Building a business case for offshore robotic process automation

Dwindling labor cost savings offshore are leading many captive centers to implement new robotic process automation.

For years, business case for the offshore captive IT center model — whereby companies set up their own wholly owned IT service centers abroad — has centered on the benefits of labor arbitrage to generate cost savings. However, as the return on salary differentials has dwindled and the pressure on captive centers to create additional value, companies are looking to other sources of lower costs and increased efficiencies.

The current rise of robotic process automation (RPA) presents an opportunity for IT organizations to wring more benefits from their offshore delivery centers. The rapidly advancing technology that is used to automate rules-based and repetitive tasks with limited or no human involvement is growing in popularity among the captive center set, says Sarah Burnett, vice president of research with outsourcing research firm and consultancy Everest Group. RPA offers a number of benefits: incremental cost savings over traditional offshore delivery; improved service delivery in the form of process quality, speed, governance, security and continuity; relatively shorter investment recovery periods; and a general ease of implementation. asked Burnett about the increased adoption of RPA and offshore captive centers, the hard benefits of implementation, and the best way to build a business case for automation in offshore IT delivery centers. Why are functions that are already offshored ripe for the application of RPA? Are onshore IT and business operations also candidates?

Sarah Burnett: RPA is a no brainer for most transactional services irrespective of whether they are offshored or not. RPA can help lower costs while increasing the efficiency of operations. This can help global In-house centers or shared service centers achieve their year-on-year efficiency targets.

[Our recent research] shows that costs of operations in offshore global in-house centers can be lowered by 20 to 25 percent. The savings would be even higher for onshore centers. RPA can also address specific issues such as shortage of resources and skills and where there is a high rate of staff attrition due to the repetitive and boring nature of transactional work. You’ve noted that RPA has the potential to reduce headcount by 25 to 45 percent resulting in significant cost savings. Does the business case for RPA need to address more than headcount reductions?

Burnett: Headcount reduction is enough of a factor for some enterprises, but not all automate with that as a top priority. Some want to keep the staff and create capacity for other more complex work or address issues such as an influx of new work. It is also important to note that automation is not just about headcount reduction, but also increased quality and standardization of work. What are the biggest factors that would impact the business case of RPA in an offshore location?

Burnett: I think increasing salaries and shortage of skills could drive demand for automation. Clients of offshore centers are also driving automation for increased efficiency and throughput. This is part of their continuous and year-on-year improvement. One factor that could adversely affect automation in offshore centers is lack of skills for deployment. What should organizations consider in order to build a realistic business case for RPA?

Burnett: The existing and potential costs and benefits of all of these [issues] should be factored into the business case. There are costs that are easy to measure, e.g., cost of RPA software licenses. [But] there are also qualitative values, such as reduced error rates, that are difficult to measure but these must be factored in for a comprehensive business case. What other advice would you offer IT organizations considering implementing RPA in captive centers?

Burnett: It is important to benchmark existing operations to work out the benefits of automation and build a business case for deployment and scaling up.

Source: – Building a business case for offshore robotic process automation

If you have any comment, please feel free to add it.


Image Credit: Thinkstock

Autonomic offerings set to transform IT, but outsourcing customers beware

IT leaders have more automation options that ever, but not all robotic systems are created equal.

Credit: Thinkstock
 Wipro has Holmes, Tata Consultancy Services introduced Ignio, Syntel is selling SyntBots. HCL Systems calls its Dry Ice. And Infosys is promoting Mana. With traditional IT outsourcing revenue streams at risk to automation, a number of IT service providers are responding by developing their own homegrown systems which are designed to perform routine tasks and operations otherwise performed by humans.
The good news is that CIOs now have a number of automation options to choose from. The bad news? The array of choices can be confusing and the unproven systems can be risky. It may not be immediately clear how these new automation options from traditional IT service providers differ from the solutions of the more well-established robotic systems companies like IPSoft or BluePrism.

