Technological solutions for corrections: develop or purchase?
This is quite a dilemma for many correctional agencies: once decided that something needs to happen to modernise the current IT systems, it comes the discussion of whether to invest in custom-made solutions or to look into the acquisition and implementation of existing commercial solutions, and, consequently, what kind of activities such as hosting, maintenance or even development could be done in-house or that needs to be outsourced.
While there are many arguments and guidelines that could help to make the best decision, many of them are mainly focussing only on the quality and result of the potential solution, or on the product outcome.
Only a few hits take into consideration the organisational context and the constraints that will determine the success of such a digital transformation project, and that should have an impact on the choices to make.
In this article I would like to look into two of the most used ‘make or buy’ and ‘sourcing’ arguments: where the 80/20 rule mainly focusses on delivered functionality in relation to the organisation’s needs, the second argument is more related to the costs related to organisation-wide IT projects.
I will try to relate them to the context of correctional agencies based on my experiences, being them directly or indirectly involved in offender management implementation projects, in different countries.
The 80/20 rule
The 80/20 rule is probably the most popular guideline used by many organisations when considering the acquisition of a commercial off-the-shelf (COTS) software solution.
According to this rule, if you can’t find a product that satisfies at least 80% of your requirements, you’re likely to end up with a solution that falls short. Even if you do find an 80% solution, you may find that you don’t want to sacrifice the remaining 20% of your needs.
This argument is based on two major assumptions: the first one is that the organisation not only has a clear and detailed view on all today’s business requirements but also has a good insight in capabilities of modern technology and potential process improvements that can be reached by implementing them.
Without going too deeply into the process of translating business requirements into both software and technical requirements, it’s very important to realise this is a very complex and resource-consuming task.
This becomes even more difficult for those organisations that have no view on the maturity of either their business processes or on the ability to identify the causes of weaknesses in their process workflows that, if addressed, could reduce costs and increase operating efficiency.
My experience is that many correctional organisations are in this situation and don’t have the experience, the time or the resources to work on this. Therefore, starting from standard correctional processes’ descriptions and existing, proven solutions that already contain the functionality to support those can save such organisations a lot of time, money and distress.
Existing solutions often contain approaches and functionalities that one single organisation would have never thought about, and active user-communities supporting the future development of COTS solutions can drive new and innovative developments that could be beneficial for all users.
This brings us to the second assumption that the 80/20 rule is based on: a COTS solution could not easily be modified or extended towards the agencies’ specific needs, to cover that 20%. Although we believe that there are exceptions, a modern and mature COTS solution can support modifications and the level of customisation that is needed to fit the organisational needs.
The tricky aspect in this, however, is to make a distinction between real needs (based on specific organisational or legal requirements) and modifications based on the “that’s the way we’ve always done it” discourse.
An important rule when implementing a COTS project will always be to limit customisations to what’s absolutely necessary. Given this, it’s important to realise that any successful enterprise IT project will always be a business transformation one, where change needs to be embraced and managed.
The perception of the different way a software handles a certain process can be sometimes overwhelming and requires specific guidance to avoid early resistance. As in all IT projects, the management of change, during COTS implementations, shall include guidance to transform the existing ways of working, and it also requires support from the entire organisation.
Obviously, for every organisation – for some use cases – the existing product needs to be customised or extended. This is normal and needs to be considered. Therefore, the choice of a good COTS solution can not only be determined by its functionality, but also by its maturity and capabilities. An underlying application architecture that supports modularity, parametrisation and integration, based on the state-of-the-art technology and up-to-date software components is needed.
Although those qualities are not always easy to measure during a tendering procedure, the definition of some fundamental architectural requirements can help with the evaluation of the product’s capabilities to handle customisation without impacting the future or inducing unpredictable costs.
One of the interesting questions is to what extent the solution can be tailored and extended by internal human resources with no specific programming skills.
Whereas the 80/20 rule mainly refers to the functional challenges, there’s another crucial decisive argument in this discussion: the cost.
The development of a business case for the investments in technological projects needs to include a comparison of both the costs related to developing a tailored solution and those related to work with an existing solution. To compare costs accurately, all aspects must be considered, including those related to producing and implementing the solution.
In regard to custom development, even if the development itself would be outsourced, a business case must include the expenses related to in-house activities such as staff-involvement for business analysis, testing, project management, training, migration, and so on. Although such efforts are needed for implementing any kind of solution, starting from existing solutions will substantially reduce costs.
Implementing new technology takes a huge bite of an agency’s budget. The development of a well-argued business case is needed to convince management to make such an investment. Pointing only to the risks related to keeping the existing environment alive is often not enough to convince them.
Even preaching major business improvements would not always be considered valuable enough to prioritise investments in technology up to using the continuous shrinking budgets to tackle other fundamental problems. The purchase of a COTS solution is often even more difficult to motivate, as the costs of such a project are perceived as being much higher than the costs of a custom development trajectory.
The biggest challenge is to include the total cost of using and maintaining an IT investment over time (TCO) in the business case. If the intention is to acquire a solution that will be able to serve the agency for a period of ten or more years, this calculation is crucial and should include not only the direct technological investments, but also the indirect costs of keeping it up-to-date with technology, adaptable for future business changes, and secure the availability of knowledge and skills.
From a pure budgetary point of view, it’s very difficult to tell which choice (COTS or custom) would be the most beneficial for a given organisation, but any estimation should include the advantages that a COTS roadmap, R&D investments, an active user group, and consequent upgrade and release strategy have in comparison to the effort of keeping any custom-built solution up to date and “future-proof”.
Before an agency engages in a large-scale IT project comes a period of analysing, studying, and making difficult choices. The capability and readiness of any organisation to take the next step into digital transformation have been the topic of many blogs, articles, and research.
In this brief article, I have tried to share some ideas and insights related to one important question: is it better to buy an existing solution, or to invest in the development of something tailored to specific needs?
There is no simple answer. It will depend on many factors, being the capability and maturity of the organisation two of the most important.
A considerable focus on system functionality and technical performance is needed – what do you want to build and implement – as well as on project management and making the right approach towards implementation – how do you want to do it – when preparing such a project.
Besides, the choice will depend mainly on the investment’s costs in relation to the business value you want to bring. It is important to consider that those investments will not end at the point of purchase or ‘go-live’, and much consideration needs to be given to the long-term viability of the solution.
In my opinion, the advantages of building something from scratch, tailored to one specific correctional agency, in most cases do not outweigh the benefits of implementing a modern COTS solution. Purchasing such an all-in-one package, however, should not be used as a standard excuse to bypass the requirements’ phase.
Furthermore, correctional agencies should evaluate all the various options offered by vendors, for that it is to understand what business needs should be met, and what outcomes are expected. Taking time for this will also create the golden opportunity to take a step back and question the current way of doing things.
This process could also allow the agency to start a dialogue with the vendor community and their user groups to modify, improve or extend their solutions so they’ll be better adapted to both today’s and future needs.
Steven Van De Steene is an enterprise architect and technology for corrections expert. He works as a consultant in the area of innovation and technology strategy for prisons and probation services and is the coordinator of the Technology Solutions Group for the International Prisons and Corrections Association (ICPA).