| A Leading Chemical Manufacturing Firm |
Fortune 100 Chemical & Materials Industry
Suppliers: A Global tier 1 supplier in the Philippines, another global tier 1 in the US, and a tier 1 Indian supplier in India
Scope of service: Review, recommend and revise the offshore policy, standards, processes and procedures are appropriate for increased IT offshore outsourcing of applications. Phase two of the engagement required due diligence to assess existing offshore operations. |
|
Background
Our client is the largest chemical and materials company in the world. Today, they deliver science-based solutions that make real differences in people's lives around the world in areas such as food and nutrition, health care, apparel, safety and security, construction, electronics and transportation. Sustainable solutions essential to a better, safer, healthier life for people everywhere. Operating in more than 70 countries, our client offers a wide range of innovative products and services for markets including agriculture, nutrition, electronics, communications, safety and protection, home and construction, transportation and apparel.
Our client's information security unit (ISO) was created in 1998 by the merger of computer security and proprietary information protection groups.
Business Challenge
To improve IT service cost productivity, our client began to transition applications development and maintenance to lower cost centers in Spain, India and the Philippines. Our client's goal was to source approximately 50% of its applications development and maintenance services from offshore centers within 3 years. During the transition process, our client began to have concerns over the current ISO policies, standards, processes and procedures.
Thru the ISO unit, our client had established policies and procedures for security related issues. While this policy was adequate for internal activities, the policy had not been designed to apply to non-internal environments. There was a perceived increase in risk when applying the same policies to offshore centers located in the lower cost countries. These increased risks may have resulted in exposure to significant financial losses.
In order to continue at the current business pace, our client looked outside the company for expertise and guidance as they reviewed and refined the ISO policy, standards, processes and procedures to manage offshore risks appropriately.
Solution
Neo Advisory identified the gaps in the existing policy and drafted a best-in-class globally integrated policy as defined by international standards, BS7799, ISO 17799 and CoBIT, and current practices by large global and Indian tier-1 suppliers. Once the policy was in place, neoIT also assisted in operational compliance audits for the existing operations. The process used for these activities included:
|
 |
Assess the current ISO policy, procedure and guidelines with functional areas including data access, data protection, business continuity, compliance, auditing, application security, software development security, network, e-mail, personnel, physical, environment, incident, anti-virus and notebook/desktop. |
|
Execute gap analysis and benchmarking of existing policy with best in class examples based on nearshore, offshore and local delivery models. |
|
Define and implement best practices revisions suitable for all functional areas in both internal and external environments. |
|
Develop a roadmap and supporting tools for implementation (in addition to cost analysis for the implementation). Supporting tools included the sourcing selection approach, process and questionnaire for offshore due-diligence (security specifications template for suppliers, risk evaluation tool, supplier assessment questionnaire, operational compliance audit). |
|
Assess existing operations of the service provides in the geographics from where they provide services. |
|
Results
As a result of Neo Advisory's involvement in the ISO initiative, our client has been able to successfully source approximately 50% of its applications development and maintenance services from offshore centers within 3 years. They have been able to accomplish this without risk to financial loss. In fact, as a result of their offshore initiatives, our client has saved 35%.
In addition to these exceptional achievements, our client was able to create a globally integrated, best-in-class security policy; identify an evolution path for future policy updates; define a sourcing selection approach; enhance productivity in existing operations; and implement plans for a best-in-class global sourcing strategy. |
|
Services 
