IT sourcing

IT Sourcing is the out-sourcing of IT Services from an organisation to an external 3rd-party and determines where an organisations ICT (Information Communication Technology) components are obtained, managed and operated. IT Sourcing allows an organisation to deliver the best level of support for their business requirements in the most cost-effective way. Sourcing an Organisation’ IT services is often made in the interest of lowering costs and making a more efficient use of labour, capital, technology, resources and knowledge.

For Many organisations IT Sourcing allows the organisation better access to skills and expertise that are not available from within the organisation itself. Sourcing IT also allows for much greater flexibility to allow organisations ICT practises to meet changing business requirements and needs. Some organisations may choose to outsource their IT to free up resources to allow for a much greater focus on their strategic and business goals or to free up expenses by sourcing cheaper IT services from outside of the organisation.

Growth of IT sourcing

IT sourcing has grown immensely as an industry over the last 10 years. Worldwide, spending on IT sourcing has grown from $9 billion in 1990 to well over $287 billion in 2006. The growth of IT sourcing is predicted to grow worldwide to well over $370 billon by 2010.
In Australia, IT sourcing has grown at the same rate, with spending on IT sourcing within Australia being $5.93 billion in 2004, it is predicted that this will grow to $7.01 billion by 2010.

Why source IT?

According to the Australian Government Information Management Office, an Organisation will purse external sourcing agreements for two reasons; Economic or Strategic. The Economic perspective is that an organisation will simply choose to source their IT services in order to control or lower their costs. Whereas the Strategic perspective is where an organisation will outsource their IT to focus more of their energy and attention on their core business processes and objectives, gain much better access to skills or expertise and provide new and more services that are not provided internally.

Improve Quality - An organisation may be producing an IT product and find that outsourcing the development, design or construction of the product may in fact improve its quality.
Contract - IT Services will be legally binding contract that will incur financial penalties or legal redress with not complied with. This is not the case with internal IT services.
Operational Expertise - This allows access to IT best practices which may be too difficult or time consuming to develop internally.
Staffing Issues - Sourcing of IT allows for access to a much larger talent pool and a sustainable source of IT skills.
Catalyst of Change - By sourcing something like an organisations IT services, it may be used as a catalyst for change within the organisation which could not be achieved on its own.
Risk Mitigation - For some types of risk, it is often better to be partnered with an outsourcer who is better able to mitigate that type of risk.


Issues of Sourcing IT

Quality of Service - Service Level Agreements (SLA’s) determine the quality of the service that is being sourced. Poorly defined SLA’s may not actually define the actual measure of quality and can result in a poor service provided. Sometimes an SLA may simply state the same quality and price that the organisation had previously and therefore sourcing their IT provides no benefit at all to the organisation. There is another element that is often overlooked with regards to SLA’s is when the IT provider is simply meeting their agreement to the SLA but the quality being produced is not the quality that is expected by the bottom end user. A properly defined SLA can help resolve any issues regarding the quality of service.
Cost - Some organisations may choose not to source their IT due to the costs associated with it. If the market price for outsourcing their IT services is higher than their internal costs, then the organisation may find that they can meet their out IT needs more cost effectively by conducting their IT services in house.
Qualifications - When an organisation chooses to source their IT services they leave the employment of staff to the outsourcer. The outsourcer may choose to replace their staff with less qualified staff which then leaves the organisation receiving a sub-standard service. Another issue with qualifications that needs to be considered when sourcing IT, is through the outsourcing of IT help desks (or similar) to foreign countries where English is not the first language.
Risk - The risk of giving up control of part of the organisation can be too great for some organisations. IT is an essential element of a business to ensure it continues to operate, or it may be entirely what the organisation is about and so giving up control of that is a huge risk. There is also the loss of organisational knowledge, an organisation may have complex customised technology that requires a certain level of knowledge regarding the technology and how the technology relates and interacts with the organisation, by outsourcing this that knowledge will take time to require or could be lost.
Security - The security of IT services is essential for some organisations. An organisation has to be careful about who they choose to source their IT services from. For example, the Australian Department of Defence needs to be exceptionally careful who they source their software from. This is because if the Australian Department of Defence were to source their software from a foreign country who was not particularly trusted, that outsourcer has the ability to place backdoors or security flaws and risks into the software in which a foreign country may choose to take advantage of.. These are:

* Self managed.
* Single Sourcing
* Multi-sourcing

Single sourcing and multi-sourcing often get grouped together and is known as outsourcing, whereas self managed is often referred to as ‘in house’.

