Controversy over whole-of-government outsourcing is nothing new, but recent outsourcing inquiries have added new fuel to the fire.
The latest in a string of reviews questioning the integrity of the outsourcing process was tabled on October 29 last year by the Australian National Audit Office (ANAO), which was asked to investigate the tender process for the $351 million Health Group IT outsourcing contract - encompassing the then Department of Health and Aged Care, the Health Insurance Commission (HIC) and Medibank Private - awarded to IBM Global Services Australia in September 1999.
At issue was an incident in which the Office of Asset Sales and IT Outsourcing (OASITO), at that point charged with managing the federal government's whole-of-government IT outsourcing strategy, inadvertently forwarded IBM GSA financial details of bids from competitors CSC and EDS several days before the deadline for lodgement of a revised and final tender offer.
IBM GSA executives asserted they had not read nor copied the information, but the incident's very occurrence was enough to make sceptics question the integrity of the process. ANAO's investigation did little to reassure. Chronically poor documentation of OASITO's investigations, the report concluded, meant that: "ANAO is not able to provide an assurance that no tenderer unfairly gained a competitive advantage in the Health Group tender process. Deficiencies in the contemporaneous documentation regarding the actions and deliberations undertaken on significant issues affecting the tender process . . . did not allow ANAO to conclude that probity issues . . . were appropriately and effectively managed."
That is a scathing result for a process that was originally meant to set the model for a complete revamp of the government's IT strategy. As negative report after negative report continues to roll in, identification of such shortcomings has implications on current negotiations for renewal of key outsourcing contracts - formulated half a decade ago during the Howard government's slash-and-burn honeymoon years and now facing dramatically different technology and business worlds.
It is not the first time ANAO has faulted the outsourcing process. Last May, ANAO tabled the results of its examination of IT outsourcing at the Commonwealth Department of Veterans' Affairs (DVA), which in 1997 expanded its 1992 mainframe outsourcing contract to have IBM Global Services Australia cover its entire computing and voice infrastructure.
ANAO has looked into DVA's IT outsourcing arrangements twice before - once at the contract's commencement in 1997, and again in 2000-2001. The latest report, a 103-page analysis prepared in the lead-up to the contract's initial expiration last November, outlines a number of areas where the arrangement, called Strategic Information Services Agreement (SISA) and initially valued at $65 million, could be improved.
Apart from cost blowouts - which ANAO noted had pushed total DVA IT expenditure over the period to $140 million - the report criticised DVA's failure to adequately manage the performance of outsourcer IBM GSA. Although the contract was initially projected to save $20 million over its term, these cost blowouts effectively negated those potential savings. That mismatch was hardly aided by DVA's sale of IT assets - independently valued at $10.6 million - to IBM for just $5.5 million in exchange for what the DVA says were discounts on other IBM GSA services.
"There was insufficient alignment between DVA's IT strategic plan and the contract, particularly given that the department had expanded its use of client server technology [including implementation of new systems and attendant network upgrades] after the contract was signed," the report's authors concluded.
"This made it difficult for the department to obtain assurance that it was achieving best value from the contract in the context of its strategic direction . . . There was limited information by which to assess whether the department received value for money from its IT services . . . and limited application of risk management."
The DVA, in other words, had taken the value of outsourcing at face value and failed to establish hard metrics that assessed IBM's actual performance. This was, ANAO argued, largely the result of unclear service level agreements (SLAs), vague specifications for monitoring the hundreds of tasks that IBM was contracted to perform, and the "absence of specific linkages of IT service standards to business outputs".
The DVA's IT infrastructure has expanded significantly in the past few years, a point that the department has made in rebutting criticism of the cost blowouts.
"The current contract continues to provide unit costs and value for money comparable to other, more recent Commonwealth and private sector IT contracts," Minister for Veterans' Affairs Danna Vale said in a statement rebutting ANAO criticism. "Preparations for the millennium bug, the introduction of the new tax system and major enhancements to the DVA's processing systems . . . account for the majority of the additional expenditure."
Confirming DVA's satisfaction with the general tone of the outsourcing agreement, last August Vale signed off on a three-year, $90 million extension of the contract that will take effect in the first quarter this year.
