The Science of Sourcing Governance

This blog has only one objective, namely; to demystify sourcing governance.

I will identify the formulae for the successful implementation and management of an efficacious sourcing governance framework. The intended benefit is that firms and service providers will be able to focus on the truly value-adding elements of the sourcing relationship. 

Today, most firms replicate the infrastructure spend model in their sourcing governance. Specifically, most firms spend a disproportionate (significant) amount of their IT budgets 'keeping the lights on', which is yesterday’s news. Firms typically spend between 70% and 80% of their IT budgets on these lights (Gartner, IDC).

Firms also spend the vast majority of their sourcing governance investment on yesterday’s news. They are chronically bottom heavy, in that they have numerous operational level forums - Service Review, Change Advisory Board, etc. The higher order forums, involving strategic direction and executive participation tend to be at best cosmetic, but in the main, are not even scheduled.  If you perform an analysis based upon time invested, the result would be closer to 90% of vendor management investment (spend) focused on yesterday’s news (IT Operations).

We continue to see evidence of pain when it comes to sourcing governance:

'With still a lack of robust governance guidelines to manage outsourcing contracts within many organisations, organisations are struggling with the issue of exercising control over the business outcomes they plan to achieve from their outsourcing contracts.' IDC Report, March 2008 – In the mind of the outsourcing customer.

We have substantial literature 'showing the strong positive relationship between outsourcing governance capabilities and outsourcing success and satisfaction'. (Stan Lepeak, EquaTerra, 2009). Stan does state:

'Highlighting the importance of good outsourcing governance is the easy part.  Much harder is figuring how to be good at outsourcing governance and getting the skilled resources, budget, software tools and executive support required to do so… this is just as importance to service providers as it is to buyers.'

We now have a level of maturity where we can apply scientific principles to the area of sourcing governance. We can and should implement the formulae and adhere to the ratios which characterise the science of sourcing governance. The benefits will be cheaper, faster, smarter, better and greener IT operations and decisions.  

It is easy to implement the science of sourcing governance, but not painless. What is clear is that effective governance is a prerequisite for sourcing success.  In fact, numerous studies have shown that the value lost from poor sourcing governance ranges between fifteen and fifty percent of annual contract value (Cutter, Sourcing & Vendor Relationships, Vol 5, No 8, 2004; EquaSiis Market Assessment - Effective Governance Yields Outsourcing Value, 2009) .

The simple view of the science of sourcing governance is that it is the disciple of ensuring all parties involved in the sourcing relationship ‘do the right things, and do them right’. That is, make right decisions in the right way.

There are three elements to effective sourcing governance;

1. People
2. Processes
3. Tools

I will identify the formulas and ratios which must be applied in each element for a healthy and efficacious sourcing governance framework, that complies with ISO/IEC 38500:2008 - Corporate governance of information technology.  More importantly, this blog formalises the relationships between these elements. I will answer the question of what is the relationship between the People, the Processes, and the Tools, to ensure the best sourcing outcomes.

Why do we need science around sourcing governance? Because when it comes to sourcing governance we do not know what we are doing in a systematic and comprehensive manner. The term governance is misunderstood[1]. Why has this situation arisen? The simple answer is that the IT community has invested the past two decades or so in ensuring the processes for the effective operation of IT are understood. As a result, several frameworks have been developed, the most recognized being ITIL and COBIT.  These frameworks have promulgated the disciplines around IT operations and audits, respectively. Unfortunately, the IT community did not make a comparable investment in the processes central to the efficacious governance of sourcing relationships. In fairness, back in the early 90’s getting IT operations sorted was the priority. Moreover, the vast majority of IT operations were managed in-house so relationships with other parties were a second order matter.

The first of the three elements, People, will appear in the next blog. For now, the People element is all about getting the right "Quanity and Quality" of resources to effectively manage your sourcing relationship. 

---

[1] Refer to Impotence and IT Sourcing Governance.  

People – ‘Quantity and Quality’

The People element of sourcing governance is best described as having the right quantity and quality of resources to extract the maximum value from the sourcing relationship[1]. What is required is the right organisational and account team structures and resources. What does this mean? It means having clear accountabilities and clear financial delegation within the firm’s retained organisation and the providers account team. Here is the first formula or heuristic; the customer (C) must ensure that it has invested a minimum of 5% of the annual contract value for the management of the sourcing relationship. Gartner has observed that firms invest between 3% and 17 % of the annual contract value (ACV) in the management of the sourcing relationship. The Carnegie Mellon eSourcing Capability Model for Client Organizations (eSCM-CL) states that governance costs should be between 2% and 12% ( eSCM-CL v1.1 Part 2, p. 262). I have selected 5% as a minimum. Customers must be aware that this investment will need to be higher for the following conditions; smaller relationships or deals, inexperience in the management of service providers (P), and where the relationship is transformational. This is expressed as;