Self Managed - Self Managed strategy is where the IT services are managed and run from within the organisation. There may be contractors, consultants and suppliers in which IT products or services are acquired but there is not Service Level Agreement (SLA) with any external vendors.

Single Sourcing - A Single Sourcing strategy is where the IT services are run by a single external party under an SLA.

Multi Sourcing - A Multi sourcing strategy is where the IT Services are run by multiple external parties under one or multiple SLA’s. Multi Sourcing involves a complex relationship with the vendors and is best managed through the use of a governance model framework. One of the main benefits of Multi Sourcing is that an organisation can customise their IT services to ensure that they have specialists operating on their individual components and therefore ensuring the best possible IT services available. For example, an organisation may contract out their IT help desk to a company over in India, while their internal network is administrated by another company and their day to day maintenance of computer equipment is conducted by a local business in the area. Each of these external sources of IT services would all require SLA’s to ensure that the quality of service delivered is what the organisation requires.

Organisations that have managed their IT sourcing the best have used a combination of all three of these strategies. There are also a number of different IT sourcing models out there and these include
The four phases of the lifecycle are:

* Phase I : Case for Change
* Phase 2: Decide Sourcing Strategy
* Phase 3: Undertake Procurement
* Phase 4: Transition and Manage

Phase I: Case for Change

The objective of the first phase of the AGIMO four-phase ICT Sourcing Lifecycle is for the organisation to consider changing their sourcing arrangements to meet their organisations strategic IT objectives. This involves organisations that manage their IT ‘in house’ could consider changing to an external source, where an organisation who is already externally sourcing their IT should determine in they should renew their sourcing arrangements or consider alternatives.

Within phase I there are four modules these are:

Business Alignment
Determine the most critical ICT activities. The Organisations priorities are what drive ICT requirements, as ICT is simply there to help meet the business’s goals. The Organisation should categories and identifies their business activities against the following categories:

* Vital - These activities are the reasons the organisation exists and they are unique to the organisation
* Duty-Bound - Duty-bound activities are part of the organisations mission
* Discretionary and Support - Activities that are neither strategic or core activities.


Head the lessons of experience
Determining what can be learnt from your own and other organisations experiences. Lessons can be shared across organisations or in AGIMO’s case across Government agencies. AGIMO has established the IT Sourcing Inter-Agency Forum (ITSIAF) which allows organisations to:

* Exchange lessons learned
* Share sourcing strategies
* Collect data and exchange materials
* Conduct roundtable discussions on topics of interest


Understand the costs
Determining how the agency’s costs compare to the alternatives. It is important that organisations base their decisions on real value and not perceived value. They can do this by looking at previous costs of sourcing and what other organisations have spent on sourcing. It is also important that quality and efficiency are looked at as well as the cost of risk.


Assess current situation
Determine the current satisfaction with the organisations current ICT sourcing. AGIMO provides their agencies with a checklist to which they can assess their sourcing satisfaction for externally managed arrangements. This checklist covers the following:

* Relationship - details the relationship with the vendor
* Staffing - details your staffing and the vendors staffing.
* Contract - details any issues with the contract.
* Innovation - details whether the organisation feels comfortable with the arrangement and if it is benefiting them.


Phase II: Decide sourcing strategy


Once an organisation has established that they need to change their current ICT sourcing they should use strategic, qualitative and quantitative analysis to come to a conclusion of the most appropriate sourcing strategy for the organisations needs. AGIMO recommends that their agencies “investigate the market for ICT goods and services in order to obtain a real picture of potential costs and benefits of alternative solutions”

The modules that make up Phase II of the lifecycle are:


Assess Sourcing Options
Organisations must disaggregate their ICT and identify the components that are suitable for self-managed or external sourcing. For external sourcing, the organisations should look for opportunities that bundle and should also factor in the comparative risks and benefits of bundling opportunities. The organisation should then decide which type of relationship they wish to have with their vendor. They should then also look at and consider opportunities that could come from forming sourcing alliances with other organisations (or as AGIMO recommends, other Government Agencies).

Assess Options Strategically and Economically
By this module of the lifecycle, the organisation should have chosen their sourcing options. In order to choose the best option they should conduct a strategic and economic assessment of each option. Assessing the risk of each option is also extremely important in this module as it may decide which option is suitable and which isn’t.

