To master an increasingly complex information technology universe, companies and public organizations are turning to multiple suppliers and internal delivery teams. But that strategy creates another risk: loss of control over mission-critical functions.

Public and private sector organizations need cutting-edge technology capabilities to keep costs under control and meet rapidly evolving customer demand for secure digital and mobile services. Presently, 8% of European retail sales and 13% of US retail sales are online, and with mobile broadband penetration topping 80% in OECD countries, functionality delivered through mobile phones and tablets is rising steadily.

Organizations have viewed information technology as a commodity service for the past 20 years—one that could be more effectively provided by specialist firms. But long-term outsourcing contracts have left many tied to legacy technologies and processes that limit their ability to meet customer needs and to increase efficiency.

In response, many are turning away from megadeals and adopting a more flexible multisourced approach, assembling an array of services from best-of-breed suppliers and increasingly from internal delivery teams. In the first nine months of 2015, the number of smaller deals valued at less than $40 million hit record levels, while the number of large IT awards valued at more than $100 million annually fell to its lowest level in a decade.

Managing multiple IT suppliers poses new challenges. For one, there’s no single entity to hold accountable. In the absence of a large vendor, in-house IT departments must oversee and coordinate suppliers—and that’s no easy task. Many organizations will need to bolster inhouse IT skills to get the most from a multisourcing model and to deliver the always-on performance that customers expect. That means having the ability to switch suppliers rapidly and integrate disparate IT services into a unified technology capability that is secure, reliable and agile.

Of course, leadership teams can outsource service integration and management of a multisourced IT environment, but our experience shows that organizations are more successful when they maintain a critical minimum of four core IT capabilities in house: overall architecture and design, operational service management, effective change delivery and proactive vendor management. This critical set of functions gives management teams the necessary combination of control, security and flexibility when multisourcing IT services (see Figure 1).

---

Architecture and design

Multisourcing allows organizations to select the most cost-effective best-of-breed technologies and services, taking into account the organization’s insights about future market developments, including which platform-as--service providers will prevail. A single supplier must understand the integration of the systems under its control; in a multisource world, each supplier provides one piece of a bigger puzzle that is designed centrally. We believe organizations that rely on multiple IT suppliers will perform best if they retain that mission-critical IT architecture and design capability in-house.

• Business intimacy: The architecture’s capabilities and limits must inform business as well as technology decisions. Organizations that are successful in leveraging enterprise-scale digital technology bring business and IT together to co-create multiyear innovation programs, redesigning business processes and architecture jointly. That interaction paves the way for an optimal technology-enabled business transformation.
• Consistent technology strategy: Direct control over IT architecture enables organizations to continually increase modularity and standardization, and transition to an architecture with standard development and security conventions and application programming interfaces. A consistent focus on technology strategy over time allows rapid change at a lower cost.
• Avoiding lock-in: Specialist IT services may offer valuable or unique architectural and design input. To benefit from such services without becoming dependent on a particular supplier, an organization’s IT team must be able to understand and take ownership of the resulting work product.

Operational service management

Operational service management is the capability to oversee operational performance, resolve issues, ensure cybersecurity and manage change. This function often has been included in broad-scope outsourcing agreements. In recent years, some organizations have outsourced operational service management on its own or with other services, including vendor management, as Service Integration and Management (SIAM). However, there are many powerful advantages to retaining this capability internally (see Figure 2).

---

• Flexibility to change: SIAM models aim to accommodate frequent changes in the supplier portfolio while maintaining service oversight and quality. This approach becomes strained, however, as the nature of services provided by those suppliers and the technologies that support operational service management evolve.
• Visibility of performance: Full visibility of performance and the customer experience across the environment, including at a lower level than typically required from tower outsource providers, is valuable when targeting investments and when retendering services; this is particularly critical when changing the boundary of services to be tendered.
• Aligned risk: The risk and liability carried by a SIAM provider will always be limited in proportion to its revenue, which will be small compared with the total value of services integrated. There is consequently a mismatch between a provider’s liability and the potential damages for which that integrator may be responsible, including those arising from integration failures and security breaches.

