The Multidimensionality of IT Outsourcing Risks

Abstract: IT outsourcing is a complex endeavour with multiple sources of risks. The body of knowledge on the subject is vast but scattered. Our project aims to create an integrated risk and controls framework. This paper discusses the multidimensional nature of outsourcing risks that needs to be addressed when such framework is developed. This paper presents findings from two workshops where risks, their classifications and dimensions where discussed by a group of experienced risk practitioners. The results highlight that practitioners see strategy, stakeholders and the different phases of the outsourcing as important dimensions that create risk and need to be addressed when organisations are planning or running an outsourcing venture. This research confirms that there are a number of dimensions in IT outsourcing risk and it has provided depth to the understanding of these dimensions

The Multidimensionality of IT Outsourcing Risks

IT outsourcing is a complex endeavour with multiple sources of risks. The body of knowledge on the subject is vast but scattered. Our project aims to create an integrated risk and controls framework. This paper discusses the multidimensional nature of outsourcing risks that needs to be addressed when such framework is developed. This paper presents findings from two workshops where risks, their classifications and dimensions where discussed by a group of experienced risk practitioners. The results highlight that practitioners see strategy, stakeholders and the different phases of the outsourcing as important dimensions that create risk and needs to be addressed by organisations that are planning or already running an outsourcing venture. This research confirms that there are a number of dimensions in IT outsourcing risk and it has provided depth to the understanding of these dimensions

Strategic governance and risk-management of the outsourcing ecosystem:developing dynamic capabilities and addressing implementation challenges

As outsourcing continues to grow in large global organisations, governance and risk management of the related outsourcing ecosystem is evolving as a strategic Board-level activity, driving competitive advantage and value-creation, in addition to value-protection. Amidst this growth and evolution, the outsourcing of Information Technology (IT) and IT-enabled Business Process Outsourcing (BPO) continues to mature into a broader category referred to by contemporary researchers as “business services” including almost every service that can be delivered by third parties, often enabled by digitisation and technology. Through such strategic initiatives, focused on creating inimitable competitive advantage and organisational value, organisations have increased their levels of dependence on outsourcing, exposing themselves to newer risks amid shifting business environments. But despite these developments, there has been limited research on the ability of organisations to manage risks around outsourcing with a dynamic mind-set to create and protect value for organisations. Instead, most research continues to focus exclusively on preventing “bad things happening”. The first part of the research establishes the context by providing a forward-looking multi-disciplinary view on strategic risk and governance related to outsourcing. This is followed by gaining an understanding of how and why large global organisations are broadening their perspective and enhancing maturity over governance and risk-management around their outsourcing ecosystem, including capabilities that they must develop to emerge as astute decision-makers, using industry-specific case studies. The second part of the research uses primary data to capture the overall progress made in achieving this transformation and implementation challenges. This thesis contributes to the growing body of outsourcing literature by focusing on governance from a novel “outsourcing ecosystem” perspective. It also makes practical contributions by identifying and addressing implementation challenges relevant to this transformational thinking, together with a 2x2 framework, which hold relevance for organisations operating with a significant outsourcing ecosystem and their leadership

Examining political risk in service offshoring strategies

This research investigates political risk in the context of service offshoring and the corresponding impact on risk management decisions. The first stage of the study uses the Repertory Grid Technique (RGT), to explore key post-contract political risks experiences within offshore outsourcing activities. Twelve key political risks affecting offshore outsourcing decisions are identified, and the moderating effect of offshoring activity types (BPO, ITO or KPO) on political risk exposure and impact perceptions is highlighted. The research also explores the conditioning effect of industry specific exposure to political risk and enhances the explanatory ability of the Transaction Cost Economics (TCE) constructs, offering a re-operationalization of the political risk component of external uncertainty. The second stage of the research introduces a series of hypotheses between offshoring flows and political risk profiles, and applies multiple regression to analyse political risk affecting offshore activities in low cost countries across contract-based offshoring engagements and FDI. The findings highlight that political risk is a genuine business concern for offshore contract-based outsourcing modalities, and identify concerns with Intellectual Property protection, Quality of Bureaucracy and Corruption as key considerations affecting location decisions in low-cost countries. The research further suggests a positive relationship between strong country level institutional and regulatory systems and high knowledge content in offshoring engagements. From a practical perspective, the research highlights the need for managerial tools to determine diversified firm and industry specific political risk impact on global service outsourcing engagements. The key practical contribution is the development of differentiated political risk typologies that can capture the nuances of external risks in offshoring, allowing for more accurate risk assessment of offshoring decisions

