The complexity of modern IT

The complexity of modern IT – combined with the backdrop of the global economy of the past 2 years – have placed in some ways continuing, but in other ways unique pressure on IT professionals.

The need to manage both legacy and new technology across increasingly fragmented geographies, while effectively managing mixed vendor environments, can leave companies struggling with overseeing different suppliers with inconsistent portfolios, processes and SLAs.

In response, many enterprises decide to harmonize, simplify and standardize their implemented infrastructure and to get a transparent view on the performance, costs and bottlenecks. However, the increased pressure and scrutiny on IT budgets makes it ever more challenging than ever to balance standardization, with innovation and increasing efficiencies.

Many companies are therefore turning to alternative sourcing models and out-tasking to assist them in reducing operating costs, providing cost transparency and predictability and enhancing strategic control and agility.

However – realizing these benefits and selecting the right Service provider (SP) can prove more difficult. We've interviewed Kris Hardiman, Vice President Service Marketing, Siemens Enterprise Communications Ltd to find out what you should consider in supplier selection.

BMEU. So, let's start with the simple ones. What makes the right Service provider?
Kris Hardiman. (Smiling) Yes, let's start simple! To be honest, it's important to step right back. Before you even get into the realms of SP selection, you need to have done your homework – and done it well.

From my experience, I'd recommend each and every enterprise to have a formal, regularly reviewed sourcing strategy document – irrespective of whether you Out-task today, you're considering it for the future, or even as a validation that it's just not the right route for you. Getting such a document right does take focus – and a little bit of effort, but to evaluate the potential benefit, it's worth it. Although these things can get quite lengthy, in essence you're considering what you have in your network today and how much it costs you to support it (and the full costs – including people, management overheads, time, tooling and other resources); the quality and transparency of your existing support business – in all aspects; your ability to move realize new technology to such as Unified Communications – available skills, financing and funding, together with the desired level and existing extent of strategic control you have as an IT leader – whether you can quickly flex support capabilities, and whether you have the time and required focus on IT strategy development, as opposed to operational 'IT support'.

I'm sure this isn't exhaustive, but for me, these are some of the cornerstones. You have a handle on these decisions, then you know IF going down the out-tasking route is right for you. And all this is before you get into the world of vendor selection!

BMEU. OK, so it's clearly an informed decision. Let's get more specific. For many companies today, one of the drivers to outsource is to harmonize management of mixed vendor environments – what's your advice on supplier selection here?
KH. Again, it's important to start with the fundamentals. And the fundamentals in this case are all the obvious questions – if you're looking to harmonize, do you offer a consistent global portfolio? Do you offer a globally consistent set of SLAs? (Service Level Agreements); are your delivery capabilities and tools networked for global support? If so how.

Once you've road-tested the basics, that's when you step up to multi-vendor. Here, you're interested in whether the SP is managing the multi-vendor themselves, or if they're contract managing a provider. If it's the SP – how manay accreditations do they have? How many people qualified in the relevant technologies do they have? How does their accreditation map onto your requirement? At what level (if any) do they 'back-off' support to the provider? How does this process work?

If your SP is proposing a model of contract management, the major element your interested in is the link between the SP's portfolio and SLAs, and how that links through (end to end) with the ultimate supplier – what's the SLA match? What's the portfolio match? What are the processes in place to control suppliers? What are the procedures to continually check quality and assurance of delivery? How can the supplier prove this?

BMEU. What are the industry standards that customers should look out for?
KH. Well, to some extent, this will again depend on which field of Service you're referring to. Siemens Enterprise Communications for instance are focused on Communications Out-tasking. For both our Managed Service and Professional Service organization, one of our primary yardsticks for standards is ITIL (Information Technology Infrastructure Library). The reason we work to this is two-fold – one, because it's the language that our customers understand, two, because it's a highly logical, high quality mechanism around which to structure your market offering and delivery standards and processes.

