Client - Vendor Understanding And Overview Before Moving

1. www.zietasolutions.in (Copyright Right's Reserved)

3. Outsourcing lifecycle

4. IT/ITES outsourcing risks

5. Key control considerations – client operations

6. Key control considerations – service provider operations

7. Top 10 questions CAE should askWhat This Guide Covers www.zietasolutions.in (Copyright Right's Reserved)

9. Infrastructure management.

10. Help desk services.

11. Independent testing and validation services.

12. Data center management.

13. Systems integration.

14. R&D services.

15. Managed security services.Major types of IT outsourcing www.zietasolutions.in (Copyright Right's Reserved)

16. Each successful initiative begins with a careful consideration of the business case, which specifies the investment schedule and the expected business benefits, In terms of cost reduction and maximized work efficiency over sixto twelve-months period. A well-constructed business case also indicates how identified benefits are to be accomplished through a careful alignment of vendor selection, an established transition and process improvement approach, and the use of risk and security solutions. This slide shows a typical IT/ITES Outsourcing Life cycle, which includes alignment, feasibility, transaction, transition, optimization/transformation, and termination/renegotiation phases. Outsourcing lifecycle www.zietasolutions.in (Copyright Right's Reserved)

17. Here is some examples of risks related IT Outsourcing. IT Outsourcing Risks www.zietasolutions.in (Copyright Right's Reserved)

19. Set up a monitoring mechanism

20. Manage changes in IT projects and services across complex portfolios.

21. Establish direct and visible accountability for IT performance.

22. Define specific ownership of key contract terms.

23. Define well-integrated IT management processes for the client and service provider.Key Control Considerations – Client Operations www.zietasolutions.in (Copyright Right's Reserved)

25. Data protection, privacy, and intellectual property

26. Price protections

27. Third-party assignments

28. Ownership of assets used or created by partnership

29. Conflicts among different legal systems

30. Contingency planning and change management

31. Notice of adverse material impacts

32. Right to audit - TerminationKey Control Considerations – Client Operations www.zietasolutions.in (Copyright Right's Reserved)

34. Getting quick returns on investment.

35. Establishing the culture.

37. Transforming the business.

38. Reassessing the relationship.

39. Delivering the business case – realizing the benefits.Key Control Considerations – Client Operations www.zietasolutions.in (Copyright Right's Reserved)

41. Security considerations

42. Data protection risks

43. Security - network, physical, environment, personal and logical access

44. Business continuity

45. SDLC controls

46. Change management controls

47. HR policies and proceduresKey Control Considerations – Service Provider Operations www.zietasolutions.in (Copyright Right's Reserved)

48. Are the services outsourced significant to the client? Does the client have a well-defined outsourcing strategy? What is the governance structure relating to outsourced operations? Are roles and responsibilities clearly defined? Was a detailed risk analysis performed at the time of outsourcing, and is a regular risk analysis being done? Do formal contracts or SLAs exist for the outsourced activities? Top 10 questions CAE should ask www.zietasolutions.in (Copyright Right's Reserved)

49. Does the SLA clearly define KPIs for monitoring vendor performance? How is compliance with the contract or SLA monitored? What is the mechanism used to address noncompliance with the SLA? Are the responsibilities of the ownership of data, system, communication system, operating system, utility software, and application software clearly defined and agreed upon with the service provider? What is the process of gaining assurance on the operating effectiveness of the internal controls at the service provider’s end? Top 10 questions CAE should ask www.zietasolutions.in (Copyright Right's Reserved)