Prevent Unforeseen Risks by Asking “Sharper Questions” of Your TPM/Independent Hardware Maintenance Providers

By Therese Williams, Top Gun

In recent years, the use of Request for Proposals (RFPs) and Reverse Auctions has become increasingly popular for sourcing data center hardware maintenance renewals.

Sourcing and Supply Chain departments, working in collaboration with their internal IT partners and business partners, can drive significant savings by structuring a formalized evaluation process that is well-aligned with business and technical requirements. However, there can be an unforeseen risk in taking too lightly, sourcing initiatives that bypass a thorough analysis of engineering capabilities of the vendors and make selections on price alone. It’s not the 90% of incidents your firm is concerned about.

It is the 10% of the incidents that are a threat to the operation, safety, or reputation of your organization with an element of surprise and unpredictability necessitating rapid and effective decision-making.

Our focus is on preventing these three primary risks that result in current RFP, RFI and RFQ practices in the hardware maintenance industry:

  1. Lack of configuration details results in your selected vendor being unprepared to remediate your mission critical environment.
  2. Lack of focus by consumers on qualifying their suppliers’ Level 3 and advanced engineering, ultimately resulting in latency associated with incident management.
  3. Incurring costly financial penalties because of failing compliance audits by the manufactures caused by selected suppliers’ restricted use of firmware, software and patches.

By following our recommended best practices, organizations can avoid unforeseen risks and confidently select the best hardware support partner for their specific technologies. This content is specifically aimed at maintenance solutions for enterprise-class servers and storage that are considered mission critical to a company’s business operations.

The basic steps in supporting your RFP or vetting process are to:

  • Work closely with IT stakeholders to gather accurate asset configuration details
  • Prepare a list of questions that reveal important differences between the support providers
  • Prioritize “value” over “price” when ranking providers.

The “Devil is in the Details”

This age-old saying remains especially true when evaluating hardware maintenance providers that do not have access to your warranty information and internal configurations. As such, these providers are dependent on the completeness and accuracy of the asset configurations you provide in your proposal. Gathering detailed asset configurations, including internal components, are foundational to the providers that are committing prices and SLAs for your diverse model types.

Without detailed configurations, too many hardware maintenance vendors may assume that you are running baseline configurations. Some vendors may even assign the lowest possible price to earn your business but later may surprise you with uplifts, after you’ve finalized the contract. Worse yet, you could find that some providers shock you with an upcharge at the time of the incident when they learn that you have a heftier configuration than originally noted in your RFP. Obviously, this is not a desirable outcome! Unexpected risks can be avoided by taking the time to provide the details needed to your potential suppliers.

At a minimum, work with your internal IT team to gather asset details, including:

  • Make
  • Model
  • Serial number
  • Physical site address
  • Desired SLA
  • Number of processors
  • Type of processors
  • Amount of memory
  • Quantity and capacity of disk and tape devices
  • Number and type of adapters
  • Details on attached external devices
  • Internal third-party components
  • Date of warranty expiration
  • Start/end dates of coverage
  • Annual or multi-year term
  • Annual incident data by device

Seek Agile Support Solutions

One of the most helpful elements that you can include in your RFP is a description of your company and its specific requirements. Helping respondents understand your current and future-state plans will allow their responses to be more targeted to your needs.

Sharing your asset lifecycle roadmap will provide essential information to providers that can offer total asset lifecycle solutions. As today’s infrastructures become more complex, tailored support programs provide greater value and agility over traditional line-item contracts that take a “one size, fits all” approach to support.

Consider including these items to help your providers respond with a tailored support solution:

  • Include your company’s overview and growth objectives
  • Share functional org charts that show how IT aligns to business units
  • Note whether there are any mergers and acquisitions in progress or planned
  • Explain if you’re leveraging any other service providers in your environment that will interface with your hardware support provider
  • Provide a high-level diagram of your overall hardware and application architecture
  • Include a 1–3-year roadmap of your planned infrastructure changes
  • List strategic transformations that are in progress or planned
  • Provide a list of your ITSM (and management) tools that you would like to digitally integrate with your chosen provider
  • Explain whether you require special billing codes to support internal chargebacks
  • Provide timelines for your decision-making process and onboarding goals
  • Describe any site access and compliance requirements such as background checks, or other regulatory requirements related to data erasure and part disposition/retention
  • Define any self-maintenance ongoing in the environment and how you manage your own inventory. For example, state whether you need parts-only or full support for each asset type.

(Tip: Do not assume that SLAs must be identical to your OEM’s SLAs. Independent support providers often have more flexibility on SLAs and can better tailor their offering.)

A “360-Degree” View

Moving beyond the data preparation stage, you are now ready to formulate meaningful questions that represent and support your specific technical and operational requirements. While “boilerplate” templates may seem like a short-cut, they can lead to unexpected risks and missed SLAs on business-critical systems.

General questions that fail to differentiate support providers:

  • Where are your service locations?

  • How many engineers do you have?

  • What platforms do you support?

  • What SLAs do you offer?

  • What is your call back time?

Today’s marketplace is significantly different from years ago.

With massive M&A activity, the TPM/independent support industry has become highly diluted and commoditized.

With a “race to the bottom,” many TPMs/Independent Support Providers are cutting corners to compete on price – an easy way to win your purchase order. By reducing their cost of spares and relying on external suppliers and outsourced L3 engineers, many hardware support providers act as “Support Aggregators.” Relying on many hand-offs with suppliers and subcontractors, these “Aggregators” increase profits by relying on lower failure rates and on-demand part sparing and engineering.

While this strategy may produce the lowest price point in your RFP process, it clearly requires a higher level of risk-tolerance from your company.

