Posted
By

London has just witnessed an amazing summer of sport, with the Olympics and Paralympics having come to a close. Yet the impact of the Games may be broader than simply having provided Londoners (and the world) with a brilliant injection of morale and amazing photo opportunities. There are many chances for businesses to learn valuable lessons from the Games, including in the areas of risk management and project management.

1. The Olympic Paradigm – Think Ahead

As expected, the Games brought certain challenges for businesses in London. Many challenges were clear and highlighted well in advance so that businesses could plan and ensure that sufficient contingencies, tailored to their specific business needs, were in place to keep things ticking over.

Continue reading

Posted
By

Recent news that General Motors plans to insource the vast majority of its IT support positions caused shockwaves through the IT outsourcing industry. Client satisfaction with outsourcing deals has always been mixed, and one can speculate that after a twenty-plus year wave of outsourcing deals, perhaps it’s time for the tide to turn the other way. So the questions are: Is this a meaningful trend? And what does it mean for you?

I hesitate to read too much into the GM announcement, given the taxpayer-funded bailout of GM and the current administration’s need to show some US job “wins” in the run-up to the November elections. But even beyond politics, we do see some movement among our own client base to insource some previously externalized functions or, for those new to outsourcing, to take a go-slow approach that would have been questioned by the executive suite only a few years ago. Areas where we see some degree of pull-back are in IT client-facing functions (where the IT organization needs to eliminate the “noise” so it can focus conversations with internal customers on adding business value) and in business-critical application support, where outsourcers sometimes have difficulty supplying the business vertical knowledge and process functional expertise to be effective. On the other hand, there are even more headlines about the Cloud and Mobility trends where, either because of scale (Cloud) or a dynamic marketplace (Mobility), outsourcers are able to leverage resources, skills and investments that most IT departments would be hard-pressed to match.

So to the first question, it’s very unlikely that this “pull it all back” approach will be a sweeping trend. What this does mean is that IT executives can now point to GM’s decision and other market experience to be in a better position to make – and effectively execute – sourcing decisions without having to take the all-or-nothing outsourcing paradigm they’ve felt pressured to in the past. But, while the GM decision provides the anecdotal support for challenging the past approach, what’s really underpinning the shifts you read in the headlines (and we see in our advisory business) is the rise of IT Service Management into a maturing capability.

Continue reading
By
Posted In: Industry Trends
Posted
Updated:

Posted
By

Judging from my 25 years of experience as an outsourcing practitioner, I believe there is widespread consensus among suppliers and customers that, promptly upon their execution, outsourcing contracts should be locked away in a file cabinet never to be looked at again until it is time for them to be renewed (or litigated). Or, alternatively, be used as expensive door stops. This despite the many person-months of effort and hundreds of thousands or, in some cases, millions of dollars spent to structure, draft and negotiate them.

Why is this? Why do outsourcing customers repeatedly invest so much time, effort and money to create and negotiate detailed outsourcing contracts if they expect them to play such a small a role in the ongoing management and administration of their relationship with their outsourcing supplier? Is it somehow immoral or unfair to expect the parties to follow the roadmap they so painstakingly create during the process of negotiating the outsourcing contract, or to expect the suppliers to actually deliver on the numerous commitments they typically make in an outsourcing contract? Perhaps the better question is whether it is just too much of a bother for the company’s supplier management organization to read, understand and attempt to follow the typical outsourcing contract. Could the root of the problem be that outsourcing contracts are customarily structured and written in such a way that it is nigh on impossible for mere mortals to use them as effective tools for managing and administering an outsourcing relationship? If so, that is a powerful indictment on the last 25 years of the outsourcing industry.

Structured and written properly, an outsourcing contract is the best (if not the only) formal statement of the type of relationship the customer expects to have with its outsourcing supplier, the expectations and objectives for that relationship, and the rules of the road that both parties have agreed to live by. If the outsourcing contract is discarded as an ongoing relationship management tool, the customer and its supplier are left to muddle through – typically doing things the way the supplier has always done them with little regard to what was specifically discussed and agreed during the weeks and months of discussions and negotiations preceding the contract’s execution. This problem is exacerbated if, as is all too often the case, the business deal makers and lawyers who engaged in the discussions leading up to the contract’s execution disappear from the scene soon after the contract is executed, replaced by fresh troops who know little about the content of those discussions or the resulting contract and, as a result, would be hard pressed to follow the contract even if they were inclined to do so (which they generally aren’t).

