<div class="ui-widget"> <h1>The Myth Of Off-The-Shelf KM Software </h1> <div id="yakadoc" class="bodytext"><span style="font-size: 14px;"><strong>EVALUATING THE REAL COST OF DEPLOYING AN ENTERPRISE KM SYSTEM </strong></span></div> <div class="bodytext"><span style="font-size: 14px;"><strong> </strong></span></div> <p class="byline">By Scott Ryser</p> <p>Even though commercial off-the-shelf software (COTS) is often considered less risky and less expensive than custom code, that's not the case when it comes to large-scale knowledge management (KM). KM deployments are plagued by security issues, budget overruns and early obsolescence for one reason: software modiﬁcations never go smoothly. </p> <p class="subhead">It's COTS in name only </p> <p>KM software packages are about as close to plug-and-play as ﬂour and sugar are to a birthday cake. Extensive customization is always necessary, and the ﬁnal price tag for fully conﬁgured COTS is easily four to ten times the original software license fee. But there's a lingering belief (hammered into us since the '80s when packaged applications were introduced), that any off-the-shelf software is categorically more cost-effective and 'safer' than any custom application. This may be a comforting notion, but it's simply not true. </p> <p>Acquisition and customization aside, the real cost of software comes from supporting and maintaining it. About 80% of a system's lifetime cost is incurred after deployment,1 which sheds a different light on the initial purchase decision. If your criteria are cost, performance and schedule, you must project the total price of ownership in each category to compare systems accurately. </p> <p class="subhead">What you get—and what you don't </p> <p>By deﬁnition, COTS vendors maintain complete control over their development and their source code. Customers willingly forego access to those in exchange for lower R&D and manufacturing costs (spread across the installed base) and the very real beneﬁts of a broad user community. This is a good deal for both sides— until market forces prompt your COTS vendor to sunset the package you're using. If you're several releases behind due to budget constraints and they're discontinuing support for your version in 90 days, you've got a serious operational problem. </p> <p>Playing out the scenario, your next move (at least until a new budget is approved) would likely be to contract out maintenance and support. At current rates, that option would cost 5 to 7 times your total software and maintenance expense for the past three years.  This isn't an expenditure that anybody anticipated back at the budgeting stage—but it's certainly a factor in the total lifetime cost of this particular system. </p> <p class="callout">COTS TECHNOLOGY IS MARKET-DRIVEN. IT'S ALWAYS CHANGING, SO YOU'RE PERPETUALLY LOCKED INTO CONTRACTORS WHO MAINTAIN CODE THE VENDOR NO LONGER SUPPORTS. </p> <p class="subhead">Upgrading COTS Security </p> <p>Security is another area where COTS modiﬁcations can actually exceed the cost of custom software. There's no way to verify how any COTS package handles security at the code level, so it's logical to assume that developers who work for major software vendors are capable and conscientious. But that's all it is: an assumption. Conversely, custom software is built from the inside out for speciﬁc content, processes and infrastructure. </p> <p>Network security is layered and holistic, and dozens of factors—hardware, software, physical surroundings, corporate policy, the technology infrastructure and more—affect system vulnerability. When developers know, all the way down to the code level, precisely how an application is protected, changes in the target environment don't turn into cross-your-ﬁngers-and-hope-for-the-best scenarios. </p> <p>Again, COTS is built to generic standards. It cannot be considered secure until it has been conﬁgured speciﬁcally for your environment. Right out of the box, COTS applications do not meet all security mandates for government, ﬁnancial services, health care and other regulated environments without extensive modiﬁcation. The development team must shore up the software's limitations since modifying the core is not an option. As mentioned earlier, the cost to do this can meet or exceed what you'd spend on a system tailored to your environment. </p> <p class="subhead">Failed projects have one thing in common </p> <p>There's no 'typical' COTS project, but those that fail all have one thing in common. They allow technology to trump the business problem. </p> <p>Let's say, for example, that you need to work with another division or agency to allocate assets, track an issue, or collaborate on a new project. One day Joe comes back from a trade show and says, 'Hey! Let's do it with CRM!' </p> <p>So the focus shifts from business problem to technology bake-off. Which system has most features? Latest innovations? Best quarter-end pricing? </p> <p class="callout">PROJECTS THAT FAIL ALL HAVE ONE THING IN COMMON. THEY ALLOW TECHNOLOGY TO TRUMP THE BUSINESS PROBLEM. </p> <p>Now vendor slicks, not business objectives, drive the requirements. Meanwhile, the user community doesn't know or care about CRM, and they're digging in to 'slow roll' what they view as an imposition—one more so-called productivity tool that won't make work any easier or better. </p> <p class="subhead">They forge ahead anyway </p> <p>So the project kicks off with a big delivery of 'best in class' plumbing from BEA, Oracle, Vignette. The lead contractor generates a steady stream of design documents, specs and Gantt charts. As soon as the stakeholders sign off the development team steps in. </p> <p>Dozens (sometimes hundreds) of person-years and much custom code later, the initial version of the system is ready to deploy. But business priorities have shifted unexpectedly and the contractor won't rework the Interface Control Document without more funding. Whenever something breaks down, goes wrong or fails to deliver as promised, the integrator points to vendor A, who blames vendor B. Vendor B claims the system works perfectly—the problem must be the user community. By now the project is so far over budget and behind schedule that stakeholders decide to re-bid the contract. ('Low cost' is shaping up to be relative term after all.) Finally somebody says: 'Maybe we should just bite the bullet and start over.' </p> <p class="subhead">You do the math </p> <p>Before you spend a dime on COTS, custom software, or any combination of the two, calculate the cost of intangibles. Nasty surprises in these 'soft' areas sink a staggering 80% of KM deployments (that's CIO Magazine's number; the more optimistic put failure rates at 45% to 70%) and nobody sees them coming. </p> <blockquote> <p><strong>Usability</strong>: How quickly did reference accounts reach critical mass? What do the usage trends look like? </p> <p><strong>Scalability</strong>: Can the system expand from dozens of users to thousands without replacing the software and any connecting systems? What happens to response and performance as capacity grows? </p> <p><strong>Security</strong>: Does the system comply speciﬁcally with the data security standards and mandates governing your industry? If not, how long will it take and how much will it cost to bring it into compliance? </p> <p><strong>Reliability</strong>: How do vendor SLAs compare? What are your options for on-site, online and phone support? </p> <p><strong>Capacity</strong>: Must you buy more system than you need right now to accommodate future growth? What's the true cost of that unused capacity, including the cost of capital? </p> <p><strong>Opportunity costs</strong>: Will owning and using this system take time away from your core business? What's that time worth? Can you reduce or eliminate that cost with a more efﬁcient system? </p> <p> </p> </blockquote> 1 Glass, Robert L. Facts and Fallacies of Software Engineering. Boston, MA: Addison-Wesley, 2003 </div>

