10. Healthsafe Supplier Relationship Policy



SUPPLIER RELATIONSHIP POLICY



Document Identification 

HSNZ/POL/10

Document Name

Supplier Relationship Policy

Master Copy

CISO

Version Number

1.3

Date Of Release 

15 Aug 2023

Prepared By

Eparama Tuibenau

CISO

Approved by

Kevin McAfee

Managing Director






VERSION HISTORY


Sl No

Version No.

Prepared by

Approved by

Description of Version

Date

Reason for Version Change

From

To

1

1.0

-

CISO

MD

First Release

14 Apr 2020 

No changes made

1

1.0

1.1

CISO

MD

Updated

24 Jun 2021 

Modifications due to changes in HealthSafe

1

1.1

1.2

CISO

MD

Reviewed

28 Jul 2022 

Annual review

1

1.2

1.3

CISO

MD

Reviewed

15 Aug 2023 

Annual review


DOCUMENT STATUS


Date

Document Status

14 Apr 2020

Modified

24 Jun 2021

Reviewed

28 Jul 2022

Current

15 Aug 2023

Current


Table of Contents

  1. Purpose
  2. Scope
  3. Input
  4. Output
  5. Interacting Process
  6. Abbreviations, Acronyms and Definitions
  7. Procedure
  8. Monitoring the Process
  9. Records


  1. PURPOSE
    Establish and maintain a procedure for the FH and Accounts department in accordance with the organisation’s requirements.

  2. SCOPE
    This procedure shall apply to the appropriate departments to provide administrative services for all employees.

  3. INPUT
  • Supply/License Log 
  • Email from an employee requesting supplies or assistance from a consultant/contractor
  • Outsourcing providers (also known as outsourcers) include:
    • Hardware and software support and maintenance staff
    • External consultants and contractors
    • IT or business process outsourcing firms
    • Temporary staff
    • Integrators
    • Contractors

 

4. OUTPUT

  • Supplier log/register
  • Delivery of requested item to the employee/clients
  • Identification of risks related to external parties
  • Addressing data security when dealing with customers
  • Addressing security in third party agreements


5. INTERACTING PROCESS

Employee, Vendors, Client Network Security (when required), Finance and all departments outsourcing services or using contractors


6. ABBREVIATIONS, ACRONYMS AND DEFINITIONS

Abbreviation

Description

IT

Information Technology

Admin.

Administrative

FH

Functional Head

NDA

Non-Disclosure Agreement


7. PROCEDURE

Supplies Acquisition


  1. HS Staff contacts the approved vendor to place the supplies order, based on need (new or restock)
  2. All vendors go through an approval and evaluation process before being added to an approved vendor list by Finance. The selected vendor is communicated to the appropriate departments and Finance by the FH during this process when relevant.
  3. Existing vendors will go through a yearly evaluation process by the FH.
  4. Finance is notified of the order placed and invoice is submitted for processing.
  5. Asset Register Manager logs supplies items in Internal Asset Register. Asset Register Manager checks to make sure all items ordered are recorded correctly. 

Distribution


  1. FH receives e-mail/call from an employee requesting supplies or assistance from vendor/contractor – specifically what and how much of it.
  2. Deliver supplies to employee
  3. Log the item in the asset register
  4. Review of the asset register by the Asset Register Manager

Outsourcing


  1. Employee sources vendors for a particular process
  2. Based on pricing Employee submits, via e-mail, a proposal to the Functional Head
  3. Employee fills out appropriate requisition form
  4. Functional Head and Admin Manager approves request
  5. Employee has the vendor generate a contract that is mutually acceptable. The contracts will make sure that all security risks to the company will be addressed where possible.
  6. FH or Employee has the vendor sign a NDA/Contractual Agreement


8. MONITORING THE PROCESS

  • Internal Asset Register
  • Vendor contract

 

9. RECORDS

  • Vendor registration form
  • Supplier evaluation form
  • Internal asset register
  • Requisition form
  • Proposal E-mail
  • NDA