Sourcegraph Procurement Policy

AP Policy

Policy Mission Statement

Sourcegraph employees are required to undertake an efficient, timely and cost-effective procurement process while ensuring appropriate levels of diligence and accountability in accordance with the processes outlined in this policy.

Policy Scope

This policy applies to all Sourcegraph teammates, and third party contractors acting on behalf of Sourcegraph. This policy applies to procurements above $5,000 (inclusive of all applicable taxes and charges).

Policy Objectives

The objectives of the Sourcegraph Procurement policy are as follows:

  • Supporting Sourcegraph personnel in undertaking efficient, timely and cost-effective procurement processes
  • Maximizing value for Sourcegraph
  • Ensuring ownership, accountability and transparency in expenditure
  • Ensuring appropriate levels of diligence is performed prior to expenditure
  • Ensuring that the procurement process and level of effort is commensurate with the nature and value of the procurement
  • Ensuring documents utilized during the simple procurement process use clear, simple and easy to understand language

Procurement Process

The procurement process should be considered in three stages:

a. Evaluation stage

b. Go-to-market stage

c. Contract execution

Evaluation stage

Best practice procurement processes should commence with the following steps:

  • defining the requirement (e.g. quantity, quality, delivery, timing)
  • assessing other strategies such as utilizing existing period contract arrangements
  • obtaining financial & Legal approval
  • obtaining Security approval to assess vendor risk, perform due diligence and be in line with our Third-party Management Policy
Approval Levels

The table below presents the approval levels required for expenditure, based on $ amounts. Amounts below are in US dollars, inclusive of all taxes and charges..

Amount (Annual Equivalent)Approval RequiredRecommend Method of Payment
$0–$10,000Direct ManagerAirbase
$10,000 – $50,000Direct Manager, Department Head, FP&AAirbase
$50,000 or greaterDirect Manager, Department Head, FP&A, VP of OperationsAirbase
Purchase Order Process

For procurement that exceeds the equivalent of 5,000 USD, a Purchase Order (PO) will be required in Airbase. Please attach the quote, estimate, or contractual draft to the PO prior to finalizing an agreement. The Finance team can be reached via or the #finance Slack channel. For contract review, see the Contractual Execution section below.

POs are not required for our FT international teammates, but will be required for any temporary contractors.

PO Steps

  1. Obtain quote or estimate from vendor
  2. Create PO to align with quote or estimate (dates for PO should match the service dates, amount should be for the entirety of the service or goods)
  3. PO goes through approvals
  4. When PO is fully approved, contract can be signed
  5. Vendor invoices and accounting applies the invoice(s) against the PO.

You can find screen shot and a more indepth explanation here

Go-to-market Stage

Best practice guidelines relating to the go-to-market stage of procurement includes:

  • identifying how to approach the market and engage in negotiations
  • determining the number of quotes to obtain
  • determining the selection/evaluation process
  • engaging in commercial negotiations with chosen supplier
Request for Quotes Process

Sourcegraph employees must request competitive quotes, in writing, as far as practicable, as presented in table 2 below.

Spend (Annual Equivalent)Quotes
$50,000 or greater3

The number of quotes sought can be restricted to less than the required number if there are legitimate reasons for limiting the number of suppliers. Such reasons might include:

  • only a limited number of suppliers with the capability, experience and suitability to meet the procurement requirement
  • the need for compatibility with existing equipment or services
  • absence of competition due to technical reasons (e.g. exclusivity, proprietary information)
  • the cost of changeover is prohibitive
  • an unsolicited proposal with very advantageous conditions and appropriate approval
  • time sensitive

The justification for limiting the number of suppliers must be communicated via email to

Sourcegraph employees should also inquire as to whether customer references / testimonials are available for items of expenditure greater than $10,000.

NDAs (Vendors)

The best practice is to share and sign our NDA with every vendor when you begin conversations and before you disclose confidential business information. Once you have a fully signed NDA, save a copy in our NDA folder as Vendor Name-NDA-Year-Month-Day. For NDA signatory authority, see our contract review and signature authority policy.

Is a DPA required?

If the vendor will receive any personal data from us, ask for the vendor’s DPA. Personal data includes any teammate personal data (including account login email/pw, addresses, DOB, etc.) and any customer content (such as sourcecode metadata, which contains usernames and emails). If the vendor is a SaaS solution, then yes, we need a DPA.

What if the vendor asks us to provide a DPA?

We prefer to use the vendor’s DPA, as it will be more applicable to the way they process and secure personal data. However, Sourcegraph does have a template for vendors that do not have their own.

