IT Disaster? What IT Disaster? And What D'You Mean "We're Not Insured For It"!?

You are an es tablished, reputable, medium-sized corporation. A year ago your board decided to upgrade your existing computer systems by buying a 'unified package', 'lightly-customised', from a 'solution provider'. The new modified system was to be complete, installed and working, 3 months after the Contract Date.

You identified and chose the package, and the 'solution provider', on the basis of a somewhat hurried selection process - you did always mean to go and visit some other reference sites, and actually see the software live in action, and talk to some other (satisfied) customers. But you were always much too busy. Just like you always intended to get your company's end user staff members involved in the selection process. But didn't. The same goes for your business managers' preparing a full written Requirements Specification document defining in detail the business processes to be automated. Your usual corporate law firm took a "quick look" at the Contract, at your request, and did not raise any major concerns.

The initial package installation was delayed by 4 months - it turned out that the "light customisation" work needed was badly under-estimated by the solution provider's Project Manager. The system when finally delivered, late, and incomplete, was therefore implemented on a "pilot" basis only. Problems with data migration from one of your company's key legacy systems then bedevilled running/testing during the pilot phase. Each party accused the other of failing to take responsibility for clean (or cleaning the) legacy data.

The working relationship between your own IT Systems Manager and the supplier's Project Manager has deteriorated rapidly. And your end users are stubbornly refusing to love the new system, claiming it is more difficult, slow and cumbersome to use: "it frequently crashes and you can't trust the data anymore". You are beginning to lose some of your best operational staff to your competitors.

Now you've checked the Contract and find it is completely silent on data migration, data quality etc and who should/not be responsible for achieving it; also, in respect of specifying "non-functional requirements", such as system uptime and service levels, disaster recovery standards, performance and throughput targets, and user response times. Similarly, as regards user training.

You've been trying to run the pilot system for two months, and your board is "beginning to lose patience", as you euphemistically put it to the corporate lawyers you've just consulted. The lawyers have advised that they should write a letter on your behalf giving the supplier 30 days' notice to "deliver a functionally complete, operationally reliable and contractually compliant" system. They further advise that, if the supplier then fails to do so, you would be entitled to reject the software and terminate the Contract.

The lawyers further say that you may then be able to sue the supplier for breach of contract, on the grounds that the system is "worthless and useless; and contains many fundamental design and other flaws, deficiencies, and further unresolved problems". Your board has insisted it would expect to claim for over £5m in compensation for actual and consequential losses and damages arising from any material breach of contract.

The supplier tells you in no uncertain terms that he would vigorously defend any such claim, and will counter-claim for £750,000 of unpaid invoices and licence fees. He contends it was your own failure to analyse and define your detailed business processes and system requirements, to provide clean legacy data, and to co-operate in achieving a successful project outcome which are to blame for the difficulties encountered, and there is nothing fundamentally wrong with the software package. "How can there be", he asks, "when it is a proven system, customised, installed, "tried and tested" at twenty other sites?".

. . .Continue to read rest of article (PDF).

Dr. Stephen Castell CITP CPhys FIMA MEWI MIoD, Chartered IT Professional, is Chairman of CASTELL Consulting. He is an internationally acknowledged independent computer expert who has been involved in a wide range of computer litigation over many years. He is an Accredited Member, Forensic Expert Witness Association, Los Angeles Chapter.

©Copyright - All Rights Reserved

DO NOT REPRODUCE WITHOUT WRITTEN PERMISSION BY AUTHOR.