Quick Summary
Instead of focusing on everything, strata managers need to ask these 7 questions at each stage, starting before approval through payment and evaluation.
- Can they do this safely and legally?
- Are job-specific pre-reqs in place?
- Is the person at the door the person we approved?
- Are controls still valid as conditions change?
- What to ask at completion: Did we get what we paid for?
- Is the bill correct, authorised and within agreed limits?
- Should we keep, coach or replace?
If you manage strata schemes, you already juggle urgent make-safes, routine maintenance, committee expectations and a building full of people who just want things fixed, safely and fast. That’s exactly where Vendor Risks in Business creep in: the wrong licence, a missing permit, a swapped worker at the door, or an invoice that doesn’t match the scope. The usual reaction is to collect more paperwork. But more forms don’t automatically mean fewer incidents or cleaner audits.
Instead of “collect everything,” we’ll anchor your process around seven high-risk moments in a job’s lifecycle. For each moment, you’ll set a clear decision rule, add just enough automation to make the rule effortless, and save the right evidence without bogging down the job.
Why this approach works for strata
Strata is not like a typical office facility environment. Common property means shared liability. Residents can be on the other side of a door while a grinder, welder or high-voltage panel is in play. You might approve a contractor at 9 am and have them on-site at 10 am. Committees want quick update,s and auditors want a clean trail. That’s a lot to manage. The “seven decision rules” approach reduces noise and narrows your attention to the moments that matter most. The result: jobs stay safe, approvals stay quick, and audits stay calm.
1. What to ask before approval: Can they do this safely and legally?
You’re engaging a high-risk trade (electrical at height, roof access, lifts, fire systems) or a vendor who’ll be relied on for emergencies.
Approve the vendor only if their trade licence matches the scope, insurance limits match the building’s risk, and references confirm similar work. No grey zones. Either they meet the bar, or they don’t.
How to decide if a vendor is legit?
- Build simple risk tiers per trade. Tie the minimum evidence to each tier so you’re not chasing documents you don’t need.
- Use auto-expiry controls so bookings cannot be raised if insurance or licences are out of date.
- Run quick checks: ABN/ACN entity, licence registry lookup, and at least two like-for-like references.
What supplier evidence should you keep?
Licence lookup screenshot, Certificate of Currency, reference notes, and a short log explaining the risk tier and approval date.
2. What to ask before attendance: Are job-specific pre-reqs in place?
There is a lot of work that can trigger specific hazards: hot works, roof access, confined space, asbestos, live electrics, or impact fire safety systems.
Ensure no booking unless the job-specific SWMS (Safe Work Method Statement) and any required permits are attached to the work order. If it’s not attached, it’s not scheduled.
How to decide if prerequisites are in place?
- Add mandatory fields to your booking workflow: SWMS file, permit type and number, named supervisor, and a checkbox confirming site induction requirements.
- Use timed reminders (48/12 hours before attendance) that prompt the vendor to reconfirm the plan and upload any missing permits.
- Provide a short pre-attendance brief: site hazards, noise windows, access instructions, emergency contacts and required PPE, so the crew turns up prepared.
What supplier evidence should you keep?
Current SWMS with job reference, permit IDs, named supervisor acknowledgement and your pre-attendance brief.
3. What to ask at site entry: Is the person at the door the person we approved?
Contractors rotate staff or use subs, labour hire fills gaps, and after-hours attendance is common.
Grant entry only when the arriving worker passes a digital site induction and matches the approved roster/ID. Friendly gatekeeping saves you from “We sent someone else, same company!” surprises.
How to decide if the vendor on site is the same one you approved?
- Use QR check-in that captures name, photo and time, and compares it to the roster you approved.
- Make the induction pass time-bound, and keep it short: hazards, building rules, emergency contacts and where not to park.
- Geo-fence the check-in so remote “ghost entries” aren’t possible.
What supplier evidence should you keep?
Time-stamped check-in with photo, induction certificate, and site entry record. If the person doesn’t match, they don’t proceed. Simple.
4. What to ask during work: Are controls still valid as conditions change?
Weather turns, access shifts, a resident enters the area, or plant isolation status changes. The neat SWMS that looked fine at 7 am may not be right at 10 am.
You need to pause if hazards change and the current SWMS no longer fits. Make sure work resumes only after a quick change note is recorded, and a supervisor re-signs the method.
How to decide whether the controls are still valid?
- Trigger a mid-job prompt asking if any changes are needed. If yes, open a tiny form to capture the update.
- Require a photo checkpoint where practical (guardrails, isolations, signage) so you can quickly verify the controls match the plan.
- Make escalation painless: a one-tap call to the building manager or strata manager if uncertainty arises.
What supplier evidence should you keep?
The change note, updated SWMS step, and photos. Avoid resident data in images; frame shots to exclude names, mailboxes or number plates.
5. What to ask at completion: Did we get what we paid for?
Hidden defects, incomplete commissioning, or “we’ll send the report later” delays can cost you more than you would like. Without evidence, there is no way to know.
How to decide if work is completed as promised?
- Build a close-out checklist per job type: lifts, roofs, pumps, fire panels, gates. Keep it short and specific; don’t ask a gardener for a pump curve.
- Block invoice upload until the close-out checklist is complete. No proof, no invoice; removes awkward back-and-forth later.
