Outsourcing and Managed Services - Developing a Common Language Between Suppliers and Purchasers to...

Outsourcing/Managed Services: Developing a Common Language Between Suppliers and Purchasers to Reduce Risk

Alan McSweeney

April 20, 2010 2

Objectives

• Describe at a high-level a structured approach to implementing outsourcing/managed services from both service provider and end-user organisation

April 20, 2010 3

Scope

• Provide a high-level view of a common set of processes to be used by service providers and end-user organisations to implement and operate an outsourcing/managed services arrangement

April 20, 2010 4

What is Outsourcing

• Outsourcing is delegating the responsibility for performing an information technology or business function to a third party

• You outsource because the outsourcing supplier will do:

−What the organisation currently does

−At the same or better level of performance

− For the same or lower price

April 20, 2010 5

Advantages of Managed Services

• Better use of staff: allows agencies to focus human resources on strategic planning and core mission support

• Cost savings: choose not to build and support IT and network infrastructure available in the commercial sector; use limited capital to purchase needed service levels and reduce total cost of ownership

• Ability to use optimal technologies: adjust types and mix of hardware, software, skilled labour, capital investment and technology to support changes in mission needs

• Rapid response to organisation and business changes: supplier is measured by ability to produce solutions

April 20, 2010 6

Types of Outsourcing Arrangement

• Efficiency/Utility (Make it Cheaper) arrangement outsourcing focuses primarily on cost control and, over time, cost reduction, with the goal of maintaining consistency in the delivery of services

• Business Enhancement (Make it Better) arrangement is about business productivity. The organisation’s performance, as compared with their competitors, will improve, resulting in movement toward defined business goals

• Transformational (Make me Money) arrangement is characterised by a partnership between the service provider and service recipient that is focused on innovation and new business, changing the very basis on which an organisation competes

April 20, 2010 7

Benefits of Managed Services

• Managed Services offers an alternative approach for a client to acquire IT or telecom support services− Managed services solutions are designed and delivered by service providers according to a

predefined statement of deliverables and generally includes end-to-end service, service level agreements, and assets (if desired)

• A managed service typically includes monthly recurring service-based pricing offering a more predictable cost approach for the client

• Ongoing visibility of operational performance is provided and managed through pre-agreed performance parameters (known as service-level agreements)− The client may include their unique performance requirements such as degree of control and

visibility, security, availability, capacity, service continuity and other requirements as it relates to the specific service

• Because this is a core competency, the service provider is able to optimise the best balance of facilities, processes, resources, tools, and metrics, resulting in the best overall value for the client− Cost effectiveness is typically achieved through instituting process standards and establishing and

supporting a standard operating environment (SOE) consisting of COTS (Commercial Of the Shelf) services and solutions

• Managed services can be delivered either in a BOCO (Business-owned, contractor-operated) or COCO (contractor-owned, contractor-operated) model and is largely based on client preference

April 20, 2010 8

Outsourcing Organisations - Developing a Vision for IT Services is Required

• What do we do today?

• What do our customers want us to do?

• What changes do we need to make to align with our customers needs?

• How will they pay for those services?

• How will we deliver those services consistently and measure their delivery?

• What kind of organisation (Governance/Contract Management/Structures/Staff/Skills/Service Providers) will we need to achieve it?

• What service management processes we should use?

April 20, 2010 9

Reasons Organisations Outsource

17%

16%

12%

12%

8%

6%

6%

4%

3%

3%

Reduce And Control Operating

Costs

Improve Company Focus

Gain Access To World-Class

Capabilities

Free Resources For Other

Purposes

Resources Not Available

Internally

Reduce Time To Market

Take Advantage Of

Capabilities

Accelerate Reengineering

Benefits

Share Risks

Function Difficult To Manage

Or Out Of Control

April 20, 2010 10

Outsourcing Experiences

• 13% to 25% of outsourcing contracts are brought in-house within the first two years

