At present, the IT market is keen on the idea of cost estimator services, and in this regard, the task of assessing the effectiveness of cost estimate requires a solution, since it is believed that outsource estimating services can minimize the cost of using information technology. At the same time, if we move away from the general phrases and advantages that are described in the periodicals, then the efficiency of cost estimator IT services is not so unambiguous. When making an cost estimator decision, it is necessary to analyze the financial and organizational costs, not overlooking the risks arising from the organization of cost estimator of IT services from the analysis zone.
The lack of a full-fledged analysis when making this decision can cause tangible losses instead of benefits. cost estimator service providers have methodologies for calculating the effectiveness of outsourcing, however, for the most part, they show financial advantages and very often leave out of the scope of analysis possible losses from emerging risks. Many companies abandon outsourcing after a while and return to the previous model of organizing the IT department. Therefore, the task of analyzing the effectiveness of outsourcing requires a solution for each company separately.
So, the assessment of the effectiveness of outsourcing can initially be divided into three main parts:
Determination of the list of services that can be outsourced;
Analysis of the effectiveness of outsourcing a specific IT service;
Deciding on choosing or replacing an outsourcing company.
Further in the article, we will consider a methodology for assessing the effectiveness of outsourcing.
To conduct performance analysis, it is necessary to create some framework that will be used to select candidates for outsource services. In this case, the basis becomes the Catalog of IT services, which are provided by the internal IT department and consumed by business units. It is necessary to transfer the activities of the IT department to a service-oriented approach, which is described in ITIL / ITSM.
Having a catalog of IT services, you can define a set of criteria that are taken into account when deciding on the selection of candidate services for outsourcing. An example of criteria for making this decision are:
the criticality of the service for business;
manageability of this service in the current state of the IT department;
the criticality of the service from the point of view of information security;
the criticality of the service in terms of business continuity;
the current quality of the service;
an approximate estimate of the cost of the service;
presence in the service of the company's competitive advantages;
the level of operational risks in the processes of providing services;
the presence of such services on the open market;
Among the criteria, a group of "cut-off criteria" can be identified, i.e. criteria having the greatest weight in decision-making. If one of the “cut-off criteria” shows the impossibility of outsourcing, then this service is not outsourced. Typically, the "cut-off criteria" are information security and business continuity criteria. Further, to decide on the list of candidate services for outsourcing, it is necessary to conduct a survey in the expert group and arrange expert assessments in the context of each service. After the assessments have been placed, a weighted summation is carried out, and, based on its results, a decision can be made by defining a list of candidate services possible for outsourcing. A “shortlist” of IT services is being drawn up, which will be further analyzed for financial efficiency.
The definition of the "shortlist" allows to identify the most critical IT services from the point of view of business - outsourcing of which is associated with great risks and exclude from the calculation of the effectiveness of services, the withdrawal of which is ineffective or involves high risks. Practical examples show that services that cannot be withdrawn are associated with the support of hazardous production, the processing of confidential information, the specificity of the organization, etc.
Further, the resulting "shortlist" of IT services is analyzed from the point of view of the standard managerial task of choosing "make ourselves" or "buy from others." To make this decision, you need to determine the current costs of providing a service, the cost of providing such a service by an outsourcing company, the cost of processes and activities for interaction with an external supplier, and also assess the risks that will arise when transferring this service to outsourcing.
Moreover, the identification and assessment of risks can become decisive in terms of making this decision, therefore, the absence of risk analysis in the analysis of the effectiveness of outsourcing is a regular mistake when making this decision. The transition to an outsourcing model in the provision of IT services leads to the emergence of many risks associated with both changes in processes,
In addition to operating costs and losses from possible risks, it is necessary to provide for the costs of creating and implementing processes to control the activities of the outsourcing company and contractual work. A common mistake is the withdrawal of all IT expertise from the company, which leads to the overstatement of IT service costs. The result of price increases from external suppliers is the lack of IT expertise within the Company, which leads to a dictate of inflated labor costs and prices on the part of IT suppliers.
Therefore, when organizing a service model of information technology management, it is necessary to provide for a certain competence within the company on this issue. It can be a customer service that arranges the collection of requirements from business units and organizes their transfer to an outsourcing company, contractual work, and control over the possibility and completeness of the implementation of the formed requirements.
Internal performance analysis can be divided into three distinct parts. This is a cost analysis of the provision of a service, an analysis of possible risks arising in the provision of a service, and the cost of organizing and performing control processes over external suppliers.
