The Value of Selective IT Sourcing

When Eastman Kodak turned over the bulk of its IT operations to three outsourcing partners in 1989, outsourcing was a $4 billion a year business.1 Today, that number has grown to nearly $40 billion a year, according to the estimates of industry watchers Frost & Sullivan. Following Kodak’s example, various companies such as Continental Bank, General Dynamics, Continental Airlines, and National Car Rental opted to dismantle internal IT departments by transferring IT employees, facilities, hardware leases, and software licenses to third-party vendors for seven- to ten-year periods.2 But while such high-profile deals are continually reported — most recently, involving Xerox, Delta, and British Aerospace — a different, more typical pattern has been developing. The growth of IT outsourcing is increasingly based on what we call “selective sourcing,” characterized by short-term contracts of less than five years for specific activities. Selective sourcing meets customers’ needs while minimizing the risks associated with total outsourcing approaches.

Companies outsource IT for many reasons, ranging from its high profile and current popularity to cost pressures from competition and the economic recession.3 However, industry watchers attribute the growth of the IT outsourcing market to two main phenomena. First, interest in IT outsourcing largely results from a shift in business strategy. Many companies have abandoned their diversification strategies — once pursued to mediate risk — to focus on core competences.4 As a result, IT has come under scrutiny. Senior executives frequently view the entire IT function as a noncore activity and reason that IT service vendors have the economies of scale and technical expertise to provide services more efficiently than do internal IT departments.5

Second, uncertainty about IT’s value is another reason for the growth of outsourcing. In many companies, senior executives perceive that IT has failed to deliver the promise of competitive advantage propagated in the 1980s.6 Consequently, many senior executives view IT as a necessary cost to be minimized. The CEO of a U.S. conglomerate of petroleum, natural gas, and chemicals expressed his frustration with IT:

All we see is this amount of money that we have to write a check for every year. Where is the benefit? IS says, “Well, we process data faster than we did last year.” So what? Where have you increased revenue? All you do is increase costs, year after year, and I am sick of it. All I get are these esoteric benefits and a bunch of baloney on how much technology has advanced. Show me where you put one more dollar on the income statement.

These two phenomena — the refocus on core competences and the perception of IT as a cost burden — prompt many senior executives to sign outsourcing “megadeals” for the provision of all IT services.7 When they first sign such deals, companies publicly announce the anticipated benefits of outsourcing, such as refocusing resources on core activities, reducing IT costs by 10 to 50 percent, and increasing IT service levels.8 The vendor is often heralded as a strategic partner that will provide access to new technologies and technical expertise during the course of the relationship.

From 1991 to 1994, we investigated whether IT out-sourcing has delivered on its promise by studying sixty-two IT sourcing decisions made by forty U.S. and European companies. Because most of the companies had made their outsourcing decisions before this, enough time had elapsed to evaluate the consequences. In general, we found that companies engaging in total outsourcing experienced significant difficulties a few years into their contracts. Among the problems were increased IT costs and poor service levels due to ill-defined “relational” contracts and inflexibility in adapting to both business and technical changes. Thus many IT activities that should have remained in-house were handed over to vendors. Companies that exclusively used their internal IT departments to provide IT products and services also experienced problems. By ignoring the external services market altogether, senior executives unwittingly created an environment of complacency and erected organizational barriers against continuous improvement in IT costs and services.

Most of the companies that had successful experiences with IT outsourcing used a reasoned, incremental, and selective approach to outsourcing, which is increasingly reflected in the market structure. A survey we conducted in 1993 supports this finding. Of the 162 large European companies responding, slightly fewer than half had IT outsourcing contracts.9 But these contracts represented, on average, 24 percent of their IT budgets and were predicted to increase to 36 percent by 1998.10 The survey further revealed that very few total outsourcing deals had been signed, despite their high profile in the media.

The practice of outsourcing select IT applications to vendors while retaining other IT applications in-house, referred to as “selective sourcing,” “smart sourcing,” or “right sourcing,” eschews the all-or-nothing approach in favor of more flexible, modular outsourcing. But while selective outsourcing provides managers with a greater array of options, it is also more confusing. Managers may make the wrong decisions about which IT services to outsource and which services to retain in-house, neglect the technical issues involved in outsourcing, and miscalculate the long-term economic consequences. Based on the successful (and unsuccessful) experiences of the companies in our study, we have developed a selective sourcing framework for examining the complex issues and assumptions associated with IT sourcing decisions.

A Case Study Approach

To develop an in-depth understanding of IT sourcing decisions, we needed to consider historical antecedents to appreciate the context of the outsourcing decision. A multiple case study approach seemed the most appropriate because it was impossible to tightly control for research variables or for the interactions between them.11 Different stakeholders within organizations are likely to have different views of the evaluation process. We chose cases based on “theoretical sampling,” in which a number of cases represent polar extremes, so we could compare different aspects of the company’s decision.12 The polar extremes we focused on were the scope of the sourcing decision and the financial outcome of the sourcing decision.