• Buyers replace 80% of their service contractors in the first three years

• Contractors turn over 40% of their contracts each year, on average

• Nearly 70% outsourcing organisations feel their service provider does adequately understand what they are supposed to do

April 20, 2010 11

Key Issues For Successful Outsourcing

• Many outsourcing relationships fail, are terminated early, are unsatisfactory to either or both of the service provider and the client

• Outsourcing is a business issues and should be treated as such

• Many common issues, problems and concerns arise across outsourcing contracts

• Learn from the issues to avoid them

April 20, 2010 12

Hidden Costs of Outsourcing

• Transfer of knowledge

− Processes and procedures

−Documentation

− Personal knowledge

• Quality issues and their resolution

− Inspection programmes

− Sustaining quality programmes

− Cost of rework

• Communication

− Poor customer service

−Daily operational issues

April 20, 2010 13

Phases of Outsourcing Relationship

Ongoing

Initiation Delivery CompletionAnalysis

For outsourcing organisation

For both outsourcing organisation and service provider

April 20, 2010 14

Phases of Outsourcing Relationship

Management of outsourcing lifecycleManagement of outsourcing lifecycleOngoing

Close-out the service after the contract ends or the service has been terminated

Close-out the service after the contract ends or the service has been terminated

Completion

Provide service and manage and measure its provision

Provide service and manage and measure its provision

Delivery

Prepare for and transition to provision of service

Prepare for and transition to provision of service

Initiation

Analyse operations and functions to identify those services, processes or functions that could potentially be outsourced and develops the approach to be taken to source the identified opportunities

Analysis

Service ProviderOutsourcing OrganisationPhase

April 20, 2010 15

Roles of Service Provider and Outsourcing Organisation During Phases of Outsourcing Relationship

Initiation

Delivery

Completion

Analysis

Ongoing

Service Provider Outsourcing Organisation

Determine if outsourcing represents a business opportunity

Prepare for service transition, transfer resources and personnel from outsourcing organisation and ensure

service continuity

Plan for outsourcing of selected services, evaluate and select a service provider, create an outsourcing

agreement and transfer resources and personnel to service provider

Define and agree requirements, negotiate contract, plan, design and deploy service, implement service

delivery

Implement the capability to manage the service provider, administer the agreement and the issues,

challenges and changes that arise after the agreement has been reached, reviewing the service provider’s

performance

Implement knowledge management processes, perform people management, implement

performance management, manage relationship, manage technology and manage risks and threats

Develop outsourcing strategy management, manage relationship with service provider, ensure value, implement knowledge management processes,

manage technology and manage risks and threats

Prepare for service transition, transfer resources and personnel from outsourcing organisation and ensure

service continuity

Plan for completion, ensure service continuity, transfer resources and personnel from outsourcing

organisation and transfer knowledge

April 20, 2010 16

Roles of Service Provider and Outsourcing Organisation During Phases of Outsourcing Relationship

Initiation Delivery CompletionAnalysis Ongoing

Service Provider

Outsourcing Organisation

Common Language

andExpectations

Agreed Roles and

Responsibilities

April 20, 2010 17

Key Capabilities and Constituent Practices

• Idealised set of steps for a service provider and end-user organisations and outsourcing organisation to perform when taking on a new outsourcing service

• Provides a detailed checklist of work to be done

• Each practices contains a set of activities and tasks

• Can be modified to suit the circumstances: scope of outsourcing, size of service, duration of contract

• Can forms the basis of a project plan for elements of outsourcing work such as initiation

• Reduces risk of failure

April 20, 2010 18

Key Capabilities Within Outsourcing Lifecycle for Service Providers

Ongoing

Initiation Delivery Completion

People Management

Performance Management

Relationship Management

Technology Management

Knowledge Management

Threat Management

ContractingService Design

and Deployment

Service Delivery

Service Transfer

Service Transfer

April 20, 2010 19

Key Capabilities Within Outsourcing Lifecycle for End-User Organisations

Outsourcing Strategy

Management

Governance Management


Value Management


People Management

Outsourcing Planning

Outsourcing Agreements

Sourced Services

Management

Outsourcing Completion

Outsourcing Opportunity

Analysis

Ongoing

Initiation Delivery CompletionAnalysis


Organisational Change

Management

Threat Management

Outsourcing Approach

Service Transfer

Service Provider

Evaluation

April 20, 2010 20

Key Capabilities Within Outsourcing Lifecycle for Service Providers and End-User Organisations