You can let the vendor know:

Given that you will process personal data, we will require a data processing agreement (DPA). A DPA should include your organization’s technical & organizational security measures reflecting how you protect the personal data you receive from us. If you don’t have one, will you reach out to your law firm to get one?

Commercial Negotiations

The table below highlights different commercial terms of a procurement negotiation, in order of importance to Sourcegraph. Buyers are encouraged to consult with the Finance team if they require support during commercial negotiations with suppliers.

AreaSourcegraph Procurement Policy Considerations
PriceNew contracts: Requesting quotes / pricing
- Communicate that we are requesting quotes from other suppliers and considering the supplier with the best pricing / fit for our needs
- Can we obtain a new customer discount for the first year?

New contracts: One-time vs recurring fees
- Best practice is to negotiate discounts on the recurring cost as that will generate greater savings for Sourcegraph over a 2/3 year period.
- If we can not negotiate better pricing on recurring fees, can we ask to have setup fees /on-board Sourcegraph fees waived?

- What is the % increase from prior year and what justifies this increase?
- Were there any service issues in the prior year? If so, we should communicate to the vendor and explain such issues warrant a discount for renewal period.
- If the supplier explains price increases are due to new features, we should consider if we are using these features? If not, we should ask the vendor why we need to pay for these features?
- Are we at Sourcegraph adding more volume? If so, is there a discount for every new user added? What is the trend of the cost per unit compared to last year?
Value- If we cannot negotiate better pricing, can we negotiate to receive additional services for the same price (i.e., achieve better value)? For example, could we ask for extra training days for free or a one/ two/ three month free period at the end of the term?
- For vendors with engineering teams, would the vendor contact be willing to connect our sales team for a product demonstration?
Negotiation Tactics- Check if any Sourcegraph teammates know people at the vendor company that they can connect us with (i.e. LinkedIn connections)
- For larger items of spend it may be worth scheduling a face-to-face meeting with the supplier.
- Partnering – if we provide a customer testimonial / case study, could it result in better pricing?
Payment terms- Our standard payment terms are net 30. Can we negotiate longer payment terms (for example 60 days) or a discount if we pay invoices early (for example 5% discount if we pay within 10 days)?

Contractual Execution

Contract Management

Supplier contracts must be reviewed and approved by Sourcegraph Legal team prior to signing in accordance with our legal team’s contract review policy. Designated buyers should submit a brief summary of key commercial terms (term, price, auto renewal, etc.) to legal along with the contract for signing.

Contract management should include:

  • Ensuring contracts are reviewed by appropriate personnel to assess legal and commercial impact.
  • Ensuring roles and responsibilities for managing the contract have been identified and understood by the relevant parties
  • Ensuring the contract is effectively implemented and that the supplier delivers the requirements of the contract
  • Addressing any issues that arise during the contract term
  • Ensuring the key terms (price, term, owner) are stored in the contract register (discussed below)
  • Processing invoices for payment on a timely basis in line with agreed provisions in the contract
Supplier Folder & Vendr

Once a vendor agreement is signed, please create a new folder for the vendor in the Suppliers drive and upload the agreement.

For SaaS vendor contracts greater than $5,000, we utilize Vendr as a contract management tool. Please refer to our Vendr guide which covers topics including: background, platform offerings, how-to-steps, etc. For any questions on Vendr, please reach out to TechOps via email ( or Slack (#it-tech-ops).

Furthermore, the Sourcegraph Finance department will maintain a contract register to record expenditures valued at greater than $10,000 (annualized amount).

Logo Rights or Case Study

Must be approved by the business champion and marketing.

Contract Renewals

For SaaS vendor contracts greater than $5,000, we utilize Vendr as a renewal management tool. For all other contracts, designated buyers (employees who are responsible for the spend) should monitor contract end dates or renewal dates to ensure that:

  • Renegotiations can commence in a timely manner, in advance of cessation or renewal
  • Sourcegraph employees can go to market to request additional quotes from alternative suppliers (if required)
  • If desired, that a vendor / contractor can be terminated by Sourcegraph allowing for any required notice period
New Supplier Form

Once the contract is agreed, if this is the first time Sourcegraph has used this supplier, the designated buyer should request the supplier to complete a new supplier form if required. Refer to Sourcegraph New Supplier form.

Hourly-Based Contract Threshold

For hourly-based contracts, such as with a third-party contractor, please notify the Finance team when billing exceeds $5,000 in a given month.

Managing Conflicts of Interest

Any actual, potential or perceived conflict of interest that has the potential to unfairly affect or influence the proper outcome of the procurement process, must be identified and documented in the purchase order requisition.