79,463 research outputs found
Risks and Audit Objectives for IT Outsourcing
In the recent years, as a result of globalization, internet and IT progress, the outsourcing of IT services has seen an exponential growth. As a result more and more companies decide to outsource, partially or totally, their IT services. Nevertheless, the outsourcing process exposes both clients and service providers to a series of risks that can seriously affect their activities. Managing these risks by improving the quality and efficiency of internal control has made the ITO audit a necessary component for all the companies involved in this process. The goal of this paper is to identify analyze and map the influence areas of ITO risks in order to suggest a series of objectives for ITO audit.Information Technology, Outsourcing, Audit, Risks, Service Provider
Examining client perceptions of partnership quality and its dimensions in an IT outsourcing relationship
This paper reports on an empirical study of the multidimensionality of partnership quality in IT outsourcing arrangements and the relationships between these dimensions of partnership quality. A two-phase national survey was conducted to collect empirical data to confirm the dimensions of partnership quality in an IT outsourcing arrangement from the client organisation perspective and to identify the significant relationships between these dimensions using a second generation multivariate analysis technique—partial least squares
(PLS). The findings from results of the data analyses show that inter-organisational trust, shared business understanding and to a lesser extent, functional and dysfunctional conflict between the client organisation and the outsourcing vendor in an IT outsourcing relationship
are the key determinants of partnership quality. The key outcome variable for high partnership quality between the client organisation and the outsourcing vendor in an IT
outsourcing relationship is mutual beneficial sharing of risks and benefits. Commitment in an IT outsourcing relationship is confirmed as a multidimensional construct of behaviour commitment and temporal/continuance commitment and was found to be influenced by the other dimensions of partnership quality. The key findings of this study provide support for the notion that trust and shared business understanding are key drivers in the IT outsourcing
partnership style relationship ensuring that the sharing of risks and benefits are realised and conflict is minimised leading to a high quality and ultimately successful partnership between the client organisation and the outsourcing vendor. Furthermore our findings indicate that
behavioural commitment to the contractual obligations of an IT outsourcing relationship sustains an ongoing temporal commitment to the partnership between the client organisation and the outsourcing vendor
The Multidimensionality of IT Outsourcing Risks
IT outsourcing is a complex endeavour with multiple sources of risks. The body of knowledge on the subject is vast but scattered. Our project aims to create an integrated risk and controls framework. This paper discusses the multidimensional nature of outsourcing risks that needs to be addressed when such framework is developed. This paper presents findings from two workshops where risks, their classifications and dimensions where discussed by a group of experienced risk practitioners. The results highlight that practitioners see strategy, stakeholders and the different phases of the outsourcing as important dimensions that create risk and needs to be addressed by organisations that are planning or already running an outsourcing venture. This research confirms that there are a number of dimensions in IT outsourcing risk and it has provided depth to the understanding of these dimensions
The Multidimensionality of IT Outsourcing Risks
Abstract: IT outsourcing is a complex endeavour with multiple sources of risks. The body of knowledge on the subject is vast but scattered. Our project aims to create an integrated risk and controls framework. This paper discusses the multidimensional nature of outsourcing risks that needs to be addressed when such framework is developed. This paper presents findings from two workshops where risks, their classifications and dimensions where discussed by a group of experienced risk practitioners. The results highlight that practitioners see strategy, stakeholders and the different phases of the outsourcing as important dimensions that create risk and need to be addressed when organisations are planning or running an outsourcing venture. This research confirms that there are a number of dimensions in IT outsourcing risk and it has provided depth to the understanding of these dimensions
Recommended from our members
Development of a Risk Assessment Model for Global Information Technology Outsourcing
Global Information Technology (IT) outsourcing has been recognized to have important potential benefits. However, researchers and practitioners also recognize potential risks involved in global IT outsourcing, which sometimes lead to undesirable consequences. This paper develops a model to assess risks in global IT outsourcing. Specifically, this paper begins by identifying global IT outsourcing risk factors by considering the national infrastructure, organizational infrastructure, and project environment. Second, a Global IT Outsourcing (GITO) engagement model for risk assessment is developed to logically link all these risk factors together. Third, one quantifiable approach based on a relative-weighted assessment model is presented to demonstrate how the risks in the GITO engagement model can actually be measured and assessed. Such an overall measurement of global IT outsourcing risks establishes a reference point for assessing global IT project outsourcing risks, and will assist managers to enhance global IT outsourcing’s effectiveness and realize its vast potential. This paper will also benefit high-level decision makers including executives, policy planners, and managers working on decisions regarding global IT outsourcing, such as decisions on selecting an outsourcee country with a lower level of risk
Information systems offshore outsourcing: a descriptive analysis
Purpose - The present paper has as its aim to deepen in the study of Information Systems Offshore Outsourcing, proposing three essential steps to make this decision: weighing up the advantages and risks of Offshore Outsourcing; analysing the taxonomy of this phenomenon; and determining its current geography.