GOVERNANCE Customer Annual Spend Percentage (GOVcas%)

Where GOVcas% is the percentage of ACV that you should invest in governing your sourcing relationship, expressed as an integer (INT)[2]. The first element of this formula is basically capped at 6.75% for deals with a monthly contract value (MthCV) of $5,000. If your retained IT sourcing resources, typically referred to as the Vendor Management Office (VMO), have no experience make the second element equal to 5. If your VMO has only one year of experience make the second element equal to 4. In all other cases, apply the formula for the second element expressed in total cumulative years of experience of your VMO (CumYrsEXP). The final element is a flat overhead for the type of deal. I have used Gartner’s sourcing deal types. The customer should apply an additional 2% to the cost of governance if the deal type is Creation or Optimisation. (There are only four Gartner sourcing deal types [a 2 X 2 matrix] and they can be found on-line - http://www.gartner.com/it/content/507100/507130/newrealitiesaug16.pdf , see slide 13)  These deals are characterised by business value add rather than the more straight-forward IT efficiency deal types, which I refer to as, ‘Your mess for less’.

Examples:

1. Base end: MthCV = $5,000;  CumYrs EXP = 5 years; Deal Type = standard (IT efficiency)

·         GOVcas% = INT(5(1.35) + (1.43) + (0)) = 8

·         In this scenario the customer should be spending 8% on the cost of governing the provider or $4,800 per annum, which equates to approximately one FTE @ 0.5 day per month.

2. Large end: MthCV = $100,000;  CumYrs EXP = 20 years; Deal Type = standard (IT efficiency)

·         GOVcas% = INT(5(1.0) + (0.77) + (0)) = 6

·         In this scenario the customer should be spending 6% on the cost of governing the provider or $72,000 per annum, which equates to approximately 40% of an FTE or two staff investing one day per week managing this relationship.

Customers must also recognise that this investment must be added to the total cost of Services to assess the true financial benefit of the sourcing relationship. Without a clear and compelling financial benefit, firms must not outsource. Otherwise, they are violating Coase’s Law.

The other heuristic for the People element is to have invested in the minimum number of roles. Specifically, the customer must have three functions in its retained organisation. For smaller sourcing relationships these functions can be performed by one resource. The three functions are;

Minimum Best Practice Customer (MBPc):

1. Business Relationship Manager – to manage the relationship between the firm and the service provider, often called Vendor Manager, and to manage the interface between the business units and the service provider

2. Performance Manager – to manage the quality (SLAs), commercials, and value from the sourcing relationship

3. Finance Manager – to manage the cost of the Services

Translated into a formula this MBPc is:

Customer Sourcing Account Management (SAMc) Formula:

Subscript ‘c’ denotes Customer.

The service provider must have the following four functions. For smaller sourcing relationships these functions can be performed by one resource. The four functions are;

Minimum Best Practice Provider (MBPp):

1.      Account/Client Manager – to manage the overall relationship between provider and customer
2.      Delivery/Service Manager – to manage the delivery of contracted Services.
3.      Business Manager  - to manage all the corporate functions associated with the relationship.
4.      Finance Manager – to manage the billing and invoice function.

Translated into a formula this MBPp is:

Provider Sourcing Account Management (SAMp) Formula:

Subscript ‘p’ denotes Provider.

Depending upon the deal scale and scope, the customer and service provider must ensure they have the 5 Rights. The right;

1. Number of resources

2. Type of resources

3. Organisational structure

4. Decision authority for each resource

5. Accountability for the governance processes

So far I have provided guidance on the number and type of resources. Specifically, stick to more than 5% of ACV for your customer team and ensure you have owners for each of the functions listed above.

In terms of bullet point three, the organisational structure, the best tip is;

Tip:  ensure your organisational structure is clear, current, documented, communicated for both the customer and the provider Account team, and that it makes sense.  

Guidance on bullet points four and five is provided in the Processes section below. In terms of people, both parties must ensure that the resources actively participate in the account governance structure. That is, each functional owner must participate in at least one governance forum.

Ratio: 1:1 functional ownership to governance forum participation.

What does this mean? If you are a Business Relationship Manager you must meet with your counterpart, the Client/Account Manager at least once a month, covering specific terms of reference.

In this section, I have discussed the ‘who’ needed for effective sourcing governance. I have introduced the link between who talks with whom. This will be expanded upon in the discussion on Tools.

---

[1] I discuss the dimensions of sourcing value in another blog.

[2] Rounding up to an integer is appropriate given the level of reliability.

