Bringing IT Back In-House? Watch Out For 6 Pitfalls
Taking back the reins from outsourcers -- also known as insourcing -- can yield agility benefits. But it also carries risk.
What insourcing is: a way to assume greater control, become more agile, better align with strategic business initiatives, build a core capability, maybe realize cost or efficiency benefits. What it is not: a wholesale coup, where IT summarily shifts capabilities to in-house employees. Before any move, consider the full range of business objectives and benefits, not just costs. I worked with a healthcare organization that had completely outsourced IT a decade ago and recently decided to insource application development and maintenance, while leaving IT infrastructure with a provider. The decision was driven by two primary factors that outweighed the higher cost sometimes associated with insourcing: accelerating time to market and increasing innovation, both critical to remaining an industry leader.
While insourcing can deliver these benefits, there are risks, mainly around rebadging (hiring people who were in the employ of the outsourcer but working on your project) and setting up a detailed timeline. Let's break it down.
Risk No. 1: Alignment with business strategy: The decision to bring a function in-house should not be based purely on costs. It must align with business priorities and be based on valid assumptions. Sounds simple, but it's anything but.
-- Test assumptions. For example, maybe you assume supplier cooperation is a given, based on contractual obligations or the supplier's fear of bad press or damage to its reputation. You may think you know the cost and time needed to insource initiatives, including filling open positions and the attrition rate of employees of the outsourcer (with related loss of "tribal" knowledge). Don't assume -- know. Talk to the CFO and HR for reality checks. That's the only way to create a solid business case with a credible financial model.
-- Develop a three- to five-year financial model to understand the total cost of ownership. Include validated assumptions related to the supplier personnel rebadge rate and transition costs such as knowledge transfer, mass recruiting costs, severance packages, bonuses, office space, mobile device policy and relocation expenses. Again, HR can help here.
-- Two areas I often see overlooked: Do your best to gather information related to the benefits suppliers provide employees, such as travel allowance, mileage reimbursement and mobile device plan. And if you're hiring a staffing firm, ensure that the agreement includes financial considerations for meeting -- or not -- your recruiting timelines.
Risk No. 2: Alignment of timing with business initiatives: Depending on the scale of insourcing, timing can be affected by everything from seasonal factors (your business' peak times, holidays) to the risk of key contributors jumping ship.
-- Time the insourcing effort carefully, with an eye to having minimal impact on operations. Pay particular attention to when announcements are made and controlling the narrative, because the credibility of your organization (see Risk No. 3) can impact rebadging and hiring.
-- Early on, develop a list of skills for which finding qualified personnel can be challenging, and work closely with your recruitment team to develop an approach and contingencies to handle those challenges. You don't want to be short-staffed going into peak times.
Risk No. 3: Management of internal and supplier employees: When word gets out that an organization is insourcing, expect attrition, primarily because of uncertainty. In addition, bet that staffing companies will attempt to poach key personnel, especially those with highly desired skills.
-- Timely, consistent and complete communications across supplier and internal teams is the only way to stem rumors and add clarity. Consider hiring an expert to develop a detailed communications plan, including guidelines for email and press/employee notifications, and decide the "who, when and where" on delivering news. Include offshore personnel.
-- Consider monetary incentives to hang on to key contributors.
-- Identify the staffing companies in your market and ask them to sign agreements with contract-to-hire and nonsolicitation clauses. Doing so will significantly reduce poaching.
-- Developing a detailed "future state" organizational structure with titles and job descriptions in collaboration with HR and business units is one of the first steps in an insourcing initiative. This will help slot internal and supplier staff into appropriate roles and provide a list of positions to be filled and eliminated.
Risk No. 4: Evolution to the new IT operating model: Insourcing initiatives of substance happen in phases, so it's critical to develop processes to operate in a hybrid environment, as supplier performance will likely diminish and service-level agreements may not be enforceable. I've seen decisions on toolsets for major cross-functional support processes (service management, portfolio management) be delayed, resulting in suboptimal service delivery. In addition, it may be unclear how new work requests are submitted, evaluated, prioritized and fulfilled.
-- Develop a hybrid operating model in collaboration with the supplier.
-- Use existing contract mechanisms to modify SLAs so they align with interim operating responsibilities, if possible.
-- Construct a changeover timeline such that functions and responsibilities are moved in one fell swoop; avoid partial transitions.
-- Incorporate a tool-selection decision timeline early on, so the vision is clear for the team and vendors.
Risk No. 5: Supplier relationship and rebadge rate: Cooperation from former partners, especially in retaining their employees, is very important for a successful transition to an in-house delivery model. Suppliers will tend to move key personnel from end-of-life accounts to their other clients or to potential new business -- understandably. If there is an offshore component in the delivery model, it's even more important to have supplier cooperation and enable a successful knowledge transfer. The ability to rebadge as many supplier personnel as desired is one of the key factors in a successful insourcing initiative and will help minimize disruption. It becomes even more critical if the supplier and client have a long-term outsourcing relationship. Based on the supplier's cooperation and the talent attraction capabilities of the organization, a rebadge rate of 50% to 70% is achievable, in my experience.
-- Hopefully your outsourcing agreements include provisions that spell out the supplier's contractual obligations for transition assistance, including knowledge transfer. Ensure that the supplier is willing to rebadge not only onshore personnel but potentially some key offshore resources, especially if you're willing to relocate these personnel and sponsor their visas and immigration (or open a captive center).
-- Consider rebadging key supplier personnel as early as possible, but be aware that this can be risky; it can cause confusion within the ranks and increase attrition among those not selected.
-- Fill key leadership roles as early as possible; it helps to be open to remote employees.
Risk No. 6: Technical risks: Insourcing an IT function is a complex endeavor, and technical risks such as applications landscape and dependencies, custom applications, infrastructure complexities and data center consolidation/migration also need to be closely considered.
-- Know your apps -- conduct an applications (commercial and custom) rationalization exercise and retire or consolidate applications when possible prior to the transition to in-house staff.
-- Request detailed technical and operations documentation from suppliers as part of transition assistance. Include all knowledge management systems (or at least their content and rule base), especially those used to support the incident management process. Documentation should also include runbooks that capture detailed procedures as well as tools (especially in-house custom tools) used to support release management, disaster recovery and backup, and routine apps maintenance.
-- Prioritize the applications management transition based on business criticality and allocate ample time for knowledge transfer -- develop logical groups of applications that can be transitioned simultaneously (especially those that are tightly integrated).
-- Avoid simultaneously migrating and consolidating data centers and applications. If your organization's infrastructure resides at the supplier's data center, try to negotiate a colocation agreement (avoiding a physical migration) and phase the data center migration over time. I recommend performing the apps migration and the physical data center migration in serial (either one or the other first) and to complete the one before the other. Performing both in tandem increases the chance of major incidents and will greatly complicate the resolution process, as root cause analysis becomes significantly more difficult with multiple moving parts.
To circle back to Risk No. 1, it's extremely important to develop a realistic three- to five-year financial model before embarking on an insourcing initiative. In my experience, depending on the size of the function being insourced, costs are often significantly higher than expected, particularly when there's a large offshore component in the outsourcing delivery model. Finally, as with any major initiative, organizations should develop a risk register (including all types and levels of risks) and associated mitigation approaches and continually refine it as the insourcing program evolves.
Andy Sealock, a partner with Pace Harmon, co-authored this column.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.