The cost analysis of the provision of service allows you to determine the cost of a service based on an analysis of all the components used in its provision. An example of a cost analysis would be an analysis of the following parts:
the cost of resources, including the cost of managing the life cycle of the resource;
the cost of software, including the cost of software lifecycle management;
the cost of service deployment projects;
cost of service delivery processes;
cost of service support processes;
the cost of actions to ensure quality control of the service;
In this case, the cost can be calculated using the service-resource model and calculating the cost of processes using the method of operational-cost analysis. The service-resource model will allow the distribution of the costs of equipment, software and work on their operation in the context of the services provided. This is a difficult and time-consuming task that requires certain costs at the decision-making stage.
To estimate the cost of IT service delivery and support processes, it is necessary to describe them down to the workplace level and allocate costs to cost centers within the IT department. Then, using the operational cost analysis, calculate the cost of the processes. With the correct organization of work on the description of processes, this description can be used to document the current state of IT processes and improve activities in the event of a negative decision to withdraw IT services to outsourcing. As a result, a cost estimate will be generated for each service, showing the cost of the internal implementation of the IT service.
In addition to the current costs of providing IT services and the potential benefits and losses from the transition to an outsourcing model, to make a decision, it is necessary to analyze the group of costs associated with the emerging processes of interaction with the IT service provider. An important criterion, in this case, is the analysis of the risks associated with a possible break in relations with the outsourcing company for various reasons. Therefore, it is necessary to analyze the cost of changing a supplier in options, both a quick break in relations, and in the case of a gradual separation, and the cost of interaction with an outsourcing company.
This analysis will allow us to estimate the cost of making a decision, which also affects the cost of providing services by an outsourcing company.
In the case of the withdrawal of the entire IT department, based on a volitional decision, a preliminary estimate of the cost of providing services becomes meaningless and in this case, it is possible to compare the totality of all costs for the IT department before outsourcing with the amount of IT contracts after the withdrawal and the cost of interaction processes between parent and subsidiary company arising from outsourcing. Therefore, it is possible to analyze the total cost of the development of information technology in terms of:
the cost of external service contracts;
cost of processes;
Outsourcing the entire IT department without first introducing a service-oriented approach and studying the local IT market, as a rule, leads to the birth of a subsidiary IT company, which is not viable in the market without a parent company, which does not make it more efficient.
However, cost analysis does not provide a complete picture of the cost-effectiveness of outsourcing. To ensure the completeness of the analysis, it is necessary to analyze the current losses from operational risks arising from the provision of each IT service and losses that may arise from the risks associated with the transfer of IT services to an external provider. The analysis is needed for potential losses associated with the quality and reliability of IT services. In this case, the results of the risk analysis can affect both the "expense" and "income" part of the analysis. An example of a cost analysis of risks associated with quality and reliability are the following parameters:
cost of losses due to insufficient quality of IT services;
cost of losses due to refusal to provide IT services;
reducing costs when using new technologies in IT services;
the cost of losses due to leakage of confidential information in the provision of IT services;
cost of losses in case of leakage of competitive advantages realized in the IT service;
In the case of outsourcing, risks 1, 2, and 3 can influence the adoption of a positive decision on the withdrawal of the service to outsourcing since the IT service provider becomes responsible for these risks and the company can cover its losses with penalties if the risks are realized. Whereas risks 4 and 5 in the case of outsourcing affect the adoption of a negative decision.
When assessing risks, it is most correct to use a loss base, which contains information about losses that have occurred in a company for a certain period. But, we can say with confidence that this information is not collected in most companies, which, as a rule, leads to the need to apply expert knowledge to assess risks. The result of such an expert assessment should be informed about the probabilities of risks and the average values of losses from them, which will make it possible to determine the financial component that affects the cost of IT services. To assess risks, you can use standard IT methodologies that contain operational risk management elements - CRAMM, MOF, etc.
One of the challenges that can be addressed by using the outsourcing model is the ability to transfer risks to an external provider, which can improve IT efficiency.
An example of risks transferred to an outsourcing company can be:
the departure of qualified IT specialists from the company;
illness and vacations of key specialists;
errors in the service leading to its refusals;
Accordingly, when assessing, it is necessary to take this component into account in the cost of the service in terms of making a positive decision.
At the stage of selecting suppliers, it is necessary to analyze the outsourcing market in terms of the cost of outsourcing services and the sustainability of suppliers.
The main element of the analysis, in this case, is external suppliers, for which an analysis is required according to the following parameters:
reliability and stability of the outsourcing company (time off work in the market, number of clients, turnover of the company, etc.);
the likelihood of a break in relations with a supplier (the number of breaks for a given supplier, the average duration of the provision of services for existing suppliers, etc.);
quality assurance and supplier competence;
the possibility of transferring risks to an external supplier;
availability of the service in the local market (the number of companies providing this service, the number of customers purchasing this service, etc.);
the complexity of the provision of services from one supplier;
the likelihood of termination of the supplier's company;
All these parameters help to choose the most effective outsourcing company. Besides, knowing the cost of changing the supplier and the likelihood of this event, you can get a financial estimate, which can be aggregated with the previously obtained cost of the IT service.
