Outsourcing may appear to be the perfect strategic

Transcription

1 Successful Approaches for Local Government IT Outsourcing In STRATEGIES AND SOLUTIONS FOR LOCAL GOVERNMENT MANAGERS VOLUME 44/NUMBER Outsourcing may appear to be the perfect strategic sourcing solution for governments that are running out of resources or otherwise having difficulty balancing their budgets. Of the many areas frequently considered for outsourcing, information technology (IT) is generally one that ranks high on the list. Although outsourcing of IT can achieve significant benefits, it is not a silver bullet for solving systemic financial and operational issues such as reducing costs and improving services throughout an organization. Resolution of these two areas requires strategic planning and a clearly defined design in which roles are well delineated for solving these complex problems. To minimize the risks associated with outsourcing of IT, local government managers can benefit from the advice of peers with experience outsourcing IT and the expertise of consulting and accounting firms that have facilitated the execution of strategic sourcing transactions. This InFocus report is a guide to those steps most commonly used by local governments making decisions about IT strategic sourcing. This includes knowing the best way to determine whether outsourcing all IT operations or a portion of IT operations is a helpful option for achieving cost reductions and service improvements.

2 Alignment of business objectives: Should we outsource IT? Local governments today search frantically for financial rescue during an economic downturn that has strangled their budgets and forced layoffs as they face reduced tax revenues and escalated demands for services. Many, already pushed to near bankruptcy, are figuring out how to provide services with less; they are turning to outside sources to provide services at a lower cost while attempting to maintain service levels to keep up with continuously increasing demand. Generally, the justification for outsourcing is to reduce costs, improve efficiency, and leverage external expertise and best practices in order to free up management and other resources so the organization can focus on its core competencies. In practice, the idea works and many local governments obtain significant cost savings by hiring outside contractors or leveraging relationships with neighboring jurisdictions to handle specific tasks such as trash collection and other services that had been performed within a local government s jurisdiction. IT is an area that has received significant attention as an area of opportunity for achieving the benefits of outsourcing. The management of technology can be very timeconsuming and complex. This is why many organizations use third party outsourcing firms to perform these functions so they can remain focused on their primary services to residents and reach accepted goals through the outsourcing process. This report and the content from the Plante Moran webinar on government outsourcing serve as viable resources to government agencies that are making the transition from in-house IT operations to IT outsourcing. Current situation IT outsourcing is a $250+ billion dollar industry projected to grow by 7 percent annually. Key drivers of IT outsourcing are the potential for cost savings, service level improvements, and risk transference. This data coincides with our detailed analyses and findings in working in the governmental marketplace. As IT budgets come under pressure and new technologies are introduced, organizations turn to service providers, both onshore and offshore, to meet more of their needs. For some organizations, the needs are short-term and tactical, enabling the organization to increase in-house capabilities without making long-term commitments or large capital investments. In other cases, the decision to outsource is strategic and follows a careful Dennis Bagley has more than twenty years of experience in the IT industry involving consulting to public sector and other organizations. His experience includes assisting clients in operations and IT initiatives involving strategic sourcing, IT strategic planning, enterprise resource planning (ERP) needs assessment, ERP selection, and contract review and negotiations. He also has significant experience assisting clients with IT assessments with a primary focus on organization, staffing, governance, and application software. Dennis has also been a project manager for major IT initiatives including systems implementation and process redesign. He holds a BS degree in computer science and an MBA from the University of Michigan. Plante Moran provides independent technology consulting for ERP selection and implementation and strategic technology planning projects. They have served government organizations for more than sixty years, and are among the largest consulting and certified public accountant (CPA) firms in the nation. We specialize in helping local governments minimize risk and maximize their investment in technology ICMA

