Effectively tackling the ‘build or buy’ question for agencies seeking to modernize the OMS can have significant impacts on the agency and the CIO’s organization.

We live in a results-oriented world. People in positions of leadership, having considered available options, are expected to consistently deliver desired outcomes. Our results-oriented world is also driven by perceptions that technology can bring about changes and improvements at an ever faster pace. Thus, not only do we want results, we want them now.

For executives who lead corrections agencies at the national, state, provincial and large county level, the pressure to deliver improved results more quickly is ever-present. High rates of incarceration and persistent high rates of recidivism have placed corrections agencies under increased scrutiny right around the world. New solutions to those challenges are expected to be considered, tested, implemented, and evaluated for success in a timely manner – and increasingly, technology is expected to play a critical, enabling role. For the corrections CIO, this is the ‘new normal,’ and the technology decisions he or she makes have the potential to impact the agency for years – or decades – to come. In making those technology investments, it is of vital importance to understand what the agency expects, and what the CIO will get credit for.

To establish the conditions for the long-term improvements that corrections agencies seek, the offender management system (OMS) is generally seen as one of the most critical assets. For many agencies, the goal to modernize 20- and 30-year old legacy systems is at the top of the priority list, and for good reason. A modern OMS provides more accurate, more accessible information about the offender in all facets of his or her custodial care and community supervision, and contains the intelligence needed to identify opportunities for sustained improvements for the most pressing business challenges of the agency. Once the political and financial approvals have been secured for an OMS modernization project, the goal of the CIO, it would seem, should be to identify a suitable vendor through an open procurement process and implement the solution as quickly as possible through proven delivery approaches. It stands to reason, the sooner the new solution is in use by operational and back-office staff across the enterprise, the faster the agency can begin to derive the operational and offender benefits that a modern information system can deliver.

Enabling the agency to improve safely, intelligently and sustainably is what every CIO should strive to achieve. However, in conversations with CIOs in various parts of the world, there remains among some a persistent belief that the CIO’s team, given sufficient time and resources, can build an OMS to meet the precise needs of the agency. For some, this approach is seen as preferable over the frustrations of a lengthy procurement process and multi-year partnership with an external vendor. And perhaps, given unlimited time and money, they are right. Unfortunately, those conditions seldom exist. In reality, when the CIO eschews the benefits of a vibrant market for a proven solution, such as that which exists for offender management systems, it often reflects a misperception that the he or she will be credited with ‘building a modern OMS’ rather than enabling the agency to improve safely, intelligently and sustainably. It is a trap that the CIO should strive to avoid. Let’s consider a few facts.

First, for argument’s sake, let’s assume the agency has a pool of 40 to 50 talented technical staff – project managers, business analysts, architects, developers, testers, and configuration and documentation specialists – a common minimum staffing level for an established OMS vendor. Using some standard metrics of $100,000 per year for each member of that team (salary, benefits, allocated overheads, etc.), that’s an annual expense of $4 million to $5 million – the ‘burn rate’ in typical software jargon. That’s an important figure to remember later in this post.

Then, to be able to build the exact system the agency desires, there is considerable requirements gathering and business analysis that must take place. It won’t necessarily involve the full team of 40-50 people, but a considerable portion nonetheless. Such an effort involves extensive interviews with operational and back-office subject matter experts to understand essential business processes and information flows – and that is just for functional capabilities. An entirely separate process must be undertaken to understand and document infrastructure-level requirements, such as security, user provisioning, scalability, system auditing, business intelligence and disaster recovery. In general, when an agency undertakes this process for a planned public procurement, it is typical for a full year to be consumed. So let’s go with 25 people being engaged for this phase of the project; that represents Year 1 costs of $2,500,000.

Next, based on documented requirements, there will be some prototyping involved – validation of architecture, tool selection, development processes (agile, waterfall, blended?) before full-scale development can begin. Such an effort might take six months or more if the teams are well-structured and coordinated. Since it is still a prototyping phase, the full team won’t be needed – so again, let’s use 25 people for half a year, or $1,250,000.

A well-defined team and process will expose the results of the prototype to a set of end users/subject matter experts (SME) to gain feedback. Given that the team has never before built an OMS and that the end users/SMEs are equally inexperienced at providing feedback, it can be expected that there will be considerable need for change. Let’s assume that the balance of Year 2 will be used for modifying and finalizing plans (another $1,250,000 in team expense), and that the start of actual OMS development gets underway at the beginning of Year 3.

