Future of Sourcing - Microsoft https://futureofsourcing.com/tags/microsoft en Detecting the SolarWinds Hack https://futureofsourcing.com/detecting-the-solarwinds-hack <div class="field field-name-field-image field-type-image field-label-hidden"><div class="field-items"><div class="field-item even" rel="og:image rdfs:seeAlso" resource="https://futureofsourcing.com/sites/default/files/articles/Detecting%20the%20SolarWinds%20Hack.png"><a href="https://futureofsourcing.com/sites/default/files/articles/Detecting%20the%20SolarWinds%20Hack.png" title="Prominent cybersecurity firms such as Microsoft and FireEye were victims of the SolarWinds attack and also the first to identify it. " class="colorbox" rel="gallery-node-1926-st74sKGuqbo"><img typeof="foaf:Image" src="https://futureofsourcing.com/sites/default/files/styles/juicebox_medium/public/articles/Detecting%20the%20SolarWinds%20Hack.png?itok=U2H26869" width="624" height="325" alt="Prominent cybersecurity firms such as Microsoft and FireEye were victims of the SolarWinds attack and also the first to identify it. " title="" /></a></div></div></div><div class="field field-name-field-related-news field-type-entityreference field-label-above"><div class="field-label">Related news:&nbsp;</div><div class="field-items"><div class="field-item even"><a href="/exploring-the-feasibility-of-a-blockchain-enabled-supply-chain">Exploring the Feasibility of a Blockchain-Enabled Supply Chain</a></div></div></div><div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even" property="content:encoded"> <h1>Detecting the SolarWinds Hack</h1> <p>The cybersecurity world has been overtaken with concern over a state-sponsored cyberattack perpetrated by Russian intelligence agents against multiple federal agencies, including those responsible for our nuclear stockpile. Prominent cybersecurity firms such as Microsoft and FireEye, who were also victims of the attack, were the first to identify it.&nbsp;</p> <p>Their internal networks were accessed, undetected, since March of 2020, and the attackers accessed documents, stole penetration testing tools, and found their way into other systems. The attackers initially inserted a maliciously modified version of <a href="https://www.onshore.com/managed-security-services/detecting-the-solarwinds-hack/">SolarWinds</a> Orion, a tool used by many organizations, both private and public, to monitor large networks, into the SolarWinds update server as early as March of 2020.</p> <h2>Supply Chains are Easy Targets</h2> <p>As the recent investigation began, it was clear that this trojanized update, called SUNBURST, had spread widely, though it still is difficult to know if the back door the hackers created for this attack allowed further intrusions and infection. It is known that up to 18,000 customers of SolarWinds have been affected by the malware. More will certainly be found out in the coming weeks. The targets being high profile, high in number and the novelty of the supply chain attack vector are enough to fill the papers, but customers, clients and everyone in the ecosystem are left with many questions on what the lasting effects of this hack will be. It is being called the most significant cyberattack in our history.</p> <p>Beyond learning quite a bit about how the attack on our federal agencies and companies via the SUNBURST malware was actually perpetrated, businesses and cybersecurity professionals are asking what lessons can be taken away. How will this change how we do things? What things should organizations and cybersecurity practitioners consider? Many companies, both those affected by the hack and those not (and it&rsquo;s not 100% clear who is who at the moment) have released statements with some recommendations, such as onShore Security did for its clients.</p> <p>In the very short term, care should be taken regarding these exact pieces of software. If SolarWinds software is being used in your organization, it&rsquo;s recommended that it be shut down and not turned back on until SolarWinds publishes a third-party code audit that makes it clear that the vulnerability gaps are filled. Secondly, your organization should adopt the rules released to detect for SolarWinds&rsquo; vulnerability and use the signatures provided by FireEye to detect SUNBURST and the FireEye tools stolen in the attack.&nbsp;</p> <h2>Watching and Waiting</h2> <p>The nature of the attack, that of writing a backdoor into the software, and the unusually long dwell time, mean that it is simply impossible at this point to be able to clear anyone of risk and the possibility of other, secondary &ldquo;infections&rdquo; must be considered until dispelled.