The whole is greater than the sum of its parts. Though Aristotle spoke these words thousands of years ago, modern law firms would be wise to heed them today. After all, a law firm’s success depends, in large part, on the quality of its parts and how they work together—and many of those parts today are supplied or supported by third-party vendors.

It is no wonder, then, that over 50 percent of Am Law 100 firms have established a procurement function to improve third-party management capabilities, according to a survey HBR Consulting conducted in connection with our 2018 Law Firm Procurement Roundtable. Procurement teams can help law firms lower and contain costs, identify and manage risks, and raise the quality of supplier services—all of which factor into enhancing client delivery, improving law firm operations and reducing operating costs.

More specifically, there are three key areas, aligned with law firms’ long-term business goals, on which procurement should focus on in 2019: managing risk, improving service and operations, and supporting diversity initiatives. Here is a closer look at how procurement can contribute to each one.

Supplier Risk

Traditionally, law firms have followed a decentralized model for managing third-party relationships. In the past, this presented fewer problems, as law firms were more self-supported and information was less digital and thus less fluid. As firms started to rely on third parties to support key operations, especially in the technology space, IT teams began to take responsibility for managing security and data risks—but only to the extent that they had oversight of the applications and vendors involved. If the risk did not stem from an IT-related supplier or issue, it likely was unmanaged and the potential risks remained invisible to the firm as a whole.

Today, the risks to client and firm data are too great to leave to chance or address on a piecemeal basis. This is especially true given the number of recent hacks on law firms, which make prime targets due to the sensitivity of the secrets they hold. Cyberthieves perceive that the legal industry’s data privacy and security measures are lax compared to those of other industries. Yet, according to HBR’s procurement leaders survey, just half of law firms currently have a formal, third-party risk-management policy.

Procurement is the ideal hub for facilitating an effective supplier risk-management program. It sits as a gatekeeper between vendors and the firm, through its sourcing work and contract negotiations. Procurement is in the best position to assess suppliers and oversee execution of mitigation measures in order to manage that risk. Law firms can then tout these measures to clients, who are increasingly concerned about how their law firms are protecting their information. (In fact, 78 percent of surveyed law firms have had clients request documentation of the firm’s third-party risk-management policy.)

Supplier Relationships

You cannot adequately manage what you do not measure. Yet too few law firms take a proactive approach to supplier management, which means their relationships often plod along unchecked, without regard to how well suppliers are adhering to their agreements or meeting service-level goals. With little oversight, supplier relationships rarely live up to their promise. Often, law firms find themselves blindly trusting suppliers to deliver on the terms of their agreements; when those suppliers fall short, it may jeopardize not only firms’ operational capabilities but also their reputations. Trying to rectify any vendor-created issues can cost significant time and resources.

Typically, law firms have adopted a hands-off, reactionary approach with suppliers. They ignore the day-to-day operations and become involved only when a crisis rears its head. They do not hold regular reviews of supplier progress toward goals, and any meetings they do have with supplier representatives tend to focus on immediate concerns rather than troubling trends percolating beneath the top-line results. Without clearly defined key performance indicators, performance is rarely evaluated against service-level agreements, much less addressed, until it is too late to salvage either the performance or the relationship.

This is where procurement can step in. The procurement function can create a formal process for supplier performance reviews. It can set an appropriate cadence for those reviews, such as quarterly or monthly, and ensure that appropriate metrics are in place to assess ongoing performance. Procurement teams can also work with suppliers to establish reporting expectations, such as requiring every supplier to submit a report with metrics demonstrating its progress toward goals before each meeting. This way, law firms can identify the strongest players on its supplier bench and allocate work appropriately.

Supplier Diversity

In January, more than 170 in-house counsel penned an open letter to law firms, decrying their continued preferential promotion of partners who are “largely male and largely white.” The letter warned law firms that in-house counsel plan to devote the bulk of their legal spend to those firms that “manifest results with respect to diversity and inclusion.” These diversity and inclusion initiatives need to be comprehensive across the organization, including not only staffing issues, but also working with diverse suppliers.

Clients are beginning to ask law firms for evidence about the diversity of their key supporting third-party partners. But many law firms lag behind their corporate counterparts in building a sufficiently diverse roster of suppliers. Few have built lasting relationships with minority- and women-owned businesses, for example.

Procurement can help law firms increase their diversity by creating policies and practices that underscore their commitment to a diverse workplace. For example, they can help create supplier diversity policies. They can also create a repository of data that captures the classification of all active suppliers and create a rhythm for regularly refreshing that information. With this resource, law firms should be able to quickly and easily report on their usage of diverse suppliers so they can monitor their progress and share their results with clients.

Suppliers have a direct effect on the quality of service that law firms provide to their clients and thus on law firms’ ability to remain competitive in a challenging and crowded market. In 2019, law firms should take advantage of the procurement function’s ability to create centralized processes and workflows for overseeing supplier risk, managing third-party relationships and building a diverse supplier roster.

Clay Fox is a senior director at HBR Consulting.