3 analysis predicated on improvement of service levels and/or reduction of costs. The most popular approach is to perform partial outsourcing in which certain IT functions deemed as a commodity or riskier in nature are outsourced while keeping more strategic functions within their control. As a rule, the decision to outsource components or a complete IT function to a third party results from management exploring the possibility of reducing costs or improving efficiencies while focusing on their primary missions instead of managing the details of IT. Local government leaders involved in strategic sourcing should be able to respond positively to these seven questions before making the transition to IT outsourcing: 1. What is the problem we re trying to solve and would outsourcing some or all of our IT operations solve it? For example, is the organization trying to improve service levels, gain access to specific skills, and/or reduce costs? 2. Is the IT infrastructure (e.g., network, servers, datacenter) configured to support outsourcing? For example, is the IT infrastructure using standardized components such as a common manufacturer for network electronics and servers? 3. Is there an IT governance model in place so that accountability and decision making can take place? 4. Is there significant cost savings with IT outsourcing compared to the in-house model even after factoring in transition costs? 5. Are there people in the organization who have the skills and experience to manage IT outsourcing providers? 6. Are there appropriate accountabilities in place to ensure a successful transition to IT outsourcing? 7. Does the organization have political support from its elected officials to proceed with an outsourcing plan that will to some small or large degree privatize functions that until now had been performed internally? Benefits and challenges with IT outsourcing IT outsourcing is more complex and multidimensional than most other types of outsourcing because IT itself is a multipurpose and complex function. Unlike many functions of local governments, IT typically supports all departments across the organization and must provide these departments with solutions and information that require complex data sets from multiple sources. These complexities result in a number of potential benefits and challenges that many governmental entities cite for either pursuing or not pursuing. Benefits Plante Moran s experience with local government jurisdictions shows that when the fit is right, the rewards of outsourcing come in a variety of ways. For example, several client organizations outsourced their systems to take advantage of new features such as group calendaring and to achieve a positive return on investment over a five to ten year time horizon. Benefits of IT outsourcing can include: Reducing IT costs through economies of scale. For example, IT outsourcing providers use centralized data centers to leverage their services across multiple organizations resulting in certain economies; some of which are passed onto their customers as cost savings ICMA

4 Infusing cash by liquidating assets. In some instances, outsourcing providers will purchase assets such as servers, wireless network equipment, etc., resulting in a cash infusion for the customer. Typically, assets are purchased at or below market cost for the depreciated asset. Avoiding or transferring risk. When the criticality of systems exceeds the capacity of the organization to maintain appropriate redundancy (i.e., duplicate systems that kickin when the primary systems fail), oftentimes, the organization will seek the services of an outsourcing provider who can accept and mitigate the risk more effectively. Avoiding cultural issues. If grappling with cultural issues involving elements of an IT organization such as disagreement on strategic direction, sourcing the services to a third party under a mutually agreeable service level agreement can help an organization circumvent these issues. Allowing management to focus on core business competencies. Time and resources that aren t spent keeping up with technology can be put to good use on other important business issues. Creating new technology competencies within the organization while having access to an entirely new breadth of technology and IT talent. IT outsourcing providers will typically bundle services and technology together so that an organization experiences improvements in both. Upgrading the level of service and service quality. Organizations can negotiate service level agreements with IT outsourcing providers that may represent a vast improvement over what they are currently receiving in terms of both level of service and quality of service. Achieving a better return on IT investment. In terms of IT, return on investment refers to the value of services provided versus the cost of these services. Depending on an organization s current portfolio of IT services and cost containment strategies, the return on IT investment can be improved through outsourcing. Keep in mind that optimizing service value is not the same thing as maximizing service levels; e.g., the IT operation may deliver a well-tuned, high functioning software application that does not deliver comparable benefit or worse, over complicates processes. Leveraging the availability of current technology to improve the efficiency and effectiveness of staff operations. Capitalizing on the opportunity to learn about industry best practices in how technology is efficiently managed. Accessing potentially more current and diverse skill sets than would be obtained from hiring new staff or retraining existing staff. IT outsourcing providers typically employ a broad range of specialists whereas it would be cost prohibitive for an organization to do the same. Challenges Plante Moran s experience with local government jurisdictions shows that there are certain challenges to IT outsourcing scenarios that must be properly managed such as: Managing the cultural and other people-related issues inherent with organizational change and transition. When transitioning any services to a third party, management must utilize change management tools and techniques to properly manage expectations of both internal staff and the service provider. Communication from management should be clear relative to how people s jobs are affected during and after the transition. Communication should continue but taper off during the steady state (i.e., typically after six months have elapsed) ICMA