Outsourcing Capabilities

and Skills

Analysis Initiation Delivery Ongoing Completion



Service Provider


Service Provider


Service Provider


Service Provider

Outsourcing Opportunity

Analysis

Outsourcing Approach

Service Transfer

Service Transfer

Contracting

Service Design and

Deployment

Service Delivery

Outsourcing Completion

Sourced Services

Management

Outsourcing Planning

Service Provider

Evaluation

Outsourcing Agreements

Service Transfer


People Management

Performance Management



Threat Management


Management

Governance Management


Value Management

Organisational Change

Management

People Management



Threat Management

April 20, 2010 21

Key Capabilities and Constituent Practices for Service Providers

Outsourcing Capabilities

and Skills

Initiation/ Completion

Delivery Ongoing

1 Service Transfer

2 Contracting3 Service

Design and Deployment

4 Service Delivery

5 Knowledge Management

6 People Management

7 Performance Management

8 Relationship Management

9 Technology Management

10 Threat Management

1.1 Resources Transferred In

1.2 Personnel Transferred In

1.3 Service Continuity

1.4 Resources Transferred

Out

1.5 Personnel Transferred

Out

2.1 Negotiations

2.2 Pricing

2.3 Confirm Existing

Conditions

2.4 Market Information

2.5 Plan Negotiations

2.6 Gather Requirements

2.7 Review Requirements

2.8 Respond to Requirements

2.9 Contract Roles

2.10 Create Contracts

2.11 Amend Contracts

3.1 Communicate Requirements

3.2 Design and Deploy Service

3.3 Plan Design and

Deployment

3.4 Service Specification

3.5 Service Design

3.6 Design Feedback

3.7 Verify Design

3.8 Deploy Service

4.1 Plan Service

Delivery

4.2 Train Clients

4.3 Deliver Service

4.4 Verify Service

Commitments

4.5 Correct Problems

4.6 Prevent Known

Problems

4.7 Service Modifications

4.8 Financial Management

5.1 Share Knowledge

5.2 Provide Required

Information#

5.3 Knowledge System

5.4 Process Assets

5.5 Engagement Knowledge

5.6 Reuse

5.7 Version and Change

Control

5.8 Resource Consumption

6.1 Encourage Innovation

6.2 Participation in Decisions

6.3 Work Environment

6.4 Assign Responsibilitie

s

6.5 Define Roles

6.6 Workforce Competencies

6.7 Plan and Deliver Training

6.8 Plan and Deliver Training

6.9 Performance

Feedback

6.10 Performance

Feedback

6.11 Rewards

7.1 Engagement Objectives

7.2 Verify Processes

7.3 Adequate Resources

7.4 Organisational

Objectives

7.5 Review Organisational Performance

7.6 Make Improvements

7.7 Achieve Organisational

Objectives

7.8 Capability Baselines

7.9 Benchmark

7.10 Prevent Potential Problems

7.11 Deploy Innovations

1.6 Knowledge Transferred

Out

8.1 Client Interactions

8.2 Select Suppliers and

Partners

8.3 Manage Suppliers and

Partners

8.4 Cultural Fit

8.5 Stakeholder Information

8.6 Client Relationships

8.7 Supplier and Partner

Relationships

8.8 Value Creation

9.1 Acquire Technology

9.2 Technology Licenses

9.3 Control Technology

9.4 Technology Integration

9.5 Optimise Technology

9.6 Proactively Introduce

Technology

10.1 Risk Management

10.2 Engagement

Risk

10.3 Risk Across

Engagements

10.4 Security

10.5 Intellectual

Property

10.6 Statutory and Regulatory

Compliance

10.7 Disaster Recovery

April 20, 2010 22

Key Capabilities and Constituent Practices for End-User Organisations - 1 Outsourcing