Renegotiate Existing Contract
This component is only for organisations that already use externally sourcing options. The organisation should assess their current sourcing agreement. If it is not meeting their requirements then they need to determine whether they look to the market to get a better sourcing arrangement or if they stay with their current vendor and renegotiate their contract to get a better sourcing agreement that meets their needs.

Develop Procurement Plan
For Australian Government Agencies when they start to develop their procurement plan they need to be aware of the conduct duties and regulations in which they must comply with. These are listed here [INSERT LINK!!] The steps for developing a procurement plan are:

* Determine business and ICT service needs
* Decide between open tender and select tender
* Define the list of vendors in case of a select tender
* Decide level of collaboration with vendors in the tender process
* Define selection criteria
* Prepare for both-way due diligence
* Develop a transition/termination strategy
* Develop a draft contract


Phase III: Undertake Procurement

Once an organisation has decided a sourcing agreement, be it external or internal they will need to proceed with a procurement plan. For an external sourcing agreement the organisation will need to start launching a tender process, screen and select vendors, and negotiate a contract with the chosen vendor. An Internal sourcing agreement does not always have to deal with vendors and therefore the strategies used are no where near as complex as the ones needed for an external sourcing agreement.

The three modules of Phase III are:


Implement Procurement Plan
The implementation of the procurement plan involves notifying the industry, this is for Government agencies as it is mandatory for them to advertise their publicly available business opportunities on AusTender under the FMA Act. Next they must write and issue market approach documentation, conduct kick-off sessions (or an industry briefing), get confidential agreements signed and then conduct pre-proposal due diligence.

Select Vendor(s)
In this module, organisations will need to review proposals for completeness, which involves assessing proposals from tenders to ensure they conform to the market approach documentation. They will then screen the proposals which involves, assessing the strengths and weaknesses of each tender and ensuring that the tender conforms to the Commonwealth Procurement Guidelines. The organisation will then have to conduct vendor due-diligence on the final short list of vendors in order to select the one that best meets their needs.

Develop Contract(s)
This module simply involves refining the termination strategy and writing a contract that includes the benefits that were predicted during the sourcing strategy phase and ensures that the vendor will be able to deliver without putting them at risk.

Phase IV: Transition and Manage

The fourth and last phase details the transition and managing of the ICT sourcing arrangement. Transition into the new ICT sourcing arrangement can often take up a lot of the organisations resources as often a new sourcing arrangement can create huge changes within the organisation. Once the ICT sourcing arrangement is in place it is important that the relationship between the organisation and ICT providers is managed properly and that the organisation is prepared for any costs and disruptions that may occur in the changing of the organisations ICT sourcing.

There are 6 modules to the last phase of the AGIMO ICT Sourcing Life Cycle, these are as follows:


Set up Contract Governance
Setting up the contract governance structure involves identifying the ICT roles and responsibilities, the management organisation, the decision-making process, a process for escalating disputes and the rules and incentives for all parties involved with the arrangement.

Transition
The transition module is a one time step that will only occur when a new element of the sourcing strategy is established. Transitions can occur concurrently with other business and ICT activities; they are normally have a high impact and are bound by time. The most important factor to consider before a transition is the risks. The risks associated with change should be identified early to help mitigate any risks that may occur during transition.

Manage Relationship
It is important to note that managing the relationship is different to managing the contract. Managing the relationship is about trying to get the most out of the overall agreement and arrangements to help benefit the organisation. From AGIMO - “It is worth noting, however, that managing the relationship is a key element of the sourcing lifecycle to which agencies and vendors must pay careful attention”.

Manage Contract
The aim of managing the contract is to ensure that all parties involved in the ICT sourcing agreement perform to the minimum requirement levels as specified in the contract and that the contract reflects the best possible outcomes for the organisation. From AGIMO:


“A Service Gap exists if all parties are not performing according to their minimum requirement levels”



“A Contract Gap exists if the contract does not reflect the best possible expected outcome for the agency”
The eSCM-SP has three purposes:

#To give service providers guidance that will help them improve their capability across the sourcing life-cycle
#To provide clients with an objective means of evaluating the capability of service providers
#To offer service providers a standard to use when differentiating themselves from competitors


eSourcing

eSourcing or IT-enabled sourcing uses IT as a critical element of service delivery. eSourcing is often provided remotely via telecommunication or data networks. There are many common characteristics of eSourcing and these ranges from service design and deployment activities, knowledge and service delivery infrastructure.


eSCM-SP v2

The eSCM-SP v2 comprises of 84 practices which are considered to be “best practices” for a successful sourcing relationship. Each practice is disseminated along the three dimensions:

*Sourcing Life-cycle
*Capability Area
*Capability Level.