5 Determining relevant costs; new costs can be introduced if changes are required. If organizations actually know their costs in providing IT services, this would be so much easier, but most times they don t. Plante Moran typically recommends a cost of services analysis to pinpoint IT costs before entering into any significant IT outsourcing relationship with third parties. This way, organizations will understand where new costs are being incurred and where costs may be increasing. In the latter case, the organization can make a judgment call as to whether there is an increase in value that is commensurate with the increase in cost. Dealing with the potential negative effects of expected outsourcing efficiencies that never materialize. The bullet above describes how an organization should determine its true cost of providing various IT services before entering into an IT outsourcing relationship. Typically, costs involved in an IT outsourcing relationship can be controlled to maintain the status quo by fixing costs and annual increases. Furthermore, negotiating anticipated fees for project related work up-front and including them in the contract can help to control longer term costs. However, costs can spiral out of control if service enhancements and statements of work (SOWs) are needed to perform unanticipated upgrades and/or implement new or enhanced systems. For these, the organization should try to fix rates and rate increases, and insist on staying involved during contract negotiations with any third party vendors to avoid exorbitant markups on software licenses, etc. Unfortunately, if these measures are not taken during negotiations, the organization has limited leverage, especially in long term contract situations (e.g., ten or more years). Dealing with the potential negative effects of performance issues. The cornerstone of any IT outsourcing relationship consists of a trusting relationship backed by a wellplanned and mutually beneficial agreement with a series of schedules encompassing a variety of services and SOWs that are tailored to the organization s unique requirements. For example, there may be a statement of work (SOW) to replace the organization s current ERP system. However, if expectations are not met, the organization must have a well-defined escalation process to remedy any issues and defaults. In addition, an exit strategy that serves to avoid expensive litigation and cause minimal disruption to the business is required. Avoiding erosion of accountability and transparency over time. It is imperative for organizations to continually monitor performance and actively manage any IT outsourcing relationship. Insist that the IT service provider delivers at least quarterly, preferably monthly, performance reports comparing actual to expected performance levels. For example, system up-time should be established at 99 percent or above. If the service provider s performance consistently falls below goal (e.g., 3 months in a row) the contract should include performance credits that compensate the organization for any productivity losses and/or incremental costs due to the performance issue. Managing the agreement and organizational resources (in some cases). As stated earlier, the organization should actively manage their chosen service provider through the lens of the agreement and reasonableness. The reasonableness attribute is often written into the agreement in certain places to provide allowances for services that are not covered through a SOW. For example, a software as a service (SaaS) provider may provide a certain number of hours (e.g., four to eight hours) to configure reports as part of an incident versus charging extra for this service. Active management means at least monthly meetings with both technical and non-technical resources to discuss performance during the previous period along with planned enhancements, upgrades, and projects. It is also wise to develop relationships with other organizations using the same service provider to discuss their experience and any service issues. In many ICMA

6 cases, the service provider will actually host an annual conference or other user group meetings to benefit from any service enhancement ideas. Assuring that over time there is no loss of control over resources and/or technology direction. As with any initiative or project, involved parties need to routinely check in with each other to monitor progress against goals and make adjustments as needed. Internal accountability is every bit as important, if not more so, in a situation where functions are being outsourced. Experiencing loss of in-house expertise and distinctive competencies. When outsourcing routine or commoditized services such as data center management, desktop support, etc., organizations typically don t lose much in the way of valuable institutional knowledge and related competencies. However, when other services such as business analysis, application development (i.e., programming), application support, etc., are outsourced, valuable intellectual knowledge can be lost. For example, when replacing custom software with a packaged solution, organizations should strongly consider retaining some programmers and analysts to fulfill application support and maintenance positions that are likely to be required. Some re-training may be necessary. Experiencing potential lower level of services and loss of flexibility; may be locked into older technology. Careful attention should be paid to the level of service desired during contract negotiations and how they will be maintained to acceptable levels. However, in some instances it is difficult to replicate the personal attention inhouse IT staff provides. Organization staff may grow accustomed to this personal level of service, which is atypical of many relationships that are governed by service level agreements and driven by cost containment and profit. This does not mean that service providers do not deliver to expected performance levels since most do. However, there is oftentimes an inherent loss of flexibility and personal touch that cannot be avoided in an outsourcing situation. Understanding the scope and ramifications of the outsource agreement. Most outsourcing arrangements are not easy to reverse in the sense that significant time and analyses have been invested to determine the viability of outsourcing. That, coupled with the cost of actually making a technology and management transfer, amounts to a substantial cost that one would not reverse on a whim or indiscriminately. How to decide what parts to outsource IT outsourcing options According to the research firm Gartner, there are several strategic sourcing models. These range from internal delivery to full outsourcing and support for specific towers of service. Some models involve strategic partnerships with other local government organizations while others include selective sourcing of providers to achieve best results. Each of the IT strategic sourcing models has its strengths and weaknesses. Which model is ultimately chosen depends on management s capacity to tolerate risk, vendor management capabilities, cost, and what the organization considers as its core competency. The following list defines some of the outsourcing models that exist: Internal delivery. This model defines the current status of most organizations IT or process operations. It refers to organizations whose IT staff are employees (although some functions are outsourced) and focus on staff augmentation for certain projects and applications running in the cloud. For example, citizen relationship management (CRM) or may be hosted in the cloud ICMA