Data driven decision support systems as a critical success factor for IT-Governance: an application in the financial sector

IT-Governance has a major impact not only on IT management but also and foremost in the Enterprises performance and control. Business uses IT agility, flexibility and innovation to pursue its objectives and to sustain its strategy. However being it more critical to the business, compliance forces IT on the opposite way of predictability, stability and regulations. Adding the current economical environment and the fact that most of the times IT departments are considered cost centres, IT-Governance decisions become more important and critical. Current IT-Governance research and practise is mainly based on management techniques and principles, leaving a gap for the contribution of information systems to IT-Governance enhancement. This research intends to provide an answer to IT-Governance requirements using Data Driven Decision Support Systems based on dimensional models. This seems a key factor to improve the IT-Governance decision making process. To address this research opportunity we have considered IT-Governance research (Peter Weill), best practises (ITIL), Body of Knowledge (PMBOK) and frameworks (COBIT). Key IT-Governance processes (Change Management, Incident Management, Project Development and Service Desk Management) were studied and key process stakeholders were interviewed. Based on the facts gathered, dimensional models (data marts) were modelled and developed to answer to key improvement requirements on each IT-Governance process. A Unified Dimensional Model (IT-Governance Data warehouse) was materialized. To assess the Unified Dimensional Model, the model was applied in a bank in real working conditions. The resulting model implementation was them assessed against Peter Weill‘s Governance IT Principles.Assessment results revealed that the model satisfies all the IT-Governance Principles. The research project enables to conclude that the success of IT-Governance implementation may be fostered by Data Driven Decision Support Systems implemented using Unified Dimensional Model concepts and based on best practises, frameworks and body of knowledge that enable process oriented, data driven decision support

Effective Strategies for Managing the Outsourcing of Information Technology

More than half of information technology (IT) outsourced projects fail, primarily due to a lack of effective management practices surrounding the outsourcing end-to-end process. Ineffective management of the IT outsourcing (ITO) process affects organizations in the form of higher than expected project costs, including greater vendor switching or reintegration costs, poor quality, and loss of profits. These effects indicate that some business leaders lack the strategies to effectively manage the ITO process. The purpose of this single-case study was to apply the transaction cost economics (TCE) theory to explore strategies 5 business professionals use to manage an ITO project in a financial services organization located in the Midwestern region of the United States. Participant selection was purposeful and was based on the integral role the participants play on the ITO project. Data collection occurred via face-to-face semistructured interviews with the participants and the review of company documents. Data were analyzed using inductive coding of phrases, word frequency searches, and theme interpretation. Three themes emerged: vendor governance and oversight, collaborative strategic partnership, and risk management strategies enabled effective management of ITO. Identifying and executing appropriate outsourcing strategies may contribute to social change by improving outsourcing infrastructure, which might support job creation; increasing standards of living, especially within emerging markets; and heightening awareness of different cultures, norms, and languages among people living in different regions around the world to establish commonalities and gain alignment with business practices

Principles for an operational risk appetite framework for a bank: a South African perspective