· Scope of the Sourcing Decision.

The companies we chose represent various sourcing decisions with many options, ranging from ten-year contracts for the provision of all IT services to an internal staff providing almost all IT services. In addition to outsourcing contracts, there were many examples of insourcing, in which companies were using external staff and resources within IT activities that remained under in-house management. For analysis, we grouped the decisions of the case study participants into four categories:

Total outsourcing transfers IT assets, leases, staff, and management responsibility for delivery of IT services from internal IT functions to third-party vendors, which represents at least 80 percent of the IT budget.

Total insourcing retains the management and provision of at least 80 percent of the IT budget internally after evaluating the IT services market. Included in our definition of insourcing is the buying-in of vendor resources to meet a temporary need, such as programmers in the latter stages of a new development project or management consultants to facilitate a strategic planning process. In these cases, the customer retains responsibility for the delivery of IT services; vendor resources are brought in to supplement internally managed teams.

Selective sourcing locates selected IT functions with external providers while still providing between 20 percent and 80 percent (typically 24 percent) of the IT budget. The vendor becomes responsible for delivering the result of the selectively outsourced IT activities, while the customer remains responsible for delivering the result of the insourced IT activities.

De facto insourcing uses internal IT departments to provide products and services that arise from historical precedent, rather than from a reasoned evaluation of the IT services market.

With these definitions, we categorized the sixty-two sourcing decisions in the forty organizations studied (see Table 1 for a summary). The common element of all sixty-two decisions is that the participants evaluated the external IT services market before making a sourcing decision. As we will discuss, the failure of de facto insourcing often prompted the evaluations.

· Financial Outcomes of Sourcing.

The criteria for sourcing success vary from organization to organization, and, in some cases, perceptions vary within an organization. However, the criteria generally were: (1) the targeted cost savings were achieved or better than anticipated; (2) service levels were maintained or improved; (3) the user management was satisfied; (4) there were few client-vendor disputes; (5) the vendor was responsive and attentive; (6) objectives and outcomes compared favorably; and (7) the contract was renewed.

We targeted the achievement of anticipated cost savings as a major indicator of success for two reasons. First, 85 percent of the participants cited cost savings as a major reason for conducting a sourcing evaluation. Second, cost savings were the easiest measure of success to determine —in fifty-three of the sixty-two sourcing decisions, participants had clear indications of financial outcome. (In the remaining nine cases, it was too early for participants to judge the financial outcome, particularly for long-term total outsourcing decisions.)

· Case Study Participants.

At each case site, we conducted one- to three-hour interviews with individuals directly involved in the outsourcing decision on behalf of the organization or outsourcing vendor. The interviewees, 145 in all, were senior business executives and chief information officers (or equivalent) who had initiated the sourcing evaluations, consultants assisting in contract negotiations, and vendor account managers responsible for executing the contract. We also interviewed the IT personnel who gathered technical and financial information.

During the unstructured portion of the interviews, we asked participants, who were assured anonymity, to tell their insourcing or outsourcing stories and provide specific evidence to support their viewpoints, such as anecdotes, benchmarking reports, IT budgets, and outsourcing bids. Participants described the organizational structure, the major products and services produced, competition in their industry, their financial situation, corporate goals, and business successes and failures. They also described their IT activity in terms of the number of MIPS (millions of instructions processed per second), head-count, budget, charge-back system, user satisfaction, challenges, goals, and reputation. Finally, we asked semistructured questions to learn about specific insourcing-outsourcing issues lacking from their previous recollections.

The companies we studied represent a variety of industries, venues, sizes, sourcing decisions, and financial outcomes. Thirty-two of the thirty-six private companies are characterized as large (in the Fortune 500 or Financial Times European 1,000), while four of the thirty-six private companies are small.

Problems with All-or-Nothing Outsourcing

The first insight from our study is that total outsourcing, characterized by long-term megadeals, can lead to trouble a few years into the contract, as evidenced in five of the fourteen total outsourcing cases.13 After the initial honeymoon, these companies complained of a loss of alignment between business strategy and IT, failed promises to access new technologies, and contractual costs that are significantly greater than current market prices. Although several companies involved in megadeals want to terminate their contracts, senior executives have found it prohibitively expensive to switch vendors or bring IT in-house again after strategic partnerships fail. Only two companies have brought IT back in-house. The experiences of a U.S. chemical company, which are not atypical, challenge the concept of total outsourcing (see the sidebar).

Although the war stories rightfully discourage total out-sourcing, they do not suggest that exclusive sourcing by an internal IT department is the answer. Our research strongly indicates that internal IT monopolies promote complacency and create organizational obstacles to continuous improvement. Many IT managers in our study have exploited the total outsourcing failures and adamantly refuse to deal with outsourcing vendors. For example, the vice president of IS at a waste management company tried to deflect his CEO’s interest in outsourcing by producing a white paper that highlighted outsourcing failures. The CEO eventually dismissed the white paper and signed an outsourcing contract for all applications development and support.