7 Shared services. This refers to a centralized (onshore or offshore) service organization; e.g., provider of managed help desk and/or network services, delivering IT services or business processes for an organization, etc. Full outsourcing. A single contract with one provider for the full scope of services. Joint venture. A separate service company built and co-owned with an external service provider (or other client organizations in case of consortium), which is expected to provide management and expertise. For example, an authority is established to provide disaster recovery and security services for several local governments. Best-of-breed consortium. A group of external service providers with a lead provider established for a large contract. Selective outsourcing. Separate outsourcing contracts for selected IT functions or business processes, using a best-of-breed tactical approach and competitive deals. Prime contractor. Provides management and integration of multiple service providers to derive a single or global solution or service. All of these models have distinct advantages and disadvantages, and exist in the marketplace to accommodate a variety of management needs relative to the delivery of IT services within their organization. Organization leaders need to understand which strategic sourcing models are best aligned with the organization s overall objectives. Ideally, organizations would explore each option once they have determined what services to consider. Through an exploratory process, the organization should define what their requirements are and discuss the various delivery models with existing local governments, consortiums, joint ventures, and service providers. A more formal request for information (RFI) process can be used to gather information and attempt to make an apples to apples comparison. Such a process may eliminate one or more options before face-toface meetings are held to explore options more in-depth. Ultimately, whichever option is chosen must align with the overall objectives of the organization. For example, if an organization wants to support local businesses, they would not want to consider an IT strategic sourcing option that involves off-shoring work. Towers of service When defining IT functions during strategic sourcing, it is important to clearly define the services and expected service levels to establish an expectation with responding vendors as to what is required. It is common to define services organized by towers of service with the following information defined for each tower: Tower objective Base scope of services (in-scope and out-of-scope) Service levels Key assumptions. The following figure illustrates typical IT services organized by major area including: IT strategy and leadership involves services that guide the IT organization in accordance with the IT governance structure. This service ensures that the organization s IT resources are optimized and IT delivers the highest possible value. It is typically the responsibility of the CIO or other IT leader. IT planning and project management involves services that plan for use of resources in support of the IT strategy. Typically, there are project management services whereby a project manager is assigned to oversee projects so that they re delivered on-time and within budget ICMA

8 SaaS/hosted applications include SaaS and hosted application services, typically provided by a third party, that include bundled software, hardware, and services delivered primarily over the Internet. Applications include services around software applications that typically include application development, application maintenance, and application support. Application development has evolved from an in-house provided service to one that is provided by software vendors through application software licensing. Maintenance services are typically provided in these instances as well. However, oftentimes, organizations provide their own application maintenance and support services to the end users. These services typically involve installing/testing software updates and providing end user assistance through configuration, training, and troubleshooting. General support services include help desk, desktop support, and database administration. These services are the most visible to the majority of end users. A customer service orientation is essential. Infrastructure services include data center operations, IT security, and network operations. These services are the least visible to the majority of end users; however, without these services, systems simply would not work. These services represent the back office operation of IT. Disaster recovery services provide the necessary redundancy in the event systems fail due to unplanned events such as power outages, floods, tornadoes, security breaches, or other incidents. Ideally, disaster recovery supports a business continuity plan which describes the processes for recovery in the wake of one of the aforementioned incidents to ensure minimal business interruption. IT Governance IT Strategy and Leadership IT Planning and Project Management SaaS/Hosted Applications Applications Application Development Application Maintenance Application Support General Support Help Desk Desktop Support Database Administration Infrastructure Data Center Operations IT Security Network Operations Disaster Recovery In House Outsourced Partially Outsourced ICMA

