ASP.NET Security Consultant

I'm an author, speaker, and generally a the-way-we've-always-done-it-sucks security guy who specializes in web technologies and ASP.NET.

I'm a bit of a health nut too, having lost 50 pounds in 2019 and 2020. Check out my blog for weight loss tips!

Project Risk and Fixed Bid vs. Time and Materials

Published on: 2011-11-13

When I was getting my MBA, I read that by outsourcing projects under a fixed-bid basis, companies are lowering your risk in the project. This is true, if you believe that your primary concerns in the scope of your project are whether it is completed on time and on budget. But as I've written before, time and budget aren't the best measurements for a software project. I've been on projects that met time and budget constraints that I'd consider overall failures, and I've been others that blew through their time and budget constraints that were overwhelming successes. How does changing our thinking of what project success look like change the way we look at risk?

Bid risk from the consulting team's point of view

When a project is on fixed bid, the consulting team is incented to keep to the original scope as much as possible. In a perfect world, changes of scope would be easily managed by a change request and an adjustment in price, but in reality the two sides differ greatly in what should and shouldn't be considered in scope. Instead of working to find the best solution, the consultants are looking to cut corners and will push back when changes, even necessary ones, are requested. When a project is billed on a time and materials basis, the consulting team is more willing to change scope because the consultants will get paid for work done, regardless of the original scope.

Bid risk from the business team's point of view

On the other side, it follows that the business has more control over the project when it is being billed on a time and materials basis. Scope changes during the course of projects. It is inevitable because understanding of the problem at hand becomes much better as the project proceeds. When billing time and materials, the business can merely prioritize work based on a cost/value basis rather than worrying about whether it's in the original scope. There is some risk of cost overruns, but billing time and materials gives the business the ability to reduce scope in order to save costs if needed. 

It is also worth pointing out that by running a project on a time and materials basis, the stakeholders are forced to determine which features are important to them, and which ones are merely nice-to-haves. The reason should be obvious: when on fixed bid, the goal of the business team is to get as much value for their money as possible compared to time and materials the business team is forced to weigh the value of each request. However, cramming as many features as possible into the implementation doesn't necessarily result in a better product. Having to pay for each feature individually really allows the business team to focus on what's really important.


I am not trying to argue that projects billed using time and materials have less risk than fixed bid. Overall, it is important to point out that one approach does not have more risks than the other, but each has its own risks which should not be ignored. In the end, choose the approach that works best for you, your team, and your consultant, but don't assume that fixed bid is best just because it appears to have low risk on the surface.

This article was originally posted here and may have been edited for clarity.