|
In recent years, outsourcing has become an important consideration in every organization's information technology (IT) strategy-making process. Economic uncertainties and rapidly changing market conditions are driving firms to assess how they apply knowledge, assets, and resources to create strategic opportunities and respond to competitive threats.1 Executives are being urged to combine internal and external competencies to deliver new and improved services to customers.2 They are being told that outsourcing, particularly offshore outsourcing, can reduce their costs significantly.3 Recently, new technologies such as utility computing and its close relative, Web services, promise to reduce costs further, while simultaneously increasing each firm's IT agility.4
Consequently, most experts anticipate that increasing numbers of firms will outsource increasing numbers of services in the coming years.2,5,6 Although the outcomes of most early IT outsourcing initiatives were disappointing,7,8 recent research suggests that firms are improving their capabilities related to managing outsourcing relationships.9 Despite the fact that firms continue to report difficulties with their outsourcing arrangements,10 outsourcing has emerged as an important IT tool, with its own set of specialized management practices.
As outsourcing is becoming more mainstream, new outsourcing models are emerging. For example, IT professionals in countries such as India and China are offering high quality, low cost IT outsourcing services.3 Web services are promising to breathe new life into business process outsourcing.11 Enterprise resource planning (ERP) vendors have Web-enabled their software and started to offer application outsourcing services.5 Furthermore, traditional computing vendors are touting the virtues of self-healing computing environments and processing capacity on demand.12
As capacity on demand, grid computing, Web services, and other service provisioning models win favor, enterprise computing may take on the characteristics of a utility. We define utility computing as a collection of technologies and business practices that enables computing to be delivered seamlessly and reliably across multiple computers. Moreover, computing capacity is available as needed and billed according to usage, much like water and electricity are today.
In the promised utility computing model, firms will be able to purchase as much IT service as they need, whenever they need it. In time, they may even be able to access over the network components of business processes, such as billing or claims processing, and integrate them seamlessly with other processes inside and outside the firm. If this occurs, it could profoundly change the nature of IT.2,11 But, the future is, as yet, unclear.
Will utility computing entice growing numbers of companies to “hand over” their IT infrastructures to specialist firms? Will enterprises increasingly outsource not only IT but IT-enabled business processes? Will visions of rapidly reconfigurable IT service and business process components become a reality? Will utility computing lead to ubiquitous outsourcing?
In this paper we review the outsourcing literature and examine the outsourcing experiences of eleven firms, in order to explore the potential impact of utility computing on firms' outsourcing practices. We focus primarily on managerial implications of outsourcing and utility computing for large corporations, as opposed to a detailed discussion of utility computing and its component technologies. We examine how a firm can position itself to take advantage of utility computing and new types of outsourcing in whatever forms they eventually assume.
The paper is organized as follows. The first two sections examine the traditional benefits and risks of IT outsourcing. We then describe how the firms in our study addressed outsourcing risks using two different approaches to outsourcing—selective outsourcing and large-scale exclusive partnerships. We find that IT architecture—namely the componentization and standardization of key IT assets—has a key role in enabling firms to effectively utilize outsourcing arrangements. The fourth section explores the implications of IT architecture on outsourcing management and outcomes. We then examine the benefits and risks of utility computing, in light of traditional outsourcing benefits and risks and the implications of IT architecture. We close with recommendations for how managers can position their firms to take advantage of utility computing in the future.
Outsourcing benefits
Most outsourcing arrangements deliver one or more of three capabilities: infrastructure services and data center operations, application development and maintenance, and business processes. The literature has cited a number of different potential and actual benefits from outsourcing these capabilities. The most frequently cited benefit is cost savings.3,8 Other benefits include increased strategic focus, access to new technologies and technical skills, and variable (rather than fixed) computing capacity and pricing.13,14
Cost savings in infrastructure services result primarily from the vendor's ability to leverage economies of scale and scope in IT operations or application maintenance.15 Because vendors have large numbers of projects and systems to support, they can justify an up-front investment in IT management competencies. Typically, cost savings result from the discipline the vendor brings to a firm's IT management and use.16 In contrast, application development outsourcing garners cost savings from significantly lower wage rates in countries such as India and China.3
Cost savings from lower wage rates are equally available to all firms. However, in infrastructure services, large firms taking a disciplined approach to IT operations may not be able to realize cost savings from outsourced vendor economies of scale and scope.15 Indeed, large well-run IT units often cannot elicit promises of lower IT operations costs from outsourcers.17
The potential for outsourcing to increase strategic focus has received heightened attention as firms have emphasized their core competencies.18,19 If IT and business process outsourcing enables greater focus on strategic priorities, outsourcing may become increasingly important to building more agile firms capable of competing in the global economy.20,21 IT outsourcing vendors develop a core competency in IT management and can build and leverage best practices because, unlike the client firm, IT management is the vendor's core business.15 By delivering their core competency to clients, vendors free client firms to focus management attention on their unique core business.
