Moving Internal IT from IT Provider to an IT Broker – What it Might Take to Be Successful in the Near Future

By Dr. Jan Hachenberger

Before I started working for KPMG, I was employed by one of the world’s leading mail and logistics service providers. One of my roles was to supervise the translation of business context-driven process requirements into technical requirements for the POS system used in the retail outlets operated by my company or third party service partners. The recipient of the technical requirements was the IT department, which was then responsible for making the necessary changes in the programming of the POS system. This may sound strange for some, yet, it is a solid truth: Business and IT do not use the same language. For those people working as the interface to IT, speaking “business” and “IT” is daily business. And what’s even worse, that the language barrier is not the only problem you face. In my case, I always had the impression that business and IT have different agendas and even follow different strategies. For reasons of internal escalation, I sometimes used the term “opposite” instead of “different.” 

Opposite or Different?

The following is an example of conversations I had on a regular basis:

Me, calling the IT on a Monday morning: “Hi. We have an urgent request to change the F1 help text in transaction 1750, on the second screen, first line. I will send the change request within the next few minutes. Could you please prioritize accordingly?”

IT’s response: “Well, you know that we are patching our system today. We have also established a new quality assurance policy, which means we have to test how the change of the F1 help text impacts the overall performance of our POS system and, due to a lack of programming resources; we have limited the number of production roll outs to one per month. In all, the earliest date for implementation of your change request will be 3 months from now. Sorry, this is the internal IT policy. What we can do real quick, is to provide you with an estimate on the cost for the change request. You will have this information latest end of this week, but consider that even a minor change request comes at a minimum of $20.000.”

I should mention what the business department reaction was, not after this specific incident but after several attempts, including escalation meetings between the heads of the business departments and the head of IT, to speed things up, to lower cost for a change request and to improve on IT service quality overall. The business department decided to go forward with a new POS system developed by an external IT service provider. Some people in the IT department were no longer needed and fired. With reduced staff, internal IT slowed down, heating up the discussion on the benefits of having an internal IT. A vicious cycle…

Sure, many organizations are trying to cut down on IT costs and I hope it is not due to failure in the performance of the IT department. But IT is not a free ride, it costs money. According to a benchmark study of Gartner companies, the companies invest on average 3.3 percent of their revenue in IT.

Figure 1: IT Spending

The effect of cutting down on IT spending may lead to a self-fulfilling prophecy. Budget cut, less performance, budget cut, less performance – final result: IT is dead!

Reality may leave one with the impression that everything is “cozy.” After all, IT budgets are growing. Yet, that growth (approx. 3 percent per year) is too low to solve all the problems. Consider the increase in IT staff income, agility necessary for business requirements, shorter IT lifecycles and preparing companies to deal with new IT trends, e.g. cloud computing, consumerization of IT, and big data (see Figure 2). It is a drop in the ocean …

Figure 2: Conflicts between business and IT

Internal vs. External

So what is the way out of this dilemma? Does it need a paradigm shift? There is surely a way out or better a game-changing “exit” strategy. One of the major trends over the last 5 years is outsourcing of non-core business processes. Ask companies about their main objective for outsourcing IT and you may receive the universal answer: “Overcoming obstacles with internal IT,” like:

  • Slow reaction rate (e.g. due to lengthy decision and approval processes)
  • Resource constraints (e.g. due to a capped or reduced personnel budget)
  • Contingency risk (e.g. due to a lack of learning from the effects of a small number of complex IT incidents per year)
  • Low purchasing power (e.g. due to stagnating or decreasing demand for new hard- and software)

On the other hand, IT outsourcing has its own risks. Companies that outsource IT may face:

  • Increasing dependencies (e.g. due to a single IT service provider strategy, loss of internal skills)
  • Decreasing managerial and operational control (e.g. due to a lack of transparency, lack of alignment with the company’s standards and mission)

Therefore, companies need to align the level of IT outsourcing to their specific requirements, perhaps starting with an outsourced IT service such as the helpdesk, expanding to IT operations such as server administration and IT asset management and ending with full IT outsourcing (see figure 3). With full IT outsourcing, the IT service provider defines his own IT strategy and architecture and the company only “consumes” the external IT services and solutions.

Figure 3: Fields of Action

Internal and External

If IT outsourcing is being used, what happens with the internal IT department? The internal IT department must reinvent itself and find new ways to create value for the company. One, if not the only, option for the survival of the IT department is changing its role – at least for IT services where the use of external providers comes at lower cost and/or better performance – from IT provider to IT broker. IT knows and speaks IT, so why not use the expertise of people working in the IT department to:

  • Evaluate and compare the cost and performance of internal IT services vs. IT services provided by a third party
  • Select the best IT service providers for IT services that are better provided by a third party
  • Organize and supervise the IT outsourcing process
  • Monitor the adherence to service level agreements

The concept of using an optimal mix of internal and external IT services sounds simple in theory, but the transition will not be easy.


Being an IT broker requires less personnel then being an IT provider.

Looking at the ITIL application life­cycle (see figure 4), IT outsourcing could aim for transferring the responsibility of the costly processes of design, build, deploy, operate, optimize and retirement to external IT service providers. This would leave the IT department with the less costly tasks of translating business requirements to IT requirements, evaluating the design of IT services and procuring IT services delivered by the external IT service provider – assuming that these tasks are the responsibility of the internal IT. When IT outsourcing reaches a level of 100 percent (divisional level), the need for an internal IT service provider tends to zero. And even with limited outsourcing of specific IT services, internal IT will face cut backs. This is inevitable.

Figure 4: Application Lifecycle in an Outsourcing Scenario

Being an IT broker requires different skills then being an IT provider.

Telling IT staff that less personnel is required will not necessarily motivate people to train for their new role as IT broker. However, training is necessary. The IT department should have profound IT knowledge, yet, most likely they have only limited experience in managing external IT service providers. Therefore, the IT department must:

  • Invest in vendor management skills using an evolving approach as vendor management methods become more sophisticated over time
  • Reach out to counterparts in the organization, e.g. marketing, sales, and operations, to ensure that a consistent vendor management approach is adopted (see figure 5)
  • Assign and define roles and responsibilities to address ownership and prevent overlaps with other departments, e.g. procurement

Assess short- and long-term financial, operational and compliance risk in the vendor portfolio to avoid risks due to a vendor’s financial, business continuity and/or performance failures

Figure 5: Vendor management lifecycle

Having the right people with the right skills for IT outsourcing should not be a game of chance. Rather, it should be a strategic approach, generating the expected cost savings and supporting business agility as well as mitigating the risks resulting from dependencies and decreasing control.

About the Author