Procurement Playbook Skill

When to Use

• Enterprise deals entering security/privacy review or contract negotiation.

• RFP/RFI responses requiring coordinated SME input.

• Situations with heavy exception requests, custom terms, or compliance evidence.

Framework

• Requirement Intake – capture questionnaires, policy docs, and mandatory deliverables.

• Workstream Mapping – assign internal SMEs (legal, security, privacy, finance) with timelines.

• Evidence Library – maintain templates for SOC2, penetration tests, insurance, data flows, DPIA.

• Exception Management – document asks, approvals, fallback positions, and decision owners.

• Closeout – log final concessions, expirations, and follow-up obligations.

Templates

• Procurement workback plan (deliverable, owner, due date, status).

• Security questionnaire index with sourcing notes.

• Exception request log with approval layers.

Tips

• Keep source-of-truth links updated; expired certifications stall reviews.

• Coordinate with cxo-briefing-kit for executive escalations.

• Pair with risk-register to surface procurement blockers early.