Outsourcing may allow firms access to state of the art technologies and technical skills that would otherwise be unavailable.8 Firms have tended to tap vendors for unique skills as they implemented packaged software22 or developed new capabilities, such as e-business.23 The desire to introduce strategic capabilities dependent upon new technologies encourages firms to partner with vendors specializing in relevant technologies.24
Client firms' need to increase the return on IT investment generates enthusiasm for replacing fixed IT costs with costs that vary according to IT usage. Outsourcing arrangements that transfer computing assets to a vendor can convert fixed amortization and operating expenses to variable usage charges. On the application side, outsourcing can reduce the commitment to fixed-cost, full-time human resource expenses through contracts that provide development skills on an as-needed basis.
Researchers have suggested that firms need the benefits of outsourcing—particularly strategic focus and variable capacity—to build strategic agility.1,2 Outsourcing, however, introduces risks as well as benefits. In the next section we summarize the literature on outsourcing risks.
Outsourcing risks
When firms transfer an internal capability to an outside party, they lose some control over that capability.25 Concerns about loss of control or foregone strategic capabilities have countered the enthusiasm for outsourcing. The risks of IT outsourcing highlight the need to both outsource the right things and to outsource them the right way.26 Prior literature has highlighted four major types of risks:
-
Relationship risks: Regardless of the length of an outsourcing contract, both clients and vendors know that the client's market will change and new technologies will create new opportunities. These constant changes lead to new expectations, new costs, and eventually, new metrics for service. A contract cannot fully specify these changes or define requirements for vendor adaptation. Thus, clients and vendors sign contracts that do not necessarily meet their future needs. The relationship risk encompasses the uncertainty about the long-term viability of contractual arrangements.
-
Transition risks: The process of moving from internal provisioning to outsourcing may involve moving applications to a new environment or linking outsourced and internal applications, or transitioning technical staff to a vendor. These technology challenges can take time and consume limited resources. The technology challenges of the transition, however, usually pale in comparison to organizational change challenges. The vendor will almost certainly change one or more IT processes. These process changes invariably prove disruptive;27 employees may, purposely or through insufficient understanding, undermine potential benefits by failing to adapt to new processes, culture, technology, or employee arrangements.
-
Strategic risks: For the most part, firms want to outsource non-strategic capabilities while retaining strategic capabilities.26 While few clients would intentionally outsource strategic IT activities, they can misjudge what is really strategic. Because business processes are so tightly linked with IT, firms can struggle to define bundles that are clearly non-strategic. In addition, capabilities that are non-strategic today may become strategic again tomorrow.28 Outsourcing a capability inevitably depletes the knowledge associated with that capability. This can reduce strategic agility if a firm is unable to assemble all of the knowledge required to respond to competitive changes or new business opportunities.
-
Vendor/technical risks: Clients bear the risk of a supplier going out of business, or not being able to deliver on promised service levels.27 A related risk is the difficulty a vendor may have in managing subcontracted capabilities. Vendor risk can increase if the vendor is small, new, or dependent on future scale to make its business model work. For example, many application service providers (ASPs) failed because they could not attract enough customers to provide service profitably.29 Particularly with new technologies, vendors sell capabilities that have not yet been developed. Both client and vendor will find it difficult to predict technical and organizational challenges when assessing the potential of a new technology.
The benefits associated with outsourcing have created a large and growing market for IT outsourcing services. By 2000, outsourcing represented 30 percent of total IT budgets.30 Nonetheless, the risks associated with IT outsourcing are formidable. In the next section we review eleven firms' approaches to managing IT outsourcing risks.
Approaches to outsourcing
The eleven firms in our study outsourced different services in different ways. Table 1 lists the firms by industry, noting key services outsourced and the approaches they are taking to outsourcing, as well as the benefits they report and the internal capabilities they believe have facilitated those benefits. In most cases, firms that engaged in large-scale outsourcing arrangements also had some smaller outsourcing arrangements, but we focused on the management of the firms' most significant vendor relationships. Although some of these firms reported an initial struggle before benefits became apparent, all eleven are now demonstrating benefits. Our focus was on the management practices and organizational characteristics that made the benefits possible.
