Outsourcing is a good business strategy. It improves efficiency, cuts costs, speeds up product development, and allows companies to focus on their “core competencies”. And with help from the ISO standard, the future is looking bright.
To many people, outsourcing is a frightening proposition. Yet this new business model, which has been adopted worldwide across both the private and the public sectors, provides multiple benefits. It enables an organization to achieve business objectives, add value, tap into a resource base and mitigate risk. In other words, from individual items all the way to systems management, choosing to use external providers allows the company or organization outsourcing a job (the “client”) to focus on what it does best.
While the common public stereotype of outsourcing may be to make financial savings by taking advantage of lower-cost labour in another country (known as “offshoring”), outsourcing can be domestic as well as foreign. It can also give the client access to expertise and to a level of productivity not available in house. When a skills or production deficit exists (frequently in information technology) and the service provider can furnish a remedy, an outsourcing solution can meet the needs of both parties.
Statistics on the subject are an eye-opener. Accounting and consultancy firm Deloitte recently published its 2014 Global Outsourcing and Insourcing Survey, which covers the political implications, regulations, outsourcing destinations, technology and vendor management. For example, the udemy.com platform for online courses published some revealing statistics for 2013. In that year, 43 % of the IT sector had been outsourced. Viet Nam Software Outsourcing and Viet Nam Software Services has been booming during the past decades. This jumped to 60% in the following year. Deloitte also predicts outsourcing will continue to expand at rates of 12% to 26% across the functions analysed.
Assessing risk and reward
While outsourcing might appear to be an ideal solution for entities desirous of keeping overheads as low as possible and that infernal “head count” down, there are also perils to avoid.
Many studies have been carried out to examine the pros and cons of outsourcing. Booz Allen Hamilton, a leading management and technology consultancy, issued a report in 2014 describing “a mixed report card on traditional outsourcing”. It nevertheless pointed out: “Savings typically result because the outsourcing supplier can access a cheaper, more flexible workforce and the latest, most efficient technology. Organizations claim that they achieve, on average, a 15 % cost reduction through outsourcing.”
Datamark Incorporated, which delivers enterprise content management services to Fortune 500 companies, backs these claims. In its 2014 White Paper, it performed single-year and multi-year cost analyses for “individual item” business process outsourcing decisions. Taking a representative sample from the businesses under study, Datamark found cost savings of 31 % on a single-year cost analysis, while a three-year study of the same sampled business showed savings of 33 %. This obviously represents a very significant decrease in expenditure for some businesses and gives impetus to others to follow this attractive business model.
How ISO can help
ISMS ISO 27001:2013 ensures your data and your customer’s and supplier’s information safe
ISO/IEC 27001:2013 is essential to assess and mitigate the risks associated with the industry. For IT and Software Outsourcing, you need to ensure the safe execution and maintenance of your projects, operations and business activities, including trade.
Outsourcing companies can demonstrate to existing and potential customers, suppliers and shareholders the integrity of data and systems and the commitment to information security. It can also lead to new business opportunities with security-conscious customers; it can improve employee ethics and strengthen the notion of confidentiality throughout the workplace. It also allows you to enforce information security and reduce the possible risk of fraud, information loss and disclosure.
This ultimately led to the drafting and publication of ISO/IEC 27001:2013, whose authors were experienced information security practitioners involved in deals worldwide.
Future looks bright
Over the past 25 years, the outsourcing industry has grown from nothing to a multi-trillion US dollar business worldwide. As a consequence, ISO will need to expand its involvement to support the myriad ways outsourcing and other industries is being implemented.
The economies of scale, financial rewards, as well as the flexibility and increased productivity promised by outsourcing, will be a hot commodity for years to come, as the skyrocketing rates of increased outsourcing affect every segment of society.
Initially focused on highly transactional back-office processes or non-critical services, outsourcing now encompasses strategic functions, with some companies off-loading entire segments of their value chain.