Presentation is loading. Please wait.

Presentation is loading. Please wait.

SOURCING PRACTICES.  Relates to the way in which the organization will obtain the IS functions required to support the business  Delivery of IS functions.

Published byHortense Flynn Modified over 8 years ago

Similar presentations

Presentation on theme: "SOURCING PRACTICES.  Relates to the way in which the organization will obtain the IS functions required to support the business  Delivery of IS functions."— Presentation transcript:

1 SOURCING PRACTICES

2  Relates to the way in which the organization will obtain the IS functions required to support the business  Delivery of IS functions can include: Insourcing, Outsourcing and Hybrid.

3 FACTORS TO CONSIDER  Is this a core function of the organization?  Does this function have specific knowledge, processes and staff that are critical to meeting its goals and objectives, and that cannot be replicated externally or in another location?

4 FACTORS TO CONSIDER  Can this function be performed by another party or in another location for the same or lower price, with the same or higher quality, and without increasing risk?  Does the organization have experience managing third parties or using remote/offshore locations to execute IS or business functions?

5 ROLE OF IS STEERING COMMITTEE Upon completion of the IS steering committee should review and approve the strategy. The following steps should be taken:  Define the IS function to be outsourced  Describe the service levels required and minimum metrics to be met  Know the expected service provider knowledge, skills and quality desired  Know the current in-house cost information to compare with third-party bids

6 OUTSOURCING PRACTICES

7 WHICH DO YOU CHOOSE?  Enjoy a Successful Outsourcing Endeavour. OR  Endure a Recurring Corporate Nightmares.

8 IT OUTSOURCING  Definition of Outsourcing  Reasons for Outsourcing  Third Party Services  Possible Advantages of Outsourcing  Possible Disadvantages of Outsourcing  Business Risks of Outsourcing  Audit / Security Concerns of Outsourcing  Strategies in Audit of Outsourcing

9 DEFINITION OF OUTSOURCING  It is a contractual agreements under which an organization hands over control of part, or all, of the functions of the IS department to an external party.  It also means an IS organization goes “outside” for the knowledge and experience required to do a specific job. (Vallabhaneni)

10 POINTS TO NOTE  In an outsourcing relationship, the organization pays a fee and the contractor delivers a level of service that is defined in a contractually binding Service Level Agreement (SLA)  The contractor provides the resources and expertise needed to perform the agreed service.

11 POINTS TO NOTE  Specific objectives of outsourcing vary from organization to organization but the general objective is to achieve a lasting improvement in IS to take advantage of a vendor’s core competencies.  As with the decision to downsize or right size, management must revisit the control framework when they outsource.

12 REASONS FOR OUTSOURCING  A desire to focus on core activities  Pressure on profit margins  Increasing competition that demands cost savings  Flexibility with respect to both organization and structure

13 THIRD PARTY SERVICES  Providing all IT-related functions  Providing connectivity of internal networks to the Internet  Website hosting, development, maintenance, management, security and monitoring services  Application hosting, development, maintenance and hosting (such as ERP and e-commerce systems)  Call center services  Data entry

14 THIRD PARTY SERVICES (contd)  Design and development of new systems  Maintenance of existing applications to free in-house staff to develop new applications  Conversion of legacy applications to new platforms. e. t. c

15 POSSIBLE ADVANTAGES OF OUTSOURCING  Commercial outsourcing companies can achieve economies of scale through the deployment of reusable component software.  Outsourcing vendors are likely to be able to devote more time and focus more effectively and efficiently on a given project than in- house staff.

16 POSSIBLE ADVANTAGES OF OUTSOURCING (contd)  Outsourcing vendors are likely to have more experience with a wide array of problems, issues and techniques than in-house staff.  The act of developing specifications and contractual agreements using outsourcing services is likely to result in better specifications than if developed by in-house staff.

17 POSSIBLE ADVANTAGES OF OUTSOURCING (contd)  As vendors are highly sensitive to time-consuming diversions and changes, feature creep is substantially less with outsourcing vendors.