Capabilities and Skills

Analysis Phase Initiation Phase Delivery Phase

1 Outsourcing Opportunity

Analysis

2 Outsourcing Approach

3 Outsourcing Planning

4 Service Provider Evaluation

5 Outsourcing Agreements

6 Service Transfer

Completion Phase

8 Outsourcing Completion

7 Sourced Services Management

1.1 Define Current State

1.2 Outsourcing Criteria

1.3 Demand Identification

1.4 Outsourcing Options

2.1 Outsourcing Approach

2.2 Business Case

2.3 Governance Model

2.4 Impact and Risk Analysis

2.5 Outsourcing Initiation Decision

3.1 Establish Outsourcing

Project

3.2 Service Definition

3.3 Service Provider Selection

Procedures

3.4 Evaluation Criteria

3.5 Prepare Service

Requirements

4.1 Communicate Requirements

4.2 Evaluate Potential Service

Providers

4.3 Select Candidate Service

Providers

5.1 Negotiations Guidelines

5.2 Confirm Existing Conditions

5.3 Negotiations

5.4 Agreement Roles

5.5 Define SLAs and Measures

5.6 Create Agreements

5.7 Amend Agreements

6.1 Service Transition

6.2 Verify Design

6.3 Resources Transferred Out

6.4 Personnel Transferred Out

6.5 Knowledge Transferred Out

7.1 Perform Outsourcing

Management

7.2 Performance Monitoring

7.3 Financial Management

7.4 Agreement Management

7.5 Problem and Incident

Monitoring

7.6 Service Delivery Change

Management

7.7 Service Change Management

7.8 Review Service Performance

7.9 Stakeholder Feedback

7.10 Service Value Analysis

7.11 Continuation Decision

8.1 Completion Planning

8.2 Service Continuity

8.3 Resources Transfer from

Service Provider

8.4 Personnel Transfer from

Service Provider

8.5 Knowledge Transfer from

Service Provider

April 20, 2010 23

Key Capabilities and Constituent Practices for End-User Organisations - 2

Outsourcing Capabilities and

Skills

Ongoing Phase

Governance Focused

Competency and Change

Focused

Environment Focused

9 Outsourcing Strategy

Management

10 Governance Management

11 Relationship Management

12 Value Management

13 Organisational

Change Management

14 People Management

15 Knowledge Management

16 Technology Management

17 Threat Management

9.1 Outsourcing Sponsorship

9.2 Outsourcing Constraints

9.3 Potential Outsourcing

Areas

9.4 Outsourcing Objectives

9.5 Organisational


10.1 Outsourcing

Policy

10.2 Service Provider

Management

10.3 Internal Stakeholder

Management

10.4 Defined Outsourcing

Processes

10.5 Align Strategy and Architectures

10.6 Business Process

Integration

10.7 Adapt to Business Change


Interactions


Relationships

11.3 Internal Relationships

11.4 Issue Management

11.5 Cultural Fit

11.6 Collaborative Relationships

11.7 Innovative Relationships

12.1 Organisational

Outsourcing Performance

12.2 Capability Baselines

12.3 Benchmark Outsourcing

Processes

12.4 Improve Outsourcing

Processes

12.5 Innovation

12.6 Business Value and

Impact

12.7 Outsourcing Alignment

13.1 Prepare for Organisational

Change

13.2 Stakeholder Involvement

13.3 Define Future State

13.4 Human Resource Changes

13.5 Communicate Organisational

Changes

13.6 Organisational

Change

14.1 Assign Outsourcing

Responsibilities

14.2 Personnel Competencies

14.3 Organisational

Outsourcing Competency

14.4 Define Roles

15.1 Provide Required

Information

15.2 Knowledge System

15.3 Market Information

15.4 Lessons Learned

15.5 Share Knowledge

16.1 Asset Management

16.2 License Management

16.3 Technology Integration

17.1 Outsourcing

Risk Management

17.2 Organisational

Risk Management

17.3 Intellectual Property

17.4 Security and Privacy

17.5 Compliance

17.6 Business Continuity

April 20, 2010 24

Analysis Phase

• Service Provider• Concerned with analysing operations and

functions to identify those services, processes, or functions that could potentially be outsourced− Understanding the current, or as-is, state of

