The procurement governance house

Applying the Principles of Corporate Governance in Procurement

Procurement governance becomes important when procurement decisions start to affect more than one purchase order.

  • A buyer selects a supplier.
  • A stakeholder wants to bypass the sourcing process.
  • A manager approves a high-value purchase without comparing alternatives.
  • A supplier receives different messages from different departments.
  • A contract is signed without legal review.
  • A business-critical supplier is not followed up.
  • A sustainability requirement is added too late.
  • A price saving creates risk somewhere else in the company.

These are not only procurement problems. They are governance problems.

For a Procurement Manager or CPO, procurement governance is the way to make sure that procurement decisions are made in a controlled, ethical, transparent, and business-aligned way. It is not only about managing the procurement department. It is about how the whole company buys, selects suppliers, manages supplier relationships, handles risks, and behaves in the supplier market.

Good procurement governance answers five practical questions:

  • Who is allowed to decide?
  • Which process must be followed?
  • What information is needed before a decision is made?
  • Who must be involved, consulted, or informed?
  • What behavior do we expect from employees and suppliers?

LHTS framework connection

Role: Management
Supporting roles: Tactical procurement, operative procurement, finance, legal, quality, sustainability, business stakeholders
Process: Procurement management, sourcing governance, supplier selection, contract approval, supplier management, risk management, compliance, and supplier interface management
Level: Basic
Related course: The True Role of Procurement

Quick answer: what is procurement governance?

Procurement governance is the system of principles, roles, processes, decision rights, controls, documents, and behaviors that guide how an organization buys from and works with suppliers.

In simple terms:

Procurement governance makes sure the right people make the right procurement decisions, in the right way, with the right information, at the right time.

A CPO or Procurement Manager assures governance through four main tools:

  1. Clear procurement processes and decision gates
  2. A RACI model for roles and responsibilities
  3. Policy documents, standards, templates, and approval rules
  4. A company culture where people follow the process because they understand why it matters

The basic problem: procurement decisions are often spread across the company

A beginner may think procurement governance is only about the procurement department.

That is too narrow.

In reality, procurement decisions are spread across the company.

  • Engineering defines specifications.
  • Operations needs delivery.
  • Finance controls budget and payment.
  • Legal reviews contract risk.
  • Quality evaluates supplier capability.
  • Sustainability sets supplier requirements.
  • IT reviews cybersecurity.
  • Business managers approve spend.
  • Procurement manages the supplier market, sourcing process, commercial terms, and supplier relationship.

This means the CPO cannot govern procurement only by telling buyers what to do. The CPO must create a governance system that works across departments.

Procurement governance is therefore not only about procurement control. It is about company control over supplier-related decisions.

A simple way to understand procurement governance

Imagine procurement governance as the traffic system for buying decisions.

A company without procurement governance is like a city without traffic lights, road signs, lanes, or speed limits. People may still reach their destination, but there will be confusion, accidents, delays, and unnecessary risk.

A company with procurement governance has clear rules:

  • This is the road.
  • This is the speed limit.
  • This is where you stop.
  • This is where you need approval.
  • This is who has priority.
  • This is what happens if there is an exception.

In procurement terms, the traffic system is built from:

  • Processes
  • Decision gates
  • Approval limits
  • Supplier selection rules
  • Contract review rules
  • Supplier qualification requirements
  • RACI models
  • Policies
  • Escalation paths
  • Performance reviews
  • Cultural expectations

The goal is not bureaucracy. The goal is controlled freedom.

People should be able to buy what the business needs, but within a system that protects value, fairness, compliance, risk, and supplier performance.

Procurement governance principles

The governance principles are the foundation. They explain what the governance system is trying to protect.

1. Transparency

Transparency means that procurement decisions can be understood and explained.

A transparent sourcing process shows:

  • What the business needed
  • Which suppliers were invited
  • What information suppliers received
  • Which evaluation criteria were used
  • Who made the decision
  • Why the selected supplier was chosen

Transparency does not mean sharing confidential information with everyone. It means that the process is clear, fair, documented, and auditable.

2. Accountability

Accountability means that decision rights are clear.