18 POSSIBLE DISADVANTAGES OF OUTSOURCING  Costs exceeding customer expectations  Loss of internal IS experience  Loss of control over IS  Vendor failure  Limited product access  Difficulty in reversing or changing outsourced arrangements  Deficient compliance with legal requirements

19 BUSINESS RISKS FROM OUTSOURCING  Financial viability of the vendor  Hidden costs  Contract term not been met  Lack of loyalty of contractor personnel toward the customer  Disgruntled customers/employees as a result of the outsource arrangement  Obsolescence of Vendor IT systems  Service costs not been competitive over the period of the entire contract

20 BUSINESS RISKS FROM OUTSOURCING (contd)  Failure of either company to receive the anticipated benefits of the outsourcing arrangement  Damage to either, or both, company’s reputations due to project failures  Lengthy, expensive litigation

21 WAYS OF MANAGING OUTSOURCING RISKS  Establishing measurable, partnership-enacted shared goals and rewards  Utilizing multiple suppliers or withholding a piece of business as an incentive.  Developing contract performance metrics

22 WAYS OF MANAGING OUTSOURCING RISKS (contd)  Performing period competitive reviews and benchmarking / bench- trending  Implement short term contracts  Addressing data ownership in the contract  Requiring confidentiality agreements  Requiring security-level measures and legal compliance.

23 WAYS OF MANAGING OUTSOURCING RISKS (contd)  Incorporating service quality expectations, including usage of capability maturity models (CMMs) or ISO methodologies.  Ensuring adequate contractual consideration of access control/security administration, whether vendor or owner- controlled.

24 WAYS OF MANAGING OUTSOURCING RISKS (contd)  Ensuring violation reporting and follow-up are required by the contract, and any requirements for owner notification and cooperation with any investigations.  Ensuring that change/version control and testing requirements are contractually required for the implementation and production phases  Ensuring that the parties responsible and the requirements for network controls are adequately defined, and any necessary delineation of these responsibilities established.

25 WAYS OF MANAGING OUTSOURCING RISKS (contd)  Stating specific, defined performance parameters that must be met, for example, minimum processing times for transactions or minimum hold times for contractors  Incorporating capacity management criteria  Providing contractual provisions for making changes to the contract.  Providing a clearly defined dispute resolution process

26 WAYS OF MANAGING OUTSOURCING RISKS (contd)  Ensuring that the contract indemnifies the company from damages caused by the organization responsible for the outsourced services  Incorporating clear, unambiguous “right to audit” provisions, providing the right to audit vendor operations (e.g. access to records, right to make copies, access to personnel, provision of computerized files) as they relate to the contracted services.

27 WAYS OF MANAGING OUTSOURCING RISKS (contd)  Ensuring the contract adequately addresses business continuity and disaster recovery provisions and appropriate testing.  Requiring that the vendor comply with all relevant legal and regulatory requirements, including those enacted after contract initiation

28 WAYS OF MANAGING OUTSOURCING RISKS (contd)  Establishing ownership of intellectual property developed by the vendor on behalf of the customer  Establish clear warranty and maintenance periods  Providing software escrow provisions

29 GLOBALIZATION PRACTICES AND STRATEGIES  Globalization involves moving IS functions offsite or Offshore.  The IS Auditor must ensure that the following risks and audit concerns are addressed: Legal, regulatory and tax issues, Continuity of operations, Personnel, Telecommunication issues and Cross-border and cross-cultural issues.

30 GOVERNANCE IN OUTSOURCING  Organizations must recognize that while service delivery is transferred, accountability remains firmly with the management of the client organization  The decision to outsource and subsequently successfully manage that relationship demands effective governance

31 Responsibilities of both parties:  Ensuring contractual viability through continuous review, improvement and benefit gain to both parties  Inclusion of an explicit governance schedule to the contract  Management of the relationship to ensure that contractual obligations are met through SLAs and OLAs  Identification and management of all stakeholders, their relationship and expectations GOVERNANCE IN OUTSOURCING (contd)

32  Establishment of clear roles and responsibilities for decision making, issue escalation, dispute management, demand management and service delivery  Allocation of resources, expenditure and service consumption in response to prioritized needs  Continuous evaluation of performance, cost, user satisfaction and effectiveness  On-going communication across all stakeholders GOVERNANCE IN OUTSOURCING (contd)

33 CAPACITY AND GROWTH PLANNING  This is essential because of the strategic importance of IT and the constant change in technology.  In large organizations, some system programmers are designated capacity planners.  They identify the most significant recurring peak processing period on a daily basis and the most significant workload and resources consumed.  They also build historical information in estimating future workloads.  Capacity and growth planning must be reflective of the long and short-range business plans and must be considered within the budgeting process.

34 USER SATISFACTION  Users and IT should agree on a level of service (Internal SLA)  Compliance with the service level agreement should be periodically audited.

35 INDUSTRY STANDARDS/BENCHMARKING  It provides a means of determining the level of performance provided by similar IPF.  These standards or bench-marking statistics can be obtained from vendor user groups, industry publications and professional associations.

36 THANK YOU

Download ppt "SOURCING PRACTICES.  Relates to the way in which the organization will obtain the IS functions required to support the business  Delivery of IS functions."