9 Any one of these elements could be outsourced or partially outsourced. Typically, organizations want to know which services are provided within each tower of service. Developing a list of these services, along with current and desired service levels (e.g., what will success look like?), is a good first step in identifying which services the organization should consider for IT strategic sourcing with the caveat, of course, that it has already been identified as a solution to whatever the central problem to be solved is. Organizations typically get in trouble because they don t keep the end goal in mind. Service portfolio It is generally necessary to drill down to identify the specific services within each tower of service. This level of specificity facilitates development of solid service level agreements (SLAs), performance measures, and activity costs. The following figure provides a sample list of services provided within typical help desk and desktop support service towers, followed by sample performance metrics. Sample Towers of Service: Help desk and desktop support service portfolios Help Desk Problem resolution (basic and advanced) Incident management Knowledge base development and maintenance Service request processing Generation and analyzing customer satisfaction surveys Change management repository Asset management Break/fix services Software distribution Image management Desktop Support Desktop hardware specifications and procurement MAC work (moves, adds, and changes) Hardware refreshes The following figure shows examples of service level or performance metrics that can be used to measure the effectiveness of IT services. Identifying the measure of the actual service level being provided is as important as defining the goal. The actual measures are typically recorded on a monthly basis. In the example below, the actual measures sometimes exceed goal, while in others, the actual measures fall below goal. Each service level agreement (SLA) is unique based on the organization s needs. For example, incident response time for public safety systems would likely need to be higher than those for the human resources systems. Sample Performance Metrics Performance Metrics Goal Actual Incident response time Urgent severity 15 minutes 14 minutes Incident response time High severity 15 minutes 21 minutes Time to resolve Urgent severity 4 hours 2.25 hours Time to resolve High severity 12 hours 11 hours Tickets resolved first contact 25% 50% Annual client satisfaction score (out of 5.0) Performance metrics are important because they establish clear, quantifiable goals with respect to IT services. Often, service level goals are established to support the overall goals and objectives of the local governments. For example, network up-time for computer-aided dispatch (CAD) may be set at 99.9 percent due to the critical nature of CAD for public safety such as emergency medical service (EMS), and police and fire services ICMA

10 IT outsourcing readiness It is vitally important for the local government to understand where it sits relative to two dimensions before making an IT outsourcing decision: service definition and performance metrics. The following illustration highlights the four major quadrants relative to IT outsourcing readiness. The illustration shows how clarity relative to service definition and performance metrics ultimately leads to a greater chance of success with respect to IT outsourcing, while imprecision or lack of clarity presents risks. IT Outsourcing Readiness Detailed Metrics; Communicated Regularly Performance Metrics Risk of Outsourcing the Wrong Services Weak Candidate for Outsourcing Strong Candidate for Outsourcing Risk of Overpaying for Outsourcing No Metrics Nebulous; Lacking Specificity Service Definition Clear and Well Communicated Once you can clearly articulate what you want and objectively evaluate the quality of the service, then your odds of a successful venture greatly increase. Cost of service A frequent question asked of consultants in many IT assessment engagements is how much IT services cost. Local governments need to understand the costs to establish performance benchmarks that contribute to the decision making related to outsourcing. Important cost measures include: An assessment of the value received from such services (versus cost). How costs of service provided internally compare to the costs when provided by the private sector or by other local governments. How costs can be allocated to various departments that consume IT services ICMA

11 Typically, the best way to determine cost of services is to determine how the major IT cost components are distributed among the various towers of service. In most IT departments, costs typically fall into five major buckets: 1. Salaries and benefits 2. Indirect costs (e.g., software maintenance for enterprise applications) 3. Direct costs (e.g., software maintenance for specific departmental applications) 4. Overhead costs 5. Refresh (or depreciation) relative to capital purchases. Plante Moran follows an activity-based costing model to demonstrate how IT costs are distributed among the various towers of service and how these costs compare to other local governments as well as the private sector. Local governments that have determined their costs of services for IT are then in an optimal position to determine how these costs can be allocated among departments that consume these services and what potential cost savings can be achieved if the organization were to outsource specific towers of service. The following table provides two examples of how understanding costs of IT services can be used to determine potential savings through outsourcing. In any analysis, transition costs should also be factored in along with consideration of soft benefits and challenges such as those mentioned previously. Sample City IT Outsourcing Analysis, Net Present Value Scenarios (5 years) Service Level Metrics* Data Center Operations Desktop Support Current Annual Cost Number of Devices Annual Cost/ Device Annual Cost to Outsource/ Device Potential Savings/Device $1M 350 Servers $2,857 $1,800 $1,057 $2.1M 2,500 Desktop/ Laptop $840 $600 $240 Using the above example, in an organization with 1,000 devices, the potential annual savings through outsourcing data center operations would be $1,057, ICMA