Summaries in English, Afrikaans and ZuluThe significance for a bank to determine its risk appetite has become crucial over the years, based on past and recent risk events in the financial services sector. Regulatory pressure, a focus on corporate governance and risk management have been stimuli for many changes in the financial industry. An example is the need to establish an operational risk appetite framework. It is against this background that the study aimed to identify guiding principles for an operational risk appetite framework that can be used to determine the operational risk appetite of a bank. The study entailed a literature review and an empirical analysis of the principles for an operational risk appetite framework for the banking industry of South Africa. A survey was used to collate the data. Also, the researcher endeavoured to establish a gap between the principles and the current status of implementation of the confirmed principles. The descriptive and inferential results indicated that most of the identified principles were viewed as important and crucial for an operational risk appetite framework for a South African bank, although some were not yet fully implemented. The study also confirmed the principles for an effective operational risk appetite framework to comply with regulatory requirements and to ensure a sound risk management process to support the achievement of business objectives.Dat 'n bank in staat is om sy risikoaptyt in die finansiëledienstesektor vas te stel, is betekenisvol en dit het oor jare heen vanweë vorige en onlangse risikogebeurtenisse van kritieke belang geword. Die druk van regulering, 'n fokus op korporatiewe bestuur en risikobestuur is stimuli vir talle veranderinge in die finansiële bedryf. 'n Voorbeeld hiervan is die noodsaaklikheid daarvan om 'n operasionele risikoaptytraamwerk op te stel. Teen hierdie agtergrond het die studie beoog om riglyne te identifiseer vir 'n operasionele risikoaptytraamwerk wat gebruik kan word om 'n bank se operasionele risikoaptyt te bepaal. Die studie omvat ’n literatuuroorsig en ’n empiriese ontleding van die beginsels van ’n operasionele risikoaptytraamwerk vir die bankbedryf in Suid-Afrika. ’n Opname is gebruik om die ingesamelde data te vergelyk, en die navorser het gepoog om ’n leemte tussen die beginsels en die huidige stand van implementering van die bevestigde beginsels uit te wys. In die beskrywende en inferensiële resultate word aangedui dat die meeste van die geïdentifiseerde beginsels beskou word as belangrik en kritiek vir ’n operasionele risikoaptytraamwerk vir ’n Suid-Afrikaanse bank, al word sommige beginsels nog nie ten volle geïmplementeer nie. Die studie bevestig die beginsels van ’n effektiewe operasionele risikoaptytraamwerk met die oog daarop om aan reguleringsvereistes te voldoen en ’n deurdagte risikobestuursproses te verseker en sodoende die verwesenliking van sakedoelwitte te ondersteun.Ngokuhamba kweminyaka kuya kubaluleka kakhulu ukuba ibhanki iwujonge ngononophelo umngcipheko enokuwuthatha, ngenxa yokubona iziganeko zomngcipheko ezenzekileyo kwicandelo leenkonzo zoqoqosho. Uxinzelelo lolawulo, ugxininiso kulawulo lweenkampani kunye nolawulo lomngcipheko zizinto eziphembelele iinguqu ezininzi kurhwebo lokwenza imali. Umzekelo sisidingo sokuseka uphahla lokusebenza ngomngcipheko. Zezi zinto ezibangela ukuba esi sifundo sijolise ekufumaniseni iinqobo ezisisikhokelo sokuqwalasela umngcipheko onokuthathwa, nesinokusetyenziselwa ukulinganisela umngcipheko onokuthathwa yibhanki. Esi sifundo siphengulule uluncwadi olukhoyo ngalo mbandela kunye nohlalutyo olunobungqina lweenqobo ezinokusetyenziselwa ukulinganisela umngcipheko onokuthathwa licandelo leebhanki zoMzantsi Afrika. Kwenziwa uhlolo zimvo ekuqokeleleni iinkcukacha zolwazi. Umphandi wabuya wazama ukubonisa umahluko phakathi kweenqobo ezimiselweyo nemeko ekuyiyo ekusetyenzisweni kweenqobo ezivunyiweyo. Iziphumo ezichazayo nezicingelwayo zibonise ukuba uninzi lweenqobo zibonwa njengamanqaku abalulekileyo nangundoqo okwenza uphahla lokusebenza ngomngcipheko onokuthathwa yibhanki eMzantsi Afrika, nangona ezinye zingekasetyenziswa ngokupheleleyo. Esi sifundo siphinde sangqinisisa iinqobo zophahla olululo lokusebenza ngomngcipheko onokuthathwa ezimele ukuthobela imigaqo elawulayo nokuqinisekisa inkqubo yomgcipheko eqinileyo yokuxhasa ukufunyanwa kweenjongo zoshishino.Business ManagementM. Com. (Business Management