Are Security Questionnaires & Requirements in RFPs and Contracts Creating Revenue Friction?
|It’s a story we hear often. Your sales team gets a prospect all the way to the closing point, and suddenly a security questionnaire is required. The sales person can’t fill it out, so they send it to the Information Technology (IT) group. The IT group can address half the items, but the other half are policy or contractual issues. They send it to Legal or Human Resources (HR). More friction. More delay.Security is not a technical issue, it’s a human issue|
Meanwhile, the revenue is stalled until you can work through each component, and identify which “control” aligns with which “requirement”. And every effort the sales person puts in to expedite the process, and navigate the response through multiple departments is time lost from their core job: Selling.
It’s enough to drive the sales person… and the executives, crazy. It’s what we call“Friction” in the revenue pipeline.
|Why is this happening more and more? |
Because increasingly our clients are facing regulations and addressing their own security vulnerabilities. Whether it’s HIPAA, GDPR, PCI or CCPA, the regulations increasingly are passed through to service providers and vendors in the supply chain.
|What’s a sales leader or business owner to do? Start by identifying the baseline security policies and procedures and creating a link between the most common requirements and the corresponding security control. By automating a substantial part of the process this pre-designed security response not only reduces the friction, but it becomes a reusable asset. As new questions or requirements come through, update and improve the process, thereby accelerating revenue recognition, and keeping the sales team focused on selling. Does any of this resonate with you and your sales team?|