12 To further illustrate, this chart shows a sample net present value (NPV) of outsourcing specific towers of service over five years. $2,500,000 $2,000,000 $1,500,000 $1,000,000 $500,000 $- NVP (without transfer of assets) Greatest Absolute Value NVP (without transfer of assets) NVP (with transfer of assets) Greatest Absolute Value NVP (with transfer of assets) $(500,000) $(1,000,000) $(1,500,000) $(2,000,000) $(2,500,000) Tower How to outsource IT Steps for outsourcing IT for local governments The process of going through an effort to outsource one or more technology functions should be deliberately laid out, as the organizational impacts and opportunities for challenges along the way are significant. Consider the following steps when approaching the decision of whether IT should be outsourced. IT outsourcing steps Step One: Establish a team As manager or chief administrative officer of your jurisdiction, you should establish a team to study IT outsourcing. Ideally, this is a team that is already an integral part of an overall IT governance structure and process. The importance of this team is to ensure all managers who have a need for IT services are represented. Each manager s specific needs should be balanced against the overall needs of the organization to ensure value. Step Two: Conduct a feasibility study The primary goals of local governments are to lower or at least maintain operational costs while improving operational efficiencies and expanding services to residents. With this in mind, start by studying the feasibility of IT outsourcing that is, compare the competitiveness of the existing operation to an outsourced arrangement. One of the important exercises management must perform before doing a feasibility study is a cost-of-service analysis, which identifies the organization s current cost of doing services. Plante Moran recommends a three- to six-month period to study these ICMA

13 costs to make sure they are as accurate as possible. An appropriate evaluative measure is to determine the NPV of outsourcing certain IT functions versus retaining the functions in-house. A positive NPV is indicative of a favorable outsourcing situation. Once the feasibility study is complete, the organization can, along with consideration of the benefits and challenges described earlier, determine the best course of action for outsourcing. Step Three: Create a communication plan The local government should develop a communication plan, keeping the human resources department in the loop, to inform those who could be impacted by the change: Local government employees Residents Local government officials Local government vendors. The local government organization should manage expectations for different public stakeholders as change takes place. Some possible approaches for communication include newsletters, blasts, outsourcing vendor reports, and the like. The importance of this plan is somewhat dependent on the scope and magnitude of outsourcing that is being considered. Some local governments decide to outsource certain functions such as help desk or perhaps leverage staff augmentation services while other local governments conclude that outsourcing of the entire IT function is appropriate. In the latter case, the need for developing a communication plan directed toward all impacted stakeholders becomes even more critical. Still, it s wise to never minimize the value of clear, consistent, and frequent communication about any change. Step Four: Issue a request for proposal and select a vendor or vendors The request for proposal (RFP) should clearly define the business requirements and objectives the local government hopes to accomplish through outsourcing. It should also include detailed information regarding the current IT technical and support environment so that responding vendors are afforded the ability to conduct an analysis to determine the condition of the IT infrastructure and current staff levels in place. During the solicitation process, the organization should perform an analysis to determine each vendor s ability to meet the objectives and provide the best value. Sample questions could include: What is the transition process? What are the guaranteed incident response times? What experience does the vendor have with similar sized organizations? What is the escalation process for non-performance situations? After finalists are chosen based on the best value options, the organization must perform due diligence of the finalists to determine the best fit. This due diligence may include a series of meetings, reference calls, and site visits to fully understand the capabilities of each vendor. Further refinement of scope and cost may occur during due diligence and the organization may choose to solicit a best and final offer (BAFO) to solidify pricing based on a defined scope of service. The team should prepare a pricing analysis to understand the financial impact over the duration of the proposed contract (e.g., five to ten years) ICMA

14 Step Five: Negotiate contract and prepare statement of work The contract developed between the local government and selected outsourcing vendor is a very critical step in ensuring that proper protections are provided to the local government during the transition, for ongoing support, and for potential turn-back of the services either internally or to a different outsourcing provider. A significant number of contract provisions will need to be identified and assessed for inclusion in the contract that is linked, as needed, to the SOW. The SOW is a formal document that captures and defines the work activities, deliverables, and timeline a vendor will execute against in performance of specified work for a client. Detailed requirements and pricing are usually included in the SOW along with standard regulatory and governance terms and conditions. Areas that are typically addressed by a SOW include: Purpose: Why are we doing this project? is the question that the purpose statement needs to answer. Scope of work: This describes the work to be done in detail and specifies the hardware and software involved, and the exact nature of the work to be done. Work: This describes where the work is to be performed. This also specifies the location of hardware and software and where people will meet to perform the work. Service level: This describes the service levels or performance metrics that the vendor will be held accountable to throughout the course of the contracting period. For example, performance metrics typically include incident response times, network performance (e.g., up time ), customer satisfaction, etc. Period of performance: This specifies the allowable time for projects, such as start and finish time, number of hours that can be billed per week or month, where work is to be performed, and anything else that relates to scheduling. Deliverables schedule: This part lists the specific deliverables, describing what is due and when. Applicable standards: This describes any industry-specific standards that need to be adhered to in fulfilling the contract. Acceptance criteria: This specifies how the buyer or receiver of goods will determine if the product or service is acceptable, and what objective criteria will be used to state the work is acceptable. Special requirements: This specifies any special hardware or software; specialized workforce requirements, such as degrees or certifications for personnel; travel requirements; and anything else not covered in the contract specifics. The negotiated contract defines the terms and conditions under which the outsourcing arrangement will function and is essential in providing legal and price protections for the local government. Among the elements that need to be addressed in the contract are the following: Term of the contract including initial term and options to extend Services defined in the SOW as well as new services that will likely arise during the course of the contract Vendor and client roles and responsibilities Service levels Ownership of any data that are transmitted or created Performance reports and their frequency Vendor personnel ICMA