Design/Methodology/Approach - With that objective in mind, it was decided to base the research work on the literature about this topic and the review of reports and statistics coming from different sources (consultants, the press, public institutions, etc.).
Findings - Offshore Outsourcing has grown vertiginously in recent years. Its advantages exceed even those of onshore outsourcing, though it also involves greater risks derived from the (cultural and physical) distance existing between customer and provider. Various types of services and customer-provider relationships hide under the umbrella of Offshore Outsourcing; i.e. it is not a homogeneous phenomenon. The main Offshore Outsourcing customers can be found in the USA and Europe, mainly in the UK but also in other countries such as Germany and France. As for provider firms, most of them are located in Asia −outstandingly in India but also in China and Russia. At present, there are important providers scattered in other continents as well.
Originality/Value - The conclusions suggest that the range of potential Offshore Outsourcing destinations must be widened and that the search for a provider cannot be based exclusively on cost savings; other considerations such as quality, security and proximity of the provider must also be taken into consideration. That is precisely the reason why the study of new countries like Spain as Offshore Outsourcing destinations is proposed
CRAC: Confidentiality Risk Assessment and IT-Architecture Comparison
CRAC is an IT-architecture-based method for assessing and comparing confidentiality risks of distributed IT systems. The method determines confidentiality risks by taking into account the effects of the leakage of confidential information (e.g. industrial secrets), and the paths that may be followed by different attackers (e.g. insider and outsider). We evaluate its effectiveness by applying it to a real-world outsourcing case
Towards an economic analysis of IT outsourcing risks
This paper uses a case study to focus on the economic impacts of IT outsourcing risks through price determination. Previous research on IT Outsourcing (ITO) has examined risks from a number of perspectives, invariably from its impact on cost and failure. This paper uses a two dimensional model of buyer and supplier risk to show the relationships between the two related forms of risk in ITO and the determination of prices to resolve the risk
SOME CONSIDERATIONS ABOUT IT OUTSOURCING PROCESS
IT outsourcing is the practice of contracting out the running of a part of an organization computer department. It is not a new phenomenon, but the scale and scope of its occurrence has greatly increased over the last decade. Due to the fact that IT outsourcing has no obviously and quantifiable benefits, most of the business entities choose not to do outsource their IT. The paper is based on the idea of incapability of exact determination of IT services costs. The purpose of this research regards the layout of the current approaches to outsourcing, description of different types of IT outsourcing and their advantages and the analysis of some models which might be used in order to facilitate the IT decision making process.Outsourcing, Information Technology, Information Systems, Application Services Provider, IT Risks
Taxonomy of Technological IT Outsourcing Risks: Support for Risk Identification and Quantification
The past decade has seen an increasing interest in IT outsourcing as it promises companies many economic benefits. In recent years, IT paradigms, such as Software-as-a-Service or Cloud Computing using third-party services, are increasingly adopted. Current studies show that IT security and data privacy are the dominant factors affecting the perceived risk of IT outsourcing. Therefore, we explicitly focus on determining the technological risks related to IT security and quality of service characteristics associated with IT outsourcing. We conducted an extensive literature review, and thoroughly document the process in order to reach high validity and reliability. 149 papers have been evaluated based on a review of the whole content and out of the finally relevant 68 papers, we extracted 757 risk items. Using a successive refinement approach, which involved reduction of similar items and iterative re-grouping, we establish a taxonomy with nine risk categories for the final 70 technological risk items. Moreover, we describe how the taxonomy can be used to support the first two phases of the IT risk management process: risk identification and quantification. Therefore, for each item, we give parameters relevant for using them in an existing mathematical risk quantification model
- …