the client organisation’s structure and processes

− Identifying the relevant criteria for selecting outsourcing opportunities

− Identifying outsourcing opportunities to meet outsourcing objectives and criteria

− Organising options for outsourcing− Developing and validating the Business Case

for each outsourcing option− Identifying the outsourcing approach and

governance model for the proposed outsourcing action

− Performing impact and risk analyses of the proposed outsourcing action

− Making the decision whether or not to source the proposed outsourcing action

April 20, 2010 25

Initiation Phase

• Service Provider• Concerned with preparation for and initiation of

service delivery− Gather requirements− Perform due diligence to validate customer

information− Assess if and how the requirements can be met− Prepare for negotiation− Negotiate and sign contract− Confirm assumptions− Confirm responsibilities and commitments− Design the service− Review the service design− Create service specification− Deploy the service− Transfer resources - personnel, technology,

infrastructure, applications− Transition of service

• End-User Organisation• Concerned with preparation for and initiation of

managing outsourced services− Preparing for service selection by developing the

solicitation and criteria for selection− Soliciting and evaluating potential service

providers− Preparing for negotiation by having an

organisational position on cost, quality and other topics that need to be negotiated

− Defining the formal service level agreements and service provider performance measures

− Understanding service provider’s capabilities by gathering information about the service provider and confirming the assumptions that impact commitments

− Establishing a formal agreement with service providers that clearly articulates the clients’ and service provider’s responsibilities and commitments

− Providing feedback on the service design in order to ensure that the services are meeting the client’s requirements and the agreed-upon commitments

− Managing the effective transfer of resources needed for service delivery, including personnel, technology infrastructure and work environment

April 20, 2010 26

Delivery Phase

• Service Provider• Concerned with service delivery including

management of service delivery, verification that commitments are being met and management of costs associated with the service provision− Planning and tracking the service delivery

activities− Delivering services according to the agreed

commitments− Managing the finances associated with the service

delivery− Identifying and controlling modifications to the

services being provided− Identifying and controlling modifications to

associated service commitments− Identifying problems that impact the service

delivery and taking both preventive and corrective actions

• End-User Organisation• Concerned with monitoring the service

provider’s service delivery capabilities, including the ongoing monitoring of service provider performance to verify that commitments are being met, monitoring changes, management of the finances and agreements associated with the service provision, fostering realistic expectations and performing value analysis− Planning and tracking the outsourcing

management activities− Ensuring that services are delivered according to

the agreed-upon commitments− Managing the finances associated with the service

delivery− Identifying and controlling modifications to the

services being provided or to the associated service commitments

− Facilitating problem resolution for problems that impact the service delivery

− Reconciling performance against expectations and ensuring that the service provision returns value to the client organisation

April 20, 2010 27

Ongoing Phase

• Service Provider• Management functions that need to

be performed during the entire outsourcing lifecycle− Manage and motivate personnel to

effectively deliver services− Manage relationships with clients,

suppliers and business partners− Measure and review the organisation’s

performance and taking action to improve it

− Manage information and knowledge systems so that personnel have access to the knowledge needed to effectively perform their work

− Identify and control threats to the organisation’s ability to meet its objectives and client requirements

− Manage the technology, systems and applications infrastructure used to support delivery of service

• End-User Organisation• Management functions that need to

be performed during the entire outsourcing lifecycle− Manage and motivate personnel to

effectively deliver services− Manage relationships with clients,

suppliers and business partners− Measure and review the organisation’s

performance and taking action to improve it

− Manage information and knowledge systems so that personnel have access to the knowledge needed to effectively perform their work

