Vendor Management Policy



PURPOSE

The purpose of the Vendor Management Policy is to provide written guidelines surrounding the procurement of third party services and products in accordance with Texcent Asia Pte Ltd’s (the Company) mission, obligations, and ongoing administration of Company functions.

BACKGROUND

The Company utilizes vendors to provide certain services. Vendors include but are not limited to software providers, and data centre colocation providers. The Company utilizes some one-time vendors and some vendor relationships are ongoing. Due diligence, particularly for vendor engagements exceeding $5,000, is necessary to limit the risk of financial loss or reputational harm to the Company. Depending on the size and scope of services or products needed, the procurement of vendors may also include the solicitation of bids, execution of a contract, and down payments.

VENDOR MANAGEMENT POLICIES

Due Diligence

When a significant outlay of the Company’s cash resources is expected to procure services or a product, generally $5,000 or more, due diligence should be undertaken prior to selecting a vendor or product and should be documented. Due diligence may include but is not limited to speaking with the vendor or vendor’s agent, inquiring about vendor’s security practices, reviewing the vendor’s website, reading reviews of the vendor or product, soliciting input from other individuals with experience with the vendor or product, etc. On an annual basis, the Company will obtain and review the SOC report of the 3rd party data centre and document the review in a memo. Contract Execution Contracts, whenever possible, should be forwarded to the CEO prior to execution for review and approval. Time sensitive contracts, where time is not available for CEO review, should be
reviewed by a member of the management team. Contracts in excess of $20,000 shall be considered for review by an attorney. Contracts may only be signed by the CEO or the CEO’s designee. Contracts shall be retained securely.

AREAS OF RESPONSIBILITY

The CEO and Management Committee are responsible for the overall implementation of this policy, processes, and prescribed controls. On an annual basis, the Management Committee will review this policy, revise (if necessary), and submit any material changes in the policy to the The purpose of the Vendor Management Policy is to provide written guidelines surrounding the procurement of third party services and products in accordance with the Company’s mission, obligations, and ongoing administration of Company functions.