More commonly, de facto policies of exclusive insourcing create organizational obstacles to improvement because internal users resist the cost reduction tactics that IT managers propose. Because IT typically lacks the clout to implement the unpopular tactics of outsourcing vendors — such as data center consolidation or software standardization — unbridled users can significantly drive up IT costs. For example, at a U.S. food manufacturer, users resisted the IT director’s attempts to cut costs by standardizing software. Despite the IT department’s efforts, users insisted on their own operating systems, utilities, report generators, statistical packages, spreadsheets, and e-mail. Not until senior executives threatened the organization with outsourcing was the IT director empowered to behave like an outsourcing vendor. Users agreed to allow him to standardize software rather than have an external vendor do it for them. IT costs subsequently dropped by 45 percent. There were similar results in nine other insourcing decisions; insourcing led to lower costs after the formal evaluation of market capabilities enabled internal IT managers to act like vendors.

The problems with all-or-nothing outsourcing stem from IT’s distinctiveness. Senior executives who approach IT outsourcing like any other make-or-buy decision make a mistake. Unlike other functions — such as mail-rooms, cafeterias, legal departments, manufacturing, distribution, and advertising — IT cannot be easily handed over to a vendor. It is different in a number of ways:

• Information technology is not homogeneous but comprises a wide variety of activities. Some IT applications enable business operations and management processes in a uniqueway. Other IT activities, such as accounting systems, may seem less critical, but closer scrutiny often reveals that the value of such systems lies in the cross-functional integration of business processes. In many organizations, information technology integrates product design, material purchases, manufacturing processes, sales, and customer service. Ubiquitous IT applications across business functions hinder outsourcing because IT cannot easily be isolated. Outsourcing is difficult because vendors do not understand the implications that IT has for other business processes. For example, a U.K. food manufacturer out-sourced the development of its factory automation system, only to discover that the vendor did not understand critical interfaces with other business units such as purchasing and inventory control. It delivered the system two years late at twice the cost that the company expected. This and other examples suggest the need for a selective rationale for out-sourcing — while some activities can be outsourced, many others require management’s attention, protection, and nurturing to ensure current and future business success.

• IT capabilities continue to evolve at a dizzying pace; thus predicting IT needs beyond three years is difficult. Although the managers at the companies studied initially thought that vendors would provide access to new technologies, they usually contracted for current technologies with only vague references to future technologies. Most companies found that, by the third year of an outsourcing deal, the original contract hindered their adoption of new technologies. For example, a U.S. petrochemical company signed a ten-year total outsourcing contract in 1988. At that time, the majority of the company’s systems were running on mainframe technology. With the advent of client-server technology, the company wanted to migrate to the smaller platform but found that its out-sourcing contract created significant obstacles. In the end, business unit managers were forced to use discretionary funds to build client-server systems while still meeting their contractual obligations for the increasingly obsolescent mainframe.
• There is no simple basis for gauging the economics of IT activity. Although price and performance improvements occur in every industry, in few do the underlying economics shift as fast as in IT. A unit of processing power that cost $1 million in 1965 costs less than $30,000 today.14 Computing resources may well cost 20 percent to 30 percent less next year. The rapid change in the underlying economics makes it extremely difficult for senior executives to evaluate the long-term costs of outsourcing. While a 20 percent reduction of current IT costs for the next ten years may appeal to senior executives, after a few years, they may be paying the vendor above-market prices for computer resources.
• Economic efficiency has more to do with IT practices than inherent economies of scale. Although there are indeed economies of scale in some aspects of IT, they occur at a size that many medium-size and most large companies can achieve. In data center operations, there is convincing evidence that economies of scale are achieved at 150 MIPS (processing power equivalent to one large mainframe).15 Because many companies operate IT functions large enough to achieve economies of scale, how do vendors propose to cut costs? Our research suggests that vendor bids are based more on management practice than on inherent economies of scale. Vendors may cut costs through charge-out mechanisms that encourage users to manage demand by consolidating data centers into one site or by standardizing software. IT managers can duplicate these cost reduction tactics if senior executives empower them to overcome the resistance of users. IT costs at a U.S. shoe manufacturer and retailer were high because users refused to let IT managers consolidate their data centers. Once senior management threatened users by inviting outsourcing bids, the users acquiesced and agreed to let IT managers consolidate. IT costs subsequently dropped by 54 percent.
• There are large switching costs associated with IT sourcing decisions. In most business operations, management can protect itself against poor sourcing decisions, e.g., by dual sourcing of supplies or annually reviewing an advertising agency contract. These techniques often do not apply or are ineffective for IT outsourcing, particularly in total outsourcing. The CFO of a U.S. airline, who signed a ten-year total outsourcing contract in 1991, perceives that switching costs pose a major risk:

Once you sign with a vendor, you have no options other than onerous contract terms. So when you get into that situation, it’s lose-lose for both parties. What are you going to do? Sue them? Fire them? Stop buying services? There is nobody else, in a short period of time, who you can buy services from.

