Risk versus reward for IT outsourcers

Service providers and customers need to rebalance their respective risk, says Roger Newman

Newman: Successful risk-reward systems are often based on projected revenue or savings, alongside SLAs

Customers have often, naturally, been inclined to focus on risk, and shifting that risk to their outsourcer. Meanwhile, service providers have tended to be more interested in the reward, while limiting risk.

This stand-off does little to drive the right behaviours from both sides. Service providers must take a more co-operative stance, sharing risk with their customers to build confidence for a long-term relationship.

As outsourcing relationships mature, organisations can move to Outcome Based Agreements (OBA), where suppliers are contracted specifically to achieve business outcomes for and with the customer.

Risk and reward can mean different things. It can mean introducing a system of service performance. An outsourcing provider may earn a bonus if they consistently exceed service performance.

Alternatively, the reward could be the ability to offset or earn back previously incurred service credits. At a more collaborative level, the incentive could include a share of the improvement achieved or a percentage of the revenue achieved by the business.

The risks, however, could include a penalty payment for underperforming such as not completing a project at a set deadline.

Successful risk-reward systems are often based on projected revenue generation or cost savings and predefined Service Level Agreements (SLAs).

The most obvious way of measuring performance for the purposes of service reward is against defined SLA agreements. Incentive mechanisms could also be linked to overall industry performance.

The service provider could, for example, qualify for more reward if its performance in certain key measures over a defined period of time puts it in the top quartile of industry performance in that particular set of metrics.

Alternatively, a customer may prefer to tie risk and reward to their monthly SLA measurements, key business events or overall customer satisfaction measures.

Critically, a risk and reward system should be aligned with the business needs of the customer. The outsourcer, regardless of economic conditions, should be focused on offering true value to the customer.

There is little point in penalising a service provider for failing to meet a response-time service level in a non-critical area of the business or, conversely, rewarding a service provider for meeting a specific availability target if the target has no material impact on the end user's ability to function.

In one successful example of risk and reward the service provider offered to pay the customer the projected savings up front in cash. Then the former got on with reaping the rewards by exceeding the original cost savings estimate. There is nothing like putting your money where your mouth is.

IT services as a sector is still immature in its approach to risk and reward. At a recent customer forum, one of our banking customers asked why service providers did not take a broader view of risk as the banking industry does and price their services by individual transaction rather than by project.

An example might be charging a standard price for all SAP upgrades delivered in a factory mode rather than a different price for each individual customer. Certainly it is an interesting argument and a model that service providers might prefer – if they had the same transaction volumes as banks.

Roger Newman is the UK head of manufacturing and digital convergence relationship management at Mahindra Satyam