  • Someone must be accountable for the specification.
  • Someone must be accountable for the sourcing strategy.
  • Someone must be accountable for supplier selection.
  • Someone must be accountable for contract approval.
  • Someone must be accountable for supplier performance.

When accountability is unclear, decisions are delayed or hidden. When accountability is clear, people know what they own.

3. Fairness

Fairness means that suppliers are treated consistently and evaluated against relevant criteria.

Fairness protects the company from favoritism, weak competition, poor supplier trust, and ethical risk. It also improves supplier confidence in the buyer.

CIPS emphasizes that business dealings with suppliers should be fair and transparent, that suppliers should be selected on appropriate and fair criteria, and that buyers should avoid favoritism, undue influence, and unfair use of purchasing power. 

4. Integrity

Integrity means that procurement decisions are made honestly and without improper influence.

This includes avoiding conflicts of interest, managing gifts and hospitality, protecting confidential supplier information, preventing bribery, and making decisions based on business need rather than personal preference.

Integrity is especially important in procurement because procurement controls external spend and supplier access. That creates opportunity for both value creation and misconduct.

5. Risk control

Procurement governance must help the company understand and manage supplier-related risk.

Examples include:

  • Supply disruption risk
  • Financial supplier risk
  • Quality risk
  • Contract risk
  • Cybersecurity risk
  • Compliance risk
  • Sustainability risk
  • Reputational risk
  • Single-source dependency
  • Geopolitical or logistics risk

The governance question is not only: “Can we buy this?”

It is also: “What risk does this decision create, and who has accepted that risk?”

6. Value creation

Governance should not only prevent mistakes. It should also help procurement create value.

Good governance supports better sourcing decisions, stronger supplier performance, improved total cost, better contracts, clearer specifications, fewer delays, and more professional supplier relationships.

If governance only slows the organization down, people will bypass it. If governance helps the organization make better decisions, people will use it.

7. Sustainability and responsibility

Procurement decisions affect suppliers, workers, communities, the environment, and the company’s long-term reputation. ISO 20400 connects sustainable procurement to policy, strategy, purchasing processes, accountability, transparency, ethical behavior, risk management, and buying culture. 

This means sustainability cannot be added only at the end of the process. It must be built into requirements, supplier qualification, sourcing decisions, contracts, and supplier follow-up.

The four building blocks of procurement governance

For a Procurement Manager or CPO, governance becomes practical through four building blocks.

1. Processes and decision gates (examples)

A procurement process describes how work should be done.

A decision gate describes when the organization must stop, review, approve, reject, or redirect the work before moving forward.

This is important because many procurement mistakes happen when decisions are made too early, too informally, or without the right information.

A basic sourcing governance process can include these gates:

Gate 0: Need and sourcing route

Before procurement starts, the company should confirm the business need.

Key questions:

  • Is the need real?
  • Is the specification clear enough?
  • Is there an existing contract or preferred supplier?
  • Is this operational buying, tactical sourcing, or strategic sourcing?
  • What spend level and risk level apply?

Gate 1: Sourcing strategy approval

Before contacting suppliers, procurement should align the sourcing approach.

Key questions:

  • Which suppliers will be invited?
  • Will the process be competitive or single source?
  • What evaluation criteria will be used?
  • What risks are already visible?
  • Who must be involved from legal, finance, quality, IT, or sustainability?

Gate 2: RFQ or RFP release

Before the RFQ or RFP is sent, the package should be checked.

Key questions:

  • Is the specification clear?
  • Are commercial terms included?
  • Are evaluation criteria defined?
  • Are supplier instructions fair and consistent?
  • Are confidentiality and compliance requirements clear?

Gate 3: Supplier evaluation and award recommendation

Before selecting a supplier, the decision should be reviewed.

Key questions:

  • Were suppliers evaluated against the agreed criteria?
  • Is the recommendation documented?
  • Are price, quality, risk, delivery, service, sustainability, and total cost considered?
  • Are conflicts of interest declared?
  • Is the business owner aligned?

Gate 4: Contract approval and signature

Before signing, the company should confirm that commercial, legal, financial, risk, and operational requirements are accepted.