</p> <p>Because of the long dwell time, lateral movement in the network is almost assured. This teaches us an important lesson in protection vs. detection. When protection and prevention fail, it can be impossible to know until it is far too late. In the case of this hack, the attackers had months inside networks, allowing lateral movement, secondary infection, and other malicious activity that may require deep forensic investigation to uncover and repair. Many of the organizations that have been affected are still trying to make up for lost time in their efforts to mitigate and prevent similar attacks.</p> <p>We must also consider the software supply chain. Reliance on third-party suppliers of software is only increasing and our government has been even more willing to trust third parties, as it moves capability to the cloud and other forms of technology outsourcing. Some attention has been paid to hardware supplied by Chinese companies, but this event clearly shows that attackers don&rsquo;t need to own pieces of the supply chain to infect it. Scrutiny needs to be applied where it can be and, in the case of software, that means code review.</p> <h2>Open Source Software Helps Mitigate Risk</h2> <p>Using open-source options where possible makes review easier because a wide array of parties can collaborate on the review. APIs need to be published and open. Our government can contract from suppliers but require that all components and licenses meet the required certifications. Famously, the Chinese government insisted that Microsoft provide source code to them for review as a prerequisite to doing business in China. That&rsquo;s a tall order, but their fears weren&rsquo;t unfounded. This year, it was revealed that a Swiss company supplying secure communications to many governments included a back door for our own CIA, demonstrating a need for some sort of cyber-arms treaty.</p> <p>We also need to see greater collaboration with the detection process. SolarWinds had been instructing clients to exclude certain Orion binaries from anti-malware scanning because false positives were produced. This is likely at least one reason the attackers chose those binaries. There are reasons for exclusions but often it&rsquo;s a way to avoid the harder task of collaborating with anti-malware and detection vendors to supply appropriate signatures for proper scanning. Microsoft, who were one of the victims, quickly revoked the digital certificate for the malicious binaries but clearly more care must be put into the signing and verification process as well.</p> <h2>Fortify Your Cybersecurity Stack&nbsp;</h2> <p>The unfortunate truth is that there exists a zone of uncertainty around this hack. It is easy to tell if you were targeted in any way, meaning you can tell if the attackers ever took notice of you. Beyond that, the extent of the attack on you in particular can be hard to suss out. There are some signature parts of the attack that can be searched for. For example, email systems were frequent targets. Also, instances of create, execute, delete commands can be evidence of the malware covering its own footsteps. These novel stealth tactics, designed to avoid detection and increase dwell time as much as possible, mean that forensic investigators have their work cut out for them, now put into the position of, essentially, proving a negative.</p> <p>In the future, supply chain attacks will be part of any organization&rsquo;s threat modeling and there will be policy in place to detect and even prevent similar attacks. If anything, however, this incident highlights the importance of detection in the cybersecurity stack, the need for greater scrutiny in the code or signing of software, using open source and open APIs where possible and the need to begin serious work on cyber diplomacy.</p> </div></div></div><div class="field field-name-field-tags field-type-taxonomy-term-reference field-label-inline clearfix"><div class="field-label">Tags:&nbsp;</div><div class="field-items"><div class="field-item even" rel="dc:subject"><a href="/tags/solarwinds" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">solarwinds</a></div><div class="field-item odd" rel="dc:subject"><a href="/tags/cybersecurity" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">Cybersecurity</a></div><div class="field-item even" rel="dc:subject"><a href="/tags/microsoft" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">Microsoft</a></div><div class="field-item odd" rel="dc:subject"><a href="/tags/solarwinds-orion" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">solarwinds orion</a></div><div class="field-item even" rel="dc:subject"><a href="/tags/cyberattack" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">cyberattack</a></div></div></div><div class="field field-name-field-addthis field-type-addthis field-label-hidden"><div class="field-items"><div class="field-item even"><div class="addthis_toolbox addthis_default_style " addthis:title="Detecting the SolarWinds Hack - Future of Sourcing" addthis:url="https://futureofsourcing.com/detecting-the-solarwinds-hack"><a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_linkedin"></a> <a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_facebook"></a> <a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_twitter"></a> <a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_googleplus"></a> <a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_pinterest_share"></a> <a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_reddit"></a> <a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_email"></a> <a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_print"></a> </div> </div></div></div><div class="field field-name-field-region field-type-taxonomy-term-reference field-label-inline clearfix"><div class="field-label">Region:&nbsp;</div><div class="field-items"><div class="field-item even"><a href="/regions/global" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">Global</a></div></div></div> Thu, 25 Feb 2021 02:00:00 +0000 Stel Valavanis 1926 at https://futureofsourcing.com https://futureofsourcing.com/detecting-the-solarwinds-hack#comments Innovations in Sourcing: Microsoft & CDP (formerly Carbon Disclosure Project) https://futureofsourcing.com/innovations-in-sourcing-microsoft-cdp-formerly-carbon-disclosure-project <div class="field field-name-field-image field-type-image field-label-hidden"><div class="field-items"><div class="field-item even" rel="og:image rdfs:seeAlso" resource="https://futureofsourcing.com/sites/default/files/articles/FOS%20Header%20Image_Innovations%20in%20Sourcing.png"><a href="https://futureofsourcing.com/sites/default/files/articles/FOS%20Header%20Image_Innovations%20in%20Sourcing.png" title="Innovations in Sourcing: Microsoft &amp; CDP (formerly Carbon Disclosure Project)" class="colorbox" rel="gallery-node-1569-st74sKGuqbo"><img typeof="foaf:Image" src="https://futureofsourcing.com/sites/default/files/styles/juicebox_medium/public/articles/FOS%20Header%20Image_Innovations%20in%20Sourcing.png?itok=qrJpH4E5" width="624" height="325" alt="" title="" /></a></div></div></div><div class="field field-name-field-intro field-type-text-long field-label-hidden"><div class="field-items"><div class="field-item even"> <p>This October, the <a href="https://futureofsourcingawards.com" target="_blank">Future of Sourcing Awards</a> will celebrate organizations and individuals that have shown innovation, leadership and transformation in categories that are critical to the sourcing industry. Interviews with the finalists provide helpful insight about their projects, the problem they sought to solve and the impact to their organizations. Below, read about how Microsoft worked with CDP (formerly Carbon Disclosure Project) on an innovative responsible sourcing project that promoted carbon neutrality.</p> </div></div></div><div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even" property="content:encoded"> <div> <h3><em>Can you outline why your team embarked on this project and the problem that needed to be solved?</em></h3> </div> <div> <div>Aligning with Microsoft&rsquo;s overall mission to &ldquo;Empower every person and organization on the planet to achieve more,&rdquo; and the company&rsquo;s long-term commitment to carbon neutrality, (since 2012), Microsoft&rsquo;s Responsible Sourcing team recognized a gap in its own, and hence Purchasers as a whole, ability to accurately measure the CO2 footprint of a global supply chain. &nbsp;</div> <div>&nbsp;</div> <div>Historically there have been numerous internal and external approaches for assessing the CO2 emissions of a business. This disjointed landscape left the purchasing/supply chain industry without guidance on which standard platform by which Purchasers could converge on with their suppliers to ensure action to combat climate change lurch with an approach that was efficient and credible. Microsoft procurement&rsquo;s progress follows the investment community&rsquo;s shift toward a long-term perspective. Just as the investment community looks to shift the focus from short-term performance, procurement professionals are moving from immediate cost management to overall value creation and protection. &nbsp;</div> <div>&nbsp;</div> <div><strong>Using Investor-led Screening and Selection Tools&nbsp;</strong></div> <div>&nbsp;</div> <div>Asset managers and procurement professionals often begin thinking about the climate performance of their portfolio companies by screening for performance and climate risk. This approach can be broadly applied across a variety of sectors and companies. Each