Do not set out to fail

Risk can be reduced through more effective outsourcing, finds Fran Howarth

Howarth: Outsourcing should take into account the previous experience of the customer

Organisations primarily outsource business processes to reduce costs and increase value. But careful planning is required.

More contracting out of application development is happening. The Quocirca report Winning Outsourcing Strategies, sponsored by Ounce Labs, presents the findings of a survey among those responsible for application development outsourcing at 200 of the largest organisations across five sectors in the UK and US.

Two-thirds of respondents were outsourcing at least half of their software development, many having recently moved to full outsourcing. The greatest appetite for outsourcing was found in public sector and retail organisations.

Bespoke development provides specialised applications or services that
provide specific functionality, often supplementing the general capabilities
of off-the-shelf packages. By offering enhanced functionality, bespoke applications can set a company apart.

Yet the fastest-growing areas of outsourcing are software-as-a-service (SaaS), cloud computing platforms and similar. Frequently, code is written to glue existing or hosted services together, often using a service-oriented architecture, or to create functional components, rather than an entire application from scratch.

Yet outsourcing can be risky. Quocirca research shows these risks are real,
especially for less-experienced organisations, whose outsourcing is done
on an ad hoc basis rather than as a core strategy.

Industries with the least outsourcing experience can have a more difficult time completing projects. Some 77.5 per cent and 65 per cent of the more experienced retail and public sector projects, respectively, resulted in success.

Transport and financial businesses exhibit daunting levels of failure ­ with 50 per cent of projects called off, and 30 per cent by finance firms resulting in legal action
after project failure.

The reasons for these failures are clear.

Those with the most experience understand the importance of getting the contract right. They stipulate stringent functional and security requirements, getting greater control and reducing the risks of a below-par application being delivered.

Those outsourcing at least 75 per cent of their application development are three times as likely to stipulate security audit requirements in contracts.

They can better verify that the applications will perform as required, without serious vulnerabilities, and greatly reduce the risk of project failure.

Another interesting finding was that less-experienced organisations are the fastest to embrace application services via SaaS or managed service providers.

All respondents cited security as a huge challenge when using external services,
yet those that make the most use of such services ­ financial organisations ­ demanded the least security from business partners.

Our report pulls out the best practices followed by the more experienced leaders
to show how building proper safeguards into outsourcing projects can shield
organisations from project failure and help build up repeatable processes that ensure the success of subsequent projects.

Fran Howarth is principal analyst at Quocirca