Key questions:

  • Who is authorized to sign?
  • Has legal reviewed the contract?
  • Are liability, payment terms, termination, service levels, data, confidentiality, and compliance clauses acceptable?
  • Are deviations approved?

Gate 5: Implementation readiness

Before the supplier starts, the company should confirm that the contract can actually be executed.

Key questions:

  • Is the supplier onboarded?
  • Are systems updated?
  • Are users informed?
  • Are delivery and invoice flows clear?
  • Are KPIs and review meetings agreed?

Gate 6: Supplier performance, renewal, or exit

During and after the contract period, procurement should review whether the supplier delivers the expected value.

Key questions:

  • Is the supplier meeting KPIs?
  • Are risks changing?
  • Should the contract be renewed, renegotiated, developed, or terminated?
  • Have lessons learned been documented?

Decision gates are not meant to punish people. They are designed to prevent weak decisions from moving too far before they are corrected.

2. RACI: roles and responsibilities

Processes are not enough if nobody knows who owns the decision.

This is where RACI becomes useful.

RACI means:

  • Responsible — does the work
  • Accountable — owns the result and final decision
  • Consulted — gives input before the decision
  • Informed — receives information after or during the decision

PMI describes a RACI chart as a responsibility assignment matrix that spells out stakeholder roles and also supports communication planning by clarifying who receives what information, how often, and at what level of detail. 

A procurement RACI should cover the full supplier lifecycle, not only sourcing.

Example:

For a sourcing strategy, the category manager may be Responsible, the CPO or procurement manager Accountable, business stakeholders Consulted, and finance/legal/quality Informed or Consulted depending on risk.

For supplier selection, procurement may be Responsible for process integrity, the business owner Accountable for the business requirement, legal Consulted on contract risk, finance Consulted on budget, and the CPO Accountable if the decision is above a certain spend or risk level.

For supplier performance, the business owner may be Responsible for operational feedback, procurement Responsible for supplier review structure, the supplier manager Accountable for improvement actions, and senior management Informed for critical suppliers.

The most important RACI rule is simple:

There should be one clear accountable owner for each important decision.

When everyone is accountable, nobody is accountable.

3. Policy documents and control documents

A procurement policy explains the rules.

Procedures explain how to follow the rules.

Templates make the rules easier to apply.

A basic procurement governance document set should include:

  • Procurement policy
  • Delegation of authority
  • Sourcing procedure
  • Supplier selection procedure
  • Supplier onboarding and qualification procedure
  • Contract approval procedure
  • Supplier code of conduct
  • Conflict of interest policy
  • Gifts and hospitality policy
  • Single-source exception procedure
  • Supplier performance management procedure
  • Sustainability and responsible sourcing requirements
  • Data and documentation requirements
  • Escalation and non-compliance procedure

A good policy does not need to be complicated. It should explain what applies, to whom it applies, when approval is needed, what exceptions are allowed, and what must be documented.

CIPS recommends clear and simple policy language, defined roles and responsibilities, assigned ownership for policy maintenance, and practical checklists or forms so staff can understand and use the policy. 

The policy should also be connected to control points.

For example:

  • A sourcing process above a certain spend must have documented competition.
  • A contract above a certain risk level must be reviewed by legal.
  • A new supplier must be qualified before use.
  • A single-source decision must be justified and approved.
  • A supplier with access to personal data must be reviewed by IT/security/legal.
  • A critical supplier must have performance reviews.
  • A sustainability requirement must be included before RFQ release, not after award.

This is where governance becomes practical.

4. Culture and behavior

The most underestimated part of procurement governance is culture.

A company can have perfect policies and still have weak governance if people ignore them.

Culture answers questions such as:

  • Do managers respect the sourcing process?
  • Do stakeholders involve procurement early?
  • Do buyers challenge unclear specifications?
  • Do employees declare conflicts of interest?
  • Do people document decisions properly?
  • Do suppliers receive consistent messages from the company?
  • Is it acceptable to bypass procurement?
  • Does leadership support ethical behavior when there is commercial pressure?

A CPO cannot create governance only by writing documents. The CPO must help build a culture where people understand that governance protects the company.

