3. 1 INTRODUCTION
There is a perception created often by the Supplier that the outsourcing results will be quicker, beneficial and
supplier would cater to the requirements of the client in transparent manner from the word go. Another hope of
client is that the suppliers will adapt more readily in the face of regulatory pace, evolution, client’s culture, in
alignment to client’s competence. The supplier’s thinking and client’s belief that the benefits will be achieved
very easily has resulted in many failures.
If the organization has to succeed in the outsourcing strategy, risks have to be recognized and addressed at
the foundation stage of the outsourcing with out fail. Experience has shown that many companies make
assumptions about what is included in the outsource proposition. Whereas, it is neither possible nor cost-
effective to define contractually every detail and action, therefore the Independent Outsourcing Assurance
process provides the mechanism to balance risk, service demand, service provision and cost.
Most outsourcing contracts include basic controls and service execution provisions; however, one of the main
objectives of the Independent Outsourcing Assurance process, is to ensure continuity of service at the
appropriate levels, profitability and value add to sustain the commercial viability of both parties.
Confidential & Proprietary 3
4. Independent Outsourcing Assurance is the set of responsibilities, roles, objectives, processes, interfaces
and controls required to anticipate change and manage the introduction, maintenance, performance, costs and
control of third-party provided services. It is an active process that the client and service provider must adopt to
provide a common, consistent and effective approach that identifies the necessary information, relationships,
controls and exchanges among many stakeholders across both parties.
Independent Outsourcing Assurance is defined as ‘the continuous oversight, organizational structures and
processes that ensure that the Client organization sustains and extends the strategies and objectives’, of
outsourcing.
This assurance function should be established at strategic checkpoints to provide the required alignment in the
following focus areas:
Strategic Alignment
Value alignment
Performance alignment
Culture alignment
Product alignment
Confidential & Proprietary 4
5. 2 SCOPE
The Independent Outsourcing Assurance function carryout the following activities at various phases to
realize the outsourcing strategies and objectives:
FOUNDATIONS
2.1
Audit of Outsourcing strategies and objectives
Audit of RFI / RFP process
Audit of Supplier Selection process
Due Diligence of Supplier Capabilities
Audit of Master Service Agreements (MSA), Contracts, Statement of Work process
Audit of supplier systems to conform that Laws, Regulations, Legislation, Policies and Procedures are in
order.
Audit of Supplier Resource Planning (Hardware / Software / Human Resources / Infrastructure /
Processes)
Check point reviews
Report to the client the deviations, projections, deficiencies, recommendations
Confidential & Proprietary 5
6. TRANSITIONS
2.2
Audit of Transition Processes (Staffing, Knowledge Transfer, Knowledge Acquisition, Knowledge
Management)
Advise Client / Supplier Management on outcome / projections of transition processes
Check Point review
Report to the client the deviations, projections, deficiencies, recommendations
TRANSFORMATION
2.3
Audit of Processes (Management, Functional, Delivery, Support)
Participate in the various oversight meetings as established
Report to the client the deviations, projections, deficiencies, recommendations
Check point reviews
Report to the client the deviations, projections, deficiencies, recommendations
CONTRACT TERMINATION
2.4
Establishing/ Reviewing termination Processes
Audit of Termination processes.
Report to the client the deviations, projections, deficiencies, recommendations
Confidential & Proprietary 6
7. 3 BENEFITS OF INDEPENDENT OUTSOURCING ASSURANCE
Probability of failure is minimized
Right Supplier is selected
Right price / rates are advised, result in substantial savings to client organization
Ability to see the market trends and advise the Clients which may result in cost savings at the
contract re-negotiation stage
Quality of the deliverables will be monitored closely in line with client’s expectations
Assurances are provided to the client on execution of contractual obligations by the supplier
Processes are reviewed ongoing basis and process improvements will be made
Return of Investments monitored
It is expected that the organization who is resorting to this control effectively is
likely to realize more than 7% of the value of the contract in addition to the above
The Independent Assurance Services can be invoked at any stage of the outsourcing, however it is recommended
to start at the ‘Foundation Stage’. The benefits would far exceed the cost of assurance activities and enhances the
probability of achieving the strategic and business objectives of outsourcing.
Confidential & Proprietary 7
8. 4 OUTSOURCING – CONTINUOUS ASSURANCE APPROACH
Outsourcing Assurance processes are required to ensure that all contractual obligations stated and implied are
independently monitored on continuous basis.
A continuous outsourcing assurance opinion could represent that controls are operating satisfactorily, unless a
report is given to the contrary, often referred to as an 'evergreen' audit report. An on-demand audit opinion
could be called for at any time to give an opinion. One of the biggest benefits of continuous auditing is the
beneficial effect it can have on an outsourcing (Supplier + Client) control environment. This is most easily
explained by comparing continuous audit with 'traditional' periodic auditing.
Figure 1 show traditional outsourcing assurance where visits are spaced apart as the periodic cycle. After the
every visit, the control effectiveness may improve due to the auditors' / customer presence or the impact of the
auditors' / customer recommended improvements. But, after a while, entropy sets in and the control
effectiveness slips back between visits. This can be caused by changes to systems, changes in personnel or
factors from outside that impact the organization. Most often it is caused by the simple human desire to go back
to doing things 'the old way'. The effect is that systems can stay out of control for long periods and cause the
Confidential & Proprietary 8
9. overall trend for control effectiveness is to be below what is expected. This certainly impacts the customer’s
return of investments or risks anticipated benefits.
When this is contrasted with continuous audit (see figure 2), it is evident that, with continuous audit, any
control failures are detected and fixed as soon as they happen. Therefore, the effectiveness of controls and the
trend are much nearer to expectations. A merit of continuous auditing is that it provides early warning of
problems. Thus, customer management can detect a control failure as soon as it happens, providing maximum
rectification time.
Confidential & Proprietary 9
11. 5 WHY TECHSERV?
Have in-depth knowledge on the Supplier side of the organization
Have defined, implemented and institutionalized the Management Systems, Information Security
Management Systems, and Project Management Systems based on international frameworks
Have worked several years in supplier organizations (IT Companies)
Have the knowledge on the deficiencies in the outsourcing processes, cause of the deficiencies
Have the ability to recognize the best solution to the identified deficiencies
Have the knowledge on the internal functioning of Supplier organizations (IT Companies)
Have the ability to understand, foresee and prevent any untoward incidents which would impact the
outsourcing processes adversely.
Have the process Implementation competence (ISO 9001, ISO 27001, CMM, CMMI, COBIT, SAS 70)
Confidential & Proprietary 11