Posted
By

Suppliers of IT outsourcing services limit their responsibility for paying damages arising from the loss of customers’ sensitive data (whether or not intentionally lost by the supplier). Only a few years ago, it was commonplace in an IT outsourcing agreement for a supplier to agree to be responsible for any losses of customer confidential information caused by the supplier. Today, however, due to the widespread increase of data breaches and the higher potential for large amounts of liability that can result from such breaches (see Zurich Insurance fine) suppliers are much less likely to agree to open-ended liability.

IT outsourcing suppliers have taken various approaches to capping their exposure to damages resulting from data breaches, both for amounts owed directly to the supplier’s outsourcing customer as well as the amounts owed to the customer’s clients.

Some suppliers will accept “enhanced” liability for some amount of money that is larger than the general limitation on damages recoverable for standard breaches of the contract; this enhanced amount of money is often set aside as a separate pool of money that cannot be replenished once it is “used up” to pay for the data losses. Some differentiate the amount of exposure they have to these breaches based upon whether the data in question is or should have been encrypted. Still others vary the amounts of exposure based upon whether data was merely lost or whether the data was actually misappropriated by the supplier.

Posted

Once the ink is dry on a signed outsourcing contract, the real work begins for the customer and the service provider. Before the customer can start to realize any savings, efficiencies or service improvements, the parties must first complete the critical task of transitioning from the customer to the service provider the day to day responsibility for performing in-scope functions. This transition process can take several weeks or even months.

Each party has a strong incentive to complete the transition on time. Ordinarily, the customer wants to start reaping the benefits of the outsourcing as quickly as possible. Likewise, the service provider wants be in a position to start charging full freight fees for steady-state services as soon as the transition is complete. In addition, appropriately structured contracts often include an additional incentive for timely performance by the service provider: monetary credits to the customer if transition milestones are not completed on time.

Competing with this need for speed (or, at the very least, on time completion) is the customer’s desire to mitigate the operational risks associated with any transition. Complexities abound, especially if the transition involves multiple service towers and geographies, a transfer of personnel and assets, and a physical change in the location from which services are performed. The stakes are high for both parties. In the worse case scenario for the customer, a hasty transition can result in an interruption or degradation of a critical business activity.

Posted
By

A recent survey conducted by Duke University’s Fuqua School of Business and the American Marketing Association yielded some interesting findings, including:

  • Social marketing budgets are anticipated to increase significantly over the next few years, possibly reaching 18% of total marketing budgets by 2015; and
  • 72% of companies had outsourced some aspect of their marketing programs, and 41% of companies expected to outsource more in 2011.
By
Posted In:
Posted
Updated:

Posted

In part 1 of this discussion we described two front end challenges that, if not properly anticipated and addressed, can (and very often do) derail successful completion of enterprise projects. We’ll now turn to the downstream transactional considerations that can help position a project for success.

The Right Contract Architecture

Customer’s often grapple with how to develop the appropriate contract for enterprise projects. A statement of work alone is not sufficient to cover all the complexities of the project. Instead, customers should consider entering into a master service agreement (MSA) with the supplier. In addition to establishing a contractual framework (e.g., the form and process for developing statements of work) and the terms and conditions, the MSA should address the governing principles or “rules of engagement” for project delivery. Project delivery – especially in a multi-supplier environment – has its own rules which differ in many ways from those followed in typical managed service arrangements. Examples of rules of engagement might include:

Posted

Industry research firm Horses for Sources reported recently that 49% of the companies it surveyed were planning to outsource call center services for the first time, or expand the scope of their existing call center outsourcing, over the next year. With call center outsourcing on the rise, we wanted to share a few of the lessons Pillsbury has learned from negotiating these deals over the past 20+ years.

Baseline Data is Critical to Effective Pricing. Make sure you provide potential suppliers with detailed, accurate historical and projected workload volumes. The data should include:

  • Number of contacts broken down by type (call, email, web chat, fax, white mail)

Posted
By

It is one of those sayings that people just love to recite: “The best contracts are the ones that stay in the drawer.” In ten years of advising customers on their outsourcing agreements, I have heard this phrase uttered in just about every large negotiation that I have done (typically with a knowing nod of the head from others at the table, and sometimes with a disdainful look in my direction). And while it may just be a saying, it is a terribly misguided one; and, even as a guiding principle, it typically will produce the exact opposite result of what it is intending to achieve.