15 Fees and payment terms Limitations of liability and damages Warranty Dispute resolution Termination Disentanglement services Step Six: Initiate transition A number of activities will be required to transition from an in-sourced solution to an external provider that will require dedicated time by local government staff to perform. A complete transition typically takes as little as three months to as long as twelve months to occur but is largely dependent upon the scope of what is being outsourced. It includes the following areas of transition: Current employees Existing assets Contracts and agreements Knowledge transfer Establishment of performance measures for on-going vendor performance to defined SLAs Planned technology-related projects Change management controls Implementation of new IT tools and procedures Establishment of performance measures for ongoing vendor performance to defined SLAs Planned technology-related projects Change management controls (i.e., process governing changes and upgrades to the IT environment) Implementation of new IT tools and procedures Establishment of financial management processes and procedures Final hand-over to the new outsourcing provider. Vendors responding to an RFP should be able to clearly articulate and explain their transition process to provide a seamless and smooth transition ICMA

16 The following chart shows business areas and/or functions typically selected to outsource. Common Areas/Functions to Outsource IT Service Desk 50% WAN Telecom (exc. transmission) 50% 50% Application Development End User Computing File/Print Services Application Support Data Center Mainframe Services Data Center Application Servers /Messaging LAN 50% 50% 50% 50% 50% 50% 50% 50% Percentage Conclusions Based upon our experience helping local government organizations procure an IT sourcing provider, Plante Moran identified a few key tenets to keep in mind during the process: Take the time to gain knowledge of the vendor marketplace and what types of services they offer. Define the specific goals and objectives that you are trying to achieve through an outsourcing arrangement. Understand the politics associated with your decision to outsource. Involve human resources early in the process to address staff fears about the project. Establish a selection committee made up of key leadership and IT stakeholders. Ensure that the services you are requesting are clearly documented. Negotiate a strong contract that includes conditions for transferring IT services back in-house or to another provider. Make sure the final contract contains a clear and comprehensive statement of work as well as transparency regarding what services you re paying for. Establish a very strong governance structure during transition. Outsourcing has become a viable option for local governments looking to retain a specific level of IT services despite increasing financial pressures. Care should be given when embarking on an outsourcing project with many factors playing into the decision to outsource and the execution of an outsourcing transaction. If managed well, the benefits of outsourcing a portion or all of an IT function can be significant ICMA

17 Appendix: Sample Table of Contents for IT Outsourcing RFP 1. Introduction Intent Deadline for Proposals Requirements for Signing Proposal Preparation of Proposals Proposal Format Bidder Response Forms Consideration of Proposals Basis for Award Award of Contract Vendor Evaluation Process Intent to Propose Pre-Bid Meeting Statement of No Proposal RFP Clarifications Advice of Omission or Misstatement Bonding Requirements Individual Sections Confidential Information Non-Disclosure of Proprietary Information Tax Exempt State Reserved Rights Advertising Trademarks Right to Request Additional Information Right of Refusal Proposal Preparation Costs Pricing Eligibility Period Additional Charges Purchase Quantities Rights to Pertinent Materials Insurance Requirements Extension of Pricing Background Information Executive Overview City IT Background Current IT Staffing and Support Environment [VENDOR] Support Intergovernmental Agreements Departmental IT Support Geographic Information Systems (GIS) Support Other External IT Support IT Governance Committees Current Technology Environment Hardware Environment Seat Refresh Model Evolvement Desktop Hardware and Software Standards Server Hardware and Software Standards ICMA

