procurement
updated 1mo ago
2 facts
1 source
buying-software
Routes a software purchase request through Northwind's procurement gates, including required SOC 2/DPA/SSO checks and the cost-based approval ladder. Use when an employee wants to buy or renew a SaaS tool, when reviewing a vendor proposal, or when checking renewals.
skills/buying-software/SKILL.md
--- name: buying-software description: Routes a software purchase request through Northwind's procurement gates, including required SOC 2/DPA/SSO checks and the cost-based approval ladder. Use when an employee wants to buy or renew a SaaS tool, when reviewing a vendor proposal, or when checking renewals. ---
Buying Software at Northwind
Approval ladder
| Annual cost | Approver |
|---|---|
| < $1,200 | Manager |
| $1,200–$10k | VP of function |
| $10k–$50k | CFO |
| > $50k | CFO + CEO |
Required for ANY purchase
- SOC 2 Type II report on file before signing.
- DPA executed by Legal (Erik Lindqvist).
- Listed in vendor inventory (Vanta).
- SSO via Okta — non-negotiable for tools touching customer data.
Vendor red flags (do not sign)
- No SOC 2 (or "in progress" without auditor letter).
- No SSO available even on enterprise tier.
- Data residency outside US/EU/Canada.
- Subprocessor list not provided.
Renewals
- Vanta sends 90-day notification.
- Default action is NOT auto-renew.
- Procurement reviews renewals > $10k.
Source
Procurement policy — Notion (Priya Shah).