Similar presentations

Pros and Cons of Cloud Computing Professor Kam-Fai Wong Faculty of Engineering The Chinese University of Hong Kong.

Pros and Cons of Cloud Computing Professor Kam-Fai Wong Faculty of Engineering The Chinese University of Hong Kong.
Roadmap for Sourcing Decision Review Board (DRB)

Roadmap for Sourcing Decision Review Board (DRB)
Outsourcing and HRM Brian S. Klaas. The Market or the Organization When outsourcing is used, firms are relying on a market-based form of governance to.

Outsourcing and HRM Brian S. Klaas. The Market or the Organization When outsourcing is used, firms are relying on a market-based form of governance to.
© Prentice Hall 2002 15.1 CHAPTER 15 Managing the IS Function.

© Prentice Hall CHAPTER 15 Managing the IS Function.
1 Vendor Evaluation: Selecting for Success Dana McCormick Wells Fargo Home Mortgage Delivery Services Baltimore PCC Education Seminar April 27, 2007.

1 Vendor Evaluation: Selecting for Success Dana McCormick Wells Fargo Home Mortgage Delivery Services Baltimore PCC Education Seminar April 27, 2007.
Grow Your Business through Contact Centre Outsourcing Fanny Vaz Director, Personal Market Unit, CTM.

Grow Your Business through Contact Centre Outsourcing Fanny Vaz Director, Personal Market Unit, CTM.
AUDIT COMMITTEE FORUM TM ACF Roundtable IT Governance – what does it mean to you as an audit committee member July 2010 The AUDIT COMMITTEE FORUM TM is.

AUDIT COMMITTEE FORUM TM ACF Roundtable IT Governance – what does it mean to you as an audit committee member July 2010 The AUDIT COMMITTEE FORUM TM is.
The Outsourcing Process

The Outsourcing Process
Program Management Overview (An Introduction)

Program Management Overview (An Introduction)
IT Outsourcing Advantages Labor Low Cost Definition/Overview Try & expenditures by 30% Competitive Advantage Trends Core competencies Gov’t outsourcing.

IT Outsourcing Advantages Labor Low Cost Definition/Overview Try & expenditures by 30% Competitive Advantage Trends Core competencies Gov’t outsourcing.
Managing the Information Technology Resource Jerry N. Luftman

Managing the Information Technology Resource Jerry N. Luftman
Date: 03/05/2007 Vendor Management and Metrics. 2 A.T. Kearney X/mm.yyyy/00000 AT Kearney’s IT/Telecom Vendor Facts IT/Telecom service, software and equipment.

Date: 03/05/2007 Vendor Management and Metrics. 2 A.T. Kearney X/mm.yyyy/00000 AT Kearney’s IT/Telecom Vendor Facts IT/Telecom service, software and equipment.
Chapter 10 Information Systems Management. Agenda Information Systems Department Plan the Use of IT Manage Computing Infrastructure Manage Enterprise.

Chapter 10 Information Systems Management. Agenda Information Systems Department Plan the Use of IT Manage Computing Infrastructure Manage Enterprise.
Pertemuan 11-12 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.

Pertemuan Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
CHAPTER 9: LEARNING OUTCOMES

CHAPTER 9: LEARNING OUTCOMES
Management Information Systems, 4 th Edition 1 Chapter 16 Alternative Avenues for Systems Acquisitions.

Management Information Systems, 4 th Edition 1 Chapter 16 Alternative Avenues for Systems Acquisitions.
Copyright © 2014 Lender Performance Group, LLC. All rights reserved. Managing risks associated with third-party relationships, in other words Vendor Management.

Copyright © 2014 Lender Performance Group, LLC. All rights reserved. Managing risks associated with third-party relationships, in other words Vendor Management.
IT Service Delivery And Support Week Eight IT Auditing and Cyber Security Spring 2014 Instructor: Liang Yao (MBA MS CIA CISA CISSP) 1.

IT Service Delivery And Support Week Eight IT Auditing and Cyber Security Spring 2014 Instructor: Liang Yao (MBA MS CIA CISA CISSP) 1.
What is Outsourcing? Process Of subcontract a business function to an external third party Based on a contract: Term: 3-5 years or 10 years Service descriptions.

What is Outsourcing? Process Of subcontract a business function to an external third party Based on a contract: Term: 3-5 years or 10 years Service descriptions.
IT Outsourcing Andy Darnell Jennifer Lawrence Jessica Pruitt.

IT Outsourcing Andy Darnell Jennifer Lawrence Jessica Pruitt.

Similar presentations

Ads by Google