Beat ’em up. Knock ’em down. Slap ’em around. Keep them on a short leash. Teach them a lesson. Make ’em behave. Vendors, that is.
This phrase has recently seeped into common IT parlance. I’ve even heard vendors, typically large ones, say that the reason we should buy their wares is that they can then provide us with this pugilistic benefit. Fascinating. A value proposition predicated on giving customers the right to beat up the vendor! Where do I sign?
This idiom reflects elided thinking regarding risk. Managers seeking throats to choke, I believe, are simply displacing anger or carrying around naÃ¯ve ideas about risk. Hopefully it is the latter since that is more easily remediated.
Risk has only two options (excluding unabated growth which I will ignore for now since it is too painful to think about for too long): it can disappear or be displaced. Risk disappears when teams of people gain new knowledge and develop new patterns of activity that demonstrate increased expertise in a problem and superior outcomes. This is the preferred approach to risk management. Risk is displaced when it is simply moved outside of the imaginary borders of a firm to a service provider.
It is a perilously false assumption that displaced risk is managed risk. The “one throat to choke” meme simply says to vendors “you have the risk and if you mess up, we’ll choke you into improvement.” Maybe it’s just me, but I find this all sort of Neanderthal-ish. I thought our cerebral cortex was capable of more nuanced thought than this.
Another metaphor that is similar in its direct opposition to “one throat to choke” is the much older “don’t put all your eggs in one basket” meme. Personally, I think the “one throat to choke” meme has been given wings by large vendors to supplant “don’t put all your eggs in one basket” meme. Nice aikido move if you ask me.
But replacing one bad metaphor with another doesn’t make for good risk management. In the interests of adding something useful to the current bar talk, I offer the following thoughts.
- Displaced risk isn’t really reduced. It is more often temporarily ignored. If a firm assigns risk to one vendor but does not actively co-manage that risk with the vendor, that risk will come back bigger and badder than before. Ignored risk is like toxic waste. The longer it goes undetected, the worse it silently gets.
- Risk can be monetized. If risk is displaced to a third party, the third party is entitled to some financial gain for managing that risk. Conversely, if the firm gets assigned the risk, it is entitled to some price reductions (or other suitable form of consideration) for managing the risk.
- Some risk can’t even be displaced. Despite all this talk about monetizing and assigning risk, firms have to understand who is the chicken and who is the pig (that is, who gets inconvenienced and who gets slaughtered) in the deal. If the firm assigns the risk to the “one throat to choke” vendor but still bears dire consequences if the vendor fails to deliver, choking the vendor may not help. Having a dead vendor and a failed solution isn’t comforting to anyone, it’s called a tragedy. Our job is to avoid tragedies (unless one finds entertainment value in them).
- Bigger is better. In the land of IT, vendors pay more attention to larger customers. Reducing the number of vendors to a smaller set can often create a greater profit potential for the vendor. This can better align vendor and firm goals. Consolidating vendors along this line of thinking is not a bad strategy.
- Less can be more. But, in the land of IT, firms that can adroitly manage their supply chains well will have more flexibility than firms that require “one throat to choke.” IT shops that can manage this complexity (more niche vendors) are probably superior to those that need to resort to simpler vendor management techniques. Why? Because they probably have a well-orchestrated set of activities regarding complex vendor management. IT shops that can manage greater complexities can help their firms manage complex competitive environments.
While I may dally with either a “best of breed” or a “one throat to choke” approach regarding my IT supply chain, depending of course upon the circumstances, I am haunted by a remark a wiser and older retired CIO once said to me about the “one throat to choke” strategy.
Who is choking whom?