The recent plight of 2e2 has illustrated once again the reason why, even with the most ironclad of contracts in place, organisations that outsource some or all of their IT provision must do their best to mitigate outsourcing risk.
Ensuring the service provided is fit for purpose and cost-effective isn’t enough as potential service providers must also be vetted to ensure they’re a safe and sensible choice. The items below serve as a checklist of items to consider when vetting potential service providers.
- Is the service provider financially robust?
If you are looking to form a strategic partnership with another organisation, it makes sense to ensure that they are currently stable, profitable and have the resources required deliver what has been agreed in the service contract. Similarly, the service provider should have in place professional indemnity insurance sufficient to be able to cover an alternative support contact if the worst happens and they go bust.
- Is the service provider referenceable?
Asking to speak with reference sites similar to your own organisation both in terms of the industry you’re in and the technology you use will enable you to gauge how effective the service provider is likely to be in supporting your environment. Similarly, if the service provider can’t provide reference sites, either your environment is likely to be a new challenge for them or they don’t have any sufficiently happy customers to put you in contact with. Either way, you’re trusting that they’ll be able to do what they say without verification from a third party.
- Can you be confident the service provider will exist tomorrow?
There are a number of checks that can be made to establish the likelihood of a potential service provider being around in a year’s time. The most simple is to check that they’ve been around long enough for you to be confident they aren’t going to be gone tomorrow. As an example, in December 2012, the Office of National Statistics released figures indicating that the average 5 year survival rate of UK businesses is 45%. If a business has been around double that, or better yet, 3 times that, you can be fairly confident that they’re well established and have successfully proved themselves capable of adapting to change and weathering storms.
- Can you be confident of the service provider’s internal processes and quality standards?
Every industry has independently verified accreditations which are designed to provide assurances that an organisation’s internal processes are robust and well thought out. As an example, if you’re looking to outsource any handling of data to an external party, you should be sure that their internal processes are designed to protect the security and integrity of your data. Similarly as a service provider, their internal processes should have the aim of consistently improving the quality of the service they provide.