Ian Tho – Managing the Risks of IT Outsourcing

6

Supplier 1

Supplier 2

5

Strategic

Financial

Buyer

4

‘Acceptable’

3

2

1

Informational

0

Legal

Environmental

Operational

Business

Point #1

Technical

Supplier 1

6

Supplier 2

5

Financial

Buyer

Strategic

4

Acceptable risk

3

2

1

Informational

0

Legal

Operational

Environmental

Business

Point #2

Figure 8.5

Buyer and suppliers’ RDS data at point #1 (prior to the selection of the supplier) and at point #2 (after the supplier had been selected and the ITO exercise commenced) 185

Chap-08.qxd 3/1/05 12:34 PM Page 186

Managing the Risks of IT Outsourcing

the levels of legal risk exposure (along the legal risks dimension) for both suppliers S1 and S2 are very low and below the acceptable threshold for both organizations. The buyer organization, however, was experiencing unacceptable levels of legal risks as it was exposed to significantly more experience from the suppliers, who could potentially take advantage of the ‘deal’.

For all three participants in the ITO exercise, the risk profiles at the time prior to the selection of the supplier organization, that is below point #1, are discussed in turn.

RDS for supplier S1

The unique feature about supplier S1 was that it had previously worked very closely with the buyer organization. S1 was the main supplier of IT equipment and services for the buyer organization and even had multiple outstanding contracting agreements with it to supply labour, parts and support services for the mainframes and computer equipment. Supplier S1’s existing knowledge of the buyer gave it an unfair advantage over the other supplier organizations. Its risk in bidding for the outsourced exercise was expected to be lower given its existing knowledge of the operations.

The opposite is observed in Figure 8.5. Risk exposure scored high for all the risk dimensions except for strategic and legal.

This was possibly because the supplier had prior knowledge of pending issues, including severe technical problem areas it would encounter when taking over the operations from the buyer organization (see the introduction to the case study outlining some of the problems facing the buyer organization). The noticeably high risk exposure (in both S1 RDS profiles) along the financial risk dimension also provides a clue as to S1’s judgement on the propensity to make a financial loss from this exercise.

Coincidentally, S1 had proposed a preliminary approach to divide outsourcing activities into two phases. Phase 1 would allow the supplier time to conduct appropriate audit and assessment of the environment before proposing a final outsourcing solution. Phase II would then be the actual outsourcing exercise. This may be construed as a clever strategy by S1 to mitigate its operational, informational and technical risks. It turned out that the proposal would impose unacceptable business and operational risk on the buyer organization as the final supplier would have been selected and the bargaining power would have been diffused significantly.

186

Chap-08.qxd 3/1/05 12:34 PM Page 187

A Case Study – ITO Risks

To maintain a fair and unbiased process, the buyer organization had already carried an element of business and legal risk given its industry position nationally and degree of risk imposed by the Government. This also placed some stress on S1, which is conspicuous in the high risk exposure in the environmental risk dimension in Figure 8.5.

In addition, other environmental risks were very high. The reasons for this are not discernible from the RDS illustration in Figure 8.5, given the uncertainty in the domestic environment (as discussed earlier) as well as in the industrial sector with the onset of global terrorist activity (at the time of the case study in 2002), the regional SARS epidemic in 2003 and regional instability (in 2003/2004). This also affected business and operational risks. Some of the operational risks, however, were mitigated through the use of new equipment, better use of existing personnel and stringent checking procedures.

The relationship between S1 and existing local providers was also another risk factor. As S1 was an American organization, the risk was that it would have an insufficient track record with local vendors to attract local assistance should this be required7.

