platform, they will procure their own tool within this same software category. This drives up total software spending costs, as you cannot take advantage of economies of scale by negotiating a better price with a single vendor. It also increases your total cost of ownership, as you spend time and money managing several contracts and vendor relationships rather than just one.

3. Easily monitor tech usage

Lastly, if the software isn’t purchased through a dedicated process, you can’t monitor its usage effectively. As a result, many licenses go underutilized or unused entirely. Your company could be paying for tools it's not using, which hurts profitability.


The nine-step IT procurement process

1. Needs identification

The first step in any good procurement process is to clearly identify the needs of the business as they relate to the product or service being sourced.

Assuming a centralized procurement team takes care of the software purchase, they need to meet with the stakeholders and users of the tool they want to purchase.

For instance, if your organization is preparing to purchase a new CRM, your procurement manager should meet with the leaders of the marketing and sales departments.

During your business needs identification conversation, ask:

  • How will this software tool be used in our organization?
  • How are we currently managing these activities?
  • What would happen if we didn’t source this product now?
  • Who will use it?
  • How often will it be used?
  • Which features are non-negotiable?
  • Which features are ideal but not a must-have?
  • Which of our existing software tools does this new purchase need to integrate with?
  • What budget constraints are we working within for this purchase?

Note the answers to these questions, as they’ll inform many of the following steps.

2. Tech stack review

Now that you have better visibility over what the end users need, review your existing tech stack to see if you already have a relationship with a supplier that provides that tool.

If you’re sourcing a CRM, say, sift through your existing SaaS stack to see if you can use any of those tools as a CRM or if any suppliers you already pay also sell a CRM tool.

For example, if you use HubSpot’s Service Hub for customer service duties, it might be an easy jump to go with their CRM tool. Or, if you use as a project management tool, you may be able to design a custom CRM using their no-code builder.

Make sure that you run any potential solutions like this past your stakeholders—they may be able to provide insight as to why they are unsuitable. Perhaps, for example,’s CRM features are inappropriate for the intended use.

3. Make or buy analysis

If you don’t already have a software tool that can do the job, the next step is to perform a make-or-buy analysis.

A make-or-buy analysis involves weighing the costs and benefits of purchasing a dedicated software platform vs. having your internal development team (or a third-party contractor) create a custom solution. This task is often carried out by procurement specialists or officers.

For most small and medium-sized businesses, buying is the way to go.

This is due to the cost-effectiveness of buying pre-built software on a subscription basis. The quality and flexibility of such tools are generally high enough to suit most organizations.

However, larger organizations with the budget to build custom software—which can cost as much as $350,000—or who’s complex needs aren't served by the existing market may choose to make, rather than buy, an off-the-shelf solution.

4. Market research

Assuming you decide to buy rather than make, your next step is researching the market for potential supplier options.

Start by pulling together a list of all potential vendors. For example, if you’re looking for a CRM, then build a list of all CRM suppliers.

As you create this list, add some basic information, such as pricing, primary features, integrations, and any restrictions (such as volume limits).

5. Vendor shortlisting

Use the information you recorded during the needs identification process to cull any unsuitable vendors.

Some may be outside your budget, so you can instantly discard these. Others may not offer one or more of your non-negotiable features, making them an unsuitable option.

Others may not have native integrations with the software tools you already use, meaning connecting them may not be as seamless as you’d hoped.

Bear in mind that many platforms allow custom integrations to be built using a tool like Zapier. You may use this information to deprioritize but not discard potential solutions.

6. Supplier vetting and risk analysis

Now that you have a reasonably sized shortlist, begin vetting each vendor.

Vendor vetting involves assessing each supplier for things like:

  • Financial stability
  • Reviews from existing customers
  • Ability to meet your order demands
  • Alignment of values (such as a focus on sustainable sourcing)

Part of this process should be to assess the risks associated with each vendor. When purchasing SaaS, software security risk—such as the possibility of a data breach—should be a priority concern.