Continue reading

Posted
By

On 16 August 2012, the ICO published guidance on deleting personal data under the Data Protection Act 1998 (DPA). The guidance describes how organisations can ensure compliance with the DPA when they delete or archive personal data, and explains what the ICO means by deletion and archiving and introduces the concept of putting personal data ‘beyond use.’ The guidance aims to counteract the problem of organisations informing people that their personal data has been deleted when, in fact, it is merely archived and could be re-instated; archived information is “subject to the same data protection rules as ‘live’ information, although information that is in effect inert is far less likely to have any unfair or detrimental effect on an individual than live information.”

Given the fifth data protection principle which provides that “personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes,” the deletion of personal data is an important activity for organisations which control or process personal data. The ICO notes that, although the DPA does not define “delete” or “deletion”, a plain English interpretation implies “destruction” which, in the case of electronic storage, is less certain than, say, incineration of paper records, since information which has been “deleted” may still exist within an organisation’s systems in some form or other.

The ICO says that it will “adopt a realistic approach in terms of recognising that deleting information from a system is not always a straightforward matter and that it is possible to put information ‘beyond use’, and for data protection compliance issues to be ‘suspended’ provided certain safeguards are in place.” The ICO gives specific examples of where putting information ‘beyond use’ would be an acceptable alternative to ‘deletion’. For example, an acceptable alternative may arise where for technical reasons, it is not possible to delete this information without also deleting other information held in the same batch, or where information has been deleted with no intention on the part of the data controller to use or access this again, but which may still exist in the electronic ether where it is waiting to be over-written with other data. The ICO will be satisfied that information has been ‘put beyond use’ if the “data controller holding it:

Continue reading

Posted
By

When customers sign a contract with a service provider that will be holding the customer’s confidential data (for example, the customer’s business records, human resources data, personally identifiable information, protected health information, payroll data), in addition to laying out the service provider’s responsibility for protecting the data, customers focus on restrictions allowing the customer to audit and confirm over the life of the contact that its data is being stored and maintained securely and appropriately by the service provider.

However, everyone (including service providers) seems to be outsourcing or subcontracting today. Customers must be vigilant about ensuring that their service contracts allow them not only to review, audit and confirm that their service provider is maintaining their data appropriately, but also that the customer can track and audit any customer data held by their service providers’ subcontractors (and those subcontractors’ subcontractors, and so on).

Service providers today frequently partner with subcontractors to provide discrete portions of their suite of services – sometimes those subcontracted services are (arguably) “not material” to the overall scope of the services provided, while sometimes those subcontracted services are mission-critical.

Continue reading

Posted
By

Under the previous 1981 Transfer of Undertakings (Protection of Employment) Regulations 1981 (TUPE) and the EU Acquired Rights Directive (ARD) it was not clear whether the definition of a relevant transfer caught “outsourcing” activities where there was a change of service providers or a contracting in or out of services. The UK and European courts used a number of factors to decide whether there was a “transfer of an undertaking” within the meaning of TUPE 1981, which led to a number of conflicting case law decisions on this point.

TUPE 2006 Regulations sought to address the difficulties in applying TUPE 1981 to outsourcing activities by extending the definition of a relevant transfer to include situations where:

  • there was a “service provision change” for outsourced or in-sourced activities, or
Continue reading

Posted
By

Based on a 2011 Gartner study, numerous website and industry blog postings, and almost every executive I’ve spoken with, it seems that innovation continues to be lacking in outsourcing relationships. All companies want it, all providers promise it, and no one is happy with the actual results.

The study offers suggests three key steps for how to “contract” for innovation:

  • Define Innovation
Continue reading
By
Posted In: Industry Trends
Posted
Updated:

Posted
By

What does the ideal outsourcing procurement process look like from the customer’s perspective? It is a process that enables the customer to put in place a deal quickly and efficiently with a minimum of friction and achieves the customer’s business objectives.

How often is this ideal realized? Not often enough.

Why not? There are many causes, but one contributing factor we frequently see is a bifurcation of the procurement process into a “consulting” phase and a “legal” phase.

Continue reading