Practices

Each of the 84 practises from the eSCM-SP v2 contains information about a sourcing best practice. The information included in each practice includes a statement summarizing the best practice, a description of the best practice, a list of activities needing to be performed and additional information that helps in the application of those activities. The details of the 84 practices care in the document '


Sourcing Life-Cycle
The eSCM-SP sourcing life cycle is divided into the following phases:

* Ongoing
* Initiation
* Delivery
* Completion


Ongoing
Ongoing practices represent management operations that need to be performed during the entire sourcing life cycle. Ongoing practices cover the following:

* Managing and motivating personnel to effectively deliver services
* Managing relationships with clients, suppliers and business partners
* Measuring and reviewing the organisation’s performance and taking action to improve its performance
* Managing information and knowledge systems so that personnel have efficient access to the knowledge needed to effectively perform their work
* Identifying and controlling threats and risks to the organisation’s ability to meet their objectives
* Managing the technology infrastructure used to support delivery of service.


Initiation
Initiation practices focus on the capabilities needed to efficiently prepare for the service delivery. Initiation practices deal with gathering requirements, negotiating, contracting and designing and deploying the service. Initiation practices cover the following:

* Preparing for negation by having an organisational position of pricing and other issues that need to be negotiated.
* Understanding the client’s requirements by gathering information about the client and its stated and unstated needs.
* Working with the client to confirm the assumptions that impact the agreement commitments
* Establishing a formal agreement with the client that clearly states the organisation’s and client’s responsibilities and commitments
* Effectively managing service design and deployment


Delivery
Delivery practices focus on service delivery capabilities, such as the ongoing management of service delivery, verification that commitments are being met and the management of the finances involved with the service. Delivery practices cover the following:

* Planning and tracking the service delivery activities
* Delivering services according to the agreed-upon commitments
* Providing adequate training to clients and end-users to enable them to effectively use the services being delivered.


Completion
Completion practices focus on the capabilities needed to effectively end an engagement at the end of the sourcing life cycle. Practices normally include the transition of resources to the client from the service provider. Completion services cover the following:

* Managing the effective transfer of resources to a new service provider (be it to the client or another service provider)
* Ensuring service continuity during the transfer
* Identifying and transferring knowledge critical for the delivery of the service.


Capability Area
The second dimension of the eSCM-SP, Capability Area’s provides a logical grouping of all the practices to allow users of the framework to better remember and intelligently manage the content of the model.Overall there are 10 Capability areas, these are:

Knowledge Management (knw) - There are 8 practices within this capability area. Knowledge Management deals with the critical issue of capturing and using knowledge and measuring and analysing reasons for termination.

People Management (ppl) - There are 11 practices within this capability area. People Management deals with the critical issues of establishing and maintaining an effective work environment, building and maintaining competencies and managing employee satisfaction.

Performance Management (prf) - There are 11 practices within this capability area. Performance Management deals with the issues of maintaining competitive advantage, innovating, building flexibility and increasing responsiveness.

Relationship Management (rel) - There are eight practices within this capability area. Relationship Management deals with building flexibility, increasing responsiveness, establishing well-defined contracts with stakeholders and maintaining a competitive edge.

Technology Management (tch) - There are 6 practices within this capability area. Technology Management deals with the critical issues of managing rapidly changing technology and maintaining technology availability, reliability, accessibility and security.

Threat Management (thr) - There are 7 practices within this capability area. Threat Management deals with critical issues such as managing clients’ security, and ensuring compliance with statutory and regulatory requirements.

Contracting (cnt) - There are 11 practices within this capability area. Contracting deals with the critical issues of translating implicit and explicit needs into the defined requirements and establish well defined contracts with stakeholders.

Service Design and Deployment (sdd) - There are 8 practices within this capability area. Service Design and Deployment deals with the critical issue of reviewing service design and deployment to ensure sufficient coverage of the requirements. It also addresses procedures for monitoring and controlling activities to consistently meet service delivery commitments.

