SCDigest Editorial Staff

SCDigest Says:

Managing an outsourcing deal well is not just a matter of negotiating effectively or implementing an SLA oversight model. What Do You Say? Click Here to Send Us Your Comments Click Here to See Reader Feedback

We've seen many guidelines in the past for how to minimize risks from global sourcing, but maybe none as practical as those published earlier this year by our friends Douglass Brown and Scott Wilson over at The Black Book of Outsourcing.

Below, you will find their recommendations for minimizing supply chain risks from offshore outsourcing arrangements. While they have a bit of an IT or business-process outsourcing slant, we think they are very appropriate for general product outsourcing as well:

1. Be Aware of where your processes and data are outsourced: Do not wait until a crisis to learn that your organizational security or service is compromised.

2. Perform a thorough analysis of destination risks before agreeing to a vendor’s proposal to shift operations locations to save money.

3. Prepare and update crisis contingency plans to addressing each offshore supplier agreement: Establish crisis contingency plans in each of the ten areas of major and current vulnerability and update to keep current for constantly changing global situations. Be able to nimbly shift to alternative sources for essential operations. There is no substitute for specific and delegated contingency planning prior to a crisis.

4. Keep ready a planned course of action for bringing operations back in house: This includes keeping skilled staff on board or accessible who can execute the plan at a moment’s notice.

5. Dry run your alternate courses of action for transitioning operations to an onshore outsourcer: Contractually demand that your data and service back-up is kept on the same shore and an alternative data center can be used when you choose. If your vendor cannot accommodate or dissuades your concerns with platitudes, change before a crisis occurs.

6. Obtain and understand your suppliers’ crisis, disaster recovery, data transfer, back up, chain-of-command structures, communications and related planning documents on your behalf: Who on your team appreciates when and how these plans will take affect?

7. Identify industry consultants who can lead your business through an offshore crisis: Maintain an “A” team of experts in crisis communications, project management, programming, system administrators, client relations, investor relations, and process implementation. Likely, if it’s a catastrophic regional situation, the best and the brightest of global outsourcing consultants will already be engaged by those who planned ahead.

(Sourcing and Procurement Article - Continued Below)

Consultants may also work on a retainer basis going forward to protect your interests when things go wrong in another hemisphere.

8. Outsourcing governance leadership is an essential team investment more than ever: Offshore outsourcing, in particular, is a risky proposition, but one that offers potential benefits to the organization in terms of cost, service levels, process transformation, and access to talent.

Managing an outsourcing deal well is not just a matter of negotiating effectively or implementing an SLA oversight model. Effective outsourcing management requires a life cycle approach that includes a robust crisis strategy. Whether you are contemplating an outsourcing arrangement or are well into one now, it’s never too soon to start looking for the vulnerabilities of where your supplier operates in the world.

9. Monitor the operational delivery location requirements: Often, suppliers come to their clients and propose additional cost savings by moving to the supplier’s newest or cheapest delivery location. Do not leave the decision to the vendor and protect your position in your contracts.

10. Have proper written policies that strictly prohibit any conduct that is considered as a statutory violation of US Foreign Corrupt Practices Act: Proper implementation of the policy requires ensuring that you continuously monitor the activities of offshore vendors and take appropriate actions in case of violations of the policies. Anti-bribery provisions prohibit Issuers, domestic concerns, and any person from making use of interstate commerce corruptly, in furtherance of an offer or payment of anything of value to a foreign official, foreign political party, or candidate for political office, for the purpose of influencing any act of that foreign official in violation of the duty of that official, or to secure any improper advantage in order to obtain or retain business.

11. Do not rely on the short list of references the vendor will supply in the due diligence phase: References and comparative Black Book Client Experience Reports that fewer people are making offshore site visits because of costs and personal safety reasons. Black Book‘s role is to collect client experience to reduce the expense of site visits. This risk can be mitigated simply by verifying their claims and talking with their existing customers and other industry references. If budgets permit, visit the offshore locations where your data will be sourced.

12. Your business won’t be the only client affected in a major crisis and vendors will prioritize repairing the largest customers first: Hits to major outsourcing hubs will disrupt economies, staffing and operations. If you do not have requirements and action steps in place to protect yourself, you may be permanently damaged. If vendors are rendered disabled or completely shut down, how will you react? How long will a mid-sized business wait for supplier attention behind larger clients?

13. Seek best practices for managing and safeguarding business data in a crisis: Include disaster recovery, periodic security audits, lawful treatment of data and interruption of business.

14. Mitigate risks of offshore outsourcing by assessing their security capabilities before a crisis: Do your suppliers follow any industry security consortium or security certifications? Demand a security check-up, and regularly.

15. Remain in charge of your company’s Global Delivery Model: This is an excellent way to mitigate the risks of offshore outsourcing. The model can be based on having the project conducted offshore, but with vendor resources located onshore. The local contacts help you communicate with the vendor and increase collaboration between the offshore and onshore teams that are working on the project.

Smart advice – how many companies really take their risk mitigation this far? We suspect very few – unless they have been burned by offshoring strategies in one way or another before.

What do you think of this list of risk mitigation guidelines? What would you add? Do many companies take it this far? Let is know your thoughts at the Feedback button below.