Before you start

Before you start your search it is worth ensuring you have clarity on the project and the criteria you are going to use to look for a supplier.

Jump to > Time | Cost | Quality | Security | Process


  1. When do you want the project to start?
  2. When do you want the project to finish?
  3. Is the completion date fixed or moveable?
  4. Is the most important item delivery date or cost?
  5. Any keys dates the supplier should be aware of? demonstrations/shows/exhibitions/launch dates/funding dates?

Back to Top


  1. Is there a budget for the entire project?
  2. Do you have a maximum daily rate?
  3. Is it a fixed price or time and materials budget?
  4. Is the budget already allocated?
  5. Have you accounted for any local taxes?
  6. What currency will the project be invoiced in?
  7. How will additional charges be approved?
  8. Any provision for travel and accommodation?
  9. Any finance requirements or standards from your busiens that apply? spending limits/payment dates/terms
  10. Is the project likely to be affected by inflation during the project duration?
  11. How much contingency have you got in a budget?
  12. Are there any phasing requrements for the payments?
  13. Any requirements for payment terms?
  14. How will the supplier be paid?

Back to Top


  1. Will the supplier need to have ISO9001 quality management certification?
  2. Will the supplier need to follow your processes and flows?
  3. Will the supplier need to provide any documented evidence of folllowing processes?
  4. What is the definition of quality used on the project?
  5. What quality management tools must be used int he development?
  6. How are bugs and defecets recorded?
  7. What level of testing will the supplier need to do?
  8. What level of evidence should be prodived for the testing?
  9. Any device compatibility  requirements?
  10. Any performance (speed) requirements?
  11. Any load requirements?
  12. How will quality be assessed during development?
  13. How will quality be assessed post delivery?
  14. How will low quality issues be addressed?
  15. How will quality be tracked and monitored?
  16. Willthere be an internal quality check on any deliverables?
  17. Will there be a UAT user acceptance test of any delvierable?
  18. Is there any warranty (30/60/90 days) after delivery for addressing issues?

Back to Top


  1. Any security requirements for the project or product?
  2. Any security requirements for the supplier?
  3. Does the supplier need ISO27001 certification?
  4. Does the supplier need PCI DSS certification?
  5. is the suppliers office secure enough?
  6. Does it require extra protection on connectivity to you? VPN, encrypted link, encryption of emails?
  7. Will the supplier also host the solution?
  8. Will the supplier be able to access your customer data?
  9. Any requirements for confidentiality? data at rest, data in transit, GDPR
  10. Any requirements for integrity?
  11. Any requirements for availability? (uptime, downtime, maintenance windows, RPO, RTO)
  12. Is your intellectual property protected?
  13. Who owns rights to the source code?
  14. Any copyright messages that need to be included in source code or deliverables?
  15. Who owns rights to any inventions during the development process?
  16. Can the supplier warrant no unlicenced code is in the delivery?
  17. Does the supplier need extra security measures? virtual desktops, secure VLAN, no printers
  18. Can the suppliers staff work from home?
  19. Does the supplier need to go through a supplier assessment by your business?
  20. Does the supplier have a security manager?

Back to Top


  1. Is there a documented set of requirements?
  2. Will the supplier need to produce a documented set of requirements as a pre-project step?
  3. Are all the requirements known?
  4. Any unknown areas of functionality?
  5. Any new technologies or areas of risk?
  6. Does the supplier need specific technology or skills experience?
  7. Are there any corporate standards in your business the supplier needs to adhere to?
  8. How will changes be managed?

Back to Top


  1. Will the supplier need to follow your processes?
  2. Who will provide any specific tools?
  3. Does the software need to be built with any specific tools?
  4. What level of post delivery support is required?
  5. Does support need to be 24×7?
  6. What level of response time for a support issue?
  7. What is the process for requesting support?
  8. Will the supplier need to have ISO9001 quality management certification?
  9. Will the supplier need to have ISO27001 information security management certification?
  10. How will the project be managed?
  11. What regular reports (if any) are required?
  12. What level of documentation is required?
  13. How will the delivery be provided?
  14. Can you explain your procurement and engagement proces to the supplier?

Back to Top