Learn more about assessing and managing supplier risk in our guide: Vendor risk management: What to watch for and best practices.

7. Vendor prioritization

The next step in your procurement process flow is to rank each potential service provider.

This gives you a roadmap for making your purchase decision, as you’ll aim to proceed with the vendor that tops your list.

Depending on your company’s procurement practices and policies, the Chief Procurement Officer (CPO) may need to sign off on this decision. In this case, it’s wise to provide your top three options for approval. If your ideal vendor isn't approved, you can still proceed with a reasonable solution.

8. Negotiation

Now that you have the approval to move forward with one or more software solutions on your list, it's time to start talking numbers.

Software contract negotiations aren’t all about the bottom line, however. You’ll also want to set some boundaries and expectations, such as:

  • Service level expectations from the support team
  • Software uptime requirements
  • KPIs and metrics by which to measure the effectiveness of your software partnerships

9. Contract signing

With the agreement approved by both parties, all that’s left is to sign on the dotted line, signifying the beginning of your new supplier relationship.

Put your IT procurement process into action with Vendr

A great IT procurement process is essential to driving a sound procurement strategy, cutting costs, reducing risks, and maximizing profitability.

But processes don’t happen in a vacuum—you need a system to ensure they’re followed.

Vendr is the SaaS procurement software system that helps you maintain compliance with purchasing policies while making processes more efficient.

With Vendr, IT procurement leaders can:

  • Use automation to streamline business processes like RFP, RFQ, and purchase order workflows
  • Optimize the procurement management process with real-time insights into company spending and savings
  • Access a database of information on SaaS tools—including price benchmarking information—to speed up the market research process


IT procurement FAQs

What considerations should be made for IT services in the procurement process?

When procuring IT services, considerations should focus on:

Service Level Agreements (SLAs): Clearly defined SLAs ensure that the vendor delivers the promised performance and uptime.

Integration Capabilities: The IT service should integrate seamlessly with existing systems to enhance functionality and user experience.

Support and Maintenance: Reliable customer support and regular maintenance are vital for minimizing downtime and ensuring continuous service availability.

What are some IT procurement best practices to enhance cybersecurity?

Enhancing cybersecurity in IT procurement involves several best practices:

  • Vendor Vetting: Ensure that all IT products and services meet strict cybersecurity standards before purchase.
  • Certifications Check: Prefer vendors with reputable cybersecurity certifications.
  • Contractual Agreements: Include cybersecurity requirements and protocols in contracts to enforce security standards.

Continuous Monitoring: Regularly assess the cybersecurity posture of IT services and products to manage and mitigate risks effectively.

Vendr Team
Vendr's team of SaaS and negotiation experts provide their curated insights into the latest trends in software, tool capabilities, and modern procurement strategies.

Similar posts

Learn more about finding, buying and managing your SaaS stack with resources from our experts.

Built-in vs 3rd Party AI: How to Approach Adding Generative AI to Your Software Stack

David Porter

SaaS Buying
Compliance and Security
Built-in vs 3rd Party AI: How to Approach Adding Generative AI to Your Software Stack

The odds are extremely high that your team has already used the ChatGPT in their work. If that speeds up their work and reduces repetitive busy work, that’s a win for your team’s productivity. If that comes at the expense of data security, though, or opens up your company to potential copyright lawsuits, the benefits might not be worth the risk.

Read post
IT vendor management: A guide to managing and scaling SaaS

Emily Regenold

IT vendor management: A guide to managing and scaling SaaS

Discover the ultimate guide to IT vendor management and SaaS optimization. Learn how to streamline operations, enhance security, and maximize efficiency in your organization.

Read post
Managing shadow spend in cloud services

Vendr Team

Managing shadow spend in cloud services

Learn how to effectively manage shadow spending in cloud procurement services with insights from Vendr's procurement experts. Discover key strategies and best practices to optimize your cloud procurement processes.

Read post