A number of risks that are relevant at the contract development stage may have already been considered earlier in the procurement cycle. These risks or any risk treatments should be reviewed to determine if they remain relevant. For example, there may be particular risks relating to understanding the market that will have bearing on the specification of the contract deliverables and related performance management regime.

Risks to successful contract development can arise from a number of sources. These include:

A number of risks that are relevant at the contract development stage may have already been considered earlier in the procurement cycle.

Sources of risk

Examples of risks

Resourcing

• Inability to obtain and retain necessary level of resources, including specialist advice

• Failure to obtain senior management support and involvement

• Insufficient time to develop the contract

Contract deliverables

• Contract deliverables described in ambiguous or unclear terms

• Inability to obtain stakeholder and/or end-user input and sign-off of contract deliverables

Contract performance measurement

• Failure to specify performance indicators that can be cost-effectively measured

• Failure to link contract payment to satisfactory performance

• Failure to establish cost-effective performance monitoring and assessment arrangements

Contract payments

• Having a payment regime that is a disincentive to good performance and/or that is inappropriate to the nature of the contract deliverables

• Failure to cap contract expenditure

• Failure to establish payment milestones that are linked to contract performance

Other contract provisions

• Failure to include relevant legislative and policy requirements in the contract, for example, privacy, security, recordkeeping

• Failure to include all relevant contract provisions such as contract variations, disputes, termination, including termination for convenience

Conflicts of interest

• Failure to identify and address actual or potential conflicts of interest

Other risks relevant to the particular circumstances will need to be considered. Risks are not static and need to be kept under review throughout the contract development phase. Consideration also needs to be given at the contract development stage to any risks that the style and provisions of the contract may pose to its later implementation and management as well as the impact on other interrelated acquiring entity contracts or activities. For example, the contract may have an impact on other aspects of the acquiring entity's business, or training may be needed in order to effectively use goods or services being delivered under the contract. Without attention being directed towards how the contract will work in practice, it may not meet the needs of either party or could become unworkable over time.

All risks identified will need to be addressed and responsibility allocated for the risk mitigation or treatments as required. As with all aspects of the procurement cycle, judgement will need to be used in deciding on the level of risk assessment undertaken. The level and type of risk involved will generally inform or govern the contract relationship, the style of contract and its later management.

Risks are not static and need to be kept under review throughout the contract development phase.

All risks identified will need to be addressed and responsibility allocated for the risk mitigation or treatments as required.

Good Practice Tip: Identifying risks

Identify all potential risks and then assess their likehood and consequences Identify risk treatments for those risks where existing controls need to be supplemented

Involve or consult people who have developed a similar contract.

Involve people from different areas of interest, for example, end-users of the goods or services to be procured, the contract management team, administrative staff and subject matter experts.

Case Study: Standardised pre-contracting risk assessment

An entity used a wide range of contractors on a regular basis, for example, for IT support, corporate services, professional advice, publicity and promotion, building fit-out and alterations. The role of the entity involved significant public access to their facilities. The agency needed to be able to effectively manage high levels of risk without assigning unnecessary resources.

The entity revised its business processes to require a risk assessment before entering into any contracts. The level of risk was determined by a standard risk survey template. For example, the template assessed whether the work of the contractor might pose a risk to the safety of members of the public, the degree of financial risk and so on. The level of risk then informed decisions on:

• which contract form to use, from a set of standard contracts maintained by the entity

• how the contract would be managed and by whom

• the transition in measures necessary, for example, determining the type of briefing the incoming contractors should receive on the task, the entity's environment and on issues such as Occupational Health and Safety and Security

• the monitoring and management processes necessary

• how the contract was to be evaluated and the process completed.

Determining these issues at the planning stage also allowed the entity to plan their resource requirements for managing the contract.