Locked OutLack of management clarity is not the only accusation being levelled at government outsourcers. In its inquiry into specific aspects of the Australian Customs Service (ACS) $200 million outsourcing contract with EDS, the Senate Legal and Constitutional References Committee (SLCRC) inquiry found the tight relationship between the two organisations had effectively excluded Tradegate and Connect Internet Solutions, two long-time ACS suppliers, from discussions about the future of the EDI network they had implemented at the beginning of the 1990s.
At issue was the process by which ACS has gone about building its new Customs Connect Facility (CCF), the open data exchange system that will replace the long-running EDI gateway service operated by Tradegate and Connect.
The SLCRC conceded that Customs has worked hard not to favour the incumbents during tenders for the new service, which is being project managed by Computer Associates and built by IBM, Baltimore and SecureNet. But in its efforts to this end, the report noted that ACS also failed to articulate a clear strategy about how users of the system will migrate to the new network, and what will happen to the existing network.
Tradegate, in its submission to the SLCRC inquiry, blamed the introduction of EDS for the lack of communication between once intimate and productive partners. Specifically the company noted that the relocation of ACS staff to EDS had reshaped the relationship between Customs and its partners: "Direct contact on technology and system development matters was no longer available as before. The relationship became more formal and the ability to brainstorm with ACS technology experts lost. This resulted in a much reduced level of consultation over planned changes or new services, particularly at a technical level."
EDS, which ignored Tradegate and Connect while working with ACS to plan their replacement, defended itself by arguing that its only responsibility was to its customer. In contrast the SLCRC argued that both EDS and ACS should have been more proactive in their management of the coming transition. Its first recommendation advised ACS to develop better consultative processes to ensure the CCF transition happens smoothly.
Legislation mandates that CCF go live on July 20, just three months after the original end of ACS' outsourcing contract with EDS, which was awarded a two-year extension last year. If the system misses its deadline, many shipping companies have expressed concern that they will attract fines for failure to comply with electronic documentation laws. The SLCRC clarified this issue by recommending invocation of legislative provisions allowing ACS customers to use other methods.
SLCRC's criticism of ACS and EDS management of the process not only highlights the importance of clear communications between all parties involved in an outsourcing deal, but reinforces the point that outsourcing cannot be managed as a complete break from the past.
These comments echo early fears, expressed years ago by several Commonwealth departments, that unrealistic promises of cost savings were steamrollering strategic planning and putting decision making into outsourcers' hands. Those fears were collated in a Finance and Public Administration References Committee report into IT outsourcing management, which referenced submissions from several major departments that criticised the terms used to justify the government's outsourcing push.
The Department of Health and Family Services (DHFS), for one, argued that savings from outsourcing were overstated by more than 30 per cent thanks to an overly broad approach that overestimated potential cost savings from changes to workstation management. DHFS also noted that outsourcing proponents targeted mainframes for significant cost savings even when the department's practices had already been assessed by the Office of Government Information Technology (OGIT) as beating world's best practices.
This feeling was echoed in a Department of Social Security submission that argued OGIT substituted an average figure for mainframe running costs when it found the DSS' costs were so low that they rebutted the argument for outsourcing. The Australian Taxation Office (ATO) made a similar point, arguing that two previous benchmarking exercises had quantified mainframe costs so well that forecasts of 30-35 per cent savings under outsourcing were "difficult to envisage".
Early outsourcing proponents pursued the model based on outsourcers' promises of cost savings rather than in consultation with individual departments - an approach that was slammed in the 2000 Humphry report. Lending credence to those promises gave outsourcers undue control over departments' strategic objectives - for example, promoting the move from mainframe to open systems architectures when extending mainframe operation may have been a better choice.
Allowing vendors to drive the outsourcing bus in this way may have resulted in modernised systems, but that change came at the cost of allowing outsourcers to run roughshod over departments' checks and balances. As ANAO's audit of DVA revealed, lack of adequate outsourcer monitoring is a major contributor to this process. Early submissions to the Customs inquiry suggest similar results in that contract.
Political ShockerDifficulties keeping outsourcers in check come as no surprise to Rolf Jester, Gartner's Asia-Pacific chief analyst for the IT services market. "One of the things that has shocked me is that there has been so much political football being made of the money that was being spent on consulting and other services," Jester says.
