Vendors Inventory and Attributes

About This Inventory

The Vendors Inventory governs every third-party vendor the enterprise engages — every organization from which the enterprise procures technology products, software licenses, subscriptions, cloud services, professional services, managed services, staffing, data, or any other capability. Each Noun Instance is a single, uniquely identified Vendor with its own Semantic ID, its own legal and commercial identity, its own tier classification, its own risk profile, and its full set of governance attributes. The inventory is the enterprise’s single source of truth for the answer to the question: who are our vendors, what do they provide, how critical are they, and what risks do they introduce?

Document Organization

This document is organized into attribute categories, each forming its own subsection. Each subsection contains one part with an attribute table. The attribute table has three columns: Attribute Name, Maturity, and Description and Notes. The Attribute Name column uses bold black text in Title Case — multi-value attributes append [Multi-Value] below the name. The Maturity column contains one of three values: Crawl (minimum viable attributes without which the inventory cannot function as a governance instrument), Walk (attributes that add the rigor needed for assessment, rationalization, and financial analysis), or Run (attributes that enable advanced analytics, AI-assisted portfolio intelligence, and cross-inventory derivation). The Description and Notes column is structured into labeled subsections: Description, Benefit(s), Source, Examples, and Notes. No attribute in this document is mandatory.

General Governance Principles

For the general inventory governance principles that apply to this inventory — including semantic identifier conventions, data quality standards, owner accountability, lifecycle management, AI-assisted population, and the connection to the Enterprise Model — refer to the IF4IT Enterprise Inventory Management Best Practices document.

Customization

Every attribute in this document is a recommendation — not a mandate. Enterprises are explicitly encouraged to add attributes specific to their context, rename attributes to match their existing vocabulary, adjust valid value sets to match their organizational standards, and sequence Crawl/Walk/Run adoption differently based on their priorities. Three things are discouraged: removing foundational Crawl attributes entirely, since vendor governance consistently fails without them; ignoring the Source designation for Derived attributes; and abandoning the Semantic Identifier convention, since it is the connective tissue that makes cross-inventory traversal possible in the Enterprise Model.

Tooling Guidance

At Crawl maturity, a well-structured shared spreadsheet is a completely acceptable starting point for the Vendors Inventory. A spreadsheet with Crawl-tagged attributes populated for every known vendor is more valuable than a sophisticated vendor management platform with no data in it. At Walk maturity, a dedicated vendor management platform, a GRC (Governance, Risk, and Compliance) tool, a procurement system module, or a lightweight database provides the query, filter, reporting, and monitoring capabilities that spreadsheets cannot scale to. At Run maturity, a vendor management platform integrated with the Enterprise Model through APIs supports automated cross-inventory relationship derivation, continuous risk monitoring, and AI-assisted vendor portfolio analysis. Governance discipline and data quality matter far more than tooling sophistication.

The Enterprise Model

This inventory is a component of the Enterprise Model: every Vendor record, and every attribute of every Vendor record, contributes to the enterprise intelligence platform that connects every IT Management discipline through the typed relationships of the Enterprise Ontology. The Vendors Inventory is the vendor dimension of the Enterprise Model — the layer that connects procurement decisions, technology choices, integration dependencies, and active work to the third-party organizations that supply and support them.

Suggested Baseline

The content of this document — including all attribute categories, attribute definitions, maturity designations, governance guidance, and structural recommendations — represents the IF4IT’s current best thinking for building and governing a Vendors Inventory. Everything presented here is a suggested baseline, not a mandate. No attribute is required. No category is mandatory. No structural pattern is enforced. Enterprises are explicitly encouraged to adapt, extend, and reshape everything in this document to match their specific context, vocabulary, regulatory environment, industry, and organizational maturity. The IF4IT does not guarantee that the attributes and guidance presented here are complete, exhaustive, or applicable to every enterprise in every context. Practitioners are the experts in their own organizations — use this document as a starting point, not a ceiling.