In short, the saying centers around the idea that a healthy long-term working “partnership” – especially one that requires trust, sacrifice and evolution, which most outsourcings do – cannot be strictly managed off the static words on a page, but instead through a trusting, mutually beneficial relationship. So, if you are taking the contract out of the drawer, instead of managing via relationship and trust, either it means that you are being adversarial, which is sure to just escalate and lead to a deteriorating relationship; or it is evidence, in and of itself, that you do not have a good relationship. In this way, the contract is seen as a “negative” – some sort of necessary evil on the front end (perhaps to appease Legal and Finance), that somehow can be vanquished once the contract is signed and the real relationship begins.

Earlier in my career, I thought that the danger in this thinking was that it primarily would lead to the customer failing to enforce its negotiated rights – whether due to the outsourcer’s self-interest, the outsourcer’s lack of incentive to do the “right” thing, or just pure lack of knowledge on both parties’ part. And while this may often be the outcome, I have come to realize that the “keep the contract in the drawer” principle is even more dangerous than that, and ultimately will work to the detriment of both parties.

Posted

There is an inherent “right brain / left brain” tension in procuring outsourced services. The right side of the brain seeks innovative service delivery solutions and emphasizes relationship building with the supplier. The left brain seeks a high level of supplier accountability for performance, competitive pricing and favorable contractual terms.

The two sides of the brain are fundamentally different in nature.

  • The right brain is collaborative and focused on solution and relationship building i.e., aligning customer and supplier interests.

Posted

In last two decades, much of the attention of customers and advisors has focused on outsourcing under the managed services model. The outsourcing era began with infrastructure outsourcing, which evolved from time sharing and facilities management. This was followed by outsourcing of applications maintenance and support and, on a parallel track, Business Process Outsourcing. This journey is littered with failed and successful delivery models, pricing constructs and business arrangements (including joint ventures). Some might consider offshore outsourcing as the most disruptive force to shape managed services.

These trials and tribulations have armed customers and advisors with a fairly mature level of knowledge and experience in outsourcing managed services. In contrast, there is a notable lack of maturity in the approach to sourcing and contracting for critical enterprise projects including ERP implementations, ERP consolidations and major ADM projects. Despite decades of experience with these projects, companies struggle to find and leverage the resources and tools necessary to execute them. Instead, they rely on anecdotal guidance from failed implementations. War stories of cost over-runs, time delays and abandoned projects abound.

How can enterprises avoid these mistakes? Let’s explore some of the challenges (and solutions). In this first installment, we’ll focus on two key front end considerations: (1) the role of executive leadership; and (2) proper planning and preparation (leveraging a sourcing “roadmap”)

Posted
By

Like most everything in life, the making of an outsourcing transaction is a process of taking amorphous ideas and concepts (fuzziness) to a point where there is sufficient clarity for all involved to move forward in a coordinated and desired manner (crispness).

While true for all transactional components of an outsourcing, it couldn’t be more so for what’s at its heart – the services. There are plenty of analogies that could be used, but the consultant in me feels more comfortable with an inverted triangle.

Triangle.png Just recognize that time progresses as one moves from top to bottom and the mechanism is nearly complete. The question becomes, where do you start and where does it end?

By
Posted
Updated:

Posted
By

On June 22, Pillsbury hosted the first annual Federal Cloud Security Summit, organized by the Washington, DC, chapter of the Cloud Security Alliance (CSA-DC). The keynote address was presented by Sonny Bhagowalia, former Deputy Associate Administrator with the GSA’s Office of Citizen Services and Innovative Technologies and current CIO of the State of Hawaii, and covered the GSA’s efforts and outreach to help drive Vivek Kundra’s 25-Point Plan and “Cloud First” initiative.

Among other things, Mr. Bhagowalia spoke extensively about the Federal Risk and Authorization Program (FedRAMP), its goals, its accomplishments and where it is headed. FedRAMP was created to support the government’s cloud computing initiative and is intended to provide a standard, cross-agency approach to providing the security assessment and authorization for agencies to use the services required under the Federal Information Security Management Act (FISMA). The idea is to facilitate the adoption of cloud computing services by federal agencies by evaluating services offered by vendors on behalf of the agencies. The evaluations are based on a unified risk management process that includes security requirements agreed upon by the federal departments and agencies. Because the services are vetted by the FedRAMP, theoretically each agency does not need to conduct its own risk management program – reducing duplication of effort, the time involved in acquiring services and costs.

A draft of FedRAMP requirements was released for comment in October 2010, and final release of the first version was expected by December 2010. Initially, the comment period was extended through January 2011 and the release delayed until the end of June, but according to this report, the requirements are now expected to be released sometime between August and October.