1. What do we understand by Sourcing Strategy?

Please comment on the
Sourcing Strategy of DFID.


Sourcing Strategy

a) Systematic approach for optimizing an organization’s supply base and improving the overall
value proposition
b) Focused on total cost of ownership
c) Incorporates all customer needs and market conditions
d) Getting the best product/services at best value
e) A continuous process

Advantages of a Sourcing Strategy

a) Cost saving approach
b) Improve operational efficiency
c) Increase quality
d) Create partnership with suppliers
e) Access to new suppliers
f) Leverage entire organization’s spend

Sourcing Strategy of DFID

a) Focused to deliver lower costs while ensuring to meet DFID’s ICT needs
b) More in-house R&D to come up with inherent solutions and options
c) Strengthening supplier management to increase capability to adopt more commodity services
d) Continue to use Govt. framework contracts
e) All procurement to be done through BSD.

2. What is an IT Risk Mitigation Strategy? What is the IT Risk Mitigation
Strategy of DFID? Are there any risks which have been ignored or
downplayed in the case of DFID?


IT risk management strategy is the application of risk management methods to Information
technology in order to manage IT risks.

Risk Mitigation Strategy of DFID

CIO is Deputy SIRO d) DFID's Information Security Management System is independently certified as compliant with ISO 27001 and will be maintained to this standard. to ensure risks to information is managed. Professionals have not accepted the ‘agile way’.All Information technology risks are identified and managed by Business Solution Department (BSD) a) All systems developed and operated in accordance with HMG information assurance strategy. e) The Change Agreement Board(CAB) approves the deployment of all systems into the live environment. this can be a risky strategy going forward and hence needs to be mitigated appropriately . b) The Board ensures that projects produce a robust Business Case including a cost benefit analysis. c) A separate governance structure for information assurance DG for corporate governance is Senior Information Risk Owner (SIRO). Many projects turn up unsuccessful because of the lack of Change management training and processes b) Agile methodology is a tried and tested way of software development but its usage in the real life projects are still in doubt. Risks Downplayed by DFID a) New technology implementation and the change in business practices are one of the most risky areas in IT. whilst managing the Programme level Risks and Issues. Its role is to ensure that the business is ready for the change and that the risk and impact is acceptable.