Do you know how much risk your outsourced service provider contributes to your business? Do you know how their low level of organisational maturity could undermine your organisation’s ability to meet the performance expectations of your stakeholders? Do you know if your service provider continues to deliver on its original value proposition?

 

At a time when companies are facing an economic downturn, executives need to be mindful of the impact outsourced service providers have on the success of their business both in the short and long-term. If not managed properly, the initial benefits of outsourcing can quickly be reversed and the many significant risks could go unmanaged.Service providers, just like any other business, will be looking to cut costs. To what extent is this going to be acceptable to their customers? 

 

Too frequently organisations enter into outsourced arrangements without properly preparing themselves for something that is now well known to be inherently risky. With good planning, preparations and management the risks can be managed and the benefits become sustainable.

 

The start must be a good understanding of the roles and responsibilities that are divided between the organisation and the service provider. This will enable a governance framework to be built for the many decisions that need to be taken and the processes defined and used to reach these decision points. The tool to use is a detailed process flow RACI chart.

 

At the heart of good governance is maintaining a capability to perform consistently in delivering against the stakeholders’ expectations. When the business success is built on a relationship with an outsourced service provider it becomes critical that the required capability of the service provider be articulated.

 

Processes which contribute to the organisations efficiency and effectiveness need to reach a process capability level of 3. Where managing the inherent risks in IT is important the organisational maturity level should be 2. Frequently service providers operate at a process maturity level of no more than a 1 (i.e. they are completely dependent on the people they can hire or the products vendors supply). What is adequate will depend on the organisation’s business goals and the role information and the related technology play in supporting the organisation’s value chain. It is important that what is expected of the service provider is articulated clearly and provided by the service provider selected.

King IV Corporate Governance Assessment

King IV assessmentAssess the current level of your organisation's corporate governance using this King IV assessment tool.

Read more...

COBIT Assessment as a Service

COBIT 5 AssessmentConduct a COBIT assessment using this COBIT Assessment-as-a-Service.

Read more...

POPIA Preliminary Assessments

it governance oversightPOPIA preliminary assessments provide an efficient and effective approach to determining the extent to which the requirements of the Protection of Personal Information Act have been addressed.

Read more...

Go to top