− Identify and control threats to the organisation’s ability to meet its objectives and client requirements

− Manage the technology, systems and applications infrastructure used to support delivery of service

April 20, 2010 28

Completion Phase

• Service Provider

• Concerned with closing down the engagement at the end of the outsourcing lifecycle− Manage the transfer of resources to the

new service provider, whether it is to the client or to another service provider

− Ensure service continuity during transfer

− Identify and transferring the knowledge critical for the delivery of service

• End-User Organisation

• Concerned with closing down the engagement at the end of the outsourcing lifecycle− Planning for closing down a outsourced

service and managing the agreement during the close-down period including managing the agreement during termination proceedings, during renewal, or during normal completion

− Managing the transfer of resources to the new service provider, whether it is to back to the organisation or to another service provider including the potential transfer of people, technology infrastructure and intellectual property

− Ensuring service continuity during the transfer of responsibilities for service provision

− Identifying and transferring the knowledge capital critical for the delivery of service

April 20, 2010 29

Sample Activities by Service Provider and End-User Organisation – Threat Management in Ongoing Phase

Ongoing Phase

Threat Management

Service Provider End-User Organisation

Risk Management

Engagement Risk

Risk Across Engagements

Security

Intellectual Property

Statutory and Regulatory Compliance

Outsourcing Risk Management

Organisational Risk Management

Intellectual Property

Security and Privacy

Compliance

Business Continuity

Disaster Recovery

April 20, 2010 30

Threat Management - Risk Management


• Risk Management• Scope

− Establish and implement a policy on risk management

• Activities− Provide support for creating and maintaining a

policy for managing risk− Document and implement a policy for managing

risk− Support the implementation of a policy for

managing risk


• Outsourcing Risk Management• Scope

− Establish and implement procedures to identify, assess and manage outsourcing risks

− Effective risk management is particularly critical in the early stages of a outsourcing initiative, where requirements are being organised and service is being designed to meet those requirements

− Problems encountered here can impact the success of service delivery and associated business benefits throughout the life of the initiative.

• Activities− Provide support for creating and maintaining the

procedures for identifying, assessing and managing outsourcing risks

− Document and implement the procedures required for identifying, assessing and managing outsourcing risks

− Support the implementation of identifying, assessing and managing outsourcing risks

April 20, 2010 31



• Engagement Risk• Scope

− Identify, assess and manage risks specific to the client engagement


work products and tasks for identifying, assessing and managing engagement-specific risks

− Document and implement the work products and activities required to identify, assess and manage engagement-specific risks

− Support the implementation of identifying, assessing and managing engagement-specific risks


• Organisational Risk Management• Scope

− Establish and implement procedures to manage risks across multiple outsourced services and service providers

− Effective identification and assessment of risks enables the client organisation to take mitigating actions to lower the impact should a risk event occur

− Effective risk management improves the stakeholders’ confidence in the client organisation’s ability to maintain needed services and service levels


procedures for managing risks across multiple outsourced services and service providers

− Document and implement the procedures required for managing risks across multiple outsourced services and service providers

− Support the implementation of managing risks across multiple outsourced services and service providers

April 20, 2010 32



• Risk Across Engagements• Scope − Establish and implement procedures

to manage risks across client engagements

• Activities− Provide support for creating and

maintaining the procedures for managing risks across client engagements

− Document and implement the procedures for managing risks across client engagements

− Support the implementation of the procedures for managing risks across client engagements

April 20, 2010 33

Threat Management - Security and Privacy


• Security• Scope

− Establish and implement procedures to meet security requirements


procedures for meeting security requirements− Document and implement the procedures for

meeting security requirements− Support the implementation of the procedures for

meeting security requirements


• Security and Privacy• Scope

− Establish and implement procedures to meet security and privacy requirements

− Breakdowns, such as security breaches, can impact the client organisation’s ability to provide business continuity, thereby damaging the relationship and making the involved parties vulnerable to legal action