manager can choose to screen out specific issues or concerns or to set a standard of performance. &nbsp;</div> <div>&nbsp;</div> <div>Microsoft&rsquo;s approach to managing their indirect supply chain borrows directly from tools designed with investment strategies in mind. Their approach bypasses supply chain-specific evaluations and looks at the same scores and ratings used by asset managers. Rather than requiring an additional survey response or audit, Microsoft asks indirect suppliers to provide their score and environmental data disclosure through the global non-profit organization, CDP. Well-versed in survey fatigue themselves, CDP&rsquo;s global disclosure systems help mitigate survey fatigue amongst corporate sustainability teams already flooded by requests from investors and customers by standardizing and streamlining the reporting process.&nbsp;</div> <div>&nbsp;</div> <div>In building their approach to the supplier evaluation process, Microsoft also led the development of a qualification process for enterprise-level ratings with the members of the Sustainable Purchasing Leadership Council. The resulting research and qualification tool is free and available to the public, so that others can enhance their approach to sustainable supply chains.</div> </div> <div>&nbsp;</div> <div> <h3><em>How were things done originally and what was the inspiration to innovate the process?</em></h3> </div> <div> <div>Based on its commitment to carbon neutrality, Microsoft has long held a preference for working with suppliers who prioritize sustainable business practices. However accurately evaluating this landscape was difficult with a wide variety of emissions tracking tools, a lack of capacity for suppliers who wanted to improve their CO2 footprint but didn&rsquo;t have the resources to make changes, and a lack of clear emissions expectations and incentives for suppliers to qualify to do business with Microsoft.</div> <div>&nbsp;</div> <div>Shared tools accelerate our ability to understand, and ultimately take action, on our suppliers&rsquo; performance. This has been a paradigm shift and has allowed us to scale our supplier engagement to address the majority of our spend and enable us to share our performance in a taxonomy that resonates with our key stakeholders.&nbsp;</div> </div> <div>&nbsp;</div> <div> <h3><em>What KPIs did you use to measure success for this project? (For example: performance, customer satisfaction, revenue, sales or relevant financial gains?)</em></h3> </div> <div> <div>Outcomes of the project were mapped against the initial project goals to include:&nbsp;</div> <div>&nbsp;</div> <ul> <li>Creation of a Standard: The SPLC vetting process enabled the recognition of CDP as the standard in environmental reporting.</li> <li>Engagement of Suppliers: In 2018, the majority of Microsoft&rsquo;s indirect spend was with suppliers who disclose their emissions and set targets through CDP&rsquo;s global disclosure platform.</li> <li>Tangible CO2 Reductions: In 2018, Microsoft&rsquo;s indirect Suppliers reduced their collective footprint by <a href="https://www.microsoft.com/en-us/responsible-sourcing#primaryR12" target="_blank">18.1 million metric tons of CO2</a>.&nbsp;</li> <li>Recognition of Suppliers: The annual Microsoft Supplier Program (MSP) Excellence Awards recognize and inspire the entire supply chain by recognizing the leader. &nbsp;Recent award winners include Tech Mahindra, Akamai and Infosys. &nbsp;</li> </ul> </div> <div> <h3><em>How you plan to ensure that the new model remains relevant and adapts to the future needs of the market?</em></h3> </div> <div> <div>Beyond simply setting high standards for Suppliers, Microsoft&rsquo;s Responsible Sourcing team continues to closely work with the SPLC and CDP -- providing an ongoing commitment of significant time and resources to help those suppliers meet new and stringent environmental scoring requirements. Given a diverse set of Suppliers, in terms of product/service, size, and climate change knowledge base, the Microsoft Responsible Sourcing team partnered with CDP to provide Suppliers with a series of webinars to train companies on how to improve their understanding of CDP&rsquo;s disclosure process and the environmental questionnaires.</div> <div>&nbsp;</div> <div>Suppliers were invited to participate in webinars across a variety of time zones, languages and topics (from greenhouse gas accounting to target-setting to risk mitigation) to meet their educational needs and help them build the internal business case for implementing comprehensive sustainability programs across their global business. &nbsp;In addition to CDP led webinars we completed training for our suppliers on our own carbon neutral model.