Service Delivery (del) - There is 8 practices within this capability area. Service Delivery deals with the critical issues of monitoring and controlling activities to consistently meet service delivery commitments and maintaining continuity of service delivery.

Service Transfer (tfr) - There is 6 practices within this capability area. Service Transfer deals with the critical issues of smoothly transferring services and resources and capturing and transferring the knowledge gained during the engagement to the client during contract completion.


Capability Level
The third and final dimension of the eSCM-SP model is Capability Levels. There are five capability levels which describe an ‘improvement path’ that clients should expect from service providers. The levels or path begin from initially providing the service(s) up until the highest level which his sustaining excellence. The five Capability Levels of the eSCM-SP are as follows:


Level 1: Providing Services
Service providers who are level 1 often have no practices implemented. They are considered to be high risk to work with due to the fact they often promise something that they cannot deliver on. Some organisations may even have some practises from capability levels 3 and 4, but due to the fact they have not fully implemented practices from level 1 they are seen as a risk of failing as well.

Level 2: Consistently Meeting Requirements
Level 2 has 48 practices, which are distributed throughout the sourcing lifecycle. Service providers who are level 2 have formalized procedures for capturing requirements and delivering services as specified in their commitment to the client. A level 2 service provider has the infrastructure in place to support consistent performance work that meets their commitments.
“At level 2 the service provider is able to systematically capture and understand requirements, design and deploy services to meet the requirements, and successfully deliver the services according to agreed upon service levels”.



Level 3: Managing Organisational Performance
Level 3 has 26 practices, in order for a service provider to achieve level 3, they must implement all level 2 and 3 practices. Service providers who are level 3 are able to deliver services according to the requirements and even if required services significantly differ from the provider’s experience. The service provider is able to share knowledge gained from previous experiences, measure and reward personnel performance and monitor and control technology infrastructure.
“At Level 3, the service provider is able to manage its performance across the organisation; understand targeted market services and their varying requirements, including specific cultural attributes; identify and manage risks across engagements, and design and deliver services based on established procedures”.



Level 4: Proactively Enhancing Value
Level 4 has 10 practices, for a service provider to reach level 4 they must have implemented all practices from levels 2, 3 and 4. Service providers at level 4 are able to continuously innovate themselves in order to add statistically and practically significant value to the services they provide. The service provider can thoroughly plan, implement and control their own improvement.
“At level 4 the service provider is able to customise its approach and service for clients and prospective clients, understand client perceptions, and predict its performance based on previous experience”.



Level 5: Sustaining Excellence
Level 5 has no new practices, for a service provider to achieve level 5 they must sustain the implementation of every practice over the course of two consecutive evaluations over two or more years for certification.
“effective, continued, implementation of all the eSCM-SP practices in a rapidly changing environment shows an ability to sustain excellence through the organisation over time”


AGIMO Versus eSCM-SP


So which is better? AGIMO’s Guide to IT sourcing or ITsqc’s eSCM-SP? AGIMO’s guide is designed and tailored for use by Australian Government Agencies (such as the Department of Finance or the Department of Defence) whereas eSCM-SP has been written to be applied to almost any global organisation which deals with IT services. AGIMO and eSCM-SP both use life cycles which both have their similarities and differences. The AGIMO lifecycle is a never ending lifecycle and that once the organisation has gone through the lifecycle it recommences it to revaluate their sourcing options. eSCM-SP has a definite end with the ‘Completion’ Phase, yet it has a phase ‘Ongoing’ which runs throughout the entire lifecycle.

In each of the phases of the AGIMO process there are number of tasks which must be completed in order to progress through to the next phase. eSCM-SP has a number of practices within each phase. It also has 2 other dimensions in which organisations can determine whether they are following the framework correctly.

The major difference between the two different options for sourcing IT is that eSCM-SP is both for client and service providers. eSCM-SP allows clients to assess the quality of service that they are receiving from their service providers and it allows the service providers to assess themselves and compare them selves to other service providers to allow them to offer the best IT services. AGIMO’s Guide to IT sourcing is simply that, a guide for Australian Government Agencies on how to best source their IT options.

There are many other frameworks, models and guides for sourcing IT options out in the world. AGIMO and eSCM-SP are only two. There are many reasons why an organisation may chose to source their IT services and there are many ways in which to do it, All the different frameworks all have a common goal and that is to ensure that the sourcing arrangement that is chosen benefits the organisation as best it can.
 
< Prev   Next >