Today’s automation market includes a wide variety of offerings comprising a broad spectrum of capabilities. The most mature market segment is Robotic Process Automation (RPA). RPA applications are designed to execute specifically defined tasks typically around business processes, such as processing an insurance claim. RPA tools can be easily deployed in a matter of weeks. While IT support is important, the impact of RPA on existing infrastructure and applications is relatively minimal. Autonomics, on the other hand, use learning algorithms to automate repetitive processes thereby reducing costs or increasing speed, accuracy, availability, or auditability.

Autonomics are being designed specifically for IT-related functions and processes in the areas of network, storage, server and application management, database administration, virtual machine provisioning and diagnostics. These systems have the ability to learn new capabilities and respond to new conditions, but can require four to six months to implement. talked to Jeff Augustin, managing director of IT outsourcing consultancy Alsbridge about this evolving market and what CIOs seeking to take advantage of automation to manage their enterprises should know about these new offerings. In what areas are CIOs most interested in autonomic solutions?

Jeff Augustin, Managing Director, Alsbridge: Broadly speaking, CIOs are looking to apply smart tools to improve IT management, including processes related to network, storage, server and application management, database administration, virtual machine provisioning, triaging and diagnostics. More specifically, CIOs are focused on solutions that have some machine learning and adaptive capabilities that allow them to respond to new information and new conditions. A good example is incident management within ITIL. CIOs are often looking to automate level one and level two incident management processes. But rather than just have a static solution, they want something that will adapt and get better over time through machine learning and cognitive platforms. What are the biggest benefits of automation for IT?

Augustin: One of the key benefits is cost savings through the replacement of human labor by software robots and autonomic platforms. Robots are faster, cheaper, and more productive than people at executing repetitive tasks. What we typically see is that robots will take on a portion of a person’s job and free up bandwidth. So we’re seeing a lot of re-skilling and redeployment of resources, rather than massive displacements.

Another critical benefit of autonomics is increased accuracy and auditability. Each action performed by the autonomics tool is consistently executed and documented, which helps enormously in meeting regulatory compliance requirements. Autonomics also helps with performance optimization, as data gathered by the systems can be cycled through a continuous feedback loop of data collection, analysis and change actions. Specific quantitative benefits we’ve observed include faster Mean Time to Repair (MTTR), improved provisioning time for cloud services, and overall improved service levels at lower costs. What are the biggest risks with these new tools?

Augustin: The biggest risk for a CIO is to not understand what they’re getting. This is not a one-size-fits-all solution. It’s critical to understand the problem you are trying to solve. Am I trying to increase productivity? Reduce cost? If the problem isn’t clearly defined, [the solution may not] match the need.

This sounds basic. But in today’s environment, where the solutions are relatively immature, it’s a challenge for CIOs to really understand the features and benefits of the various offerings.

Another risk is underestimating the need to redesign the organization, its processes and how people and technology interact. When that happens the benefits of the tools can be delayed or compromised. What has been the impact of autonomics on traditional IT service providers?

Augustin: The impact on traditional providers is enormous. The competitive advantage of outsourcing — particularly for the India heritage firms — has been people resources, specifically the availability of low-cost, skilled labor in offshore locations. Autonomics fundamentally undercuts that competitive advantage. When it comes to performing routine and rules-based tasks, people can’t compete against robots on a cost or productivity basis. So at a macro level, we’re seeing location and labor costs becoming less relevant. Service provider differentiation will become more and more about thought leadership in the specific industry vertical than the lowest cost solution.

For service providers, this shift represents both a threat and an opportunity. The threat is obviously losing existing business to autonomics. The providers recognize this, and several have said publicly that they will be reducing their headcounts and focusing on building their automation capabilities. Many of the tier-one service providers have rolled out an automation platform in the past 18 months.

The potential opportunity lies in delivering more value to customers and winning new business. But will a provider be willing to potentially cannibalize existing revenue by proactively proposing an autonomics initiative to a customer? Increasingly, the answer is “yes,” and the marketplace is driving that answer. Providers are recognizing that there’s no alternative; if they don’t aggressively offer an autonomics solution to their CIO customers, that customer will gladly find it elsewhere. How has automation impacted IT services pricing and contracting?

Augustin: The impact of autonomics has been significant. Over the past 18 months or so, we’ve seen downward [pricing] trends of 40 to 60 percent. While a number of factors are involved, automation is the primary driver, especially for areas such as problem ticket handling.

In terms of impact on contracts, we’re seeing more gain sharing agreements. If a provider implements automation, there may be provisions included to ensure that both the client and provider benefit from the improvement. It’s an incentive for the provider to reduce costs and cannibalize their revenue. How similar or different are the various autonomics solutions?

Augustin: it’s hard to know what the capabilities of the different tools are. They’re all trying to be similar in the sense of being advanced, adaptive platforms with machine learning capabilities. Some that we’ve seen do have cognitive aspects, while others are more static and to a large extent involve the repackaging of existing tools without adding new functionality. Does it make sense for CIOs to seek these solutions from traditional IT service providers?

Augustin: There are really two options. One is to work with a tier one outsourcing provider. The other is to work directly with a smart tool or automation platform provider. If you go that route, however, you would need to be very specific about requirements. Which types of autonomic solutions are most mature and beneficial?

Augustin: The two areas of focus are infrastructure and applications. In infrastructure, there’s a lot of focus on ITIL and incident/problem management. In the applications space, we also see a significant increase in automation in the area of testing. What advice would you offer IT leaders navigating this new market?

Augustin: There’s still a lot of confusion around automation technology, and terms like “artificial intelligence,” “cognitive” and “machine learning” get tossed around a bit too freely.

The key is to get an objective perspective and to thoroughly investigate and vet the offerings — and do so in the specific context of your business requirements. Providers face enormous competitive pressure to sell their solutions, and frankly will be biased and inclined to overstate the capabilities of their offerings.

Source: ·Autonomic offerings set to transform IT, but outsourcing customers beware

How to build cybersecurity into outsourcing contracts

IT outsourcing customers must take greater care in building cyber-risk protection into their IT services and cloud computing deals.

Any time a company shares data or provides access to third-parties, it increases its vulnerability to unauthorized access or breach. So in today’s IT environment in which enterprises partner with multiple IT service providers, who in turn may have multiple subcontracters, cyber risks increase exponentially.

“Customer data and systems are only as secure as the weakest link in the vendor ecosystem,” says Paul Roy, a partner in the business and technology sourcing practice of Mayer Brown. “The risks for customers are twofold: not only does the customer increase its risk of a data breach, it also increases the risk that it will be in breach of its regulatory or contractual obligations if its vendors fail to comply with such obligations.”

PUBLICIDAD talked to Roy and Lei Shen, senior associate in the cybersecurity and data privacy practice at Mayer Brown about the potential impact of security incidents arising from IT outsourcing or cloud computing engagements, the shortcoming of cloud computing contracts with regards to customer cyber risk protection, the key contractual provisions for mitigating these risks in an evolving regulatory landscape, and the importance of ongoing review in this rapidly changing area. What are the potential consequences of cyber security failures with third parties, like IT service providers and cloud computing vendors?

Paul Roy, partner, Mayer Brown: The consequences of a cybersecurity failure can be substantial. They include the expense of remediation and notification, damage to the brand, loss of sales, management disruption, regulatory sanctions, shareholder derivative suits and other lawsuits, and other collateral damages. The customer remains ultimately responsible for these risks, even if its vendor was the source of the security failure. Is cyber risk adequately covered in standard outsourcing or cloud contracts?

Lei Shen, senior associate, Mayer Brown: To adequately cover cybersecurity risks, the standard outsourcing contract has to include clear technical and legal compliance requirements and the right for the customer to monitor and otherwise verify the vendor’s compliance with such requirements.

To align incentives, the contract should make the vendor liable for the costs of breaches that it or its subcontractors cause, including the costs of notification, remediation, fines and similar costs. Well-crafted standard outsourcing agreements should contain these types of protections. However, the contractual protections are only adequate when combined with effective oversight and enforcement by the customer.

The adequacy of cloud contracts to protect against cyber risk is more complicated. On the one hand, a cloud service can inspire customer confidence in a cloud vendor’s well-established and hardened security. On the other hand, cloud contracts often fall short of a customer’s compliance requirements for sensitive data, particularly if the customer is in a regulated industry.

Customers must perform a gap analysis between the vendor’s offering and the customer’s requirements to identify gaps and determine whether they can be covered by either party. In addition, narrow limitations of liability—frequent in cloud contracts—can warp the incentives for protection against cyber risk. While there has been a significant growth among sophisticated cloud vendors who are able to address their customers’ data protection and compliance requirements, there is still substantial variation among cloud vendors’ ability to adequately address such requirements. What are the key contractual provisions for mitigating these risks?

Roy: The key contractual provisions to mitigate cyber risk are: (1) the security standards required of the vendor; (2) restrictions on subcontracting; (3) employee related protections, such as background checks and training; (4) security testing; (5) security audits; (6) security incident reporting and investigation; (7) data retention and use restrictions; (8) customer data access rights; and (9) vendor liability for cyber incidents.

Many of these contractual protections come with limitations. Since vendors must maintain consistent internal security standards, especially in a cloud setting, they may have limited ability to customize such standards to meet a customer’s unique requirements. However, the key for customers should be the adequacy of the protection, not the specific means for achieving that protection.

Cloud contracts typically include additional limitations on these types of provisions. For example, in a standard outsourcing agreement, the customer typically has the right to approve subcontractors, whereas cloud vendors have pre-existing subcontractors that are subject to change without customer approval. The key protections for customers in that circumstance are the assurances that security provisions are flowed down to subcontractors and that the customer has the right to periodically obtain a list of those subcontractors, especially if such a list is required by applicable privacy laws. Similarly, a standard outsourcing agreement often contains the right for the customer to conduct security audits, but cloud vendors typically do not permit physical audits of their facilities. The absence of this right can typically be satisfied by third party compliance audit and certifications.

One aspect of cloud contracts that is sometimes overlooked is the restriction on secondary uses of the data by the vendor, including aggregated or anonymized data. From a purely commercial standpoint, this secondary use right can mean substantial value to the vendor and corresponding loss of value to the customer. From a cybersecurity standpoint, any retention of data by the vendor risks re-identification of the data, thereby increasing the risk of security failures. In addition, a vendor’s retention of inadequately de-identified data may also run the risk of violating certain privacy laws. What existing regulations around third-party cybersecurity risk should IT outsourcing customers understand?

Shen: There is a patchwork of regulations in the U.S. across industries and states. At the federal level, they include Gramm-Leach Bliley, HIPAA, SEC requirements for public companies, and FTC requirements. In addition, some states, such as Massachusetts, have their own data protection requirements. The common thread of all of these laws is the requirement that companies take “reasonable and appropriate measures” to protect their data, including care in the selection and oversight of third party vendors.

The European Union has more consolidated and stricter privacy legislation that generally imposes higher standards of data protection than in the U.S. In addition, the new EU privacy regulations that were recently introduced impose additional limitations and much higher penalties for companies that fail to comply. Companies would be well advised to become informed of the upcoming changes in the EU data protection regulations. Many other countries outside of the EU, such as South Korea, also have strict requirements for data protections. How can customers build flexibility into their contracts so that they remain protected in an evolving regulatory and cyber risk landscape?

Shen: The regulatory landscape has evolved and will continue to evolve for the foreseeable future. Outsourcing agreements should include a requirement that the vendor implement changes as needed to adapt to regulatory changes. Where these regulatory changes are specific to the customer, it is reasonable for the customer to be responsible for the incremental costs incurred by the vendor to adapt to those changes. If a cloud vendor refuses to commit to adapt to changes in a customer’s regulations, the customer should at least retain the option of exiting the arrangement.