− Effective security is essential for meeting privacy requirements and protecting intellectual property

− Security requirements may come from the client organisation or statutes and regulations governing the service being delivered


procedures for meeting security and privacy requirements

− Document and implement the procedures required for meeting security and privacy requirements

− Support the implementation of meeting security and privacy requirements

April 20, 2010 34

Threat Management - Intellectual Property


• Intellectual Property• Scope

− Establish and implement procedures to protect the intellectual property of stakeholders


procedures for protecting the intellectual property of stakeholders

− Document and implement the procedures for protecting the intellectual property of stakeholders

− Support the implementation of the procedures for protecting the intellectual property of stakeholders


• Intellectual Property• Scope

− Establish and implement procedures to protect the intellectual property of stakeholders

− Inappropriate use or disclosure of intellectual property can damage the relationship with stakeholders, may cause financial loss and make the client organisation vulnerable to disputes or legal action

− Organisation should have a formalised policy on the protection of intellectual property that is used to provide direction for creating the procedures on protection of intellectual property


procedures for protecting the intellectual property of stakeholders

− Document and implement the procedures required for protecting the intellectual property of stakeholders

− Support the implementation of protecting the intellectual property of stakeholders

April 20, 2010 35

Threat Management - Compliance


• Statutory and Regulatory Compliance• Scope

− Establish and implement procedures to comply with statutory and regulatory requirements


procedures for statutory and regulatory compliance

− Document and implement the procedures for statutory and regulatory compliance

− Support the implementation of the procedures for statutory and regulatory compliance


• Compliance• Scope

− Establish and implement procedures to comply with applicable standards and statutory and regulatory requirements

− Client organisation must implement procedures to address governance, risk and compliance

− Procedures ensure that they comply with standards, statutes and regulations that impact their outsourcing capability and their outsourced services in order to meet statutory, regulatory and stakeholder requirements and to avoid stakeholder dissatisfaction and legal or audit issues


procedures for complying with applicable standards and statutory and regulatory requirements

− Document and implement the procedures required for complying with applicable standards and statutory and regulatory requirements

− Support the implementation of complying with applicable standards and statutory and regulatory requirements

April 20, 2010 36

Threat Management - Disaster Recovery and Business Continuity


• Disaster Recovery• Scope

− Establish and implement disaster recovery procedures


procedures for disaster recovery− Document and implement the procedures for

disaster recovery− Support the implementation of the procedures for

disaster recovery


• Business Continuity• Scope

− Establish and implement procedures to ensure business continuity of outsourced services

− Prepare for possible disasters in order to minimise their impact on the client organisation’s ability to continue business activities

− Preparation covers service delivery, security, the protection of intellectual property, crisis management and the safety of personnel and promotes confidence in the client organisation’s and service providers’ ability to react effectively to adverse situations


procedures for ensuring business continuity of outsourced services

− Document and implement the procedures required for ensuring business continuity of outsourced services

− Support the implementation of ensuring business continuity of outsourced services

April 20, 2010 37

Benefits of Structured Approach


• Minimises problems

• Provides common language

• Provides common understanding of roles and responsibilities

• Provides mechanism for resolving issues

• Know what is expected and what should be done


• Provides structured approach to evaluating and adopting outsourcing

• Demonstrates due diligence in selecting outsourcing partner

• Provides common understanding of roles and responsibilities

• Provides mechanism for resolving issues

• Knows service to be provided and measures delivery

April 20, 2010 38

Summary

• Outsourcing experiences and implementations has been poor

• A structured approach to implementing outsourcing arrangements by both providers and end-users can enable effective outsourcing

• A common language and a common understanding of roles and responsibilities will reduce problems and assist in issue resolution

April 20, 2010 39

More Information

Alan McSweeney

[email protected]

Outsourcing and Managed Services - Developing a Common Language Between Suppliers and Purchasers to...

Business

Transcript of Outsourcing and Managed Services - Developing a Common Language Between Suppliers and Purchasers to...