Companies did not sit on their hands and watch their outsourcing agreements sail by in 2009. As reported in part one of our series, on outsourcing contracts' danger signs, nearly 50% of companies told Stamford, Conn.-based Gartner Inc. that the economic crisis caused a sharp increase in contract renegotiations to save money. But paradoxically, such renegotiations leave a lot of room for costly mistakes.
"A recession causes [outsourcing] providers to sign bad deals that are not sustainable and do not give them the profits they need to stay in business, ultimately putting the CIO's company at risk," said Allie Young, research vice president and distinguished analyst in Gartner's technology and service provider group.
And CIOs intent on cutting costs introduce risks when they agree to more lenient service-level agreements, which could result, for example, in lower-quality workers being assigned to their contract. This also is not an arrangement the business can tolerate over the long term, Young said.
In part one of this series, TPI's Thomas Young dissected the ways in which outsourcing relationships can fail to meet expectations, from poorly documented contracts to lapses in governance after the deal is signed. In part two, Young and Forrester Research Inc. Vice President and Research Director Christina Ferrusi Ross focus on outsourcing contract risks: the overlooked danger signs that can torpedo a CIO, the deal and even the company; and, on a brighter note, the risks that with insight can be used to your company's benefit.
Imbalances in outsourcing contracts
Imbalances between costs and control of the deal are a sure sign that an outsourcing contract is in trouble, Gartner's Young said. An obvious imbalance is when the CEO is saying the provider is the "greatest thing since sliced bread" because the contract has lowered IT costs by 10%, while the company's employees are complaining that IT is no longer supporting their needs.
Other imbalances, however, are more subtle and often reflect a defect in the CIO, rather than the provider. "Before you find the speck in another's eye, look for the log in your own," Young advised. To wit: If the organization is having cultural miscommunications with their offshore provider, that means the CIO does not have the right process or methodology in place to manage cultural differences and should consider reducing the number of offshore workers, she said.
Another danger sign is when the outsourcing vendor comes armed with "all kinds of ideas about innovation," Young said. CIOs can partner with external providers on innovation and bat ideas about. But to cede a vision for the future, or not to have a point of view about architecture, means the CIO's operations are not aligned with the business, she said "There are certain things you don't want to lose control of -- innovation and architectural standards," she added.
Another imbalance: too many vendors. Gartner has long been a proponent of multivendor sourcing -- choosing the right vendor for the job at hand rather than doing one-stop shopping: "It's one thing to have two or three different providers helping with applications versus a provider list of 50 different application providers, which does happen," Young said.
'Operationalizing' vendor risk
One of the biggest complaints auditors have with IT departments is their lack of governance of third-party providers, said Ferrusi Ross, who leads Cambridge, Mass.-based Forrester's vendor sourcing team. Clients often tell her that they don't have the resources to track every business change at a provider company, much less interpret what these changes mean. "The recession has stretched them so that the due diligence that is done is done upfront, and they can't keep up with all the ins and outs at their providers," she said.
For example, an outsourcing vendor that is experiencing financial trouble poses a risk to the deal. But should the alarm bells go off when the provider experiences one bad quarter, or a single- or double-digit loss, or a loss for the year? Ferrusi Ross asked. "The question is, how do you operationalize that?" she said. One bad quarter of revenue in an otherwise stable company might put the outsourcing contract into yellow mode, for example, until the next quarter, and perhaps warrant a conversation at the next steering committee meeting, she added.
Even when you know what to look for, red flags can come with many nuances. Take employee turnover: "If the vendor is in line with the industry standard for turnover, but your turnover is higher than the standard, that is a red flag that your deal is going bad," Ferrusi Ross said. If your account manager is taken off the job without your approval, that is another red flag that needs to be addressed. On the other hand, if the turnover is high for all customers, the problem is with the vendor, and might be sign enough to take your contract elsewhere, she said.
Mapping the outsourcing contract to enterprise risk
But vendor losses can also be exploited for gain. Ferrusi Ross cited a CIO whose outsourcing vendor had lost business in the wake of the Wall Street meltdown. Rather than scurry to find a new vendor, the CIO picked up the phone and told the outsourcer to move its A-list talent, who had been working on Wall Street financial services contracts, to her account. "She basically said, 'You have a lot of people on the bench. Swap mine out for them,'" Ferrusi Ross said. The CIO was able to do that because she was a huge client of the outsourcer, and she knew the outsourcer was not going to go out of business. The risk was well worth the upside for this CIO.
CIOs tend to see their outsourcing contracts through the lens of IT operations, Ferrusi Ross said. "One of the biggest red flags is a risk that can damage a company brand without the vendor ever breaching any part of the contract," she said. Consumers associate lead paint in toys with Mattel, not the outsourcing vendor who used the paint. "The biggest risk is not that the deal fails, but the red flags you didn't know were there," she added.
CIOs should start with their company's enterprise risk portfolios, Ferrusi Ross advised. That might require going to the chief risk officer or CFO or whoever has an enterprise-wide view of risk. For each enterprise risk, ask where the outsourcing vendor helps or hurts. One company she worked with had an outsourcing provider who did background checks on workers going seven years back. The company, however, had a 10-year policy. "My client made the provider do a 10-year check on employees; sure enough, in year nine, one of the employees had been arrested for money laundering," she said.
Let us know what you think about the story; email Linda Tucci, Senior News Writer.