Source: CIO-How to build cybersecurity into outsourcing contracts

Former GM CIO says BPO/ITO mega-deals wrong for current IT climate

This year’s World BPO/ITO Forum will focus on how the cloud is shaking up IT outsourcing. Conference chairman Jim Noble talks to SearchCIO about why mega-deals are a losing proposition for CIOs.

Jim Noble, former CIO at General Motors, AOL Time Warner, and Philip Morris and former chief strategy officer at BP, has done his share of IT outsourcing deals. So when Noble, who recently launched his own CIO coaching business, says that IT outsourcing mega-deals kill innovation and may actually put a CIO career in jeopardy, readers might want to take note.

Noble is the conference chair of the World BPO/ITO Forum’s 8th annual summit in New York City, June 16-17, where he will address this year’s theme: harnessing the cloud for successful transformation.

  • Your keynote talk at the BPO/ITO Forum is titled, “The Technology Climate: Clouds and Shadows.” I assume this is a not about global climate change — or is it?
  • Jim Noble: No, it is about winners and losers in the IT function.
  • What about the current technology climate will result in winners and losers?
  • Jim Noble, former CIO at General Motors, AOL Time Warner, and Philip Morris and former chief strategy officer at BP, has done his share of IT outsourcing deals. So when Noble, who recently launched his own CIO coaching business, says that IT outsourcing mega-deals kill innovation and may actually put a CIO career in jeopardy, readers might want to take note.
  • What about the current technology climate will result in winners and losers?
  • Noble: Well, the traditional concept was nobody ever got fired for outsourcing to — put in a name — Big Blue, or HP or Capgemini. The strategy was based on having a small number of very large providers. For example, when I was head of IT strategy for a big oil and gas company, we decided to standardize on six global, third-party IT services companies, and we would parse out the work to them. I know that is also the case with a number of Wall Street firms. For example, Deutsche Bank announced recently that they are awarding a very large infrastructure contract to HP. And so, the mega-deal is not dead. But, in my view, the ability of these companies to continue to innovate will be more than a little restricted by these mega-deals. And I much prefer the concept of a large number of small relationships rather than a small number of large relationships.

That’s pretty radical for a BPO/ITO strategy.

  • Noble: It’s hard to do, because it requires a very different skill set on the part of the client company. If you put all your eggs into one basket, you just have to watch that one basket. But after a while, that supplier becomes complacent, they have run out of good ideas, they probably used up all of their marketing investment money to delight their customers, and eventually it becomes engrained. A lot of these contracts are renegotiated after a few years because they have become obsolete.

You can’t really surround yourself with people who are thought leaders and also great at execution. At least, I’ve never found that there are many people like that in the world.
Jim Noble
conference chair, World BPO/ITO Forum
Now, if you believe in the cloud, which I do, then you don’t need to have these large mega-deals. You can engage with much smaller niche suppliers — boutique suppliers, if you like, best-of-breed — and you keep them agile by having an easy exit strategy. So, for example, if you were to use Box for your cloud storage then you could easily move your data to Microsoft or Amazon or Apple or Dropbox or whatever — and avoid the lock in. It keeps your third-party suppliers agile and innovative and fresh and best-of-breed. But, it is very hard to do, and you shouldn’t underestimate the difficulty of making it work.

Just making the decisions about who to go to, I would imagine, requires a tremendous amount of judgment.

  • Noble: Tremendous amount of judgment and dedication to understanding the supply side. I just wonder how many CIOs — or chief IT strategy officers or chief enterprise architects — how many of them are in touch with what is available on the supply side. How do they stay current, and how do they stay aware of new products and services? That is really tough.