The Myth Of Off-The-Shelf KM Software

EVALUATING THE REAL COST OF DEPLOYING AN ENTERPRISE KM SYSTEM

By Scott Ryser

Even though commercial off-the-shelf software (COTS) is often considered less risky and less expensive than custom code, that's not the case when it comes to large-scale knowledge management (KM). KM deployments are plagued by security issues, budget overruns and early obsolescence for one reason: software modiﬁcations never go smoothly.

It's COTS in name only

KM software packages are about as close to plug-and-play as ﬂour and sugar are to a birthday cake. Extensive customization is always necessary, and the ﬁnal price tag for fully conﬁgured COTS is easily four to ten times the original software license fee. But there's a lingering belief (hammered into us since the '80s when packaged applications were introduced), that any off-the-shelf software is categorically more cost-effective and 'safer' than any custom application. This may be a comforting notion, but it's simply not true.

Acquisition and customization aside, the real cost of software comes from supporting and maintaining it. About 80% of a system's lifetime cost is incurred after deployment,1 which sheds a different light on the initial purchase decision. If your criteria are cost, performance and schedule, you must project the total price of ownership in each category to compare systems accurately.

What you get—and what you don't

By deﬁnition, COTS vendors maintain complete control over their development and their source code. Customers willingly forego access to those in exchange for lower R&D and manufacturing costs (spread across the installed base) and the very real beneﬁts of a broad user community. This is a good deal for both sides— until market forces prompt your COTS vendor to sunset the package you're using. If you're several releases behind due to budget constraints and they're discontinuing support for your version in 90 days, you've got a serious operational problem.

Playing out the scenario, your next move (at least until a new budget is approved) would likely be to contract out maintenance and support. At current rates, that option would cost 5 to 7 times your total software and maintenance expense for the past three years. This isn't an expenditure that anybody anticipated back at the budgeting stage—but it's certainly a factor in the total lifetime cost of this particular system.

COTS TECHNOLOGY IS MARKET-DRIVEN. IT'S ALWAYS CHANGING, SO YOU'RE PERPETUALLY LOCKED INTO CONTRACTORS WHO MAINTAIN CODE THE VENDOR NO LONGER SUPPORTS.

Upgrading COTS Security

Security is another area where COTS modiﬁcations can actually exceed the cost of custom software. There's no way to verify how any COTS package handles security at the code level, so it's logical to assume that developers who work for major software vendors are capable and conscientious. But that's all it is: an assumption. Conversely, custom software is built from the inside out for speciﬁc content, processes and infrastructure.

