Managing Supply Risk for "Virtual Goods"
When it comes to supply risk, it's not too difficult to make the argument that managing physical supply chains -- especially those which are global in nature -- is more challenging than securing ones involving "virtual goods" such as IT and call centers. Why? Because on top of quality, performance and general IP risk, physical supply chains are subject to a range of additional disruptions and risk elements (e.g., logistics delays). But that's not to say that managing supply risk involving "virtual goods" like outsourcing is a walk in the park. In fact, outsourcing contracts can create significant supply exposure for companies who don't take the necessary steps to proactively manage risk. Global Services, a CMP publication, published a good article recently that outlines how companies can think about managing outsourcing risk.
The article argues that companies primarily need to focus on "operational disruption risk, data risk, quality risk and reputation risk" when it comes to thinking about outsourcing supply risk. I won't spoil the rest of it for you, but if you are involved in outsourcing decisions or supplier management in the IT arena, it's a quick read that very well might prove invaluable in structuring and managing supplier agreements and performance to improve outsourcing results while reducing overall business risk.
- Jason Busch
The article argues that companies primarily need to focus on "operational disruption risk, data risk, quality risk and reputation risk" when it comes to thinking about outsourcing supply risk. I won't spoil the rest of it for you, but if you are involved in outsourcing decisions or supplier management in the IT arena, it's a quick read that very well might prove invaluable in structuring and managing supplier agreements and performance to improve outsourcing results while reducing overall business risk.
- Jason Busch
To start with, procured services have some unique risks during the delivery cycle:
- Many services involve personnel coming onsite to your facility, raising security and safety risks. Temporary workers and consultants often have login credentials, company assets, and security badges that have to be tracked closely to manage these risks.
- With temporary workers, it's also important to track the worker's performance on past assignments to further reduce risk - for example, tracking if the worker had past safety violations or caused errors in a high-risk environment like health-care.
- With some services it's very difficult to specify quality and acceptance measures - e.g., legal services, marketing services - often requiring ongoing oversight to manage performance risk.
- While the IP risks of goods are typically isolated to the product's design, outsourcers usually have access to company-confidential and customer information to perform their work, significantly raising the risk of confidential information disclosure and fraud.
In addition, sourcing of services also has some interesting risks:
- Some types of services have many unknowns at sourcing time - for example, the exact mix or skills required for temporary workers over the course of a contract, or the exact system specifications for a software development project. Some early outsourcing contracts also over-specified the services to be delivered over a long timeframe, resulting in spectacular outsourcing relationship failures.
- This can lead to a mismatch between deliverables and billing with services - you contract for a software application deliverable, but you pay for the offshore development team by the hour. This drives the need for extra ongoing performance risk management throughout delivery.
Best regards - John Martin, IQNavigator; www.buildingsaas.com