Started back in 1959 with two guys and a $100 investment, Computer Sciences Corp., better known as CSC, today is one of the world\’s largest IT service providers, with 79,000 people in 76 countries. Russ Owen oversees 19,900 people as president of CSC’s Global Infrastructure Services group. This organization is responsible for the IT infrastructure that supports both outsourcing clients and the company’s internal operations. The Americas employ 9,000 people in that division, Europe has 8,100, Australia has 1,800 and Asia Pacific has 1,000.
Sourcingmag.com caught up with Mr. Owen shortly after he\’d participated in a Gartner outsourcing event, as part of a panel discussing sourcing security and compliance. In a far-ranging conversation, Mr. Owen shared his thinking on hashing out a trusting relationship between client and provider, achieving best practices that work around the globe and what kind of person fits best in the CSC culture. He also provides some practical advice for a middle manager in a bad outsourcing relationship.
At the recent Gartner conference, you brought up the issue of trust between the client and the service provider. I can see that happening at the executive level with people shaking hands and feeling good about one another. But in the trenches it can be a different kind of story. People can withhold information on both sides, there can be resistance around change processes. What kind of advice can you offer to management to make sure that the trust abounds at that level of the relationship as well?
Well, I think that obviously walking the walk is important. If the leaders walk that path and are visibly seen to be supporting that kind of an operating model, then their people by and large will follow suit.
There is a belief that if we get more lawyers and we get more consultants in here, then we will just construct the proper airtight contract. The fact of the matter is that for most Fortune 500 companies, their business models change every year, their business demands change every year, and nobody is brilliant enough to think of everything. So you have to assume that you\’re living in an environment of change.
I think that the most successful relationships I have dealt with, the principals from our company and the principals from the client side really have a clear view of the underpinning principles on which our relationship is based — the things that really created that win/win value proposition that made it a good deal for them and a good deal for us. After a few cycles, when the lower levels of your company escalate to you some kind of an issue, if they consistently see you interpret it around, ÒWhat was the intent of our relationship? I don\’t care if we have the client over the barrel with a contract — the intent of our relationship was to do this and we are going to honor this…Ó — there are only a few cycles of that and it starts to set the tone for that behavior. That applies at all levels in the company.
I find that you get back more than you give away if you\’re open and you find that win/win relationship at all levels and you recognize that no contract vehicle or SLA is perfect. You\’re there to do things that are mutually beneficial for each other.
I have typically, in the accounts I have run, had town hall meetings explaining the relationship to my employees. I have invited customers to that. We have had many joint working sessions — a spirit of openness where your customer CIO invites your people to his meetings as members of his staff and you do the same on your side. These are the things that really drive it down to the organization.
About a year ago, GM\’s IT chief, Ralph Szygenda, made some headlines when he spoke about standardizing common processes — especially among outsourcing venders — because they tend to be kind of routine, yet companies pay over and over again to get those designed and set up and implemented every time a new vender comes in the door. Has anything happened across venders in that time to address the issues that he brought up?
…Obviously if you\’re General Motors and you would like to put all your stuff out for bids and this is the lowest bidder you\’re looking for, you want the whole world to conform to your standards.
But the world is in the process of differentiating itself. If you look at basic ideal standards in Europe or many of the comparable standards in the US, good configuration management practice, good systems engineering, good operation practices are by and large at or above the standard best practice at most of the outsourcing companies. I think what you try to do though is have things to differentiate yourself.
We try to be more customer intimate. We try to have a better global operating model able to operate across the 76 countries we work in and provide a tailored customer experience across that space. Other companies focus on being multi national and they say, ÒWell, our heritage really is to provide the best Swedish service in Sweden and maybe a different best UK service in the UK.Ó There are a lot of nuances to that.
…We are seldom in a relationship all by ourselves, and frequently we have strange bedfellows. I\’m a subcontractor to IBM on some contracts and they are a subcontractor to us on others. Typically, it\’s gentlemanly conversation between us about whose standards and whose processes we are going to use and how we are going to run that account. More often than not, it follows either which of us is prime [vendor] or which one the customer would really prefer that we use, and we work well together in a flexible way. We all have our own view of what is best practice beyond just the basic standards. We would prefer not to be commoditized to the point where we\’re bought like carrots in the grocery store.