|
| Table 1
Description of IT outsourcing for eleven firms |
|
|
|
|
|
| Firm | Services Outsourced | Approach | Reported Benefits | Architectural Initiatives | Key Management Practices |
| Man1 | Infrastructure, AppMaint | Large-scale partnership | Security, reliability, focused management attention, speed to market | Define infrastructure service components, standardize technology environment | Regularly renegotiate in-house and vendor responsibilities, competitive bids for new services, SLAs monitor price and service |
| Man2 | Infrastructure | Two large-scale partnerships | Strategic focus, speed to market | Before outsourcing, IT costs were cut 45 percent through standardization and consolidation | Account managers key to daily negotiation and trust building, competitive bids for new services, SLAs monitor cost and quality |
| FinServ1 | AppMaint, AppDev | Large-scale partnership | Project discipline, cost benefits | Before outsourcing, standardized project methodology was put in. | Clarified internal core competencies, account managers ensure mutual benefit, metrics for monitoring offshore work |
| FinServ2 | Infrastructure | Two large-scale partnerships | Cost benefits, project and process discipline | Work with vendor to establish standardized technology environment | Vendor included in governance, taking equity position in vendor, creating metrics to monitor service levels |
| FinServ3 | AppDev | Large-scale partnership | Variable work force capacity, cost benefits | Standardize project methodology, structure program management, establish enterprise architecture | Varied off-shore vendor resources, vendor provides up to 25 percent of staff, designing exit strategies |
| Trans1 | Infrastructure | Large-scale partnership | Capacity on demand, strategic focus for investment, speed to market | Work with vendor to create standardized variable capacity infrastructure at start up | Key vendor and client managers manage relationship on daily basis, ongoing service monitoring through metrics |
| Man3 | Selected infrastructure | Selective | Cost and quality benefits | Work with vendors to define standardized infrastructure components | Establish and monitor SLAs |
| Man4 | AppDev | Selective | New technology, strategic applications | Standardize technology environment | Work with vendor to acquire knowledge, use vendor products |
| Trans2 | Selected infrastructure | Selective | Cost and quality benefits | Develop services catalog specifying components | Outsourcing decision based on benchmarks (regularly reviewed) |
| Trans3 | AppDev; R&D | Selective | New technology, strategic applications | Mature enterprise architecture, standardized technology environment, disciplined project methodology | Work with vendors to develop strategic applications of vendor product; vendor can sell product in future |
| Trans4 | AppDev; R&D | Selective | Strategic applications, new technology | Mature enterprise architecture, standard APIs for connecting with vendor products | Specify requirements and standard APIs, may take equity position in vendor, design exit strategies |
|
The research sites were outsourcing infrastructure and data center operations, as well as application development and maintenance. None had adopted significant business process outsourcing. We divided their outsourcing approaches into two broad categories: (1) large-scale, exclusive outsourcing relationships, or (2) selective outsourcing of specific tasks. A firm's approach to outsourcing impacts the risks it assumes: the relationship, transition, strategic, and technology risks. We describe here how the firms addressed the risks associated with their outsourcing approach.
Large-scale, exclusive outsourcing arrangements. Large-scale, exclusive outsourcing agreements received much of the attention in early outsourcing research.31,32 The risk that multimillion dollar deals can fail serves as a deterrent for many firms. However, firms continue to consummate large outsourcing agreements with a small set of strategic partners, especially for infrastructure services. In addition, firms in our study engaged in large-scale partnerships for application maintenance and development (Table 1).
Four firms in our study outsourced IT infrastructure in large-scale, exclusive outsourcing deals. At Man2 and FinServ2, senior management initiated IT outsourcing as a result of frustration with the high cost and low value of IT. Senior management at Man1 turned to outsourcing vendors to manage IT so that the firm could focus on its manufacturing competencies. Trans1 was a start-up that engaged a vendor to provide capacity on demand so that the firm would not need to invest in excess capacity during a period of uncertain growth. Regardless of their reasons for outsourcing, these four firms have developed clarity around vendor and client responsibilities, which has facilitated increased strategic focus. The CIO at Trans1 noted that having a vendor provide infrastructure services meant that the firm could focus investment dollars in the firm's core travel business rather than in acquiring technology. CIOs at both manufacturing firms noted that outsourcing relieved them of responsibility for operational excellence in IT. They are instead developing IT staff focused on applying IT to business needs. The two manufacturing firms also credit outsourcing with reducing time to market because of the strong technology base and skill set in place in the firm.
Three firms outsourced application development and maintenance in large-scale, exclusive outsourcing arrangements. FinServ3 had made off-shore arrangements with a firm in India. FinServ1 outsourced development and maintenance to a United States firm and subsequently worked with this partner to move some of its work to India. The third firm, Man1, had outsourced application maintenance to a United States firm. Application development outsourcing had provided these firms with variable capacity that allowed resource requirements to fluctuate with the project load. Off-shore outsourcing of development had provided lower costs through wage-rate reductions. Off-shore outsourcing also provided increased project management discipline as the vendor firm brought CMM (Capability Maturity Model) level-5 practices33 to the development environment. Maintenance outsourcing, in contrast, had enabled increased management focus on new and strategic business processes and their related applications.
Firms engaged in large-scale outsourcing arrangements addressed relationship risks through both contractual and informal relationship management techniques. Contractual techniques included establishing detailed metrics and tying those metrics to incentive systems. The metrics evolved as the business changed. Both sides came to recognize that after a few years it became difficult to identify cost savings because of changes in the clients' computing needs. This placed increased emphasis on informal relationship management. In these large-scale outsourcing arrangements both the client and vendor assigned account leaders who worked to establish trust between the two parties. FinServ2 included its vendors in key governance bodies. In addition, FinServ2 enhanced the vendor's commitment to the outsourcing deal by taking an equity position in the vendor—a practice that has been replicated elsewhere.34
Firms engaged in large-scale outsourcing arrangements addressed transition risks by establishing a standardized, disciplined environment for outsourcing. By standardizing IT environments before or concurrently with outsourcing, the firms could more easily adapt to their vendors' standardized services and disciplined processes. Management at FinServ1 believed that the firm's already disciplined project methodology would help generate value from outsourcing of application development and maintenance. Management in this firm and others quickly learned that outsourcing escalated the demands for project discipline and standardized methodology. This firm, like several others, phased in its relationship to allow time for employees to become acclimated to a changing culture and for management to learn how to make the relationship work.