For example, if the buyer organization had to work with a local transport organization that did not have a working relationship with S1, then this would place increased and undue pressure on the logistics of the buyer organization. This risk is environmental, and would have been unacceptable to the buyer organization and also to the supplier. Given the role of the buyer organization and its relationship with the Government, concerns over not being seen to be loyal to national interests by working with an organization located overseas also created risk in the environmental risks area, especially at a time when the threat of terrorist activity was high. The buyer organization had close links with the Government and it would have been politically incorrect to be seen as having little interest in the domestic scene. The risk exposure along the strategic risk dimensions was within acceptable limits. Again, this could be construed as a ‘good account’ for S1 as it would increase its market share in the outsourcing market in the country.

The supplier was to assume a position as a prime contractor and in this role it would be managing relationships with other 7 Many IT components can be sourced locally, i.e. within the country; and local relationships would mean that the components could have been sourced at favourable rates and conditions

187

Chap-08.qxd 3/1/05 12:34 PM Page 188

Managing the Risks of IT Outsourcing

suppliers. S1 was a very large multinational IT organization. In this capacity, and in its ability to source for other suppliers, it was superior to many other organizations in the country.

Noticeably, its technical risk exposure was within the bounds of what was considered acceptable.

S1 had a large legal team reviewing the contracts. Legal agreements and contracts bind the prime contractor with the buyer of outsourcing services. Other legal agreements and contracts bind the prime contractor with other contractors in back-to-back delivery promises. Penalty clauses would apply the appropriate pressure on the suppliers to comply. The RDS showed that risk exposure along the legal risks dimension was very low.

RDS for supplier S2

The RDS for supplier S2 was derived using a program similar to the one conducted for supplier S1, illustrated in Figure 8.5. In Figure 8.6, the RDSs for both S1 and S2 are illustrated simultaneously to allow a comparison between the two suppliers at the same point in time during the ITO exercise. Both the suppliers were competing for the same work.

Technical

S1 Risk exposure

6

S2 Risk exposure

5

Acceptable risk

Strategic

Financial

4

3

2

1

Informational

0

Legal

Figure 8.6

Suppliers’ RDS data

comparison at point

Operational

Environmental

#1 (similar to

Figure 8.5 except

Business

that the buyer RDS

has been removed

for clarity)

The information from S2 is also unique. Although the RDS was constructed from interviews with six representatives from supplier S2 along with the supplier response to Request for Proposal (RFP) document, unlike S1, the people interviewed for S2 were not from the country (i.e. they flew into the country for 188

Chap-08.qxd 3/1/05 12:34 PM Page 189

A Case Study – ITO Risks

this assignment only). This meant that their background knowledge of the buyer organization and working knowledge was obtained through literature and briefings from their local representatives. They would not have had the same working knowledge of the buyer environment and advantages as would the people from S1.

Like the RDS for S1, that for S2 indicated how the supplier would perceive the risk to the buyer organization. In this case, S2 had a fresh view of the buyer organization and did not have prior knowledge of the IT environment. It was not aware of the complexities or details of the troubles the buyer organization was experiencing. And it did not have the time or the resources to familiarize itself with the buyer organization’s IT operations.

(Over a 2-month period, the buyer organization had disseminated as much information as possible via briefing sessions and via multiple ‘Question and Answer’ sessions to provide information for both suppliers prior to the negotiations.) Both the RDSs for S1 and S2 are compared on similar bases in Figure 8.6. On examination, the basic patterns for both signatures (RDSs) were seen to be fairly similar. This similarity in the signatures suggests that the perception of risk by both the suppliers was also fairly similar. This also implies that the information sessions that the buyer organization had conducted may have provided sufficient information to allow both the suppliers to have almost equal perception of the outsourcing exercise. In this case, a bias toward S1 by way of information and perception may have been minimized through extensive conversations with the supplier representatives during the exercise.

The risks in the operational, business, environmental, informational and strategic risk dimensions were almost the same for the two suppliers. Assuming that the suppliers S1 and S2 had no inherent advantage, this observation suggests validation of an earlier proposition wherein the relationship between the risk exposure and both internal and external influences on the two suppliers was consistent. The risks along the dimensions just mentioned were influenced by external factors.

Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48

Leave a Reply 0

Your email address will not be published. Required fields are marked *