Processes – ‘Completeness and Alignment’

As previously stated, the IT community invested significantly in the understanding and development of processes required for effective IT operations. Simply put, ITIL V2, has ten processes and one function (Service Desk) which encapsulates IT Operations. (I have specifically not referred to ITIL V3 as there is debate as to how many processes are prescribed!) COBIT V4.1 has 34 processes. We simply do not have an equivalent level of understanding or maturity regarding the management of sourcing relationships. We do not have a universally accepted best practice set of processes for the management of sourcing relationships. In fact, having worked on ITIL V3 during my time with HP, I remained concerned that the collective effort of wisdom produced one simple vague paragraph amongst the five books to cover the governance of service providers!  Moreover, pick up any text on sourcing and you will not find a simple list of the governance processes. Google the term ‘sourcing governance’ and you will see what I mean. You will find a laundry list and maybe even be able to cobble one together from the texts, web-pages, blogs, etc. These laundry lists simply reflect the predilection of the service provider, advisory partner, and author.

This lack of maturity and discipline has resulted in high risk, lack of value and high level of dysfunction and reactivity in the management of sourcing relationships. The best advice afforded customers and providers are generalities about making sure the processes and decisions are managed well. But what are the processes? How do we know that the processes are the right ones and the list comprehensive?

The sourcing governance process principle is:

‘Not all governance processes apply to all relationships, but some governance processes apply to all relationships.’

There are twenty-five sourcing governance processes derived from experiential rather than empirical evidence. Furthermore, it is proposed that this set of twenty-five processes is comprehensive. That is, this set is generalisable to all types of sourcing relationships, regardless of scale, scope, or type.

For effective sourcing governance, the minimum best practice in terms of process ownership is;

Minimum Best Practice Customer (MBPc) & Provider (MBPp):

1.       Contract Management

2.       Issues Management

3.       Service Level Management

4.       Invoice Management

5.       Service Request Management

Then;

6.       Project Management (if there is demand)

Please note that the processes listed above do not appear in order of importance. The relative importance of these processes is dependent upon the deal type. The reason I separated Project Management is that is it not a necessary minimum process for an effective sourcing relationship. Depending upon the Services contracted there may not be any concomitant projects.

The best practice above means that someone in the customer’s organisation must be the sole owner of one or more of these processes for the relationship. The corollary is that the provider must also take and assign ownership of this minimum set of processes.

For the remaining governance processes[1], firstly establish ownership within both the customer and service provider. Second, establish the priority, and the relevance to the sourcing relationship of those processes. Finally, establish the requirement for a process document. Depending upon the maturity of the customer and provider, compliance with ISO 9001:2000 is sufficient. (That is, ownership, inputs, outputs, activities and key success factors for each process listed.) Then ensure all decisions are recorded in the relevant governance meeting minutes and the process ownership template (or contract) is updated.

What is needed for effective sourcing governance is the right number of processes identified for the particular sourcing relationship. Once identified as being relevant to the relationship at the particular point in time, these processes then have to have a customer and service provider owner.

More importantly, these processes must be allocated to the right governance forum.

Ratio: 1:1 process ownership to a governance forum.

COBIT V4.2 and ITIL V3 do not contain all the governance processes. Their etiology is from audit and IT operations, respectively, not management and good governance of vendors.

Why these five processes?

Contract Management: First and foremost, the “rules of the game” are defined/prescribed in the contract. Over the years I have heard both customers and providers argue the entire continuum of positions pertaining to contract management, ranging from “once signed put the contract in the drawer for a healthy relationship’ to ‘check every clause and make sure the bastards are delivering what they promised’. The bottom line for me is that the contact is the first rule for the relationship. In the absence of a contract, you simply have a constellation of stories (perceptions, predilections) which inevitably will result in dissatisfaction.  You must ensure two things for effective Contract Management. First, that the contract is readily accessible to those who need it. Second, the contract is up-to-date.

Issues Management: To ensure the health of the relationships all issues must be recorded, owned and resolved appropriately.

Service Level Management: This is the performance heuristic in your sourcing engagement. Someone has to own this process as you a paying for a level of performance.

Invoice Management: Ensuring the financial benefit of the sourcing engagement is the prime success factor. This is consistently borne out by sourcing research.

Service Request Management: Effective management of the on-going requests for Services is paramount to sourcing success. For example, you must be able to efficiently add new users or software, modify or refresh operating environments, and retire software and hardware.

In this section, we have discussed the ‘what’ needed for effective sourcing governance.  In the next blog, ‘Tools’, I cover the tools needed to execute an effective sourcing governance framework.

---

[1] The complete list of governance processes appears in a blog.