- Generate a brief completion summary that you can share with the committee: what was found, what was fixed, and what still needs attention.
What supplier evidence should you keep?
Before/after photos, test sheets or logs, commissioning certificates, and a simple “lessons learned” note for recurring issues.
6. What to ask when it's Invoice time: Is the bill correct, authorised and within agreed limits?
A lot of things can go wrong. Duplicate invoices after storms, scope creep from “just one more thing,” and mismatches between quote, purchase order and final bill.
The key is to pay only when PO = Quote = Invoice within your variance cap. Any deviation requires written pre-approval, tied to the job.
How to decide if the invoice is correct?
- Enforce PO-only purchasing for all but genuine life-safety make-safes, and even then, raise a PO within 24 hours.
- Use duplicate detection to catch resubmitted bills or subtle changes.
- Keep rate cards by trade and time of service (business hours, after-hours, weekend) so you can spot anomalies without a spreadsheet marathon.
What supplier evidence should you keep:
Keep the approved quote, purchase order, variation approvals, and the final invoice. Everything must have an audit trail showing who approved it and when.
7. What to ask at renewal or switch: Should we keep, coach or replace?
Rising callbacks, missed renewals, incident reports, or poor communication are some signs you cannot ignore. Similarly, some vendors excel and deserve continuity.
Renew the vendor if they meet your KPI floor and have no major incidents. Otherwise, place them on probation with a focused plan, or switch to a pre-qualified backup. The choice should be calm and evidence-led, not emotional.
How to decide whether to keep or switch suppliers?
- Produce quarterly scorecards with a few meaningful metrics: on-time arrival, first-time-fix, incident rate, documentation compliance and invoice exceptions.
- Keep a bench list of pre-qualified backups for critical trades so switching doesn’t stall jobs.
- Prepare a simple handover pack (asset history, key contacts, current open issues) so a new vendor can hit the ground running.
What supplier evidence should you keep?
KPI speak for themselves. Add to it incident summaries and root-cause notes, and you’ll have everything to make the decision when it’s time.
Metrics that actually help
Lots of dashboards look fancy but don’t drive better decisions. For strata, keep it tight:
- Exception rate per decision rule: Are we frequently blocking bookings for missing SWMS? That’s a vendor training issue, or your instructions aren’t clear enough.
- Time-to-approve vs incident rate: If you speed approvals but incidents rise, tighten the rule; if incidents stay flat, you’ve found efficiency without risk.
- First-time-fix and callback rate: Great for spotting trades that need clearer scopes or better diagnostics before attendance.
- Documentation compliance score: Simple percentage of jobs completed with all required proof attached.
- Invoice “straight-through pay” rate: Invoices paid without manual intervention tell you your scopes, POs and rate cards are aligned.
- Bench depth for critical trades: For lifts, roofs, fire, and pumps, do you have at least one pre-qualified backup ready?
Track monthly trends rather than single-week spikes. Share a one-page visual with committees: it builds trust and reduces back-and-forth emails.
Common failure patterns to avoid
Sometimes, small things we overlook cause the biggest mess.
Approving the company, not the person.
Most incidents happen because the individual on site wasn’t the one you vetted. Match faces to rosters at the door.
Treating SWMS as a static document.
Conditions change. Make the “pause and update” step a normal part of high-risk work, not a blame game.
Collecting documents without linking them to scheduling.
A licence that sits in a drive but doesn’t block an expired booking is just wallpaper. Tie documents to the calendar.
Vague scopes that invite scope creep.
Clarity upfront beats haggling later. State inclusions, exclusions, and what counts as a variation, with caps.
No audit trail.
When something goes wrong, “We think we checked” won’t cut it. Keep compact, relevant proof at each decision point.
Single-vendor dependency.
The “hero” contractor who knows everything is also a single point of failure. Build a bench and keep your asset history portable.
Turning Vendor Risk Into a Manageable, Repeatable System
Vendor risk doesn’t disappear with more forms or longer checklists. It disappears when strata managers focus on the seven moments that truly matter. By applying clear decision rules at each stage, from approval to payment to renewal, you reduce surprises, keep buildings safer and keep your committee confident that every job is handled properly. With the right evidence captured along the way, audits become calmer, contractors stay accountable, and your workload becomes far more predictable.
If you’d like these seven decision rules to run in the background rather than live in your head, i4T Maintenance can help. It’s maintenance management software built to give strata managers a single source of truth for vendors, compliance, work orders and documentation, so the right contractors get the right jobs, with the right checks, every time. Book a walkthrough with the i4T Maintenance team and see how you can cut risk, clean up your audit trail and make vendor management far less stressful.
FAQs
Vendor risk is the chance that a contractor causes financial, safety, compliance or quality issues. In strata, this risk is higher because work happens close to residents and on shared property.
Because incidents usually happen at specific moments, not everywhere. Targeting these seven points cuts noise, speeds up approvals and helps you capture only the evidence that actually matters.
Check their licence, insurance, references and risk tier. If any of these don’t meet your minimum standard, they’re not approved, no exceptions.
Don’t allow them to start work. Friendly but firm gatekeeping protects you from liability and ensures only vetted individuals enter the building.
Quarterly is ideal. Use simple scorecards: arrival times, incidents, documentation quality, invoices, to decide whether to keep, coach or replace them.