Managing the service vendors you've hired to deliver IT services to the business goes beyond procurement and standard...
IT contract negotiations. Companies today need IT services that are not just highly reliable, but can also scale and change to meet fast-moving business demands.
Indeed, IT leaders need to flex a range of skills to draw out the right level of service, responsiveness and innovation from their IT service management (ITSM) suppliers.
We asked IT service experts to give us their ITSM best practices for maximizing service delivery while minimizing risk. One critical objective: Service vendor metrics should be tied to business key performance indicators (KPIs).
The four ITSM best practices below come courtesy of Ben Grinnell, managing director and global technology and digital service line lead at consulting firm North Highland; Carl Carpenter, senior fellow at Arrakis Consulting; David Ackerman, research vice president at research and consulting firm Gartner; and Paul Kooney, managing director in the IT security and data privacy practice at Protiviti Inc.
ITSM best practices for managing service vendors
1. Service metrics should include 'capability for change.'
Companies have traditionally asked their IT organizations to deliver IT services at the lowest cost, but many have shifted that strategy over the years to consider other factors such as alignment with business outcomes and innovation, in addition to price.
With IT organizations focused on delivering business value and not solely on metrics such as uptime, CIOs need to have their ITSM vendors thinking the same way.
"What CIOs really need to do is manage expectations. They should have business outcomes to reach, and they need vendors who are willing to work with this," Grinnell said. "The vendors need to have some vested interest in helping you change fast, as well as keeping the lights on."
To do that, CIOs and their IT leaders need to work with their suppliers in a more agile manner and build a "capability for change" into the relationship, Grinnell said. That's a far cry from the typical vendor contracts, which tend to spend most of the pages setting stiff work parameters and dedicating only a small fraction of the contractual language to how both sides will accommodate changing requirements.
2. Vendor penalties should take into account the cost to the business for failing to meet contract performance objectives.
The CIO and the IT team typically build into their ITSM contracts ways to measure vendor performance, with contractual rewards and penalties for success and failure to meet IT objectives, Carpenter said.
Today, he said it's important to consider the consequences to the business for failing to meet contractual obligations.
"If you have a vendor contracted to do something and they don't do it, what's the impact on your company for that vendor failing?" he added. "That's the key thing that management teams or CIOs need to think about."
Carpenter said he advises CIOs to outline the real costs their companies face if the vendor doesn't deliver and then build those costs into the contract as penalties. "You're running a business, and if they're not supporting your business, they're going to pay. That gives them incentives not to fail," he said.
3. Make sure the IT person assigned to managing the vendor understands the technology and risks well enough to assess vendor performance.
Companies often spend too little time deciding who on their staff will supervise the vendors, Ackerman said. He said he has seen CIOs assign incompetent staffers to the task and, as a result, they don't get the anticipated value from the vendor. Sometimes the assigned staffers assigned end up trying to manage the vendor's work -- a move that cuts into expected cost savings and undermines the effectiveness of the vendor's expertise.
"We find real challenges with the people left on the client side to help manage the vendors. Many times those people are just the wrong people, the wrong personality," Ackerman said. "That can undermine a good outsourcing strategy."
Ackerman said CIOs need to determine what skills are needed to work with a particular vendor given the service-level agreement (SLA), the technology involved and the risks assigned to that vendor. Then they need to put the right person into the role to ensure the vendor is meeting the SLA and enforcing penalties for failures. They need someone who understands the function that the vendor needs to deliver but also understands they should not treat the vendor as his or her staff.
"You need experienced individuals who know how to run and execute the methodologies and approaches you put in place to identify the risks of outsourcing with a particular vendor, how to tie it back to the organization's contractual agreements and risk tolerance and procedures, and how they would work with vendors to reduce risk," Kooney added.
4. Incentivize vendors to work together by putting each of them on the hook for meeting the end-to-end KPIs.
As IT departments outsource more of their ITSM functions, they'll likely find that some situations will require multiple vendors to work together to solve problems, Ackerman said.
However, CIOs will probably find that vendors will be reluctant to cooperate in those cases and instead might revert to blaming others for the problems. ITSM best practices require CIOs come up with a mechanism for getting vendors to work together. Otherwise, they "end up spending an exorbitant amount of time trying to get everyone aligned to resolve the problem rather than solving the problem itself," he said.
Ackerman said he advises CIOs to have vendors focus on meeting end-to-end KPIs, putting incentives for doing so into their contracts. That way each vendor feels a responsibility toward resolving a problem that's impacting the KPIs.
"They know they must work together to meet that goal. So, if something happens where a line is down, all the vendors know they have to jump in and work together to meet that ultimate KPI for the client," he added.
Editor's note: Read more about maximizing the value of your service providers in this ITSM best practices tip from Lois Coatney, a partner and global leader for managed services at advisory firm Information Services Group.