Assuming the team is strong and disciplined in its approaches, it will take between three to four years before a fully functional, comprehensive OMS is available for use across the agency. It is certainly possible that a modular approach could be employed to deliver incremental functional components, but that requires the agency to continue to use and maintain a legacy environment, train select users on the new module, and create a temporary data exchange bridge between the new and legacy environments. That approach adds no small measure of complexity to the CIO’s requirements. So let’s assume it takes 3.5 years for the full team to complete its first full version. At a cost of $5,000,000 per annum, that represents an additional $17,500,000 burn over what has already been spent. Of course, just because the system has been built doesn’t mean it is ready for immediate use. Other time- and staff-intensive activities must be planned and undertaken to enable transition to the new system, including data cleansing and migration, building of interfaces to other key systems serving the agency and other justice and public safety entities, user acceptance testing and eventually user training for thousands of agency employees. Over the final year of system development, those activities could easily represent another $4,000,000 in costs.

Not considered in this analysis, of course, is the very strong likelihood that legislation will change throughout the development period, which has the effect of introducing functional changes to the new system. Agency policies are also likely to change during this multi-year process, further complicating the effort. And throughout all of it, users of the legacy system remain frustrated with the inflexibility and limitations it presents. The effort to drive efficiency into operations may cause some teams to build a narrow business case for investment into yet another system to better meet their needs – potentially resulting in more silos of information for the agency to manage. That’s an important risk to consider.

So let’s recap the cost and impact of the decision to build the new OMS with internal resources.

Assuming the team has been successful in building exactly what the agency desires in its modernized OMS, a full six years have elapsed at a direct cost of more than $26 million. The CIO would expect to get full credit for ‘building’ exactly what the agency needs as part of his commitment to enable the agency to improve safely, intelligently and sustainably.

Not factored into this scenario – but important nonetheless – is the certain reality that a portion of the CIO’s team will have to be dedicated to maintaining and enhancing the system throughout its lifespan. Unlike a commercial offering, which spreads the costs of maintenance and enhancements across a broad customer base, the annual costs of the ‘build-your-own’ solution will be fully borne by the agency. The CIO will likely have a fixed budget which invariably will fall short of the ongoing needs of the system – infrastructure updates, such as databases, browsers, and operating systems, and functional updates, such as those driven by new legislation, changing agency policy and evolving user preferences. These are expensive, and largely unending in nature. With requirements that exceed available budget, the technical debt of the new solution grows every year. Within a short timeframe, the new solution is likely approaching obsolescence. Combine that challenge with the real probability that key staff – those with extensive knowledge of the system – may change jobs or retire, and the system becomes as much of a burden as the legacy environment. And, lacking an up-to-date information system, the agency struggles to meet its overarching objectives.

In a different jurisdiction, the CIO of an agency of similar scope and scale also faces an OMS modernization imperative with similar objectives. This CIO, however, pursues an alternative strategy. Following a similar process of requirements gathering, complemented with an open dialogue with established OMS vendors, the agency pursues acquisition of a standards-based commercial offering for the OMS. Through an open procurement process, the agency evaluates multiple, proven vendors against well-defined functional, implementation and cost criteria and makes a selection. Of course, there are many factors that drive pricing for an OMS replacement, but let’s assume, using standard market data, that the new OMS can be purchased and implemented over a 30-month window from contract signature for $10,000,000. The same high-level cost and timeline analysis would look like this:

In this instance, through a well-managed, open market process, the CIO has achieved the initial objective to enable the agency to improve safely, intelligently and sustainably at least 2.5 years faster and more than $13 million less cost than the ‘build-your-own’ approach. He has also acquired a solution which is maintained and supported by a vendor with an extensive understanding of the corrections industry and a rigorous roadmap commitment to product enhancement and evolution. The differences in approach to OMS modernization are significant and dramatic.

This illustration attempts to simplify a complex set of questions and decisions for any agency, and by no means is it intended to trivialize the factors that lead to such decisions. Perhaps the agency is coming off a failed project with a large systems integrator. Perhaps they have had difficult challenges with problematic vendors in the past. The agency may have a large technical staff to keep engaged. These are all fully acknowledged as important considerations in the decision-making process.

At the same time, understanding what the agency and what the public at large gives credit for achieving will help to frame such important technology investment decisions in a different light. The agency needs to embrace operational and offender-focused changes in ways that will directly, quickly and sustainably contribute to improved offender outcomes, reduced costs and safer communities. The CIO has to understand the primacy of those objectives when planning the OMS modernization effort; the sooner he or she can enable the agency to achieve those benefits, the stronger the agency and the community will be. A ‘build-your-own’ approach may satisfy some internal preferences, but it will always come at greater expense in both time and money, and with a higher probability of inadequately addressing the true needs of the user. Understanding what you get credit for can have a major impact on the success of the agency and the IT organization.

© 2017 Abilis Solutions. All rights reserved.