Browse Definitions :
Definition

build or buy (make or buy)

Build or buy, often expressed as make or buy, is the fundamental decision as to whether to develop something in-house or purchase it from an external supplier.

The two major considerations are cost and production capacity. Assuming that an organization has the capacity to develop a product in-house, the decision essentially comes down to effective use of available resources, including not only return on investment (ROI) but the total cost of ownership (TCO), taking into account all the expenses required to support the product throughout its life cycle.

There are a number of important criteria that must be considered to guide the decision to build or buy. Many organizations currently face the build or buy problem with Mobile apps, for example, as an increasingly mobile workforce and the BYOD (bring your own device) environment drive demand. A business might choose to buy a mobile app if relatively generic features will satisfy requirements or, on the other hand, may outsource development if the requirements are beyond in-house capabilities. Assuming staff has the expertise, it may be advisable to build the app in-house if there is idle production capacity or if quality control, intellectual property or competitive intelligence are of particular concern.

 A cost-benefit analysis (CBA) of both options can yield more insight into which is the better route for the organization. To inform a build or buy decision, opportunity costs (the potential value lost when an option is forgone) should be considered along with the costs of developing or purchasing the system and maintaining it. What should not be considered is sunk cost – money that has been invested and cannot be recovered.

This was last updated in June 2016

Continue Reading About build or buy (make or buy)

SearchCompliance
  • OPSEC (operations security)

    OPSEC (operations security) is a security and risk management process and strategy that classifies information, then determines ...

  • smart contract

    A smart contract is a decentralized application that executes business logic in response to events.

  • compliance risk

    Compliance risk is an organization's potential exposure to legal penalties, financial forfeiture and material loss, resulting ...

SearchSecurity
SearchHealthIT
SearchDisasterRecovery
  • What is risk mitigation?

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

  • change control

    Change control is a systematic approach to managing all changes made to a product or system.

  • disaster recovery (DR)

    Disaster recovery (DR) is an organization's ability to respond to and recover from an event that affects business operations.

SearchStorage
  • PCIe SSD (PCIe solid-state drive)

    A PCIe SSD (PCIe solid-state drive) is a high-speed expansion card that attaches a computer to its peripherals.

  • VRAM (video RAM)

    VRAM (video RAM) refers to any type of random access memory (RAM) specifically used to store image data for a computer display.

  • virtual memory

    Virtual memory is a memory management technique where secondary memory can be used as if it were a part of the main memory.

Close