Good procurement culture includes:

  • Early involvement of procurement
  • Respect for supplier fairness
  • Fact-based decisions
  • Clear documentation
  • No hidden commitments
  • No unauthorized supplier promises
  • Constructive challenge of specifications
  • Risk awareness
  • Commercial discipline
  • Ethical behavior
  • Cross-functional cooperation
  • Learning from mistakes

Culture is built through leadership behavior, training, repeated communication, consequence management, and visible support from top management.

Governance is also about supplier interfaces

Procurement governance should not stop at the company boundary.

Many companies manage suppliers poorly because the supplier receives many different messages from many different people.

  • Engineering discusses specifications.
  • Operations discusses delivery.
  • Finance discusses invoices.
  • Quality discusses deviations.
  • Legal discusses contract clauses.
  • Sustainability discusses audits.
  • Procurement discusses price and commercial terms.

All of those interfaces may be necessary. But they must be governed.

A supplier interface model should answer:

  • Who is allowed to speak to the supplier about what?
  • Who owns the commercial relationship?
  • Who owns the technical relationship?
  • Who owns operational delivery?
  • Who can agree changes?
  • Who can approve price changes?
  • Who can approve contract changes?
  • How are supplier issues escalated?
  • How are supplier promises documented?

For strategic and critical suppliers, the company may need a formal supplier governance model.

This can include:

  • Executive sponsor
  • Supplier relationship owner
  • Commercial owner
  • Technical owner
  • Operational owner
  • Quality owner
  • Sustainability owner
  • Regular business reviews
  • KPI dashboard
  • Risk review
  • Improvement plan
  • Innovation agenda
  • Escalation path

This protects both parties. The supplier knows how to work with the company, and the company avoids uncontrolled commitments.

Practical example: weak governance versus strong governance

Imagine a company buying a new logistics service.

Weak governance situation

  • Operations contacts a supplier directly.
  • The supplier sends an offer.
  • The operations manager likes the supplier and asks procurement to “just create the PO.”
  • Legal is involved late.
  • Finance has not checked the full cost.
  • IT has not reviewed system integration.
  • Sustainability requirements are missing.
  • No one has defined KPIs.
  • The contract is signed quickly.
  • After implementation, service levels are unclear and invoice disputes begin.

This is not only a sourcing mistake. It is a governance failure.

Strong governance situation

  • Operations defines the need with procurement.
  • Procurement confirms spend, risk, and sourcing route.
  • A sourcing strategy is approved.
  • Legal, finance, IT, quality, and sustainability are consulted before RFQ release.
  • Suppliers receive the same information.
  • Evaluation criteria are agreed in advance.
  • Supplier selection is documented.
  • Contract deviations are approved before signature.
  • Implementation responsibilities are clear.
  • KPIs and supplier review meetings are agreed before go-live.

This is governance working as intended.

The result is not only compliance. The result is better decision quality.

How this connects to the procurement management role

For a Procurement Manager or CPO, procurement governance is one of the core responsibilities.

The CPO should not personally approve every purchase or solve every supplier issue. Instead, the CPO should design the system that makes good procurement behavior repeatable.

This includes:

  • Defining the procurement policy
  • Designing the sourcing and supplier management processes
  • Setting approval levels and decision gates
  • Assigning roles and responsibilities
  • Defining supplier interface rules
  • Ensuring procurement systems support the process
  • Monitoring compliance and performance
  • Training buyers and stakeholders
  • Escalating major risks
  • Building a culture of ethical and professional buying

The CPO is responsible for making procurement governable.

That means procurement must be structured enough to control risk, but practical enough for the business to use.

Common mistakes in procurement governance

Mistake 1: Thinking governance is only a policy document

A policy is important, but governance also needs process, roles, systems, leadership, and culture.

Mistake 2: Making governance too bureaucratic

If governance is too slow, people will bypass it. Good governance should match the risk and value of the purchase.

Low-risk buying needs simple governance.
High-risk buying needs stronger governance.

Mistake 3: Forgetting the business stakeholders

Procurement cannot govern buying alone. Stakeholders own needs, specifications, budgets, and operational outcomes. Governance must include them.

Mistake 4: Having unclear decision rights

Many procurement problems come from unclear authority.