If you operate mission critical systems, then asking the right targeted questions will help you decipher the difference between delivery models and help you weigh risk versus savings.

Organizing your questions into (three) core areas will provide a complete 360-degree view of your provider’s capabilities:

A. Technical Engineering Credentials

B. Service Operations & Governance

C. Business Management

The below list, while not exhaustive, may provide a starting point and get you thinking about what technical service capabilities are essential to your mission critical computing environment.

A. Technical Engineering Credentials

When evaluating engineering expertise, gain an understanding of the provider’s hiring criteria, how they retain their top talent and their commitment to ongoing hands-on training.

While knowledge-based systems help hardware engineers, there’s simply no substitute for years of hands-on experience when it comes to cross-platform troubleshooting and resolution planning.

Explore which roles are employed versus contracted and how well a provider integrates every service function. Include questions that provide insight into their contracted relationships and external dependencies.

  • Explain your hiring criteria and share sample ‘BIOs’ of your in-house L3 engineers.
  • At what point in your escalation process are L3 engineers engaged to diagnose and resolve incidents?
  • Will L3 engineers speak directly to clients or do they only interface with L1 and L2 staff?
  • How do engineers get hands-on training on new technologies?
  • Do engineers have hands-on access to matched systems, to help with problem determination?
  • Explain any hand-offs that take place during the service delivery process.
  • How do you technically vet your field subcontractors?

B. Service Operations & Governance

Gaining an understanding of your provider’s service operation and quality control procedures will help you rank their efficiency, speed and accuracy.

This section of your RFP should include questions that reveal your potential providers’ operational differences.

Parts Sparing & Replenishment

  • What components do you spare up-front versus purchase at time of incident?
  • Where will spare parts be stored? How are they secured and replenished?
  • When and how do you test spare parts before they are installed into my environment?
  • Can I get visibility to my spare parts inventory and consumption?
  • How do you dispose of my defective parts?
  • How do you handle changes to firmware levels?
  • Describe how you determine proper sparing levels and components?

Service Operations & Incident Management

  • Explain the incident management process, and denote which steps are handled internally or externally by your organization. If externally, how do you integrate external affiliates into your processes?
  • How do you “Repair” and “Verify” a remediation?
  • What is your escalation process and triggers?
  • How many external providers will be required to support our estate?
  • What ITSM do you use? Are there API options available?
  • What type of reporting and analytics are provided?
  • Do I have ability to define or customize my reporting needs?
  • What tools must be deployed into my environment to achieve preventative support?
  • Describe how service functions are digitally integrated?

Transition Support

  • How do you support the process of moving from our current provider to your support?
  • What configuration information is required to support effective sparing for our contract?
  • Is there a proven methodology that guides the onboarding and transition process?
  • Provide a timeline that shows onboarding through to “steady state” of support.
  • What resources (people or other) do we need to provide to support transition?

Service Governance & Quality Control

  • Describe how Service Governance and Quality Control are integrated into your delivery framework.
  • Describe your continual improvement process and methodology?
  • What happens following a missed SLA?
  • Does your organization follow ITIL3 or ITIL4 best practices?
  • Share primary KPIs that are used to measure success.

C. Business Management

In addition to identifying technical qualifications, evaluate your potential provider’s business practices to understand their willingness/ability to align with your company’s terms and business practices.

Contract & Asset Management

  • Is there a secure portal for managing assets and contracts?
  • How much advance notice is required to remove an asset from contract?
  • How are credits issued for assets removed from contract?
  • Do you offer on-site, physical audits that help improve asset tracking?
  • Explain your support and involvement in the renewal process.
  • What technical advisory services are provided to optimize coverages?
  • Do you offer co-terminus agreements?

Business & Technical Reviews

  • What is the frequency of service reviews?
  • Provide a sample agenda of a service review.
  • Who attends a service review?
  • What reports are included as part of a service review?

Contract Terms & Conditions

  • What is your minimum contract term?
  • What repairs are considered “out of scope” of coverage?
  • What Time & Material (T&M) rates apply for repair work that falls outside of coverage?

Relationship Management

  • Provide a list of account team members, their roles and bios (or LinkedIn profile URLs).
  • Provide an escalation matrix showing key contacts.
  • Are you able to provide client references that have been a customer for more than 5 years?
  • Are you able to provide client references that switched to your service from another provider?
  • Describe if and how you tailor your services to our industry (i.e. healthcare, retail, banking, government, etc.).

Grant Confidentiality that Invites Self-Expression

Include a section that invites your respondents to express their unique point of view and value drivers. This may include company culture, value statements and beliefs that are core to their business. Additionally, ask your providers to include any additional services that they believe would increase the overall value of their partnership with your organization. Most importantly, provide an NDA so that your vendors can freely share their trade secrets and/or strategies without concern of open disclosure to their competitors. Doing so will make a tremendous difference in the quality of details you’re able to uncover.


  1. Sourcing and Supply Chain professionals must carefully craft questions that allow support providers to truly differentiate their offerings. In an unregulated marketplace, the variations across players are significant – especially now.
  2. Choosing a service partner based on price alone can lead to unforeseen risks and extended outages.
  3. By asking “sharper questions” of your service partners, your evaluations will create fairness, and support better decision-making.

As a provider of mission critical hardware support services, Top Gun has vetted and responded to numerous multi-platform RFPs.

Our opinions and suggestions are based on first-hand experience and intended to help companies prevent unforeseen risks and challenges by selecting the best service partner for their specific requirements and ultimately lead to both cost savings and service quality improvements.

Looking for solutions, rather than commoditized quotes, will increase value and better support a constantly changing infrastructure.

To discuss how TPM can serve your business initiatives, click here to contact us. I welcome new connections and any inquiries at my LinkedIn profile!

Therese’s LinkedIn Profile