A word of warning though to customers here – SPs use ITIL in many and various different ways. Whereas as some simply refer to it, others use it as a mechanism to structure their portfolio offer, and others (including Siemens Communications) use it to both structure our offer, and also structure and measure our actual delivery quality and processes. Another area of interest for us and our customers sits around the ISO standard – 20000 and 27001 – standards which are again about quality and importantly delivery security.

BMEU. What should I look out for regards risk?
KH. For me, this is one of the most important factors in any sourcing deal. Over the years, customers have become a lot more focused (and quite rightly) on the level of 'skin in the game' that their SP will put forward. The customer, after all, is considering here putting critical system availability into the hands of an external provider – so the SP's propensity to shoulder a good degree of risk is critical.

Clearly, there are the conventional decisions and factors here – what is the specific demarcation of responsibility between the customer and the SP, and who is responsible for availability around which pieces. Connected to this – and still very much on the theme of 'conventional' out-sourcing, what are the penalties or credits that the provider will put up for non-delivery.

For me though, risk sharing is a topic that goes well beyond this now – and it's something which I believe will become a key area of SP differentiation. Topics I'd consider above the basics include really focusing down on the grey areas – i.e. those (in reality numerous) areas of the network where actual accountability for uptime is difficult to isolate – or those that due to the complexity of design need a truly shared risk approach. Additionally, talk to your provider about more than just Service Credits for when things go wrong – what are the procedures for resolution when ownership is unclear? What will they provide over and above credits as a gesture around truly sharing the risk with the customer. It's these types of dialogues where you really start to cement to productive, healthy and long lasting partnership between two organizations.

BMEU. So, time for the other simple question – what's best to outsource, and what's best to keep in-house?
KH. Hmm, another easy one. Again, and not wishing to dodge – this really does go back to each organization having a solid, and thought through sourcing strategy document. For some organizations, the driver to outsource may be to reduce cost while retaining a level of strategic and core operational control – in this case, they may judge that items such as the IT Service Desk or repeatable, well defined processes such as application monitoring are the smartest place to start. In all cases, I'd advise that the customer organization (as a schedule of their sourcing plan) consider there drivers for the outsource – cost, quality, consistency etc, and then, in the context of this, categorize the elements of their IT operation with a designated potential for how out-tasking solution may fit – a kind of high/medium/low rating for the different functions in the context of what it is that the organization is trying to achieve.

The other point here is to think out-tasking, as opposed to out-sourcing. For many customers, the full IT Out-task route is just either too big a decision to contemplate, or just not right for their IT ambitions. We find that an Out-tasking approach is often the preferred solution – focusing on different components of the IT business – such as communications – or even elements within these towers. Customers seem to favor this route as it both gives them a chance to road test their provider in a meaningful way, but at the same time keep a handle on risk.

BMEU. And finally – where does it typically go wrong, and where does it typically go right?
KH. I'm a bit of a traditionalist here. For me, it's about planning and transparent, commonly agreed metrics – and of course solid SP assessment. For a customer – really try to know your organization as well as possible before you go to market. This sounds in some ways contradictory as often customers Outsource for the very reason that they can't get a full handle on their enterprise, but the more you know about what you have, what it costs, where it is and your drivers for the Outsource, the better position you are in to manage and realize your business case. When it comes to SP assessment, try not to leave key stones un-turned. Again, establish a map linked back to your driver that identifies, clusters and ranks the major/moderate and minor capabilities of the provider – and for these metrics, ensure that your provider can prove them as much as possible. A note of caution here though (sticking up for the SPs!) don't create such a long list that it's unrealistic for your SP to respond, or you as a customer to review – keep it to the essentials with clear assessment metrics and you'll have a higher quality response, and a simpler selection exercise.

The last point – and in some ways the most important – is managing the relationship. For me, the basis of this is clear, transparent and commonly agreed goals and SLAs. However, the best and most beneficial SP / customer relationships go beyond this. I know it's old and in some ways frowned upon sentiment, but do chose a provider that has similar organizational culture to your own (or the one you aspire to), and do chose a provider that demonstrates a more mature, collaborative and balanced approach to risk and reward.