Wednesday, October 12, 2011
Why your CIO tolerates suboptimal quality from IT Outsourcing firms...
It is important to realize that normally high quality comes at higher price. But lower quality may increase total costs. The cost of poor quality or service is magnified not only in terms of trying to recover a project that is already damaged, but also in terms of loss of brand equity and trust. After all, the cost of quality is not only the cost of prevention of non-conformance and the cost of appraisal for conformance; it is also the cost of failure to conform.
We have all heard of many failed ERP implementations where companies have expended years and huge efforts to get back on track. In my humble opinion, I believe the challenge is the simple acknowledgement that many aspects of cost are known upfront and/or emerge at a faster rate than issues related to quality. If costs increase in the delivery of an enterprise application, the vendor has to personally bring this to the attention of the CIO. However, if the vendor isn't delivering quality, there is no event that requires the vendor to disclose the deficiencies.
Many IT Outsourcing agreements touch upon quality only through the lens of process. Thou shalt have a code review. Thou shalt do testing, etc. but few if any IT Outsourcing agreements set a measurable standard for quality. If enterprise employees continue to bitch and complain yet won't work towards creating a standard for measurement then they are simply pissing into the wind.
The information security community has figured out the need for standards to cover the application security space where entities such as Open web Application Security Project (OWASP) is diligently working towards developer guides, standards and maturity models. The enterprise needs to borrow from this playbook and create equivalents that focus on quality...
Links to this post: