Final Report SA/CEN/ENTR/371/2006-27 Project 2006/27.9 IT-Outsourcing
Total Page:16
File Type:pdf, Size:1020Kb
Final report SA/CEN/ENTR/371/2006-27 project 2006/27.9 IT-Outsourcing 1 NEN Vlinderweg 6, 2623 AX Delft, NL – PO Box 5059, 2600 GB Delft, NL Telephone +31 (0)15 2 690 390, Fax +31 (0)15 2 690 190, Internet: www.nen.nl Table of contents Executive Summary ................................................................................................................................. 3 1 Introduction ....................................................................................................................................... 4 1.1 Scope .......................................................................................................................................... 4 1.2 Objective ..................................................................................................................................... 5 1.3 Methodology ............................................................................................................................... 5 2 Findings ............................................................................................................................................ 6 2.1 Desk research ............................................................................................................................ 6 2.1.1 IT outsourcing .................................................................................................................... 6 2.1.2 Barriers in IT outsourcing ................................................................................................... 6 2.2 Field results ................................................................................................................................ 7 2.2.1 Stakeholders ...................................................................................................................... 7 2.2.2 Current situation ................................................................................................................. 9 2.2.3 Current standards ............................................................................................................ 10 2.3 Stakeholder needs .................................................................................................................... 12 2.4 Potential for standards .............................................................................................................. 13 2.4.1 Standards reference framework ...................................................................................... 13 2.4.2 Terminology standard for IT outsourcing ......................................................................... 14 2.4.3 Guideline for IT outsourcing ............................................................................................. 15 3 Validation workshop ....................................................................................................................... 16 4 Conclusions on the research .......................................................................................................... 17 5 Recommendations ......................................................................................................................... 19 5 Next steps ...................................................................................................................................... 19 Annex A : Literature list ......................................................................................................................... 21 Annex B : Desk research ....................................................................................................................... 24 B.1 Standardization .................................................................................................................... 24 B.1.1 Standardization in general ............................................................................................... 24 B.1.2 Economic principles behind standardization ................................................................... 26 B.1.3 Characteristics of standards ............................................................................................ 29 B.1.4 Characteristics ................................................................................................................. 31 B.2 IT outsourcing....................................................................................................................... 32 B.2.1 IT outsourcing in general ................................................................................................. 32 B.2.2 Advantages of IT outsourcing .......................................................................................... 36 B.2.3 Economic principles on IT outsourcing ............................................................................ 36 B.3 List of 'standards'.................................................................................................................. 40 B.3.1 ITIL ................................................................................................................................... 40 B.3.2 ISO 20000 ........................................................................................................................ 41 B.3.3 ISO 17799 ........................................................................................................................ 41 B.3.4 PAS 77 ............................................................................................................................. 42 B.3.5 ISPL ................................................................................................................................. 42 B.3.6 CMM variants ................................................................................................................... 42 B.3.7 COBIT .............................................................................................................................. 43 B.3.8 SAS 70 ............................................................................................................................. 43 B.3.9 ASL .................................................................................................................................. 43 B.3.10 BiSL ............................................................................................................................. 44 B.3.11 eSCM ........................................................................................................................... 44 B.3.12 Prince2 ........................................................................................................................ 44 B.3.13 MoSCoW ..................................................................................................................... 45 B.3.14 Software development standards – SDM, DSDM, XP, RAD....................................... 45 B.3.15 Overview ...................................................................................................................... 45 Annex C : Questionnaire ....................................................................................................................... 47 2 NEN Vlinderweg 6, 2623 AX Delft, NL – PO Box 5059, 2600 GB Delft, NL Telephone +31 (0)15 2 690 390, Fax +31 (0)15 2 690 190, Internet: www.nen.nl Executive Summary The organizations of today are no longer asking themselves whether they should outsource, but rather how they should outsource their IT. The size of the global Information Technology (IT) outsourcing market was estimated to be between $200 and $500 billion in 2003 and continues to grow. While IT outsourcing can provide large benefits to organizations, it is not a process without problems. The problems that are apparent in the general IT sector in the form of failed projects are also evident in the outsourcing of IT. Half of the IT projects still fail to meet their requirements. Outsourcing is a relatively new phenomenon that brings its own problems to the situation. Standardization has proven itself over the course of years to be able to solve matching problems between parties. IT outsourcing can benefit from standardization by explaining relevant standards, providing guidance to involved parties and stimulating a common understanding. Latest research indicates that standards provide a real value for businesses when implemented. For instance production costs of software and risks to company IT have been significantly reduced because of standards. By verifying the list of problems and noting the needs of organizations in the interviews, a list of requirements for (a) standard(s) is created. Suggestions from the stakeholders are collected and taken into account when formulating opportunities for standards that can fulfill the listed requirements. The opportunities for standards result in three concrete suggestions for standards for IT outsourcing. Therefore it is recommended to: — Develop a standard for IT outsourcing: many respondents indicated they have trouble finding the right standard for the right situation in IT outsourcing. It is recommended to develop a standard for IT outsourcing as many respondents indicated it can benefit their organization. Such a standard can encompass the following elements: I. Reference framework. Describing when which standard is suitable enables users to make an informed decision on the usage of standards. Implementing the standards for the right purpose will benefit the involved parties. II. General processes. This can provide the guideline for all