Those who approach outsourcing in all-or-nothing terms either incur the great risks involved in total out-sourcing or forgo the potentially considerable benefits of selective sourcing.

Selective Outsourcing

The debate about all-or-nothing outsourcing has obscured the real issue. The question is not, “Should we outsource or insource IT?” but rather, “Where and how can we take advantage of the developing market for IT services?” Based on our research, successful companies carefully select which IT activities to outsource, rigorously evaluate vendors, tailor the terms of the contract, and carefully manage the vendor. From the variety of companies studied, we have built a set of frameworks to first clarify the sourcing options and then consider the critical business, economic, and technical factors influencing the effectiveness of sourcing decisions.

IT Sourcing Options

The first step is to clarify the different ways in which IT can be delivered to the business. Our case study organizations expressed some frustration with the terms “out-sourcing” and “insourcing.” In many ways, outsourcing is not a new concept. External providers such as service bureaus, facilities management companies, contract programmers, and consulting firms have been used since the early days of data processing. Equally confusing is the term “insourcing,” which has been used to describe various sourcing options, such as managing and delivering IT services solely through the in-house function, bringing previously outsourced activities back in-house, or buying-in vendor resources but managing them internally. Figure 1 provides a consistent set of concepts for thinking through the IT sourcing options. The concepts suggest that a wide variety of contracting strategies can be used to manage vendors, from buying-in resources as part of an in-house teams to contracting out the entire delivery of an IT activity.

In general, contracts can be categorized along two dimensions: (1) purchasing style — transaction or relationship — and (2) purchasing focus — resource or result. Transaction style refers to one-time contracts with enough detail to be the original reference document. Relationship style refers to less detailed, incentive contracts based on the expectation that customer and vendor will do business for many years. With a resource option, companies buy vendor resources, such as hardware, software, or expertise, but manage the delivery of the IT activity themselves. With a result option, vendors manage the delivery of the IT activity to provide the company with the specified results. As a result, four distinct contracts emerge — buy-in, contract-out, preferred supplier, and preferred contractor.

With a buy-in strategy, companies buy vendor resources to meet a temporary need, such as programmers for the latter stages of a new development project. In these cases, companies are often unsure of the exact hours needed to complete the coding, so they sign contracts that specify the skills required and cost per person.

With a contract-out strategy, the vendor is responsible for delivering the result of the IT activity. This strategy is most successful when the companies can clearly define their needs in an airtight contract. The contract must be complete because it serves as original reference to manage the vendor. For example, companies often use a contract-out strategy to outsource data center operations. These contracts specify precise service levels, escalation procedures for missed measures, cash penalties for non-performance, adjustments for volume increases or decreases, and termination clauses.

With a preferred supplier strategy, companies develop a close relationship with a vendor in order to access its resources for ongoing IT activities. An incentive-based contract defines complementary goals. For example, one company engaged a preferred supplier to provide contract programmers whenever needed. The contract ensured complementary goals — the company received a volume discount in exchange for not going out to bid when it needed programmers. The vendor was motivated to perform because it relied on a steady stream of revenue.

With a preferred contractor strategy, companies contract with a vendor to help mediate risk. The vendor is responsible for the management and delivery of an IT activity. To ensure vendor performance, the company constructs an incentive-based contract that ensures shared goals. For example, when one company decided to reduce costs by out-sourcing data center operations and support of existing applications, it mediated risk by entering into a joint venture with a software house. By establishing a jointly owned company, it created shared goals and prevented vendor opportunism.

The in-house arrangement has a critical role even when organizations are spending more than 80 percent of the IT budget on contracting out or on preferred contractors. All the contracts run larger risks if the following capabilities are not retained in-house:

• The ability to track, assess, and interpret changing IT capability and relate this to organizational needs.
• The ability to work with business management to define the IT requirements successfully over time.
• The ability to identify the appropriate ways to use the market, to help specify and manage IT sourcing, and to monitor and manage contractual relations.

The buy-in, preferred supplier, and in-house options are insourcing options because the in-house management retains full visibility and control of the IT activity in all of them. The contract-out and preferred contractor options are outsourcing options because in-house management passes control of the IT activity to the external vendor.

We now present a decision matrix for the business, economic, and technical factors. The matrices represent a structure for management discussion and decision, not a mechanistic methodology. They seek to capture the learning from our research case studies. In practice, managers need to balance the trade-offs. Political issues and interests are integral to the decision-making process. However, we have found that when business and IT executives can agree on how to map their IT activities on these matrices, the frameworks guide them toward an effective strategy.