Project delivery

Delivering complex change requires a coordination of stakeholders, architects, security functions, and internal and external delivery teams to identify customer needs, develop a solution with an acceptable business case, decide on a delivery approach, obtain the required resources, and manage the integration of delivery and handover to operations.

In some circumstances, a third-party delivery partner can provide end-to-end project delivery. But to enable flexible multisourcing, an organization needs an internal delivery capability that will coordinate delivery across multiple suppliers in one or more towers.

• Technical and business knowledge: No supplier has sufficient knowledge of systems, architecture, capabilities and business context to manage complex changes in a multisource environment. Organizations are better positioned to maintain this knowledge in-house by developing long-term relationships with business and IT stakeholders.
• Common delivery methods: Making effective change to IT systems requires a common methodology across all groups involved (whether using an Agile or a waterfall approach). A common delivery method specifies how change will be made and aligns the expectations among all involved. Organizations need skilled internal change leaders to manage effective delivery across IT suppliers and internal groups.
• Vendor independence: By handing off responsibility for delivery, organizations risk becoming dependent on a sole vendor. This can leave the organization unable to accurately assess the requirement for work, leading to scope creep. It also can undermine the organization’s ability to multisource by reducing competitive tension.

Vendor management

Organizations that use a multisourcing model will perform best if they take charge of supplier selection and procurement as well as ongoing vendor management to ensure productive and forward-looking supplier relationships, manage performance, maintain secure supply chains and evolve services over time in line with business requirements.

Some organizations seek to outsource vendor management, often as part of a SIAM function. While this can be appropriate for simple, commoditized goods and services, organizations that have multiple IT suppliers should retain this core capability. Typically, the IT organization sets up a vendor management function to coordinate this work, which is supported by an experienced commercial team.

• Aligned incentives: Vendor requirements evolve over time, and vendors must cooperate with each other. The most effective approach to managing supplier interrelationships is one that is proactive and refreshes contracts on regular basis. That allows IT management teams to take into account the bigger picture in determining what constitutes value for money as the organization’s business strategy and needs evolve. Third-party vendor managers tend to take a more mechanistic approach to fulfilling their obligations, an approach that can result in suboptimal trade-offs.
• Customer and supplier intimacy: The ability of organizations to get the best from a supplier requires insight into the supplier’s organization—how it makes decisions and how individuals are motivated. Similarly, suppliers need to understand the organization’s strategy and goals to generate creative proposals for improvements. Organizations can best build this mutual intimacy by managing vendor relationships directly.
• Continuous evolution: Multisourcing entails a frequently changing “patchwork quilt” of services and suppliers deploying existing and new services to meet business needs. Effective vendor management, embedded in the broader IT organization, ensures the organization has the knowledge and skills to promote innovation from the supplier base and enable service transfer.

Organizations that embrace a multisource IT model need robust in-house technology expertise to manage it effectively. In many cases, that means expanding IT staff. Organizations with large-scale outsourcing contracts have typically aimed to retain 6%–10% of their total IT workforce. They should expect that figure to increase to a minimum of 15%.

A larger IT staff that manages delivery directly and oversees suppliers’ work requires a broader set of in-house skills and creates more opportunities for IT professionals to develop their careers within a single organization.

Given the rapid, ongoing innovation in IT services, the multisource approach to managing IT is likely here to stay. It’s a smarter and more flexible model, with many advantages. But companies and public organizations should understand the inevitable “buck stops here” consequence of multisourcing.

Stephen Phillips is a partner with Bain & Company based in London, and he leads the firm’s Information Technology practice in Europe, the Middle East and Africa. Nigel Cornish is a partner with Bain and based in London. Steve Berez is a Bain partner based in Boston, and he leads the firm’s Information Technology practice in the Americas.

The authors wish to thank and acknowledge Mark Dearnley, chief digital and information officer for HM Revenues & Customs, and Ray Vaughan, managing partner at Lifecycle Sourcing, for their contributions as coauthors of this article.