Page 77 - DCAP307_PLANNING_AND_MANAGING_IT_INFRASTRUCTURE
P. 77

Unit 4: Business Process and IT Outsourcing




          The most significant outsourcing risk is dealing with increased management complexity. This  Notes
          level of risk is heightened as the organisation increases the scope of processes being outsourced.
          Many organisations hesitate to outsource processes that are considered mission critical, that are
          tightly linked to other key processes, that clearly differentiate them from the competition, or
          that strongly influence sales. Thus, an organisation’s initial experience with outsourcing probably
          should not involve a critical, core business process. Organisations can ask the following key
          questions to separate core business processes from their less critical processes:
              How critical is the project or process to unique strategic differentiation?
              How competitive and innovative is the organisation in this business area?
              How cost effective are activities in this business area?
              How much customer value does the project or process provide?
          Many companies start with a short-term, low-risk outsourcing pilot effort, perhaps moving
          responsibility for a small business process to an  outsourcing provider that appears to be  an
          attractive,  long-term  outsourcing  partner. They  may employ  an  experienced outsourcing
          consultant to help get started, provide ongoing feedback, and help evaluate the pilot results. At
          least six months are required to gain experience with the service provider and work through
          various start-up issues so that a fair assessment can be made. After this initial experience, the
          company may want to expand the scope of its outsourcing efforts. It can do so with the experience
          gained from the initial pilot and try not to repeat the same mistakes. It also will have substantial
          experience with at least one outsourcing vendor and be in a better position to know what the
          company needs in an outsourcing partner.




              Task  Make distinction between outsourcing and smart sourcing.

          4.5.3 Evaluating and Selecting Appropriate Service Providers

          When outsourcing a major business process or project, an organisation should think in terms of
          hiring a partner, not just a provider. Thus, choosing the best outsourcing service provider is not
          based solely on the lowest price quoted or the highest savings promised. Ideally, the organisation
          can choose an outsourcing firm with which they can build a strong strategic partnership based
          on a mutually sustained commitment to achieve specific business goals. The customer must use
          due diligence in carefully researching the potential partner’s capabilities and reputation. This
          research can be conducted through discussions with current and former customers of the firm,
          seeking input from industry trade groups and consultants, on-site visits to the vendor’s facilities,
          and review of public records related to the firm. These records include Dun & Bradstreet credit
          reports, filings and reports from the Securities and Exchange Commission (SEC), and articles in
          trade magazines and the press.
          Companies also can research outsourcers through documents generated as a result of the Sarbanes-
          Oxley Act. This legislation was enacted in response to  several major accounting scandals at
          Enron, WorldCom, Tyco, and other companies in the late 1990s and early 2000s. Under Sarbanes-
          Oxley, a report filed with the SEC by a publicly held firm must contain a statement signed by the
          CEO and CFO attesting that the report’s information is accurate. Penalties for false attestation
          include up to 20 years in jail and significant monetary fines. As a result, firms spend considerable
          time and energy to document and test internal control processes. But what if a fundamental
          business process is outsourced to a third party? An SAS 70 audit (Statement of Auditing Standards
          No. 70, Service Organisations) is a tool that can help evaluate an outsourcing firm’s internal
          controls.  Under such an audit, the service firm prepares a written document describing its
          control goals and objectives. An outside service auditor then examines the document and the
          service firm’s operations to render an opinion on several issues:


                                           LOVELY PROFESSIONAL UNIVERSITY                                   71
   72   73   74   75   76   77   78   79   80   81   82