Firms engaged in large-scale outsourcing arrangements addressed strategic risks by clarifying core competencies before outsourcing. At least three of the four firms viewed outsourcing as reducing strategic risk by enhancing management focus. They had partnered with IT experts to do much of their IT work so that they could focus on the strategic capabilities of the firm. The IT experts brought technology standardization and disciplined project methodologies to their clients. Indeed, all the firms valued learning from their vendors about standard technology components and project methodology. But they also noted that, while vendors were learning about their business, vendors could never know their business as well as their own people. Thus, the firms needed to retain—or develop—a competency in applying technology to meet strategic goals. Two manufacturing firms determined they had initially outsourced too much capability. For example, at Man2 management had nearly eliminated its telecommunications staff, but during global change efforts, management decided that applying telecommunications globally required additional telecommunications expertise. The firm then increased its staff from two to eighteen persons.
Firms engaged in large-scale outsourcing arrangements addressed technology risks through due diligence before selecting a vendor. All of the large-scale relationships were with large established vendors that were unlikely to go out of business in the foreseeable future. To reduce the risk of subsequent vendor under-performance, Man1 set up periodic reviews in which management could rethink the allocation of responsibilities between vendor and client. The most recent review had resulted in 15 percent of tasks shifting between the vendor and client. Several other firms had noted in their contracts that new outsourcing deals could be opened to competitive bids—and they exercised that right.
In summary, firms in this study that were managing outsourcing risks in a large-scale, exclusive arrangement were engaging in best practices as defined by existing literature. They carefully crafted contracts and built strong, trusting relationships.35,36 They defined their infrastructure requirements as standard IT services, developed metrics to monitor their quality, and tied incentives to performance outcomes.37 Outsourcing had heightened the need for defining and measuring IT services, and had led to increasingly standardized and disciplined computing environments. The firm with the most painful transition, FinServ2, entered into its outsourcing arrangements with the least standardized technology environment.
Selective outsourcing arrangements. Researchers have proposed selective outsourcing as a risk mitigation strategy.2,8,38 The selective approach to outsourcing allocates specific tasks to the most appropriate vendor. This approach is a natural extension to in-house capabilities for firms that consider IT a core competency. Firms in our research sample used selective outsourcing for both infrastructure and application outsourcing (Table 1).
Man3 and Trans2 used a selective approach to outsourcing infrastructure services, such as desktop maintenance, individual telecommunications services, and Web server operations. Both firms relied on industry standard service definitions and cost benchmarks. Both firms reported cost and quality benefits as a result of careful benchmarking and monitoring of vendor offerings. In the process they relieved management from tending to what they perceived to be commodity services. Nonetheless, they noted that effective outsourcing demanded careful monitoring of service quality metrics. If service levels deteriorated or costs were deemed too high, both firms would attempt to work with the vendor to renegotiate the arrangement, but were prepared to bring a service back in-house or choose a new vendor.
Three firms used selective outsourcing arrangements for application development. These firms partnered with vendors that had specialized expertise in a particular emerging technology. In effect, they had outsourced some technology research and development. The relationships offered access to unique technical skills and covered the period of a project. Selective outsourcing allowed them to experiment with new technologies without having to wait for staff to learn the technologies. In all cases the outsourcing led to new strategic business applications.
Sites engaged in selective outsourcing, whether for infrastructure services or application development, addressed relationship risks by limiting contracts to tasks that could be clearly specified and measured. The application development arrangements were of limited duration with specific outcomes. The infrastructure outsourcing arrangements were specific tasks with ongoing monitoring of metrics. Thus, managing changes that could not be specified in advance was rarely an issue. These arrangements managed change by negotiating a new contract for each new need—often with a new vendor.
Sites engaged in selective outsourcing addressed transition risks by specifically bounding the task to be achieved. Client firms defined their challenge as creating and maintaining the technology and business environment that would allow them to “plug in” the outsourced service. For example, both of the firms outsourcing infrastructure services had developed complete catalogs of the cost and quality metrics associated with each of their infrastructure services. They had also developed highly standardized technology environments, and they chose vendors who could and were willing to comply with their standards. Similarly, firms outsourcing application development limited the responsibility of vendors to fulfilling application specifications that met architectural requirements of the firm. Thus, these outsourcing arrangements involved minimal transition.
Sites engaged in selective outsourcing addressed strategic risks by retaining business skills and selectively outsourcing technical skills. The firms in the study were not concerned that their outsourcing arrangements put their competitive capabilities at risk because, although they had outsourced the technical expertise, they had retained the knowledge of how to apply the technology. In both application and infrastructure outsourcing, management determined that the technical skills they had outsourced could, if needed, be re-acquired from the marketplace. The more important capability—one not easily acquired from the marketplace—was knowing how to manage the technology, apply the technical skills, and use the technology to enhance business value.39 Firms engaged in selective application outsourcing viewed their arrangements as enhancing the strategic use of IT. Because their vendors were developing products and knowledge that would have value in the market, they used contract conditions and first-mover advantages to benefit strategically from their efforts.