Who can select the supplier?
Who can approve a single-source decision?
Who can sign the contract?
Who can accept risk?
Who can change scope?

If this is unclear, governance will fail.

Mistake 5: Managing suppliers through too many uncoordinated interfaces

Suppliers often receive conflicting instructions from different parts of the company. Supplier governance should define communication, escalation, commercial authority, and relationship ownership.

Mistake 6: Treating culture as separate from governance

Culture decides whether people follow governance when nobody is watching.

A basic procurement governance checklist for CPOs

A CPO or Procurement Manager can start with these questions:

  • Do we have a procurement policy that people understand?
  • Do we have clear approval limits?
  • Do we have a sourcing process with decision gates?
  • Do we have a supplier onboarding process?
  • Do we have a contract approval process?
  • Do we have a RACI for sourcing and supplier management?
  • Do we know who owns each strategic supplier relationship?
  • Do we have rules for single-source decisions?
  • Do we have rules for conflicts of interest, gifts, and hospitality?
  • Do we track supplier performance for critical suppliers?
  • Do we document procurement decisions well enough for audit?
  • Do business stakeholders understand when procurement must be involved?
  • Do leaders support the process when there is pressure to move fast?

If the answer is no to many of these questions, the procurement function may still work — but it is not yet well governed.

The natural related LHTS course is The True Role of Procurement.

This course helps procurement professionals and business leaders understand how procurement decisions influence customer value, competitiveness, cost, quality, agility, cash flow, sustainability, risk, and overall company performance. It is a Basic-level course for the Manager role and is therefore a good next step after learning the basics of procurement governance. 

FAQ

What is procurement governance?

Procurement governance is the system of principles, processes, roles, decision rights, controls, documents, and behaviors that guide how an organization buys goods and services and manages suppliers.

Why is procurement governance important?

Procurement governance helps the company make controlled, ethical, transparent, and value-adding supplier decisions. It reduces risk, prevents unclear accountability, supports fair supplier treatment, and improves decision quality.

Is procurement governance only the responsibility of procurement?

No. Procurement normally designs and manages the governance model, but business stakeholders, finance, legal, quality, sustainability, IT, and management must also follow it. Procurement governance controls how the company buys, not only how the procurement department works.

What are procurement decision gates?

Procurement decision gates are formal checkpoints in the procurement process. They help the company confirm that the right information, approvals, risk reviews, and stakeholder inputs are in place before moving to the next step.

What is a procurement RACI?

A procurement RACI defines who is Responsible, Accountable, Consulted, and Informed for procurement activities and decisions. It is useful in sourcing, contract approval, supplier onboarding, supplier management, and escalation.

What documents are needed for procurement governance?

Common documents include procurement policy, delegation of authority, sourcing procedure, supplier onboarding procedure, contract approval procedure, supplier code of conduct, conflict of interest policy, gifts and hospitality policy, supplier management procedure, and exception approval rules.

How does culture affect procurement governance?

Culture determines whether people follow the governance model in real life. If managers bypass procurement, buyers avoid difficult conversations, or stakeholders make supplier promises without authority, governance will fail even if the documents are well written.

Conclusion

Procurement governance is not only a set of principles. It is the operating system for how the company makes supplier-related decisions.

For a Procurement Manager or CPO, the task is to translate governance principles into practical mechanisms:

  • Clear processes
  • Decision gates
  • RACI
  • Policies
  • Approval rules
  • Supplier interface models
  • Performance follow-up
  • Ethical behavior
  • A culture that supports professional buying

Good governance should not make procurement slow. It should make procurement reliable.

It should help the company buy faster when the risk is low, think deeper when the risk is high, and make supplier decisions that can be explained, defended, repeated, and improved.

The procurement governance house
The procurement governance house

Related Posts

a buyer in Stockholm being identified having conflict of interest and about to be collected by guards

Conflict of Interest in Procurement: How Buyers Protect Fair Decisions

Procurement decisions must be fair, objective, and based on business value. But what happens if a buyer has a personal relationship with a supplier? What if a procurement manager owns shares in a company participating in a tender? What if a supplier offers gifts, hospitality, or future employment […]
Tags: