The time of the Provider Provider focused on individual providers in the IT operation is virtually over today. For cloud sourcing, the role and self-image of the provider manager must change.
The cloud is today a reliable and viable option of the classic make-or-buy decision. And this despite the fact that traditional IT outsourcing services are increasingly gaining in flexibility and scalability - in other words, hitting cloud solutions with their own weapons.
Unlike private cloud solutions, the market of public cloud providers clearly follows the laws of the market. In contrast to classic IT outsourcing, this reduces the possibilities for service dimensioning by the outsourcing company to zero.
Provider managers have no choice but to adapt to these new circumstances and to develop specific competence profiles. Within provider management organizations, cloud service provider managers will need to establish themselves as experts to address the dynamics of the market and the potential of technology. A daily market knowledge of the cloud offers is essential. This considerably increases the pressure to act on the provider manager:
Short contract terms and flexible exit options become sustainable economic advantages if the provider manager knows the developments of the cloud market as up-to-date as possible as a stock market price. These include, for example, service and pricing models or the evaluation of cloud service providers and their solutions / delivery reliability by other users.
With intelligent virtualization technologies, such as cloud services 'container services', IT becomes increasingly agile and can also address potential provider and contract changes in "real time"; architectural and technical restrictions are increasingly hurdles.
In addition to knowledge of the market, providers, solutions and trading venues, a provider manager must also build expertise in knowledge of market standards, but also relevant institutions such as associations and their recommendations. Only in this way can he, for example, substantially assess the privacy and security of the solutions offered. Although the dedicated content review will continue to be the responsibility of the company data protection officer and the IT security officer, the fulfillment and certification of the cloud standards will become an essential selection and purchasing criterion for the provider manager. Examples include the Cloud Controls Matrix of the Cloud Security Alliance (CSA), in particular the Cloud Trust Protocol, or the Cloud Computing Key Issues Paper of the Federal Office for Information Security (BSI).
Accompany the cultural change in the organization
Cloud resources dramatically increase the speed of IT: short-term and automated provisioning increases the speed of IT deployment, resulting in a much more dynamic startup than traditional outsourcing. The Provider Manager is responsible for (re) orchestrating this change and the process. He needs to know: how much speed does his organization tolerate?
The cloud is also very seductive for IT-distant areas: Additional or no longer needed resources seem to be just a mouse click away. The provider manager must therefore ensure even closer cooperation with the departments within the framework of requirements management, also to avoid shadow IT.
New control methodologies
The methodology of managing outsourced services is also changing dramatically. For cloud services, it is much more automated than in traditional IT outsourcing. In case of doubt, a provider manager can hardly refer to the direct contact of his supplier and has to develop competences for abstract control and control. Additional loss of transparency threatens when cloud service providers regularly commission subcontractors ("cloud chaining").
Cloud sourcing means an even stronger focus on the service-oriented view in outsourcing. Classic system-oriented views are virtually eliminated, the solution design is the sole responsibility of the cloud service provider. However, the provider manager must at least provide an internal tool with which he can ensure that the requirements are completely internally collected and can be purchased externally.
In addition to knowledge of the market, providers, solutions and trading venues, a provider manager must also build expertise in knowledge of market standards, but also relevant institutions such as associations and their recommendations. Only in this way can he, for example, substantially assess the privacy and security of the solutions offered. Although the dedicated content review will continue to be the responsibility of the company data protection officer and the IT security officer, the fulfillment and certification of the cloud standards will become an essential selection and purchasing criterion for the provider manager. Examples include the Cloud Controls Matrix of the Cloud Security Alliance (CSA), in particular the Cloud Trust Protocol, or the Cloud Computing Key Issues Paper of the Federal Office for Information Security (BSI).
Accompany the cultural change in the organization
Cloud resources dramatically increase the speed of IT: short-term and automated provisioning increases the speed of IT deployment, resulting in a much more dynamic startup than traditional outsourcing. The Provider Manager is responsible for (re) orchestrating this change and the process. He needs to know: how much speed does his organization tolerate?
The cloud is also very seductive for IT-distant areas: Additional or no longer needed resources seem to be just a mouse click away. The provider manager must therefore ensure even closer cooperation with the departments within the framework of requirements management, also to avoid shadow IT.
New control methodologies
The methodology of managing outsourced services is also changing dramatically. For cloud services, it is much more automated than in traditional IT outsourcing. In case of doubt, a provider manager can hardly refer to the direct contact of his supplier and has to develop competences for abstract control and control. Additional loss of transparency threatens when cloud service providers regularly commission subcontractors ("cloud chaining").
Cloud sourcing means an even stronger focus on the service-oriented view in outsourcing. Classic system-oriented views are virtually eliminated, the solution design is the sole responsibility of the cloud service provider. However, the provider manager must at least provide an internal tool with which he can ensure that the requirements are completely internally collected and can be purchased externally.
From the individual partner to the mass customer
With Cloud Services, the "power structure" familiar from classic IT outsourcing is turning around sustainably. Because the services are standardized, so are the rules of the game. The contractual framework, including the standard SLAs, is usually determined by the cloud service provider. Cloud services are designed in principle for the mass business - a provider manager will only in exceptional cases have such a large market power that he can enforce the in-house sourcing contracts.
All the more important is the extension of the toolbox. These include checklists (such as a cloud readiness check) to verify if and to what extent the cloud service provider's contract standards cover the company's own outsourcing contract requirements. Also important is the development and use of a cloud-specific risk monitor.
Cloud services and the new self-service IT understanding of the departments make a central provider management by no means superfluous. On the contrary, anyone who wants to keep a potentially uncontrolled uneconomical and insecure fragmentation of IT at least under control, depends on provider manager. In these stormy times, companies must be able to rely on experienced sourcing advisors as pilots - not least ensuring that the company pursues its intended goal rather than being blown away by the wind of cloud trends.
With Cloud Services, the "power structure" familiar from classic IT outsourcing is turning around sustainably. Because the services are standardized, so are the rules of the game. The contractual framework, including the standard SLAs, is usually determined by the cloud service provider. Cloud services are designed in principle for the mass business - a provider manager will only in exceptional cases have such a large market power that he can enforce the in-house sourcing contracts.
All the more important is the extension of the toolbox. These include checklists (such as a cloud readiness check) to verify if and to what extent the cloud service provider's contract standards cover the company's own outsourcing contract requirements. Also important is the development and use of a cloud-specific risk monitor.
Cloud services and the new self-service IT understanding of the departments make a central provider management by no means superfluous. On the contrary, anyone who wants to keep a potentially uncontrolled uneconomical and insecure fragmentation of IT at least under control, depends on provider manager. In these stormy times, companies must be able to rely on experienced sourcing advisors as pilots - not least ensuring that the company pursues its intended goal rather than being blown away by the wind of cloud trends.
0 Comments