Sites engaged in selective outsourcing arrangements addressed technology risks by reducing reliance on any single vendor, thus making them less vulnerable when a vendor failed to perform or went out of business. Two of the firms that outsourced strategic application development noted that, to further manage the risk, they specified “exit strategies” within their firms before entering any vendor agreement. The exit strategies assessed the firm's vulnerability if the vendor could not deliver or went out of business. The strategies also provided for periodic reviews so that the firm would recognize warning signals that the vendor was in trouble. The sample firms did experience failures on the part of vendors—Trans3 found that a vendor was unable to deliver on its promises, and FinServ3 was facing the potential that a vendor would go out of business. Tightly defined vendor responsibilities and a standardized technology environment limited the impact of the failure to very specific IT and business capabilities.
In summary, selective outsourcing spreads risk over multiple vendors. We found that most of the firms engaging in selective outsourcing had already developed a capability to define IT services and related metrics in order to provide clear specifications in their outsourcing deals. The firm (Man3) that had simultaneously defined IT service components while outsourcing those components had some initial setbacks—in particular, unmet expectations in vendor service delivery—but, through experience, this firm too learned to cleanly separate the task to be outsourced from other IT services. Successful selective outsourcing ultimately involved defining standardized architectural components to provide a foundation for the “plug-and-play” of applications and infrastructure services. It also required firms to build the capability to seamlessly integrate services from multiple vendors.
IT architecture as a prerequisite to IT outsourcing
Table 2 summarizes how the firms engaged in large-scale and selective outsourcing arrangements managed their risks. The lessons learned from this study, illustrated in Table 2, highlight the importance of defining and managing outsourcing relationships. Research indicates, however, that vendor and client capabilities are also important in determining outsourcing success.40 Among the client capabilities, the ability to define and manage IT architecture41 emerged as a particularly important capability for firms in our study.
|
| Table 2
Risk reduction practices of the two approaches to outsourcing |
|
|
|
|
|
| Large-Scale Partnership | Selective |
|
| Relationship |
Formal:- Defining clear metrics
- Tying metrics to incentives
- Involving vendors in IT governance processes
Informal:- Assigning account managers as single point of contact for client and vendor
- Client taking equity position in vendor
- Vendor and client interacting constantly and jointly working through issues.
|
- Limiting outsourcing to tasks that are clearly specified and measurable
- Infrastructure: Specific SLAs and continuous monitoring
- Application development and maintenance: Limited duration and specific deliverables
- Regularly benchmarking internal (and current vendor) cost and quality versus the market
- Achieving evolution through new contracts, not by modifying existing contracts
|
|
| Transition |
- Standardized services
- Disciplined processes
|
- Highly standardized technology environments
- Well-defined interfaces between components
- Vendors required to follow the firm's processes and standards
|
|
| Strategic |
- Prior understanding of core and non-core services
- Increasingly building capability to apply IT solutions to business needs
|
- Prior understanding of core and non-core services
- Outsourcing technical skills but retaining business skills
- Growing capability to apply IT strategically and recognize strategic opportunities
- Designing protection into contract as to how vendor partner can market co-developed applications
|
|
| Technical/Vendor |
- Undertaking due diligence
- Using large vendors as partners to enhance likelihood of vendor survival
- Building into contract an option for competitive bids
|
- Reducing reliance on any single vendor
- Specifying exit strategy if vendor goes out of business
- Specifying standard interfaces to facilitate switching
|
|
Architecture defines the standardization and integration requirements of a firm's operating model.42 In this paper, we refer to IT architecture as clarity and organizational consensus around technology, data, and process standards. As companies mature in their architectures, they come to conceptualize their technologies and business processes in terms of well-defined components. A firm's enterprise architecture, by capturing the standardization and integration requirements of the business, provides a roadmap for introducing technology, data, and process standardization to maximize business benefits.43 Outsourcing vendors introduce standardized IT services and processes to manage cost and enhance the quality of their offerings. Firms unaccustomed to standardization, however, experience resistance to vendor initiatives, and thus run the risk of missing out on their potential benefits.6
Many firms do not have standardized technologies and processes. Traditional IT management practices focused on maximizing the benefits of individual applications. Until recently, IT management practices rarely mandated standardized technology environments. Individual functions and business units designed and implemented unique systems on customized technology platforms to support their unique business processes. In many cases, these functions and business units also implemented their own data with unique data definitions. Over time the multiple technology platforms, business processes, and data definitions became expensive to maintain. These enterprise architectures—consisting of silos of business applications, data, and platforms—proved a constraint to enterprise-level strategies. Some firms attempted to conquer the limitations of their existing architectures through massive global implementations of enterprise systems such as enterprise resource planning systems or customer relationship management systems. These “quick fixes” often failed because moving from an environment of silo solutions to more standardized technologies, processes, and data requires organizational learning,44 and organizational learning about enterprise architecture takes time.42
IT outsourcing has served as another “quick fix” attempt to solve problems that resulted from years of isolated, non-strategic IT decision making.45 Like the enterprise systems approach, massive outsourcing often failed. But many firms that initially struggled with their outsourcing arrangements eventually learned how to make them work.37 This learning invariably involved adjusting to more standardized environments.