The obvious answer is the advisory firms, like Gartner and Forrester and, of course, my own group [The Advisory Council International]. I have a vested interest here. And if you seek advice from these third parties, you’ll at least know who the major players are, and then you have to make a decision. But the good news is these decisions are not career-ending decisions. If you get it wrong, you can change it. It’s not a $100 million deal you’re doing; it’s maybe a $5 million dollar deal you’re doing, and so it’s relatively easy to change horses in midstream.

The reality today is you have to be alert to products and services out there; you have to piece them together. It’s like a jigsaw puzzle, and you have to be able to orchestrate. I use the word ‘orchestrate’ not in the technical sense as it’s used in service-oriented architecture, but more in a supplier management sense: How do you orchestrate 10 different vendors who are part of a business process? If you outsource a business process to a third party, you don’t have to orchestrate anything; but if you choose best-of-breed for the different links in the chain, then you’ve got to be pretty good at making them sing in harmony.

IT soft skills essential to ‘operating model 2.0’
What attributes do you need to have to do that orchestration? Or, is there technology out there that will help?

  • Noble: The technology is called ITSM — information technology service management — and some of the big players like BMC and CA Technologies and some others have good ITSM tools. That’s part of the solution space. BMC has Remedy. CA has Clarity, and there are others.

These are OK, but they don’t deal with the human skills you need to manage and orchestrate. I compare it to what I call operating model 2.0. The IT operating model 1.0 is conventional wisdom. IT’s all the usual stuff of holding meetings with our suppliers and having a good contract and having good incentives — all the normal conventional wisdom. Operating model 2.0 says you’ve got to make the orchestra sing together: the percussion instruments, the wood instruments, the string instruments — you get it. That is a soft skill and IT people are hopeless at soft skills. We’re good at hard skills — we can tell you how to do C++ and Java, but we cannot make two business partners pull together. And that is what the IT operating model 2.0 should be about.

CIO as systems integrator: Surround yourself with thought leaders

If you think about all the things a CIO has to be expert in — one year it is social media, and the next year big data, and the next year cybersecurity, machine learning– it seems like the CIO job is being stretched to the breaking point. Any thoughts on how the role of the CIO is evolving or what the CIO role should be?

Noble: My first thought is if you don’t step up, then you will become irrelevant. The end-user community is now much more sophisticated than when I was young. When I was young, the business people didn’t understand computers and they needed to come to us because they couldn’t do it any other way. That is no longer true. Today they can go to Salesforce and get their CRM. They can go to Workday and get their HR. They can go to Box and get their cloud storage. And they don’t need approval from the IT function. So, if the IT leadership doesn’t step up, then they will be marginalized — and that is shadow IT, run riot.

My other observation is this: There’s a saying, ‘You’re only as good as the people you surround yourself with.’ Jack Welch at GE knew that, and all of the great business leaders I’ve ever worked for, they knew that. They knew that they couldn’t possibly know everything but they had to have a team of direct reports who were really good in their disciplines. [In IT] it might be cloud, it might be big data, predictive analytics or whatever.

You can’t really surround yourself with people who are thought leaders and also great at execution. At least, I’ve never found that there are many people like that in the world.

And so, what I would advise an IT leader to do today is to surround themselves with thought leaders and then engage third parties to do the work, and the IT leadership team of the company coordinates that work. It puts us back in the role of SI — systems integrators — and it is a much more complicated, multi-dimensional, fast-moving job and that’s what makes it so exciting.

Source: TechTarget- Former GM CIO says BPO/ITO mega-deals wrong for current IT climate by Linda Tucci

What CIOs need to know in order to capitalize on Hybrid Cloud


Hybrid clouds are rapidly coming of age as the platforms for managing the extended computing environments of innovative enterprises.
To explore the business opportunities and technological capabilities, we discussed hybrid cloud with David Goulden, CEO of EMC Information Infrastructure. David has 30 years of technology industry experience, and at EMC his roles have included leading new business development and worldwide customer operations, as well as serving as CFO.

Download the interview at: What CIOs need to know in order to capitalize on Hybrid Cloud