¶ … information technology (it) hope to experience cost-savings as well as a higher level of security. Unfortunately, many of them are disappointed with the experience often due to having hired a consultant (or vendor) who failed to meet their needs. This essay suggests that the credentials of the information security consultant is a crucial element in the hiring process and that specifications should be taken into account before concluding the hiring. The following essay discusses the required characteristics of the vendor or information security consultant and suggests two factors that were omitted in the specifications that would add value to the selection process.
There are six main technical tasks involved in it outsourcing (Rowe *) and the vendor should be a specialist in one or more of them and be able to distinguish between them and know their different requirements. More so, my recommendation is that if the specialist acknowledges a problem to exist in a category that is external to his particular specialization, he should be honest enough to acknowledge that fact and inform the manager of his gap in that specific area. The consultant's expertise should directly match the project's needs, for, by so doing, this increases the quality of the work and reduces the cost. In that manner, therefore, honesty and scrupulousness is a crucial factor.
The consultant should also have a quality reputation. It is difficult for firms to discern whether the vendor is shirking or whether he is performing his duty since problems are apt to result despite the most strenuous endeavors of the consultant. There should, therefore, be open communication between manager and consultant with manager / employer specifying terms of liability and definitions of service quality (Rowe, *)
There is also the possibility of potential theft of propriety information (where the vendor could sell his employer's data to competitors) and post contractual renegotiation (where the vendor may decide to renegotiate price once hired). Finally, the vendor could declare bankruptcy once hired.
Thorough investigation should be undertaken into the vendor's qualifications, experiences, and personal history. The White Paper outlines intentional and unintentional specific threats introduced by vendors who are hired to outsource it systems. Aside from insiders who work independently, employees can, sometimes, associate with vendors to gain recourse to inside information. Amongst the multiple fraudulent schemes that vendors can perpetrate, includes the possibility of accessing the payroll system and manipulating his wages (or that of another payee).
Even if the vendor himself were honest, further character requirements should include professionalism, and punctiliousness with his tasks so that damaging errors, abuse, and misuse are not perpetrated due to sloppiness. An example, here, would be the password falling into the wrong hands due to the vendor's negligence in sufficiently protecting it (White Paper, 2004).
The vendor, also, has to demonstrate concern for his client's objectives; there have been too many cases of vendors being more involved with their own self-interest than that of the agent's, therefore, the manager is recommended to ensure prior to hiring that his goals are compatible with that of the vendor's and that perceptions of the task are alike (Taylor, 2007).
Overconfidence on the vendor's part can also be detrimental resulting in (amongst other factors) a reduction of concern for the work and, subsequently, a decrease in precautions (Hunton, Wright, & Wright, 2007)
Since outsourcing is extremely expensive, Chan and Pollard (2007) refer the manager to countries that, despite being cheaper, still provide quality service. This, however, does not exclude the problem of possible deception and breach of trust and may introduce the added complication of cultural miscommunication.
A further recommendation, therefore, would be excellent communication skills on the part of the vendor since both employer and employee have to benefit from the relationship in order for this risky relationship to be successful. The relationship, given inherent potential for suspicion, is particularly vulnerable to conflict and distrust. For outsourcing arrangements to be successful for both parties, clear negotiation strategies must be entered into and communication to be direct, open and honest on both sides.
You’re 84% through this paper. Sign up to read the full paper.
Sign Up Now — Instant Access Already a member? Log inAlways verify citation format against your institution’s current style guide requirements.