Well-designed enterprise architectures deliver significant benefits to a firm. Initially, the most apparent benefit is lower IT cost due to technology standardization, which reduces variation in skill requirements, simplifies troubleshooting, enhances interoperability, and reduces time to market. By imposing technology standardization, IT architecture leads to reuse of technology and expertise. More mature architectures provide greater data and process standardization and start to segment standardized technology, data, and processes into reusable components. Firms that have learned how to conceptualize their business in terms of process or service components can benefit from outsourcing those components that offer no unique or competitive capabilities. In addition, firms that conceptualize processes and services as components can preserve management resources by establishing standardized metrics to monitor component effectiveness.
Prior research indicates, however, that few firms have defined enterprise architectures clarifying key process, application, and infrastructure components.42 Most firms are limited by legacies of application silos and multiple technology platforms—all of which require unique and individual attention. New outsourcing models offer opportunities to outsource not only IT components but also business process components, but most firms' architectures do not position them to take advantage of these capabilities.
Utility computing: The new risk-benefit profile
Utility computing proposes to allow clients to buy computing capacity as they do electricity—just by plugging in. For clients the cost is variable and based on the actual capacity they demand, rather than a fixed cost for a capacity they only use during peak periods. They can get the capacity they need whenever they need it, without expending resources and effort to regularly monitor and upgrade capacity. However, the vision for utility computing goes beyond traditional outsourcing of IT services. Vendors are promising to offer applications and business processes, including computing, applications, and expert staff, in an on demand format, just as many firms now buy call center and payroll processes.
New benefits of utility computing. Utility computing relies on several important technical capabilities to deliver these promised services. First, grid computing46 enables a network of processors to provide shared processing capacity and thus extend computing capacity by seamlessly accessing unused capacity elsewhere. Second, autonomic computing47 technology enables a network to be self-healing, and thus provides higher reliability across a system than is currently available. Third, Web services11,48 provide technical standards that facilitate integration across systems. In combining these three capabilities in a one-to-many business model, vendors expect to offer on demand computing capacity and a wide range of plug-and-play technology and process components.
While utility computing can be used internally by firms with high IT management capabilities, we expect that, for most firms, much of the impact of utility computing will be on the extent and nature of outsourcing. These benefits of utility computing enhance current benefits of IT and business process outsourcing: lower cost, variable capacity, and increased strategic focus. On demand capacity may allow firms of all sizes to invest less in computing capacity. Firms can share their requirements—and their costs—for processing power. Advances in autonomic computing may reduce the number of people needed to monitor operations, thus reducing labor costs. In addition, the availability of high-quality standardized technology and process components should enhance management's ability to focus on strategic competencies.19,21
Shifting risks in the world of utility computing. To capitalize on the potential benefits of utility computing, client firms will rely more heavily on the technical—and perhaps business process—capabilities of vendors. This reliance will reshape the risks associated with outsourcing. Existing relationship risks may be mitigated by more clearly defined service offerings and unit prices. However, the increased number of service offerings—and potentially the number of vendors providing those services—may create a complex outsourcing landscape. Vendor partnerships consume significant management attention. Thus, firms are limited in the number of strategic partnerships they can manage.49 To plug-and-play the many services that utility computing may offer, firms may need to fashion many of their vendor relationships like transactions, that is, through fashioning well-developed standards with standard processes for monitoring performance.
Hong Kong-based Li & Fung Limited provides an extreme example of how firms can strategically integrate a wide range of standard processes and process components.50 Li & Fung Limited manages a network of over 7500 manufacturers to meet the customized needs of retail clothing stores. The firm's unique capability is to standardize and modulari ze the process for manufacturing and shipping individual clothing orders. Li & Fung Limited relies on a set of standardized metrics to monitor cost and quality to ensure that each vendor is performing effectively. Regular plant inspections provide additional assurance that vendors are meeting standards as well as an opportunity for sharing best practices. The firm is able to manage large numbers of vendors because it has standardized the interface with its suppliers and standardized the metrics for assessing the relationship. This capability of standardizing process components, interfaces, and metrics will help firms manage the relationship risks associated with utility computing.
In order to deliver utility-based services at low cost, vendors must implement one-to-many computing models. Web services, in particular, are easy enough to use (though still challenging to develop) so that utility computing that uses Web services might be presumed to minimize transition risk. However, the utility computing model introduces new services that involve adopting increasingly standardized business process components. Thus, the transition risk associated with utility computing refers to the difficulty of adopting standardized business processes. Client firms' difficulty in adopting standardized technology environments29,42 suggests that adopting standardized processes will not be an easy transition. The experience with ERP showed how difficult it can be for firms to standardize even their most commoditized processes.51,52 Firms will gradually learn how to adopt and integrate standardized technology, data, and processes to counter transition risks.
