4
Chap-01.qxd 3/1/05 12:29 PM Page 5
Common Terms and Concepts Used in Outsourcing It is very important to do this before we begin to introduce new ideas. This is especially so in this situation as expressions and nomenclature are inadvertently substituted depending on the situation. This section starts by establishing the background and highlights selected terms that are commonly used.
1.2
The practice of outsourcing
Many tasks that were once performed at home are now assumed to be more capably done by an external expert or an outside party. After all, where does one go to in order to mend one’s shoes but to a cobbler; or to a clothes retailer/tailor to buy a dress; or to a barber to have one’s hair cut? We now find it simply more convenient and cost-effective, and less risky, to get the products and services we need from someone who ‘does it for a living’. In these situations, the risks are so minuscule that they are often not considered at all. Outsourcing of the IT function, conversely, can involve multifaceted risks and the management of a very complex set of processes, a mix of technology products and a highly trained group of people. It also involves medium- to long-term planning and a business strategy for a function that is vital for the optimal performance of the many component parts of a typical organization.
Commercially, the notion of outsourcing has also been an accepted practice for organizations such as those in the manufacturing industry. Manufacturers who practise outsourcing may choose to use third-party suppliers to provide a substantial number of components (nearly finished products) to be assembled. An example is the multinational computer manufacturer and retailer, Dell Corporation. Dell successfully assembles hardware components for its personal computers (PCs) for retail.
This ensures that its PCs are often more price competitive than those of many other manufacturers. Dell purchases hard drives, monitors, memory sticks and CPUs from original equipment manufacturers (OEMs) or suppliers that manufacture and then supply the finished products to similar organizations. By sourcing the bulk of its manufacturing activity, Dell is able to secure deals that ensure better quality, on-time delivery and a more cost-effective supply chain. In this outsourcing model, products are purchased from an external party in addition to services that are provided outwith Dell. The risks of poor quality, lack of timeliness and variable cost of products become measurement criteria that Dell uses for its suppliers. This way, the outcomes of 5
Chap-01.qxd 3/1/05 12:29 PM Page 6
Managing the Risks of IT Outsourcing
the outsourcing arrangement include products and services that are almost guaranteed to be of a minimum acceptable quality.
The experience with outsourcing is, most typically, for routine activity. There are many examples, however, where strategic outsourcing is used for ‘high value’ activity including the development and maintenance of cutting edge technology within very successful organizations. Outsourcing includes the delivery of products where the outcomes are goods that are of a minimum acceptable quality. Outsourcing also extends to services where the outcomes include key performance indicators (KPIs), which are measurable based on a set of predetermined criteria. In the outsourcing of product components the value is measured by the quality of the tangible goods over a period of time. Service delivery though, is often measured through a ‘moment of value’. It is only during the encounter (or moment of value) between the service provider and the buyer that value is perceived.
Outsourcing is loosely defined as the use of a third party to perform tasks normally performed independently (within the organization). This idea is not new. In fact, the combination of outside expertise and internal resourcing to perform selected tasks is commonly used and has been around for a very long time. The regular use of outsourcing for the IT function, on the other hand, is a development that is relatively recent and that is in line with the use and commoditization of selected IT components over the past few decades.
Value provided in an IT outsourcing situation is generally not available until both the supplier and buyer are interacting; where the quality is subjective and quite difficult to measure fairly. The definition and subsequent measurement of value from the provision of services in the IT function therefore need to be agreed and determined via specific measurement criteria such as system downtime, transaction response times, help-desk support and other functions that support the IT function to deliver its contribution to the organizational processes. This becomes a risk factor when organizations have inadequate resources and are unprepared to measure the delivery of the supplier’s services in this way. Suppliers, on the other hand, often take advantage of this inadequacy by reducing the level of service and accept some of the uneven trade in exchange for the increased possibility of unwanted events (risks) such as the delivery of unsatisfactory results for larger profit. This, however, jeopardizes both the supplier and the buyer as both parties are now confronted by higher risk exposure!
6
Chap-01.qxd 3/1/05 12:29 PM Page 7
Common Terms and Concepts Used in Outsourcing 1.3
Agreeing the definition of outsourcing
The definition of outsourcing is no longer as straightforward as before. Each scenario carries unique flavours and nuances.
Again, the formal definition of outsourcing is an activity where the supplier provides for the delivery of goods and/or services that would previously have been offered in-house by the buyer organization in a predetermined agreement (Elfing and Baven, 1994; Domberger, 1998). This definition implies also that outsourcing involves a buyer and supplier, where the supplier takes over a selected portion or a whole organizational function for the buyer under a set of agreed conditions.
Variations in the outsourcing process model have been presented.
Further, more obvious differences in the approach become very apparent when new words or adjectives are used as modifiers of the word ‘outsourcing’ to convey subtle differences in meaning.
The term outsourcing can be accompanied by adjectives such as
‘selective’, ‘strategic’ and ‘competitive’. In addition, the function being outsourced often acts as a further descriptor of ‘outsourcing’. Common examples include payroll outsourcing, IT outsourcing and sales force outsourcing. Other terms that have been used synonymously with outsourcing include terms such as out-tasking and contracting. To establish differences in process models, terms like insourcing and cosourcing have been recognized.
Further differences in definition and scope are highlighted to show the intensity of use of IT outsourcing in various settings and for a variety of purposes. In each case, the implications of risks that are noticed changes. Each change needs to be managed individually.
An important difference in the definition of outsourcing needs to be emphasized and appreciated in order to continue with the risks in this environment. This lies in the ability to distinguish process ownership from outcomes control. Early thinking defined outsourcing quite broadly, as allowing external groups to manage an organization’s operations. At that time, there was no need to maintain expertise and capabilities internally where these could be obtained from a better source.
Outsourced functions can span multiple departments, units and project locations. Large outsourcing projects link the outsourced operation to other business processes in rich and often penetrat-ing ways. This means that activities within the IT function that encompass other functions within the organization like 7
Chap-01.qxd 3/1/05 12:29 PM Page 8
Managing the Risks of IT Outsourcing
manufacturing, design and procurement can also be covered.
Metrics and incentives for the supplier become the focus of the buyer organization; measurement for reward and penalty is covered in its governance activities. The routine tasks of managing the processes within the IT function have been removed; the need for flexibility adds to this complexity. The supplier now needs to be assessed, rewarded for success or penalized for failure against this baseline.
Most organizations outsource primarily to save on overheads costs and/or induce short-term cost savings. Others do so simply because no expertise in IT exists in the organization. ‘Internal’
operations and administrative functions that were previously done within the organization are done outside it in outsourcing arrangements. The prevalence of IT services and their use in many organizations whose main business activity is not IT, catalysed the use of outsourcing. Supplier(s) emerged and offered benefits that the organization’s internal IT organization was not able to deliver.
The definition and understanding of outsourcing in different settings, therefore, have different emphases. The emphasis on the shift in responsibility could be assumed but this point was not as clearly articulated in earlier research as in that in the later half of the 1990s. Many earlier models of outsourcing emphasized the use of an external party but there was little to describe the responsibility structures or governance of the supplier organizations. A significant portion of the literature mentions the risks involved, along with the benefits and costs; but there is insufficient detail in our understanding to describe the nature of the risks or methods used to mitigate these risks. The nature of risks that arise between the buyer and supplier when the operational functions are either contracted or outsourced is not well documented in the literature. In most of the definitions, ITO