Business Considerations: Selecting Which IT Activities to Outsource

Selecting which IT activities to outsource and which to retain in-house requires treating IT as a portfolio. Successful sourcing begins with an analysis of the business contribution of various IT activities. Conventional wisdom holds that commodity IT functions, such as payroll or data center operations, are potential outsourcing fodder, while strategic functions, such as on-line reservation systems, should be retained in-house.16 Our study indicates that this delineation is too simplistic for two reasons:

First, generalizations about which IT activities are “commodities” or “strategic” are often fallacious. For some companies, alleged IT commodities such as payroll, accounting systems, and data center operations actually serve to differentiate them critically from competitors. For example, in one security guard firm, payroll is a strategic application because on-time payment attracts better staff, leading to superior customer service. Also, applications often migrate from strategic to commodity within each industry as competition ebbs and flows. While early adoption of automated teller machines (ATMs) once represented a strategic advantage by attracting more customers, universal adoption has relegated ATMs to mere commodities, as we found in our banking cases. Thus each company must analyze the delineation of IT activities in its own business context, rather than accept generalities.

Second, many companies do not operate highly visible competitive systems, so senior executives may mistakenly classify all IT activities as commodities. In many cases, the business contribution of IT may be masked by accounting for it as overhead, which serves to highlight only the costs of IT. At a U.S. petroleum company, the CEO continually asked the CIO why IT costs were rising when other departments had managed to cut costs. The CIO explained that the other departments had reduced costs primarily through IT. Transportation costs were cut when IT automated sixteen truck terminals, and market costs were reduced when IT implemented a new credit card system. By abandoning his view of IT as a cost to be minimized, the CEO realized IT’s business contribution, and he subsequently rejected an outsourcing vendor’s request to bid.

Companies that consistently succeed in selecting what can be outsourced to their advantage usually distinguish between the contribution that an IT activity makes to business operations and its impact on competitive positioning (see Figure 2). Some IT activities differentiate a company from its competitors, while others merely provide necessary functions. American Airlines’ SABRE, American Hospital Supply’s Order Entry System (subsequently acquired by Baxter), and Merrill Lynch’s Cash Management System created barriers to entry, increased switching costs, and changed the nature of competition.17 Most IT activities, however, are viewed as commodities. Although they do not distinguish a company from its competitors in business offering and performance terms, these activities need to be performed competently. Examples of IT commodities, depending on the specific company, may include products such as accounting systems or services such as data processing centers.

Some IT activities are critical contributors to business operations, whereas others are merely useful because they make only incremental contributions to the bottom line. For example, a U.S. petroleum refiner considers an information system that monitors the refining process as critical because it prevents fires and ensures product quality. Conversely, the company sees an employee scheduling system as useful to business operations, but not critical.

After mapping an IT activity’s contribution to business positioning and operations, four categories of potential outsourcing candidates emerge:

1. Critical differentiators not only are critical to operations but also help to distinguish the business from its competitors. A European ferry company considers its reservation and check-in systems to be critical differentiators. The company’s ships are similar to those of its main rival, and it operates them from the same major ports across the Channel between Britain and France. Its competitive strategy is to differentiate through service, including the speed and ease with which passengers and their cars complete boarding. The systems are instrumental in achieving constant innovation. While the company outsources a number of its IT activities, it retains the reservation and check-in systems in-house to protect the ideas, expertise, and continuing ability to innovate rapidly.

We found similar critical differentiators in a comprehensive customer management system at a U.K. insurance company, a product development support system at a U.K. chemical manufacturer, and a foreign exchange system at a U.S. commercial bank. Although such systems should be managed internally, some organizations boost their in-house IT capability by bringing in specialists from an external vendor. However, these outsiders work with in-house people, under the company’s own management.

2. Critical commodities are critical to business operations but fail to distinguish the business from its competitors. A major British airline views the IT systems that support its aircraft maintenance as critical commodities. Like its rivals, the airline must maintain its fleet to specification or face serious consequences. However, the maintenance activity and supporting systems respond to the mandated requirements of the manufacturers and regulatory authorities. Although the airline has not yet outsourced these systems, it is, in principle, prepared to do so. Because of the risks involved, the company would base such a decision on clear evidence that an external vendor could meet stringent requirements for quality and responsiveness at a low price. Businesses commonly outsource a more standard critical commodity — the provision of an emergency standby computer center — because of the number of high-quality vendors available.

3. Useful commodities provide incremental benefits to the business but fail to distinguish it from its competitors. Payroll, benefit, and accounting systems are often prime candidates for outsourcing. We found many such examples in our study, such as personal computer support at a U.S. chemical manufacturer, accounting services at a U.K. oil company, and mainframe operations at a U.S. commercial bank. External vendors are likely to have achieved low costs and prices through standardization. The business makes further gains if it can free up internal management time to focus on more critical activities. But out-sourcing must be validated through analysis of economic considerations.

4. Useful differentiators distinguish the business from its competitors in a way that is not critical to success. Although useful differentiators should not even exist, they frequently do. One reason is that the IT function is sometimes isolated from the business and subsequently pursues its own agenda. For example, the IT department at a European paint manufacturer created a system that precisely matched paint formulation to a customer’s color sample. IT managers envisioned that the system would create competitive advantage by meeting customers’ needs for paint to match their home furnishings. However, senior managers had established color innovation as the company’s strategy. They failed to market the system because it was counter to their strategy, and the system became an expensive, ineffective distraction. It was eventually eliminated.