Utility computing will likely lead to increased industry-wide process offerings,5 and this changes the nature of strategic risk as firms attempt to identify what makes them unique. If firms “give away” core competencies, they risk losing competitiveness, but not outsourcing enough may be a greater risk than outsourcing too much. A firm that develops a plug-and-play capability will be able to reclaim outsourced services by discontinuing a vendor relationship and building the capability internally. More importantly, the firm that outsources processes that have no potential for competitive advantage has more opportunities to identify and develop strategic opportunities. Retaining non-core capabilities, on the other hand, is risky because a firm can waste valuable resources. Worse, an arsenal of non-core capabilities can be difficult to unlearn. Unlearning capabilities is often more challenging than learning new capabilities.44
While utility computing is new, technology risks will be heightened. Grid and autonomic computing are largely untested, and failures will almost certainly disrupt workflows. Clients also bear the risk of vendor failure if the vendor cannot acquire enough customers and profitably reach scale. However, the growing number of vendors—and thus reduced reliance on a single vendor—should offset some technology risk. The presence of large, established vendors in the utility outsourcing space may increase confidence in the viability of the utility computing model. Firms may counter technology risks by outsourcing key infrastructure components—those most demanding of reliability and security—to established vendors. At the same time, outsourcing business processes and higher level infrastructure services may allow them to spread the technology risk of their business process outsourcing. In any case, developing standard interfaces using Web services will likely be important to managing technology risk by minimizing the difficulty of changing vendors.
The shifting risks of utility computing will heighten the importance of IT architecture as a base for building outsourcing competency. A solid architecture will help firms establish the bounds of individual processes, create a technology and process foundation for plug-and-play processes, and set up monitoring processes that enable firms to leverage the offerings of multiple vendors. Firms have proved slow to evolve their architectures,42 so they may not be able to quickly seize the opportunities presented by utility computing.
Prior research on IT outsourcing suggests that relationship management and contract development are key to outsourcing success.15 These competencies will certainly continue to be important in utility computing arrangements. The evidence suggests, however, that those capabilities will not be enough to ensure successful outsourcing. Another critical factor is an architecture that specifies technical standards and defines the components of technology and business process. This standardization and componentization will be important for identifying both what services can be outsourced and how the outsourced services can be integrated back into the whole.
Conclusion
Our analysis and the outsourcing literature suggest that utility computing will shift firms' objectives for outsourcing from a cost emphasis to an emphasis on strategic agility. New technology capabilities will introduce some valuable opportunities to cut costs, but firms are more likely to pursue outsourcing because it better positions them to seize strategic business opportunities. Utility computing facilitates strategic agility by making available computing services and business process components on a when-needed, as-needed basis.
We anticipate that utility computing, when combined with the already significant momentum around outsourcing, will lead to significantly more outsourcing. The technologies make it possible for large numbers of services to be purchased rather than performed internally. Thus, firms will be able to do more with less. Outsourcing in a utility environment will enable firms to devote less attention to mundane commodity-oriented IT tasks and industry standard business processes. Instead, firms will be able to allocate their most strategic resources to their most strategic opportunities.
Not all firms will benefit equally from utility computing. Firms perceive different demands for strategic agility—the need being most acute in fast-changing industries such as financial services, retail, and media. In addition, achieving the benefits of any kind of outsourcing—and particularly outsourcing based on a utility model—demands that firms effectively manage outsourcing risks. Our research highlights first, the importance of managing the vendor through either relationship management focused on developing and maintaining a strategic partnership or well-managed service definitions and metrics. Second, our research indicates that no matter how a firm manages its vendors, a firm's IT architecture will be instrumental in the firm's readiness for the plug-and-play offerings that utility computing models are likely to make available. Firms that develop increasingly powerful architectures and map out the approach they want to take in working with vendors should find significant benefits as utility computing models become state of the art.
Developing enterprise architectures for outsourcing. Preparing for utility computing requires building an architecture that helps the firm define its operations in terms of technology and process components. To position themselves for that future, firms need to design architectures that increasingly clarify what should and should not be standardized in their firms. At an enterprise level this involves defining what technologies will be shared across all business units and what business processes can be replicated globally. This process also involves determining when the firm should apply industry standards and when it should pursue a unique competency.
As firms gradually implement components to capture standardized technologies and processes, they build a strong base for plugging in components that capture their unique, strategic processes. A firm that has an IT architecture built around a plug-and-play concept can easily combine internal and outsourced capabilities. The plug-and-play concept is central to utility computing because the components offered in a utility computing model are valuable only if a firm can easily add (and later discard) one component without affecting other components.
A firm that has not defined its technology services in terms of firm-wide and industry standards and established metrics around those services has limited its opportunities for benefiting from any kind of outsourcing and especially utility computing. A firm can address this limitation in three ways. First, it can aggressively pursue a strong IT architecture before attempting to outsource IT. This approach will enable the firm to be more effective in defining and executing an outsourcing strategy. But, implementing technology standards and metrics can take a considerable amount of time, and many firms have not yet been able to develop the internal will to do so.42 Meanwhile, cost pressures and new technologies are driving more firms toward outsourcing in the near term. Thus, waiting to outsource until after the firm has developed competency in defining architecture standards is not always viable.
