Browse Definitions :
Definition

build or buy (make or buy)

Contributor(s): Matthew Haughn

Build or buy, often expressed as make or buy, is the fundamental decision as to whether to develop something in-house or purchase it from an external supplier.

The two major considerations are cost and production capacity. Assuming that an organization has the capacity to develop a product in-house, the decision essentially comes down to effective use of available resources, including not only return on investment (ROI) but the total cost of ownership (TCO), taking into account all the expenses required to support the product throughout its life cycle.

There are a number of important criteria that must be considered to guide the decision to build or buy. Many organizations currently face the build or buy problem with Mobile apps, for example, as an increasingly mobile workforce and the BYOD (bring your own device) environment drive demand. A business might choose to buy a mobile app if relatively generic features will satisfy requirements or, on the other hand, may outsource development if the requirements are beyond in-house capabilities. Assuming staff has the expertise, it may be advisable to build the app in-house if there is idle production capacity or if quality control, intellectual property or competitive intelligence are of particular concern.

 A cost-benefit analysis (CBA) of both options can yield more insight into which is the better route for the organization. To inform a build or buy decision, opportunity costs (the potential value lost when an option is forgone) should be considered along with the costs of developing or purchasing the system and maintaining it. What should not be considered is sunk cost – money that has been invested and cannot be recovered.

This was last updated in June 2016

Continue Reading About build or buy (make or buy)

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

SearchCompliance

  • risk assessment

    Risk assessment is the identification of hazards that could negatively impact an organization's ability to conduct business.

  • PCI DSS (Payment Card Industry Data Security Standard)

    The Payment Card Industry Data Security Standard (PCI DSS) is a widely accepted set of policies and procedures intended to ...

  • risk management

    Risk management is the process of identifying, assessing and controlling threats to an organization's capital and earnings.

SearchSecurity

SearchHealthIT

SearchDisasterRecovery

  • call tree

    A call tree is a layered hierarchical communication model that is used to notify specific individuals of an event and coordinate ...

  • Disaster Recovery as a Service (DRaaS)

    Disaster recovery as a service (DRaaS) is the replication and hosting of physical or virtual servers by a third party to provide ...

  • cloud disaster recovery (cloud DR)

    Cloud disaster recovery (cloud DR) is a combination of strategies and services intended to back up data, applications and other ...

SearchStorage

  • RAM (Random Access Memory)

    RAM (Random Access Memory) is the hardware in a computing device where the operating system (OS), application programs and data ...

  • business impact analysis (BIA)

    Business impact analysis (BIA) is a systematic process to determine and evaluate the potential effects of an interruption to ...

  • M.2 SSD

    An M.2 SSD is a solid-state drive that is used in internally mounted storage expansion cards of a small form factor.

Close