Autonomous IT

Evan Kiely (00:00)
Welcome back to Executive IT, the podcast that gives tech leaders the real talk on how to drive smarter, faster, and more secure decision-making across your organization. I'm your host, Evan Kiely, and today we're diving into a topic that's equal parts urgent and under-discussed: how procurement teams are shaping the future of IT and security, one data-driven decision at a time.

Whether you're trying to tighten security controls, rationalize spend, or simply reduce noise in your tech stack — decisions are being made every single day, and often under pressure. But what happens when those decisions are guided by good data — or worse, when they're not?

Today, we're lucky to be joined by someone who lives at the cross-center of all of this. Please welcome Courtney Adams, a procurement leader who's seen hundreds and hundreds of technology proposal requests come across her desk over the years — and knows better than most what separates a smart investment from a shiny object.

Thanks so much for joining us, Courtney. Before we jump in, anything you wanna share with the listeners?

Courtney Adams (01:11)
Sure! So I'm Courtney Adams. I have been in procurement for tech my entire career, and I'm happy to join you.

Evan Kiely (01:22)
Well, let's jump into it. Let's start at the top then.

Procurement is often seen as a gate, but you're more of a guide, right? In your experience, what's motivating teams right now to seek out new tools, especially in IT and security?

Is it reactive needs, or are people taking proactive steps strategically to get ahead of potential risks?

Courtney Adams (01:47)
I really like to see myself as a solution finder and not a gatekeeper. People usually come to me because they have a pain point, right? And that’s something I’m trying to solve for them.

Whether they’re reactive or proactive generally reflects what stage the company is at.

Startup companies are always going to be reactive. They’re planning in the moment — they’re not always thinking about tomorrow.

As a company matures, they have the ability to take a step back, get out of the weeds, and make longer-term planning decisions.

Evan Kiely (02:28)
Perfectly said.

From your perspective, what constitutes a strong proposal versus a weak one? Is it just the amount of time and forethought that goes into it, or something specific like metrics, clarity on the use case, or executive support pushing the tool?

Courtney Adams (02:49)
What I usually like to see in a proposal is that it's fully fleshed out.

Start with: What am I trying to solve here? What is the problem? What is the pain point? Why are we doing this?

Then move into implementation: How am I going to implement it? How much time will it take to administrate? Do I even have time for this new tool?

You also need to address the cost drivers — over the next six months, year, and three years. How will this scale as the company grows and matures?

Someone who has thought all that through? I’ll jump right in.

Otherwise, we’re pumping the brakes to figure out: Is this a people problem, a process problem, or really a tool problem?

Evan Kiely (03:59)
So when you're moving from the initial pitch to the purchase decision, are there specific data points — beyond cost and time to implement — that are especially relevant for security teams?

Courtney Adams (04:16)
Yeah.

One thing I often see is a vendor comes in and says the tool costs $50,000.

I ask the end user: How did we get to that number?

Often, they haven’t broken down the unit cost.

Understanding how the price is structured helps you forecast how it will change as the company grows and evolves.

Evan Kiely (04:58)
That's specific to the demo process, right? We've all seen polished demos.

What’s your approach or perspective on testing assumptions?

Any advice you give teams to pressure test before signing a contract?

Courtney Adams (05:31)
Absolutely. If a vendor will allow a POV (Proof of Value) or POC (Proof of Concept), I always prefer that route.

Even if there’s extra work, it’s worth validating the KPIs and success criteria — which we should define before starting the POC.

Evan Kiely (06:01)
That’s becoming more common — the “try before you buy” model.

Anytime a vendor doesn’t let you try first, you should be suspicious.

You need to test it in your real environment, with your real data, to ensure it solves the actual pain point.

Courtney Adams (06:31)
Exactly. No vendor should be scared of putting forth a true proof of value.

Evan Kiely (06:36)
Any tips on encouraging hesitant vendors to allow a POV?

How do you position it from a procurement lens?

Courtney Adams (06:56)
I don’t prefer it, but I won’t always rule out a paid POV.

Vendors don’t like out clauses during the term — but that’s something that can be negotiated in.

Evan Kiely (07:13)
Right, it helps mitigate risk.

Committing to a 12-month contract without a POV is risky.

Even a 30- or 60-day paid POV significantly reduces that risk — especially if you can’t access a free trial.

Courtney Adams (07:45)
Yes, absolutely.

Evan Kiely (07:56)
Let’s talk about managing risk while moving fast.

Procurement walks this tightrope — enabling speed while reducing organizational risk.

How do you move fast without cutting corners?

Courtney Adams (08:09)
The most important thing I can do is have my processes buttoned down.

Make sure the process is clear — for the end user and the vendor — so everyone can move at speed.

Clarify what hoops they have to jump through: legal, security, business systems review.

Queue up those teams early.

Also, I remind the business: we move at our pace, not the vendor’s.

Vendors often apply pressure, and end users get agitated, thinking we need to rush. We don’t.

Evan Kiely (09:10)
Exactly. Set expectations with your internal teams and with the vendor.

Don’t skip POVs just to match a vendor’s timeline.

Courtney Adams (09:35)
We live in a world where we can’t cut corners — especially in tech.

The next hacker is out there.

My security and business systems teams need time to ensure we’re fully secure.

When I explain that to stakeholders, they usually understand.

Evan Kiely (10:06)
Moving too fast creates risk — and nobody wants a data breach.

Have you seen good data — from a POV or deep dive — help avoid a bad decision? Or the reverse, where it helped you confidently make the right one?

Courtney Adams (10:52)
Definitely.

One thing I ask business owners to think about: how this tool fits into the entire ecosystem.

What other systems might it integrate with down the road? Can we avoid manual work by planning now?

Also, good data shows if the tool is right for right now.

Sometimes, tools look amazing, but the business isn’t ready.

It’s not the tool’s fault — we’re just not mature enough to get the value out of it yet.

Evan Kiely (12:11)
Yeah, the right tool at the right time.

Before we wrap — any final advice for IT and security folks planning to bring in a new tool?

Courtney Adams (12:14)
Yes.

Before you see the demo, you must understand and document your business requirements.

Too often, those change after the vendor shows off shiny features.

You can’t let them move the goalposts on you.

Evan Kiely (12:57)
Set your goals, set your expectations — you run the process, not the vendor.

Thank you, Courtney. I appreciate the time and all the insights.

Thank you all for listening to this episode of Executive IT.

Next month, we’ll explore balancing experiences for end users and IT — how to deliver seamless results while making your life better behind the scenes.

Thanks, everyone. See you then.