Network security is layered and holistic, and dozens of factors—hardware, software, physical surroundings, corporate policy, the technology infrastructure and more—affect system vulnerability. When developers know, all the way down to the code level, precisely how an application is protected, changes in the target environment don't turn into cross-your-ﬁngers-and-hope-for-the-best scenarios.

Again, COTS is built to generic standards. It cannot be considered secure until it has been conﬁgured speciﬁcally for your environment. Right out of the box, COTS applications do not meet all security mandates for government, ﬁnancial services, health care and other regulated environments without extensive modiﬁcation. The development team must shore up the software's limitations since modifying the core is not an option. As mentioned earlier, the cost to do this can meet or exceed what you'd spend on a system tailored to your environment.

Failed projects have one thing in common

There's no 'typical' COTS project, but those that fail all have one thing in common. They allow technology to trump the business problem.

Let's say, for example, that you need to work with another division or agency to allocate assets, track an issue, or collaborate on a new project. One day Joe comes back from a trade show and says, 'Hey! Let's do it with CRM!'

So the focus shifts from business problem to technology bake-off. Which system has most features? Latest innovations? Best quarter-end pricing?

PROJECTS THAT FAIL ALL HAVE ONE THING IN COMMON. THEY ALLOW TECHNOLOGY TO TRUMP THE BUSINESS PROBLEM.

Now vendor slicks, not business objectives, drive the requirements. Meanwhile, the user community doesn't know or care about CRM, and they're digging in to 'slow roll' what they view as an imposition—one more so-called productivity tool that won't make work any easier or better.

They forge ahead anyway

So the project kicks off with a big delivery of 'best in class' plumbing from BEA, Oracle, Vignette. The lead contractor generates a steady stream of design documents, specs and Gantt charts. As soon as the stakeholders sign off the development team steps in.

Dozens (sometimes hundreds) of person-years and much custom code later, the initial version of the system is ready to deploy. But business priorities have shifted unexpectedly and the contractor won't rework the Interface Control Document without more funding. Whenever something breaks down, goes wrong or fails to deliver as promised, the integrator points to vendor A, who blames vendor B. Vendor B claims the system works perfectly—the problem must be the user community. By now the project is so far over budget and behind schedule that stakeholders decide to re-bid the contract. ('Low cost' is shaping up to be relative term after all.) Finally somebody says: 'Maybe we should just bite the bullet and start over.'

You do the math

Before you spend a dime on COTS, custom software, or any combination of the two, calculate the cost of intangibles. Nasty surprises in these 'soft' areas sink a staggering 80% of KM deployments (that's CIO Magazine's number; the more optimistic put failure rates at 45% to 70%) and nobody sees them coming.

Usability: How quickly did reference accounts reach critical mass? What do the usage trends look like?

Scalability: Can the system expand from dozens of users to thousands without replacing the software and any connecting systems? What happens to response and performance as capacity grows?

Security: Does the system comply speciﬁcally with the data security standards and mandates governing your industry? If not, how long will it take and how much will it cost to bring it into compliance?

Reliability: How do vendor SLAs compare? What are your options for on-site, online and phone support?

Capacity: Must you buy more system than you need right now to accommodate future growth? What's the true cost of that unused capacity, including the cost of capital?

Opportunity costs: Will owning and using this system take time away from your core business? What's that time worth? Can you reduce or eliminate that cost with a more efﬁcient system?