"The reality is that what the department is going to do is going to change, but this sort of stuff tends to never be taken into account. If an enterprise is not spending a significant proportion of the cost of the deal on managing that relationship, they're setting themselves up for failure. It's up to the user to demand that the game be played right, but I think we'll see similar issues arise in other cases until the full maturity of how to manage outsourcing is understood on both sides of the fence."
That maturity may come faster than many departments expect - particularly since the Department of Finance and Administration, a loud advocate of outsourcing during its early days, washed its hands of the process after the Humphry report. That gesture decentralised outsourcing management, deferring responsibility to individual departments and leaving them on their own to manage outsourcer relationships.
Investing heavily in outsourcing management has helped HIC turn its outsourcing contract with IBM GSA into what general manager of IT Lyn O'Connell calls: "one of the more successful outsourcing arrangements under the Commonwealth initiative".
O'Connell says the HIC's expenditure on outsourcing management has hovered around industry best-practice guidelines of 5 per cent of contract costs - higher than most departments might anticipate going into such a deal. But that expenditure, she believes, has made all the difference: "When it was first mooted, the government model didn't take account of contract management costs. But we learned a lot from deals like DVA and Cluster 3, so we knew we would be up for resources to manage the relationship. Around 98 per cent of SLAs are being achieved, but you don't get there without an awful lot of work on everybody's part."
As an increasing number of departments revisit their outsourcing contracts, they may find it appropriate to change the character of outsourcing contracts. Flexibility to choose other suppliers may be particularly contentious: ANAO, for one, felt DVA could have negotiated better terms by making a holistic reassessment of its needs each time it embarked on a major technology upgrade. Rather, DVA simply tacked on the extra work to the existing contract.
"Under an outsourcing and contractually driven regime, it is difficult getting estimates, quoting and doing new business," O'Connell agrees.
Shorter and more flexible contracts would necessitate quickly identifiable performance metrics, imposing stricter discipline on outsourcers that have obfuscated original contract terms with the complexity of technological change. Since that change can be taken for granted, it seems more appropriate that contract authors not be forced to set outsourcing expectations based on long-term predictions that require significant - and inevitably inaccurate - crystal ball-gazing.
When most outsourcing contracts were introduced in 1997, for example, the Internet economy was still booming; B2B exchanges were still a fanciful idea and had yet to fall on their faces; XML was still a vague concept; networks were still running Novell NetWare and Microsoft Windows NT 3.51; and the concept of application service providers (ASPs) had not even been born.
The industry has come a long way since then, and renegotiations of outsourcing contracts must reflect that rapid pace of change both in their terms of reference and their safeguards for ensuring vendor performance. While it may be inaccurate to say that whole-of-department outsourcing has been a total failure, it has certainly eventuated in a different way from that initially expected by the Commonwealth government.
Future outsourcing contracts will need to better address departments' plans for the long term. They will also have to define better terms of reference for relatively well understood issues such as readily enforceable SLAs, careful monitoring of expanding contract scope, and the need to look well beyond financial benefits when building ROI models.
If ANAO's inquiry into DVA is anything to go by, contractors will also need to formulate better ways of assessing compliance with the softer aspects of their outsourcing commitments.
Specifically, ANAO noted that IBM GSA had delivered just $3.5 million worth of work to Australian SME subcontractors, through nine contracts that the company had still failed to document. That is just $700,000, out of an average $28 million that IBM received annually, directed towards local businesses. Given that local industry development requirements were added to counter the highly politicised perception that overseas multinationals were running Australia's government, this extremely small amount of reported subcontracting work demonstrates the need for closer monitoring of such provisions.
Renewed discipline will be required across the board, and by taking a step back each organisation will be able to holistically reassess its progress and future direction. "It's fair to say the government is a more informed buyer than it was at the beginning," says Alan Galbraith, executive director, strategic sourcing consulting with Canberra consultancy WalterTurnbull.
"Organisations should never let someone control or be responsible for their business and strategic planning. Agencies are starting to look more closely at a best of breed approach rather than a prime contractor approach, and increased emphasis on formal risk assessment and management will be essential. At the end of the day, the purchaser and provider have got to be working together. If they're not, neither will achieve their business objectives from strategic sourcing of services."
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.