&nbsp;</div> <div>&nbsp;</div> <div>Further, by incorporating CDP disclosure and scores into our systems, we can be sure that our systems incent the evolution of best practices and baseline expectations of emission reductions management. Our approach and model imbed these evolving practices into our supplier engagement practices.&nbsp;</div> </div> <div>&nbsp;</div> <div> <h3><em>What advice do you have for those who may want to implement this innovative approach in their own organizations?</em></h3> </div> <div>Review, and adopt, the resource that was developed by the Sustainable Purchasing Leadership Council that is free and available to the public, so that you can converge on the best rating tools available and apply your spend to be part of two (investor/purchasing) market signals to have a positive impact. Further, you will enjoy the benefits of reduced survey fatigue and stakeholder alignment.</div> <div>&nbsp;</div> <div> <h3><em>How much time did this specific innovation take to implement into your organization?</em></h3> </div> <div>Developing and executing on the resource that was developed by the Sustainable Purchasing Leadership Council that is free and available to the public took one year to complete, but now that that is done and we have closely collaborated with CDP, the time needed to begin launching a program in minimal. &nbsp;To get started you simply need to identify suppliers you would like to engage on this topic and invite them to be rated by the CDP. Additional resources will be required based on how deep you embed this into your procurement frameworks as well as engage your suppliers to improve their performance. &nbsp;</div> </div></div></div><div class="field field-name-field-tags field-type-taxonomy-term-reference field-label-inline clearfix"><div class="field-label">Tags:&nbsp;</div><div class="field-items"><div class="field-item even" rel="dc:subject"><a href="/tags/sustainability" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">Sustainability</a></div><div class="field-item odd" rel="dc:subject"><a href="/tags/microsoft" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">Microsoft</a></div><div class="field-item even" rel="dc:subject"><a href="/tags/corporate-responsibility" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">Corporate Responsibility</a></div><div class="field-item odd" rel="dc:subject"><a href="/tags/sourcing" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">Sourcing</a></div><div class="field-item even" rel="dc:subject"><a href="/tags/strategy" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">Strategy</a></div><div class="field-item odd" rel="dc:subject"><a href="/tags/future-of-sourcing-awards" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">Future of Sourcing Awards</a></div></div></div><div class="field field-name-field-addthis field-type-addthis field-label-hidden"><div class="field-items"><div class="field-item even"><div class="addthis_toolbox addthis_default_style " addthis:title="Innovations in Sourcing: Microsoft &amp;amp; CDP (formerly Carbon Disclosure Project) - Future of Sourcing" addthis:url="https://futureofsourcing.com/innovations-in-sourcing-microsoft-cdp-formerly-carbon-disclosure-project"><a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_linkedin"></a> <a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_facebook"></a> <a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_twitter"></a> <a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_googleplus"></a> <a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_pinterest_share"></a> <a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_reddit"></a> <a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_email"></a> <a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_print"></a> </div> </div></div></div><div class="field field-name-field-region field-type-taxonomy-term-reference field-label-inline clearfix"><div class="field-label">Region:&nbsp;</div><div class="field-items"><div class="field-item even"><a href="/regions/global" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">Global</a></div></div></div> Mon, 05 Aug 2019 21:24:33 +0000 Future of Sourcing Awards 1569 at https://futureofsourcing.com https://futureofsourcing.com/innovations-in-sourcing-microsoft-cdp-formerly-carbon-disclosure-project#comments Vesting in practice https://futureofsourcing.com/vesting-in-practice <div class="field field-name-field-image field-type-image field-label-hidden"><div class="field-items"><div class="field-item even" rel="og:image rdfs:seeAlso" resource="https://futureofsourcing.com/sites/default/files/articles/FOS%20Digital_Kate%20Vitasek_Slider%20Graphic%20%281%29%20%281%29_107.png"><a href="https://futureofsourcing.com/sites/default/files/articles/FOS%20Digital_Kate%20Vitasek_Slider%20Graphic%20%281%29%20%281%29_107.png" title="Vesting in practice" class="colorbox" rel="gallery-node-1133-st74sKGuqbo"><img typeof="foaf:Image" src="https://futureofsourcing.com/sites/default/files/styles/juicebox_medium/public/articles/FOS%20Digital_Kate%20Vitasek_Slider%20Graphic%20%281%29%20%281%29_107.png?itok=tqewwIjg" width="624" height="325" alt="" title="" /></a></div></div></div><div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even" property="content:encoded"> <p>By design this column has, for the most part, examined the theories and research of academic and economic luminaries that have helped form the basis of modern outsourcing and my own research and development efforts in the realm of collaborative outsourcing.</p> <p>This month I&rsquo;d like to take a brief break and share a real-world achievement that employed Vested Outsourcing principles, while also sending out some kudos to a friend and colleague who was instrumental in instilling those principles into the ground-breaking and award-winning Microsoft/Accenture OneFinance alliance on outsourced financial services.</p> <p>Microsoft uses the Vested framework for its back office procure-to-pay business process outsourcing (BPO) agreement with Accenture. The Microsoft/Accenture team has come away with multiple awards in the outsourcing arena, receiving the industry&rsquo;s top awards from the Outsourcing Center, the Shared Services Outsourcing Network and the International Association of Outsourcing Professionals.</p> <p>But that&rsquo;s really the end of the story. The real story is how Microsoft and Accenture put their global financial services alliance together.</p> <p>In 2006, Microsoft decided that it needed to completely restructure its major global finance processes and operations because its global system was a patchwork of inefficient and disjointed processes. For example, Microsoft found that it was using 77,000 active procurement vendors and its finance operations used up 370,000 hours annually simply producing reports. It discovered that its Procurement and Finance Operations did not have any processes that were considered &ldquo;best practice.&rdquo;</p> <p>Obviously a better system was needed; the company&rsquo;s senior management determined that outsourcing would help improve quality and cost structures. But Microsoft wanted to go beyond the conventional notion of outsourcing, or shifting the &ldquo;mess for less.&rdquo; Microsoft&rsquo;s vision was to shift the focus from transactional accounting to a more strategic approach that would leverage &ldquo;business insight.&rdquo; It also wanted to achieve consistency and standardization worldwide. This project became the OneFinance initiative.</p> <p>Microsoft&rsquo;s vision was to shift the emphasis to business insight rather than bean counting at the lowest possible price. Basically, it needed an unconventional approach that was not simply about outsourcing work, but about outsourcing a transformation of the work through achieving desired outcomes and changing its definition of winning to create a mutually beneficial win-win mentality.&nbsp; The company also needed a partner it would share that vision with over the long term, one with a vested interest in achieving that win-win mindset. That partner was Accenture.</p> <p>The result was a Vested model &mdash; a performance and outcome-based relationship that focuses on outcomes, not transactions and that embraces defined and measurable outcomes; that focuses on the what, not the how; that optimises pricing incentives and that has a governance structure based on insight, not oversight.&nbsp; Those features embody the five rules of Vested Outsourcing.</p> <p>The OneFinance initiative outsourced back office finance transactions in 95 countries to Accenture. Both parties operate the agreement with incentives designed to improve performance and deliver increased value year-over-year. They share in the risks and rewards of doing so. This innovative outsourcing relationship vests Microsoft and Accenture in each other&rsquo;s success: they are most successful when they both succeed.</p> <p>In February 2007, Microsoft signed the outsourcing agreement with Accenture, with an original contract term of seven years at a value of $185 million. The contract spanned Microsoft&rsquo;s entire back office finance processes, including AP, Expense reports &amp; invoices, Requisition to Purchase Order process and General Accounting.</p> <p>Within 28 months Microsoft and Accenture had&nbsp; extended the agreement to 2018 and expanded the scope, increasing the total the contract value to $330 million.</p> <p>Microsoft and Accenture have gone on to win multiple awards, including:</p> <ul style="list-style-type:square;"> <li>In 2008, the Outsourcing Center, Everest Consulting&rsquo;s research centre award for Most Strategic Outsourcing Contract for 2007.</li> <li>In 2010, the Shared Services Outsourcing Network award for Best Mature Outsourced Service Delivery Operation.</li> <li>In 2011, Microsoft&rsquo;s Finance &amp; Procurement Global BPO team received the International Association for Outsourcing Professionals&rsquo; Global Excellence in Outsourcing Award for innovation.</li> <li>In 2011, the SSON ASIA award went to Srini Krishna, Director, Finance Operations, Global Vendor Management, Microsoft Finance, for his personal contributions to the outsourcing industry.</li> </ul> <p>Srini was the most recent award winner, receiving the Shared Services &amp; Outsourcing Excellence Award for his personal contributions to the outsourcing industry. SSON&rsquo;s annual Shared Services Excellence Awards honor, recognize and promote both captive and outsourced shared services that demonstrate winning practices and tangible results.</p> <p>Srini is an expert in our field and was instrumental in crafting the OneFinance partnership with Accenture using the Vested model. He manages the OneFinance outsourcing business model and relationship with Accenture and is also the co-author of the Microsoft OneFinance Case Study that details exactly how Microsoft developed its Vested arrangement with Accenture.</p> <p>&ldquo;What became a core driver for the team was to create an outsourcing model aimed at improving the efficiency and effectiveness of executing Microsoft&rsquo;s financial processes&rdquo; says Srini.</p> <p>I&rsquo;m really pleased to congratulate Srini for his great achievement and for his tremendous contributions to the Vested concept.</p> <p>Using the Vested model, Microsoft and Accenture share a vision and they share success. They are on the same journey, working together to drive out waste and create world-class financial processes and a sustainable infrastructure for the twenty-first century.</p> </div></div></div><div class="field field-name-field-tags field-type-taxonomy-term-reference field-label-inline clearfix"><div class="field-label">Tags:&nbsp;</div><div class="field-items"><div class="field-item even" rel="dc:subject"><a href="/tags/best-practice" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">Best Practice</a></div><div class="field-item odd" rel="dc:subject"><a href="/tags/bpo" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">BPO</a></div><div class="field-item even" rel="dc:subject"><a href="/tags/finance-accounting" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">Finance &amp; Accounting</a></div><div class="field-item odd" rel="dc:subject"><a href="/tags/governance" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">Governance</a></div><div class="field-item even" rel="dc:subject"><a href="/tags/microsoft" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">Microsoft</a></div><div class="field-item odd" rel="dc:subject"><a href="/tags/p2p" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">P2P</a></div><div class="field-item even" rel="dc:subject"><a href="/tags/procurement" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">Procurement</a></div><div class="field-item odd" rel="dc:subject"><a href="/tags/vested-outsourcing" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">Vested Outsourcing</a></div></div></div><div class="field field-name-field-addthis field-type-addthis field-label-hidden"><div class="field-items"><div class="field-item even"><div class="addthis_toolbox addthis_default_style " addthis:title="Vesting in practice - Future of Sourcing" addthis:url="https://futureofsourcing.com/vesting-in-practice"><a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_linkedin"></a> <a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_facebook"></a> <a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_twitter"></a> <a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_googleplus"></a> <a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_pinterest_share"></a> <a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_reddit"></a> <a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_email"></a> <a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_print"></a> </div> </div></div></div><div class="field field-name-field-region field-type-taxonomy-term-reference field-label-inline clearfix"><div class="field-label">Region:&nbsp;</div><div class="field-items"><div class="field-item even"><a href="/regions/global" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">Global</a></div></div></div> Wed, 08 Feb 2012 00:47:24 +0000 Kate Vitasek 1133 at https://futureofsourcing.com https://futureofsourcing.com/vesting-in-practice#comments