However, if you do not have mechanisms for regularly assessing the quality of the outsourcing company, then there is a possibility that the quality of services will fall to an unsatisfactory level. Therefore, it is most effective to use a set of key performance indicators for control and their regular assessment. Well-known IT standards - COBIT and ITIL can become the source of KPIs.
One of the key indicators, in this case, are financial indicators, but the same should not be forgotten about other indicators. Examples include the following:
the ratio of the current cost of purchased IT services to the average market cost of these services;
the cost of interaction with an outsourcing company (this cost may be large at the initial stages, while in the future when the interaction processes are established, this cost should decrease);
average time to resolve an incident by service and the number of unresolved incidents;
losses from business downtime due to the fault of the IT service provider;
It is most effective to collect key performance indicators (KPIs) and analyze them in information systems of the Service Desk class, which are intended, among other things, to obtain this management reporting. The formalization of the CRC data between the consumer and the IT service provider is enshrined in the Service Level Agreement.
If the quality of the services provided has become unsatisfactory and the external supplier does not fulfill the requirements of the contractual documents, then a change of the external supplier is required. However, when deciding to change an outsourcing company, you need to understand that the cost of changing an outsourcing company can be minimal if the service is standard and is present on the local market, but if the service is atypical, then the cost of changing the outsourcing company can turn into the cost of deploying such an activity inside reorganization.
Therefore, to ensure business continuity, it is necessary to provide options for changing the outsourcing company for each IT service. Moreover, there can be two scenarios: a gradual change of supplier with the transfer of developments to another supplier, an emergency change of a supplier, taking into account the minimum time to attract another supplier. All this also affects the assessment of the effectiveness of outsourcing.
To make a final decision on outsourcing based on the analysis performed, it is necessary to aggregate all estimates. To do this, all analysis results for each IT service (including expert ones) are collected in a table taking into account all components, and the risk analysis should be presented in the form of a cost, which is calculated based on data on losses and risk probability.
For each IT service, a table row is formed, consisting of a set of cells, which contains the current costs of providing IT services, cost estimates of risks, cost of external provider services, etc. The minus sign shows the costs that arise in the event of a decision to outsource, and the plus sign shows the current costs of IT services. The summation of these costs shows an estimate of the effectiveness of outsourcing. If the total value is positive, then it is more profitable to leave the service inside the company, and if it is negative, then the service needs to be outsourced.
However, it must be understood that to check the correctness of the decision, it is necessary to translate the obtained values into a percentage of the current cost of the service to normalize the obtained values and make them independent of the cost of the service.
Then it will be possible to see the percentage change in the cost for outsourcing, and if the value is no more than 0 - 5%, then it would be correct to leave the service inside the company if a separate supplier is needed for this service. Whereas, if this service will be outsourced together with others, then its withdrawal is quite possible. If the resulting value is 5 percent or more, then you can confidently begin work on the withdrawal of this IT service to outsourcing.
Analysis of the effectiveness of outsourcing IT services can lead to the following typical recommendations that can be useful in making a decision. Currently, it is most efficient to outsource the following types of IT services:
services that are simple in terms of organization and delivery;
services that require expensive, part-time IT staff;
services that do not contain confidential information;
services for the maintenance of highly specialized equipment;
services related to one-time development or implementation of software solutions.
If an IT service is complex and company-specific, then outsourcing it can bring more headaches than savings. Very often outsourcing decisions are made due to the poor performance of the IT department. However, in most cases, if the IT department does not work satisfactorily, then simple outsourcing of IT maintenance work may not solve the problem. It is necessary to clearly define the reason for the unsatisfactory performance of the IT department at the moment, and the reasons for this can be different, ranging from poor organization of work, ending with the low level of development of business units that cannot articulate what they need.
In the case of a weak formalization of the requirements of business units for information technology, there is a high probability of providing an IT service that will not satisfy the business due to an incorrect or incomplete statement of the task, which in the case of outsourcing will increase the losses of both parties, therefore outsourcing is not just shifting one's unsolved problems onto the shoulders external supplier, and above all the establishment of effective work based on a service-oriented approach.
It is not for nothing that the ITIL / ITSM library of best practices are so popular, since, before switching to an outsourcing model of activity and ensuring a reduction in information technology costs, first introduce a service-oriented approach to IT management, establish management of an internal department, and taking into account possible changes in activities all business units.
In conclusion, I would like to urge readers to analyze many factors when deciding whether to outsource IT services and not accept them under the pressure of marketing statements.
Andrey Konstantinovich Koptelov, Director of IT Consulting Department, IDS Scheer Russia, and CIS countries
Vishnyakov Oleg Leonidovich, Deputy General Director - Director of the Consulting Unit of IDS Scheer Russia and CIS countries.