Outsourcing a function of your organization may make sense – perhaps you have difficulty in retaining or hiring the talent required to meet all of your organization’s needs, or perhaps your team is overworked and the organization could benefit from allowing a third party (e.g., an information technology company) to perform a routine function such as ensuring uptime for your servers and laptops or to take on more complex requirements such as hosting sensitive data and managing infrastructure and internal/external applications.
The success of an outsourcing initiative is dependent on a number of factors, including:
- organizational maturity and experience working with vendors, including whether management is able to monitor the supplier’s performance and whether appropriate governance is in place;
- internal reorganization of work ownership, including whether employees’ job descriptions and performance metrics are appropriately revised; and
- level of support for the mandate, including whether all levels of management are committed to use of the service provider or whether shadow teams continue to exist internally that undermine the organization’s confidence in the outsourcing team.
Organizations deciding to outsource a function will have to grapple with these and other important variables and, in addition to understanding their own competencies and processes, would be well served by focusing on some key items in respect of their supplier.
A. Great (but Clear) Expectations
A fundamental step in your outsourcing initiative will be to capture sufficiently the full scope of work involved. An experienced supplier should not shy away from detailing both its own and your organization’s expectations and responsibilities in the form of a written and detailed description of services and project plans as well as a list of dependencies. In practice, service descriptions are often inadequate and full of industry jargon that is unclear to clients. This can lead to relationship friction and cost uncertainty due to scope creep as well as a mismatch of expectations regarding deliverables. Organizations which engage various internal departments (e.g. finance, the specific lines of business being served by outsourcing, and IT) early in the process of defining scope and vetting a supplier’s service descriptions are less likely to be frustrated by scope mismatch after the contract is executed.
B. Supplier’s Ability to Address the Big Stumbling Blocks
Organizations can face a number of important external stakeholder requirements, including, for example, data handling, audit, privacy, confidentiality, and security. Certain sectors (e.g. health care) are heavily regulated and organizations within these sectors must comply with stringent rules, particularly in respect of data management and security, on top of existing provincial and federal legislation (e.g. in regards to privacy, the Personal Information Protection and Electronic Documents Act). Given that your organization must comply at all times with all applicable laws and rules, regardless of whether it outsources an aspect of its operations, it is vital to ensure that agreements with suppliers clearly outline the various rules and regulatory requirements which are critical to the organization and which apply to the service provider in turn. Ideally, your prospective supplier has already provided services in your organization’s niche and has a thorough compliance program applicable to you. Don’t take your prospective supplier’s word for it though – take the time necessary to understand the prospective supplier’s competencies in this regard by interviewing its current and past customers and reviewing the processes the supplier has in place. Your due diligence will be important – budget sufficient time for associated activities in the process of supplier selection.
C. Covering Risk
Legal, financial and operational risks will differ depending on the scope of work involved in your initiative. A thoughtful combination of service level agreements, indemnification and liability caps, and terms applicable to transitioning suppliers in the future should address a number of key risks inherent in an outsourcing initiative. In the event that a dispute occurs as a result of the outsourcing, risk related clauses will be highly impactful for an organization. It is therefore no surprise then that these clauses tend be heavily negotiated and should likely remain open to revision until all other items in your services agreement are set. It also helps to recognize that, while suppliers will and should differ in their approach to negotiation (e.g. a cloud vendor providing hosting services will likely insist on a homogenous treatment of clients versus a supplier who will be on-site at your premises), there is no good case for a blanket acceptance of a supplier’s template contract language, particularly if unique regulatory obligations apply.
Assessing execution risk is a slightly more challenging task and may require significant leg work and financial resources. While larger organizations may send individuals in the pre-contract phase to audit key facilities of a supplier and to inspect vulnerabilities and compliance with the client organizations’ policies, smaller organizations may need to rely to a greater extent on contractual representations and warranties, combined with other artifacts (e.g. certifications) issued by the supplier for their peace of mind.
Given competing priorities that organizations must juggle, outsourcing can have significant appeal, particularly when a supplier can save an organization money or help alleviate other important pain points. Before your organization jumps in to a relationship with a supplier, it is best to ensure you have devoted sufficient time to: (i) auditing your organization’s existing abilities to manage the relevant initiative, both pre and post contract; (ii) closely examining the supplier; and (iii) ensuring that your contract is well suited to the initiative and matches your risk tolerance.
Miller Thomson is often retained to provide advice on the outsourcing contracts of our non-profit clients.