18 2.4.2 Software Environment Business Application Software Environment Other Software Environment Specific Software Systems Support Credit Card Processing Environment Storage Environment Networking Environment Background Information Current W-WAN Equipment and Configuration Other Wireless Communications Networking Standards Telecommunications Environment Radio Services Environment Alarm and Audio Visual (AV) Environment Printers, Copiers and Fax Machines Other Technologies and Systems IT Projects Technology Request Process Strategic Technology Plan Initiative Roadmap Current and Planned Technology Initiatives Demand Management IT Policies and Procedures Scope of Work Service Request Management Service Priorities Performance Tracking and Reporting Penalties After Hours Support Problem Escalation Procedures Service Level Changes Scope of Services Tower #1 - Technology Administration Sub Tower - Overall Administration Sub Tower - Technology Advancement Sub Tower - Budgeting Sub Tower - Documentation Sub Tower - Reporting Sub Tower - Systems Management Sub Tower - Security Procedures Sub Tower - System Recovery Tower #2 - Data Center Services Sub Tower - Data Center Management Services Sub Tower - Server Management Services Sub Tower - Storage Management Services Tower #3 - Audio/Visual Production and System Services Tower #4 - Application Software Services Sub Tower - General Applications Support Services Sub Tower - External Web Site Management Services Tower #5 - Electronic Mail Services ICMA

19 3.2.6 Tower #6 - Help Desk Services Tower #7 - Radio Services Sub Tower MHz and Remote Entity Radio System Services Sub Tower - Wide Area Network (WAN) Services Sub Tower - Other Radio Services Support Tower #8 - Network Management Services Sub Tower - Network Services Sub Tower - Network Security Sub Tower - Alarm and Security System Services Sub Tower - Telecommunications Services Tower #9 - Field Services Sub Tower - Networked Fax, Copy and Print Services Sub Tower - Workstation Support Services Sub Tower - Specialized Hardware and Equipment Services Scope of Services Compliance Checklist Services Compliance Exceptions Master Service Agreement ARTICLE I - AGREEMENT STRUCTURE AND DEFINITIONS Definitions Captions, References and Construction Order of Precedence Incorporation by Reference Neither Party Considered Drafter Approvals and Cooperation Identification of Parties to the Agreement Clause Entire Agreement Agreement Extension and Modification Clause Applicable and Governing Law Clause ARTICLE II TERM Initial Term Options to Extend Fees During Extended Terms ARTICLE III - SERVICES Services Service Towers/Statements of Work Transition Services Non-Recurring Initiatives Multi-Vendor Environment Change Management Non-Exclusive Relationship Suspension of Work Article IV - New Services Work Order Proposal for New Services Approval of Work Orders Competing Bids No Refusal to Provide New Services ARTICLE V - VENDOR RESPONSIBILITIES Equipment Software ICMA

20 4.5.3 Documentation Licenses and Permits Knowledge Transfer and Best Practices Technology and Process Evolution Services Compatibility Reports Data Protection and Privacy Strategic / Business Planning and Process Implementation Consents Acceptance Testing Business Continuity and Disaster Recovery Plan Disaster Avoidance ARTICLE VII - SERVICE LEVELS Service Levels Root-Cause Analysis and Resolution Service Level Credits and Service Level Credit Offset Continuous Improvement Notice of Adverse Impact ARTICLE VIII - SERVICE LOCATIONS Service Locations Safety and Security Procedures Furniture, Fixtures and Equipment Vendor s Responsibilities Regarding Facilities Physical Security Employee Services Use of Vendor Service Locations Shared Environment ARTICLE IX - [CLIENT] RESPONSIBILITIES Obligations Strategic Control Exceptions to Vendor Obligations ARTICLE X - VENDOR PERSONNEL Vendor Key Employees Removal and Replacement of Vendor Personnel Minimum Proficiency Levels and Training for Vendor Personnel Supervision and Conduct of Vendor Personnel Compliance with [CLIENT] Rules Vendor Personnel Are Not [CLIENT] Employees Other [CLIENT] Requirement Regarding Vendor Personnel [CLIENT] Employees Equal Employment ARTICLE XI - MANAGEMENT AND CONTROL [CLIENT] Information Technology Director [CLIENT] Personnel ARTICLE XII - DATA Provision of Data Ownership, Use and Return of [CLIENT] Data Safeguarding [CLIENT] Data Electronic Incident Reporting Information Security Review ICMA