Useful differentiators are more commonly created because a potential commodity has been extensively reworked to reflect how a company is different or to incorporate a certain feature. This situation at a Dutch electronics company resulted in problematic, costly software maintenance. The CIO has now implemented a policy requiring that all needs for useful systems be met through standard software packages, with strict limits to customization. Useful differentiators need to be eliminated from or migrated within an IT portfolio but never outsourced merely to reduce their costs.

In summary, treating IT as a portfolio helps to identify outsourcing candidates by analyzing an IT activity’s contribution not only to competitive strategy but also to business operations. Through these two dimensions, senior executives can more easily identify IT’s value.

Economic Considerations: Comparing Vendor Offerings with In-House Capabilities

Many senior executives assume that a vendor can reduce IT costs because it has inherent economies of scale that elude internal IT departments. But a distinctive feature of IT is that economies of scale occur at a size that many medium-size to large organizations can achieve. So how can a vendor underbid current IT costs? Often, vendors implement efficient managerial practices that internal IT departments could replicate if they were empowered to do so. The successful companies we studied compare vendor bids, not against current IT offerings, but against a newly submitted bid from the internal IT managers.

Many IT managers have a plethora of ideas to reduce costs, but internal user resistance — or even outright sabotage — may have hindered their efforts. The problem stems from stakeholders within organizations who have different performance expectations for IT. Senior executives, who typically write the check for IT every year, often set cost minimization as the performance expectation for IT. Business units and users often demand excellent service. For example, users perceive software customization, local data centers, fast response time, and twenty-four-hour help-lines as elements of service excellence. Their expectations are in conflict because service excellence drives up IT costs. IT managers are left to resolve the dilemma and provide Rolls Royce service at Chevrolet prices.

Senior managers’ threat to outsource often aligns IT performance expectations, typically with the cost minimization agenda. IT managers can then prepare bids that include vendors’ cost reduction tactics, such as charge-back systems to curtail user demand, employee empowerment to reduce supervision costs, consolidated data centers, standardized software, automated data center operations, and archiving of inactive data. Users understand that if their internal IT managers don’t implement these practices, a hoard of vendor employees will.

We studied a number of turnaround cases in which IT managers’ previous attempts to reduce costs failed until senior management invited external and internal bids. To ensure fairness, the companies removed internal bid teams from the organization — in the case of a U.S. petrochemical company, from Tulsa offices to a Dallas bunker —and treated them with the same formality as vendors. The internal bids beat not only current IT costs but also vendor bids. After insourcing, IT managers from a U.S. food manufacturer reduced costs by 45 percent through software standardization. A U.S. university reduced costs by 20 percent after reorganizing the IT department and eliminating redundant staff. An American petroleum company reduced costs by 43 percent through consolidation of three data centers into one. Prior to the outsourcing threat, users in all these companies had resisted cost reduction practices. At a U.S. telecommunications company, however, an outsourcing threat served to mobilize a more formidable opponent than users — an IT trade union (see the sidebar).

We have incorporated the two economic considerations — in-house economies of scale and adoption of managerial practices — into a matrix (see Figure 3). If the internal IT department has reached critical mass and has adopted efficient management practices, a vendor is unlikely to be able to reduce costs further because it has to earn a 15 percent to 20 percent profit, whereas internal IT departments need merely to cover costs. If the in-house IT department has theoretical economies of scale but has failed to implement efficient managerial practices, senior executives should allow internal IT managers to compete against vendor bids. As we have seen, competition empowers IT managers to overcome users’ resistance to reducing costs. If the internal IT department is of sub-critical mass but has adopted efficient practices, a vendor’s size advantage may be negated by its need to generate profits. In these cases, we recommend testing the market to determine the economic validity of outsourcing. Finally, if the internal IT department is of sub-critical mass and has failed to adopt efficient practices, there is a strong economic justification for outsourcing. But even companies in this quadrant may want to empower the IT managers so they can implement what practices they can before out-sourcing and avoid giving the vendor a large share of easy savings.

What happens when external vendor bids beat internal bids? Prudent managers will question where and how the vendor proposes to earn a profit while still meeting the bid. In the most desirable scenario, the vendor clearly outbids the internal IT department for various valid reasons — superior management practices that internal staff could not replicate, inherent economies of scale, or superior technical expertise. But, in many cases, vendor bids may be based on voodoo economics, i.e., vendors offer customers long-term, fixed prices that are attractive in year one but out of step with price or performance improvements after a few years. The vendor may be trying to buy market share in a fiercely competitive market. Once the contract is signed, the vendor may recoup losses by charging exorbitant excess fees for any change, realizing that customers are captive. Or vendor bids may contain hidden costs. For example, a U.S. commercial bank failed to question a software transfer fee license clause that ended up costing half a million dollars.

