Mitigating Risk in IT Outsourcing

T2P Member resource. Please join T2P (and/or log in) to download this paper.

A Realistic Framework for More Successful Outsourcing Initiatives

Drawing on more than 40 years of the author’s professional experience and lessons learned in IT operations and management, Mitigating Risk in IT Outsourcing offers a practical framework for success, service continuity, and control in outsourced IT projects. The paper includes:

  • Key considerations for proactive risk identification and mitigation, including planning, documentation, and preparation for employee and customer reaction
  • Five key requirements for effective service transition, encompassing more than 80 checklist steps for project planning, supplier evaluation, and administrative and legal control; as well as a master list of predictable risks.
  • Four approaches to managing problematic service engagements, from traditional, team-based strategies to a full roll-back of the service relationship

Business process outsourcing (BPO) is increasingly adopted by companies large and small to reduce IT costs, globalize operations, and reengineer business processes. Although the low cost-of-wages offered by many service suppliers is often a primary driver in outsourcing decisions, service transition costs, internal administrative costs, variable supplier service profiles, and lack of service transparency can all complicate the outsourcing value equation.

Contrary to managerial expectations, outsourcing often increases operating costs, while reducing both operational and customer service levels. These risks increase when companies fail to adequately oversee suppliers, when suppliers lack expected capabilities, and when either party lacks complete process knowledge. Proactive management is the only effective way to mitigate outsourcing risk. With complete understanding of both the outsourcing environment and internal business priorities, sourcing managers can reduce uncertainties in outsourcing efforts and increase the likelihood that supplier services will meet operational and financial objectives.

This paper is primarily written for IT auditors, IT managers, and procurement managers. It is also intended to help IT and executive managers to establish reasonable expectations that can be monitored and managed throughout the term of an outsourcing engagement—a fundamental requirement for successful service transitions and results.

About Community-Contributed Research

Mitigating Risk in IT Outsourcing is a community-contributed work by T2P member Frank LeFavi. Frank has generously allowed us to publish his work, with the sole goal of supporting the processes and success of others in the professional community. We applaud Frank’s contribution—both for its high value as independent, experience-based analysis, and as a stellar example of how information professionals can help each other to advance the field as a whole.

T2P welcomes all member contributions, and we are happy to work with and promote independent authors. If you would like to contribute your own insight and advice to the T2P professional community, please contact us at editor(at) This e-mail address is being protected from spambots. You need JavaScript enabled to view it .

This research paper is a Truth to Power original resource, freely available to all registered members of the community. If you are not yet a member, please join now. It's free.