Wednesday, October 12, 2011


Why your CIO tolerates suboptimal quality from IT Outsourcing firms...

Frequently, I hear enterprise employees complaining about the lack of quality delivered by IT Outsourcing firms based in India. They always pine on the belief that their CIO doesn't care about quality and is only focused on price. At some level, when the CIO bought into IT outsourcing they had to acknowledge that they were going to use developers with less years of experience and therefore expected a drop in quality. With that being said, I think there are also other factors to be considered...

It is important to realize that normally high quality comes at higher price. But lower quality may increase total costs. The cost of poor quality or service is magnified not only in terms of trying to recover a project that is already damaged, but also in terms of loss of brand equity and trust. After all, the cost of quality is not only the cost of prevention of non-conformance and the cost of appraisal for conformance; it is also the cost of failure to conform.

We have all heard of many failed ERP implementations where companies have expended years and huge efforts to get back on track. In my humble opinion, I believe the challenge is the simple acknowledgement that many aspects of cost are known upfront and/or emerge at a faster rate than issues related to quality. If costs increase in the delivery of an enterprise application, the vendor has to personally bring this to the attention of the CIO. However, if the vendor isn't delivering quality, there is no event that requires the vendor to disclose the deficiencies.

Many IT Outsourcing agreements touch upon quality only through the lens of process. Thou shalt have a code review. Thou shalt do testing, etc. but few if any IT Outsourcing agreements set a measurable standard for quality. If enterprise employees continue to bitch and complain yet won't work towards creating a standard for measurement then they are simply pissing into the wind.

The information security community has figured out the need for standards to cover the application security space where entities such as Open web Application Security Project (OWASP) is diligently working towards developer guides, standards and maturity models. The enterprise needs to borrow from this playbook and create equivalents that focus on quality...

<< Home
| | View blog reactions

This page is powered by Blogger. Isn't yours?