1 Glass, Robert L. Facts and Fallacies of Software Engineering. Boston, MA: Addison-Wesley, 2003

The Myth Of Off-The-Shelf Software

<style type="text/css"></style> <form class="af-form-wrapper" action="http://www.aweber.com/scripts/addlead.pl" method="post"> <div style="display: none;"><input name="meta_web_form_id" type="hidden" value="1675522285" /> <input name="meta_split_id" type="hidden" /> <input name="listname" type="hidden" value="theroisubscribe" /> <input id="redirect_38fea3c8bd7d441cc860774bdfbe6998" name="redirect" type="hidden" value="http://www.aweber.com/thankyou-coi.htm?m=text" /> <input name="meta_adtracking" type="hidden" value="ROI_Report_Subscribe" /> <input name="meta_message" type="hidden" value="1" /> <input name="meta_required" type="hidden" value="name (awf_first),name (awf_last),email" /> <input name="meta_tooltip" type="hidden" /></div> <div id="af-form-1675522285" class="af-form"> <div id="af-header-1675522285" class="af-header"> <div class="bodyText"> <p><span style="font-size: 18px;"><strong>Get The ROI Report </strong></span></p> <div class="ui-widget" style="margin-bottom: 0pt;"><span style="font-size: 12px;"><span style="font-family: georgia,palatino;">Curious about how other organizations collaborate? Find out with The ROI Report—a fast, free read delivered every month to your in-box. </span></span></div> <div class="ui-widget" style="margin-bottom: 0pt;"><span style="font-size: 12px;"><span style="font-family: georgia,palatino;"><br /></span></span></div> </div> </div> <div id="af-body-1675522285" class="af-body af-standards"> <div class="af-element"><label class="previewLabel" for="awf_field-16752649-first">First Name:</label> <div class="af-textWrap"><input id="awf_field-16752649-first" class="text" name="name (awf_first)" type="text" tabindex="500" /></div> </div> <div class="af-element"><label class="previewLabel" for="awf_field-16752649-last">Last Name:</label> <div class="af-textWrap"><input id="awf_field-16752649-last" class="text" name="name (awf_last)" type="text" tabindex="501" /></div> </div> <div class="af-element"><label class="previewLabel" for="awf_field-16752650">Email: </label> <div class="af-textWrap"><input id="awf_field-16752650" class="text" name="email" type="text" tabindex="502" /></div> </div> <div class="af-element buttonContainer"><input id="af-submit-image-1675522285" class="image" style="background: none;" alt="Submit Form" name="submit" src="http://www.aweber.com/images/forms/note/study-lounge/button.png" type="image" tabindex="503" /></div> <div class="af-element privacyPolicy" style="text-align: Left;"> <p><a title="Privacy Policy" href="http://www.aweber.com/permission.htm" target="_blank">We respect your email privacy</a></p> </div> </div> </div> <div style="display: none;"><img src="http://forms.aweber.com/form/displays.htm?id=jGzsrKxMTEwcrA==" alt="" /></div> </form> <script type="text/javascript">// <![CDATA[       (function() {         var IE = /*@cc_on!@*/false;         if (!IE) { return; }         if (document.compatMode && document.compatMode == 'BackCompat') {             if (document.getElementById("af-form-1675522285")) {                 document.getElementById("af-form-1675522285").className = 'af-form af-quirksMode';             }             if (document.getElementById("af-body-1675522285")) {                 document.getElementById("af-body-1675522285").className = "af-body inline af-quirksMode";             }             if (document.getElementById("af-header-1675522285")) {                 document.getElementById("af-header-1675522285").className = "af-header af-quirksMode";             }             if (document.getElementById("af-footer-1675522285")) {                 document.getElementById("af-footer-1675522285").className = "af-footer af-quirksMode";             }         }     })(); // ]]></script>

<div class="ui-widget" style="text-align: left;"><a class="ui-corner-all ui-helper-clearfix" style="background: #3B5998; padding: 3px; color: #fff; font-size: 10px; display: block; width: 152px; margin-bottom: 5px;" href="http://www.facebook.com/yakabod">Become a Fan <img src="http://www.facebook.com/images/fb_logo_small.png" alt="Facebook" align="absmiddle" /></a> <a style="padding: 0; display: block; margin-bottom: 5px;" href="http://www.twitter.com/theYakabox"><img src="http://twitter-badges.s3.amazonaws.com/follow_me-b.png" alt="Follow theYakabox on Twitter" /></a> <a style="display: block; margin-bottom: 5px;" href="http://www.linkedin.com/company/yakabod-inc."> <img src="http://www.linkedin.com/img/webpromo/btn_myprofile_160x33.png" border="0" alt="View Yakabod's profile on LinkedIn" width="160" height="33" /> </a><a class="ui-corner-all ui-helper-clearfix" style="display: block ! important; font-family: arial,sans-serif ! important; color: #333333; font-weight: bold ! important; text-decoration: none ! important; font-size: 10px; width: 145px ! important; background: url(http://www.blogtalkradio.com/collaborationpizza/LivePlayerButton.gif) no-repeat scroll center -32px transparent ! important; padding: 6px; border: 1px solid #cccccc; height: 34px ! important;" title="Listen to internet radio with Yakabod on Blog Talk Radio" href="http://www.blogtalkradio.com/collaborationpizza" target="_blank">Listen to <span style="display: block; position: fixed ! important; background: url(http://www.blogtalkradio.com/collaborationpizza/LivePlayerButton.gif) no-repeat scroll -8px -40px transparent ! important; width: 150px ! important; overflow: hidden ! important; height: 0px ! important; font-size: 8px ! important; opacity: 0 ! important; padding: 0pt ! important; margin: 0pt ! important;">internet radio with </span>Collaboration Pizza<span style="display: block; position: fixed ! important; background: url(http://www.blogtalkradio.com/collaborationpizza/LivePlayerButton.gif) no-repeat scroll -8px -40px transparent ! important; width: 150px ! important; overflow: hidden ! important; height: 0px ! important; font-size: 8px ! important; opacity: 0 ! important; padding: 0pt ! important; margin: 0pt ! important;"> on Blog Talk Radio</span></a></div>

Become a Fan

Listen to internet radio with Collaboration Pizza on Blog Talk Radio