Let\’s talk about best practices globally then. Can you give me an example of some best practice that you have seen implemented across CSC around the world or as close to around the world as possible.
Fundamentally, our service model represents a layered series of best practices that ensure consistent high quality operations around the world. It\’s things as fundamental as how you do change control and configuration management. How you do escalation and notification. What your production operational procedures are. Do all your data centers run the same way? Do you do your production monitoring automation in the same way? Those are kind of the fundamental layers.
You then go up a level to security and we use the best practices developed here in the US around the world and implement what we call a defense-in-depth security strategy where the ability to scan and diagnose an infrastructure for weaknesses in passwords or in configuration settings in networks and identify vulnerabilities is pretty uniform around the world. We can scan sweep each area. We have the next layer of password standards and policies and procedures. We have intrusion detection and compliance monitoring on certain areas of the infrastructure or in its entirety. So you have a nice layered security that says if there is a human error at any level, the next level is more likely than not to catch that so that it\’s still secure. You can roll that out globally and that is a really good best practice. Many companies do not do that.
Where the local tailoring comes in is, for example in Europe, there are employee privacy laws that are much more stringent than they are in the US. So you can still go out and scan and monitor and make sure that things are in sync, but if you\’re dealing with employee personnel data, you have to keep that segregated in the UK or Europe. In the US you can keep it safe as a whole.
There are different nuances in legislation. The US has Sarbanes-Oxley. Europe does not have a comparable standard, although they follow good accounting practices of their own. You need to layer those nuances on top of a common foundation.
I think it\’s just too hard for a company like ours to keep 76 different foundations. We have to have best practices where it makes sense, spread out globally. It gives a level of comfort to the large clients that we have, where if they call our help desk in Sydney, they want to get the same sort of response around, say, their email problem that they would if they called the office in the US — and not have somebody say, ÒLet me forward you to somebody in another time zone.Ó We do a lot of work to make sure that the knowledge bases in our help desks, the security policies and practices — if there are different ways that the client needs to be treated around the world — that those are shared through our knowledge management system. When our employees interact with them, they interact with them in an intimate way. To me, those are the softer skills that you layer on top of the fundamental infrastructure.
InfoSys and TCS announced record revenue, but they also kind of expect their business to go flat over the next fiscal year. Do you see a certain paralysis among American executives because of compliance issues, data privacy issues that are holding them off from hiring India-based service providers right now?
…For a lot of offshoring, it\’s human nature to come up with the next reason why that shouldn\’t be done. The truth of the matter is, I tell my guys that we need to be excellent at this. We operate in 76 countries. We are all one team. We need to find the most efficient and effective places to do things and continue to do that to keep our companies strong, and I remind them that there is not a single case in recorded history where a country or a company really excelled by adopting a protectionist policy. You just need to recognize that this is part of a free market and it\’s a part of the current state of business. We all need to embrace it.
In my view, if you have good standard practices and policies, the security and compliance issues are not issues. You can demonstrate to your clients and your employees alike that you can provide an adequate state of protection. To me, if the rate of change and the rate of movement is handled carefully and you have good resourcing processes that move employees to work in their country, that is more germane to what has to be done there and let the generic stuff flow to where it can be done most effectively. As long as you\’re treating your employees well through that process, there is usually not a lot of resistance.
I think that is a bit of a red herring to say, ÒBecause of Sarbanes-Oxley, I can\’t do work in India.Ó I can\’t make that connection because the same global processes that I do work with in Newark, Delaware, are the same ones that I\’ve applied in my operation in India. And I have several thousand employees out there operating in that same way. If you tested my security around the globe, you should find a consistent level of compliance.
Deloitte Consulting published a report titled ÒCalling a Change in the Outsourcing MarketÓ and it was kind of a wake up call. They called into question cost structure. They called into question how much trust you can put into your vender relationship… How do you as one of the biggest service providers respond to that?
