The principle is that by putting the agile teams together, you at least put the barriers up front. By requiring prescriptive legal Ts and Cs and things like unlimited liability, the overall risk to project success is impacted. The chief risk officer would be able to evaluate all of these security requirements, all of these legal requirements, all of these technology specification requirements, and then evaluate that against how many bidders we are actually going to get. If the goal is to get 15, 20, 25 bidders, but we act in this way, we're actually diminishing the number of bidders that we're getting. Oftentimes you'll see RFPs with one, two, and three bidders, and it's in a market space that has 60 or 70 companies operating in it.
Who's evaluating the risk to overall project success against the risk mitigation tools, which are often occurring in silos? Legal is looking at it purely from the legal perspective, security purely from the security perspective, and the tech guys purely from the tech perspective. You need somebody who's looking above and seeing that if we do all of this, nobody will bid. In fact, we have failed RFPs because nobody will bid.