Some companies may seek a purely economic package based on financial manipulations rather than on inherent best practice or efficiency. Two case studies — a U.S. transportation company and a U.S. aerospace company — used outsourcing to escape financial peril. The CFO from the transportation company signed a ten-year out-sourcing contract when his company went bankrupt. Senior executives from the aerospace company signed a ten-year contract after several years of negative profits. These arrangements brought in multimillion-dollar cash infusions when the vendor purchased IT assets, transferred 2,000 employees in one case and 1,600 employees in the other to a more stable vendor, and postponed fixed fees until the later portion of the contract.

Technical Considerations: Selecting an Appropriate Contract

Vendors negotiate many deals each month and understand the technical implications of contracting, while the customer company may have little or no experience with out-sourcing. To counterbalance their negotiating power, senior executives must have a sound understanding of the specific service requirements associated with the outsourced technology. We have determined from our research that the degree of technology maturity and the degree of technology integration are important technical considerations.

· Technical Maturity.

The degree of technical maturity determines a company’s ability to define precisely its requirements to vendors.18 An IT activity has low maturity when the technology is new and unstable, when the business has little experience with a technology that may be better established elsewhere, and/or when the business has embarked on a radically new use of a familiar technology. Examples include an organization’s first venture into imaging or client-server technologies or the development of a major network to support globalization. In these instances, all that senior executives know for sure is that requirements will change over time, based on experience and the availability of new options.

Outsourcing technically immature activities engenders significant risk. Ironically, these are precisely the IT activities many senior executives want to outsource. For example, many companies choose to outsource their first client-server application, reasoning that vendors have the technical expertise lacking in-house. This decision often proves disastrous because the companies are not in a position to negotiate sound contracts. In addition, such companies lose a valuable learning opportunity and remain dependent on the vendor after implementation. At a U.S. rubber and plastics equipment manufacturer, outsourcing the delivery of new technology led to failure (see the sidebar). The technically immature company could not write a detailed contract.

On the other hand, companies in this position may benefit from external expertise to support their investigations. Our recommendation is to buy the expertise but to integrate external resources into an internally managed team. Then the business retains full management control and visibility of the project, capturing as much learning as possible about the technology and its application. A U.S. petroleum company used this approach to develop its first expert system application — a system designed to calculate the sales tax for material transfers to and from pipe and wellhead warehouses. A specialist expert systems vendor seconded resources to the in-house team, which retained project management. The project was completed successfully, and the in-house IT staff now has the capability to take full charge of the system’s on-going support and development.

In contrast to the risks of outsourcing technically immature activities, there is significantly less risk in out-sourcing activities characterized as technically mature. An IT activity has high maturity when it represents the well-established use of familiar technology. Mainframe-based data center operations and accounting systems are highly mature activities in many of our case study companies. The businesses had conquered the learning curve and reached a point at which requirements were well specified and reasonably stable.

Outsourcing technically mature activities is less risky to organizations because they can precisely define their requirements. For example, a U.S. commercial bank out-sourced its mainframe operations. The CIO was able to negotiate an airtight contract because of her experience and understanding of the requirements and costs of mainframe operations. In the contract, she fully specified the service levels required, such as response time and availability, service-level measures, cash penalties for nonperformance, and adjustments to changes in business volume. After three years, she has achieved the anticipated 10 percent savings.

· Degree of Integration.

A second important technical consideration is the degree of integration with other business processes and technical systems. In the simplest case, an IT activity is easily separated and handed over to vendors. For example, a U.S. chemicals company successfully contracted out support for its personal computers. At that time, in the late 1980s, users operated stand-alone personal computers that ran word processors and electronic spreadsheets. The CIO wanted to outsource because the growing adoption of PCs forced him into regular and poorly received requests for additional head-count. Through his two-year outsourcing contract, he reduced costs and avoided further requests for staffing.

In cases in which technical integration with other business processes is high, the risks of outsourcing increase. For example, when a U.K. food manufacturer out-sourced the development of factory automation, managers soon realized that the new system had profound implications for almost every business unit in the company. Although the vendor was an expert in factory automation software, it lacked an understanding of business interfaces. The system took four years to develop instead of two.

In contrast, one financial services company successfully outsourced the development of a highly integrated system using a preferred supplier model. The company invested in imaging technology to replace paper records (such as customer letters) with an electronic file. The company first explored the technology through a discrete R&D project.

Senior executives reached a point at which they were convinced of the benefits of large-scale adoption but realized that many existing systems would now be affected. At this stage, the company turned to its preferred IT supplier, a vendor with a very broad product line with whom it had worked for many years. Resisting the vendor’s instinct to develop a detailed fixed-price agreement, the company set up an enabling, resource-based contract. The project was completed successfully, providing competitive advantage for both the business and its supplier, which had established a reference site for its own imaging products.

Technical considerations — the degree of maturity and degree of integration — strongly suggest the need to limit the length of contracts. Participants in our research typically considered three years to be the maximum period for which requirements would be stable. In the case of the outsourced personal computers, the CIO was wise to limit the contract to two years because the company subsequently integrated the PCs into a client-server network. Thus the degree of integration and degree of maturity were stable for only two years. After that, new management and possibly new outsourcing arrangements were required.