The answer to me is simple. Check our references. They are not talking about us, by and large. But everybody has a business agenda and I think that if you\’re in a mode where you make money by causing renegotiations, then you would encourage renegotiation. If you\’re in a business model that makes money by fear and causing audits, then you would issue things to encourage audits, right? We are in the business of formulating and making successful partnerships with our clients, and we are just going to continue to focus on that. I think that most of the horror stories — and you can read about them every day in the press — if you do a real diagnostic on those relationships, it\’s not to hard to figure out where they broke down. I have a favorite saying I use in all the conferences I go to because I believe this in my heart: These are marriages. They are not contracts. Unless both parties are maintaining the relationship and constantly challenging each other and constantly looking for ways to make sure you\’re mutually successful, they don\’t survive.
So my company has signed the contract with CSC. You guys are managing the IT systems now and we stumble across something where all of a sudden CSC is not managing 13 payroll systems for us but maybe 27 of them. How do I as the client renegotiate the arrangement or get this mess mopped up? What do I do?
Well, if we start out trying to screw each other, we will get that result. You know, typically, we will say things like, ÒHey, come on. We are going through this compliance audit. This is our methodology.Ó And we discover together that there is a mess of payroll systems. More often then not, the additional ones that are found — that is kind of a trite example — but more often than not, the additional ones that have been found it\’s easier to stay Sarbanes-compliant by rationalizing them into the way you thought you were doing it and eliminating all those excess systems than it is to bring them all up to compliance. Typically, you just work through that with your client and you say, ÒAll right. This is normal. Now we can go through it.Ó You work through the normal terms of your contract. As long as you try in principle to honor your agreement and keep each other whole, I have never seen that be a serious issue with a client.
Let\’s talk about IT professionals. CSC acquires a lot of people along the way. What skills or experiences or qualities do IT professionals in the US need to succeed in a service provider kind of environment vs. an internal IT organization?
Well, I think that in some ways, my people have to be the best of the best because they are constantly judged by the internal IT organizations, and so I look for active learners. I look for a broad base of experience and education that can be applied from business to business. If you think about, say, the kind of IT professional that would grow up in the aerospace or automotive or chemical industry, they tend to be largely focused around that dimension. If they are an active learner when they come into us, then they find those cross-pollination opportunities where they say, ÒWell, there is a unique combination of something I used to do in my chemical company and I used to do in my aerospace company that makes something magic happen in an automotive company.Ó That is really the kind of fuel that we need to feed off of each other — to exchange best practices and to learn something from every client population we bring into CSC and try to share with our clients and keep ourselves ahead of the game.
We use an active learning process where, when employees come in, they register their skills in one of our systems and we have a competency matrix that walks down many levels of things you might know how to do or industries you might have experience with. And we have role lexicons that match the different roles we have in our company that can identify gaps. Employees get individual training programs to fill the gaps if they\’re headed in that direction. We also use that system to resource requirements by drawing on our skill base. For example, an employee we might have gotten from DuPont might have prior experience with a defense company that we didn\’t know about, but we find that in the database when we had a defense problem with another company and it could connect this up.
We look for general and broad skills. We probably acquire or outsource more than half of our current base, so they typically come to us with a level of maturity and experience that is rich. When you add in the college hires with the newer technologies and the younger blood and the new aggressive faces, it forms a nice mix of skill and experience that we find is relatively easy to shape over time as you mix these employees around between clients.
When a project has ended with a particular client, what happens to those workers? Are they on their own to find a new project that CSC has going or does CSC somehow place them? How does it manage its work force?
It\’s a balance, really. We believe in individual initiative of employees and so we encourage them to look for new assignments across the company, so that is kind of the pull part of the system. But we operate in a matrix environment for exactly the business problem that you specified, I run the global horizontal for infrastructure services, so all of the people that work in architectural engineering, data center management, networks, mainframe midrange, desktop, etc., work for me on all of the accounts. An account can be either a specific outsourcing client or a project. When they become available, the person who is managing that project is not their father, if you will. It\’s my job around the horizontal part of the matrix. When one of the vertical parts is finishing up the assignment, I find assignments for those people in other places to the best of my ability. Also, people who might be bored in a current assignment or who might be looking for new challenges can use the pull system to move across. In some other parts of our business, in our federal business, for example, sometimes the employees go with the work. If we finish up a job and Lockheed Martin picks that job up next, frequently the employees go to work for Lockheed Martin. So it\’s a mixed business model.
