You can lose substantial value to your digital age providers by allowing them to analyze your data and resell your business insights. Watch out for clauses allowing digital age providers to use your data in aggregated form to improve their services (such as selling insights from your data).
Spreading your data around, particularly to providers without effective data management, risks violations of laws such as those governing export control, responding to discovery requests in litigation, and compliance with privacy laws.
How should businesses prepare their sourcing strategy and policies when contracting for these newer technologies?
Peterson: Businesses should start with a digital age sourcing team with roles for IT, information governance, procurement, finance, legal and the business units. Letting any one group lead [this effort] is risky. IT alone will tend to buy the hottest products, which will be risky, overpriced and not meet the business need. Finance alone will tend to buy cheap products that cost a fortune to integrate and eventually fail to deliver. The business units alone will tend buy risky, overpriced products that don’t work well for the enterprise. Information governance and legal, left alone, will reject too many digital age services because of their focus on risk not possible benefit.
Then, the business should develop a digital age sourcing model that focuses on risk and benefit. Risks should be identified, assessed, mitigated operationally and contractually, and then weighed against benefits. The digital age products might not meet requirements, but the risk may be manageable and the benefits worth pursuing.
To move at a digital age pace, [businesses can] create contracting templates that work for digital age services. Those should be in plain English, easy to use, and recognize the standardized and automated nature of digital age services.
[Customers should never] agree to “cloud terms” even if they are “market” in consumer contracts or your company has accepted them in low-risk applications and no-leverage negotiations in the past.
To prepare for integrated digital age services, [it’s also important to] amend existing contracts with current outsourcing service providers to include cloud provisions and integration responsibilities.
What can companies do about existing digital services deals that weren’t set up with this level of rigor and risk management?
Peterson: Large companies tend to have hundreds of digital age contracts. A small fraction of those were negotiated; the vast bulk were entered into by individuals or business units with little review. Many are being used for sensitive data—perhaps in violation of laws, contracts, or company policies. Consolidating those to a limited number of providers of each service under negotiated master agreements can dramatically reduce risk and increase value.
What about the ongoing governance of these digital age deals?
Peterson: Most companies are not ready to govern digital age services contracts. The traditional model for governing services contracts relies on having designated people to talk with regularly. Often, that’s not part of the digital age model. The robots will not attend the change control meetings to explain that they will break if a change is made. You’ll need to negotiate new [governance] models.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.