As a result, firms may pursue a second option, which is to enter a strategic partnership arrangement in which the vendor helps the firm develop its architecture incrementally. FinServ2 took this approach. Initially, the relationship was rocky, but as the value of clear service definitions became more apparent, the firm became increasingly able to identify a set of well-specified service components with well-defined performance metrics. By starting to define standard infrastructure service components, FinServ2 was able to improve its relationship with its vendor and generate greater benefits from its outsourcing arrangements.
A third option is a hybrid. The firm can incrementally outsource pieces of its IT portfolio, starting with the most clearly defined components and incrementally adding services as it gains better understanding of how to bound its services. The hybrid option enables the client firm to develop trust with its vendor partner, learn to define architecture, and gradually take on more challenging opportunities. FinServ1 used this approach with its vendor, initially outsourcing only a small part of its application development. Then, as client and vendor became comfortable with one another, and FinServ1 gained experience with standardized project methodologies and increasingly standardized application components, FinServ1 was able to garner greater benefits from the outsourcing relationship.
The architecture does not relieve the need to develop effective partnerships for large-scale outsourcing and effective service definition and metrics for selective sourcing. However, the architecture can provide a basis of understanding for growing a partnership or defining IT services. Whether a vendor partner helps to define the architecture or merely learns how to live with it, client firms should recognize architecture as a potentially powerful tool for clarifying expectations.
Outsourcing models in a utility environment. A key strategic decision in defining a firm's architecture is deciding on the granularity of components. As we described earlier, selective outsourcers tend to buy relatively granular components and use internal capabilities to wire them into unique combinations that provide strategic value. But, they run the risk of defining services too narrowly. This requires them to manage larger numbers of components, which can be unnecessarily time-consuming and expensive. In contrast, firms pursuing large-scale partnerships tend to buy much larger components of service, relying on their partners to integrate granular components into a cohesive service. This runs the risk that the firm may define services too broadly and then will have difficulty extracting unique components from commodity services.
Firms are learning how to make these granularity decisions in their current outsourcing arrangements. For example, the firms pursuing large-scale exclusive relationships were continuously clarifying service offerings and their metrics for assessing vendor performance. Firms like Man1, Man2, and FinServ1 noted that they reviewed vendor responsibilities on an ongoing basis, sometimes reallocating individual responsibilities between the vendor and in-house staff. In contrast, firms doing selective outsourcing were developing service catalogs, benchmarking against industry standards, and defining standardized processes for monitoring vendor performance. We expect that learning from current outsourcing efforts will be important to generating increased value from outsourcing as utility computing capabilities become widespread.
We anticipate that both large-scale partnerships and selective outsourcing will prove viable in a utility computing environment. Firms for whom IT is not embedded in strategic products and services will find significant benefits in large-scale partnerships. These partnerships relieve them of the search, management, and integration capabilities required to deal with multiple vendors. The CIO of Man1 noted that when a software vendor contacts him about a possible sale, he is delighted to be able to respond that his strategic partner is the point of contact on those decisions. By outsourcing a large bundle of integrated services to a single partner, this CIO and many others can focus on what the firm believes to be its core competencies—usually not IT operations. Large-scale partnerships are also likely for firms (or parts of firms) that are small, and thus cannot generate the kinds of economies internally that vendors can provide externally. Firms engaged in large-scale partnerships will almost certainly also do some selective outsourcing as well, but plug-and-play in these firms will largely refer to plugging into a technology environment managed by a strategic partner.
Firms with well-defined enterprise architectures, a history of IT operational excellence, and a focus on IT as a core competency may continue to pursue selective outsourcing in the world of utility computing. The growing array of externally provided services suggests these firms will increasingly integrate components from outside the firm into their internal operations. By buying services from the best source and integrating them in unique ways, these firms will attempt to generate competitive advantage through distinctive IT operations. Trans1 and Trans4 currently use this model, providing the most strategically effective mix of standard and customized IT services for the business. These firms outsource services only when a vendor offers a cost or quality advantage. Firms choosing to outsource selectively will need to develop solutions superior to industry standard solutions and then become adept at defining standardized interfaces. Selective outsourcing averts the time-consuming demands of managing a strategic partnership. However, selective outsourcing demands that firms develop standard approaches to monitoring processes so that the selection, management, and integration of multiple vendors does not consume inordinate amounts of management time. Otherwise, firms that outsource a larger bundle of their infrastructure services will have a competitive edge in management focus.
Finally, the increasing standardization of technology and process in the utility computing model does not mean that firms will have no source of competitive advantage through IT. Rather, the increasing availability of standardized IT components will make the effective use of industry standard components a prerequisite for long-term survival. Whether a firm selectively outsources or uses a partnership, integrating standard components effectively and building unique capabilities on those standards can facilitate strategic agility and become a significant source of competitive advantage.
Acknowledgments
We wish to thank research associates Tahsin Alam, Rob Walpole, and Tolu Adeleye for valuable input and insights during this study. This research was made possible by the support of MIT Sloan Center for Information Systems Research (CISR) sponsors and, in particular, CISR patron IBM Corporation.
Accepted
for publication October 1, 2003; Internet publication January 14, 2004. |
HTML