In mapping the two technical considerations, we have not included “strategic partnership” in the contracting options (see Figure 4). While many have recommended the strategic partnership model, we have seen the rhetoric used as an excuse to sign poorly constructed contracts and lead to the failure of five of our total outsourcing cases.19 We argue that strategic partnerships require shared — or at least complementary — risks and rewards. In the five total outsourcing failures, this requirement was missing. Instead, every dollar from the customer’s pocket in terms of excess fees or hidden contractual costs went directly into the vendor’s pocket.

Instead of the term “strategic partnership,” we have labeled relationships based on shared or complementary goals as “preferred contractors.” With a preferred contractor strategy, companies engage in a relationship with the vendor to help mediate risk. This strategy works best for technically mature and highly integrated IT activities. Because of technical maturity, a company can negotiate a detailed contract in which the vendor is responsible for the management and delivery of an IT activity. Because of the high integration with other business processes, a company must develop a close relationship to maintain the integrity of interfaces. To ensure vendor performance, the company must try to construct an incentive-based contract that ensures shared goals. For example, when a Dutch electronics company decided to reduce costs by outsourcing data center operations and support of existing systems, it mediated risk by entering into a joint venture with a software house. By establishing a jointly owned company, it created shared goals that prevented vendor opportunism.

In another example, a large U.K. clothing and household products company established such an arrangement with one of the biggest outsourcing vendors. In a ten-year deal, the vendor will provide almost all the company’s IT services. In addition, the retailer and the vendor will share profits from exploitation elsewhere of the retailers’ existing and future systems. The vendor has already proposed to market the retailer’s data models, which will generate profits for both parties. One director of the retail business remarked, “We believe, as they do, that we are working together to make the profit pie bigger, rather than just arguing over who gets the biggest piece.” The success of the deal depends on maintaining these attitudes and on achieving a bigger profit pie.

Conclusion

The frameworks we have described are empirically derived, focus attention on the critical factors, and provide useful tools for various decision-making processes. To our knowledge, eleven major corporations have actively employed these frameworks to arrive at an effective IT sourcing strategy. For example, Grand Metropolitan, a $14 billion global corporation that manufactures and markets branded foods and drinks, used the decision-making framework to review its IT sourcing strategy. The analysis structured IT into ten major activities. Of these, five were potential candidates for outsourcing. The company determined that the market was not yet sufficiently mature for two other functions; it is waiting to outsource those, while improving current in-house performance. It is benchmarking the three remaining activities. The process resulted in clear identification of the candidates for outsourcing, together with a planned program of formal benchmarking to assess ongoing in-house performance against opportunities in the IT services market. The director of IS planning, Berwick Mitchell, commented: “The frameworks and process allowed us to clearly identify and assess the factors that were most important for GrandMet in making IS sourcing decisions. We were able to involve both senior business executives and technical staff in the review process in a structured way, and were able to reach rational conclusions that now have support across the organization.”

The outsourcing market is changing in the customer’s favor. Once dominated by a few big players — EDS, Andersen, CSC, and IBM — the IT outsourcing market has fragmented into many niche services. As competition in the outsourcing market increases, companies have more power to bargain for shorter contracts, more select services, and better financial packages. Also in the customer’s favor is a growing experience with IT outsourcing, which allows it to intelligently evaluate and negotiate outsourcing deals. Many of our respondent companies adopted incremental outsourcing precisely to mitigate risk and develop in-house learning from outsourcing over time. Our evidence points to long-term total outsourcing as a possible option only for those highly experienced in IT outsourcing contracts and in managing major, long-term relationships with suppliers. In practice, we uncovered considerable immaturity not only among customers but also among suppliers. Long-term total outsourcing deals might be more possible with a maturing of the capability to handle them; however, even supporters of such deals regularly point to the considerable difficulties in getting them right.

More important, juxtaposed with growing evidence of the problems with an all-or-nothing approach to IT out-sourcing are the benefits of selective sourcing. When companies properly select and contract for specific IT activities by treating IT as a dynamic portfolio, they maintain management and control of core IT activities —such as strategic planning, scanning the environment for new technologies applicable to business needs, developing business-specific applications, and supporting critical systems — while still accessing vendor expertise and economies of scale for well-defined, isolated, or mature IT activities. In 1993, Sun Microsystems signed a three-year, $27 million deal in which CSC would handle all of Sun’s mainframe operations while the in-house IT staff rewrote its mainframe-based manufacturing and financial applications to run on a new client-server platform. In another example, a major U.S. bank outsourced its data center operations to IBM to reduce costs while retaining an in-house staff to develop strategic banking systems, many of which are subsequently sold on the market.20 We believe that such deals, in which vendors take over lower value-added IT tasks while companies manage higher value-added IT applications internally, are bellwethers of IT outsourcing’s future.