Are there qualities you see in people where, if they\’re moving into a service provider, from the internal organization, they\’re going to succeed vs. someone who isn\’t going to succeed?
Yes. Generally, in our companies if the employees are energetic, if they are active learners and well motivated, usually about half of them are mobile, about half of them would prefer to stay in their geographic area. Those are people who just reach out and take CSC for all it\’s worth, and they do well in our company. People who are used to a caste system, where they are progressed slowly through the ranks and the company plots their next move and the company works on their next piece of training and their next assignment, and they don\’t play an active role in that, they are typically a little bit lost in a company like CSC. We have hundreds of clients in 76 countries around the world and an active mix of our people; and it really requires, in our company, those people taking an active interest in their career development and their training. Our system responds well to their own interests and their own steerage. If it\’s a company that is used to a hierarchal caste system, then typically those employees don\’t do well in our company.
Does one continent do a better job of dealing with personnel issues?
I would say that they are different. I don\’t know if they are better in one area or another. When you get into the European community, you have works councils and other social issues with local governments and labor unions and things that are different sets of processes where employees have different levels of entitlement and rights in their companies that must be honored, where the US has more of an employment-at-will policy. The employees are mobile and able to jump jobs and more willing to move from town to town perhaps than most of the European community. The vast geographic distance tends to take you to localized cultural differences with different communities and countries. There are a lot of differences that need to be accounted for. I wouldn\’t say any one area does them better than another; they are just different.
You have garnered some recognition for pushing the hiring and employment of people with disabilities. Is there much of an emphasis on that among employers in other countries that you have seen — particularly in India and China?
I feel strongly about it. I think countries take different views depending on their own evolution and the social structures they have. I think that the most enlightened manager realizes that people with disabilities are looking for the right to be hired and fired just like everybody else. They don\’t necessarily want to be taken care of.
…I think North America and Europe are pretty enlightened in those areas. We have a good program going in Canada right. We have some in Australia as well. The Asian countries, I haven\’t seen as much of a push on that… There are more uptakes I think in the Americas and Europe than there are in other parts of the world right now.
If you had one piece of advice for a mid-level manager who is facing the challenges of reworking what is turning out to be a bad relationship with a vender, what would it be?
The diagnostic I always think of is to go back to the principles of the relationship you had to begin with…. There is a professor at Boston University named John Henderson who has published some works around this and I really like his stuff. [The problems are] more often than not around the misalignment of expectations. You can be looking at your vender as a supplier, and you\’re just interested in getting the best price. If your vender thinks he\’s in a partnership, he\’s irritated about you treating him like a commodity supplier. If you and your vender both have the understanding that the basic principle of your relationship is a commodity relationship, nobody gets offended and it works.
So I find that when you diagnose an outsourcing relationship, within that outsourcing relationship you have different levels of human relationships. You might have a commodity, or what John calls a market exchange relationship at the desktop services level, but you have sort of a partner/trusted business adviser relationship at the consulting or the applications level. As long as your teams are well aligned in what kind of relationship they share, they seem to work well.
Most of the relationships where I have seen that have broken down badly, one party is trying to screw the other, which would sort of imply that people came to work to do a bad job. I don\’t believe that normally happens. Or they have the misalignment of those expectations. And I do encourage them to seek third-party help from even a non-related industry.
Frequently when we have tried to diagnose problems in our client relationships, we will pick an executive from our company that has nothing to do with that particular relationship and we\’ll ask our client to pick someone from outside the IT space as well. We\’ll do this simple diagnostic where [they] look at, ÒAre you guys aligned? Do you believe you\’re in a partnership? Do you believe this is market exchange? What were you looking for? What were the principles? How far have we gotten off the path?Ó
Usually, if you help both of your teams realign what the basic principles of the relationship were and [examine] your expectations at all levels in how you deal with each other and what you\’re looking for, that is where you find the problem. And when you realign, then people start to turn the relationship around.
CSC\’s portal for IT Infrastructure Outsourcing