This paper provides a framework for understanding the different types of interorganizational information sytsems and the risks that they pose. We suggest that the increased functionality and accessibility of information systems may require a new  trust  intermediary whose major role is to minimize competitiverisk, which is expected to be the major dimension of risk in future interorganizational information systems

Sherer, Susan A.

English

AIS Electronic Library (AISeL)

Association for Information SystemsAIS Electronic Library (AISeL)AMCIS 1995 Proceedings Americas Conference on Information Systems(AMCIS)8-25-1995Risk in Interorganizational Information SystemsSusan A. ShererLehigh University, sas6@lehigh.eduFollow this and additional works at: http://aisel.aisnet.org/amcis1995This material is brought to you by the Americas Conference on Information Systems (AMCIS) at AIS Electronic Library (AISeL). It has been acceptedfor inclusion in AMCIS 1995 Proceedings by an authorized administrator of AIS Electronic Library (AISeL). For more information, please contactelibrary@aisnet.org.Recommended CitationSherer, Susan A., "Risk in Interorganizational Information Systems" (1995). AMCIS 1995 Proceedings. 143.http://aisel.aisnet.org/amcis1995/143Risk in Interorganizational Information Systems  Susan A. Sherer  Lehigh University, College of Business and Economics  621 Taylor Street, Bethlehem, Pa. 18105, 610-758-3424, SAS6@LEHIGH.EDU  Abstract  This paper provides a framework for understanding the different types of interorganizational information sytsems and the risks that they pose. We suggest that the increased functionality and accessibility of information systems may require a new "trust" intermediary whose major role is to minimize competitive risk, which is expected to be the major dimension of risk in future interorganizational information systems.  Introduction  Interorganizational information systems (IOIS), systems based on information technology that crosses organizational boundaries [Bakos 91] are receiving increasing attention as organizations seek new ways to compete, achieve economic efficiency, and improve service. There are many different types of interorganizational information systems ranging from basic EDI to shared customer databases. Each poses different types and degrees of risk to an organization.  The three dimensions of risk [Sherer 95] that affect IOIS include technical, organizational, and environmental risk. Technical risk results from interconnectivity problems. As more open systems are developed, the key technical risk will become security. Organizational risk results from changes to internal organizational structures that occur as a result of changing roles among IOIS participants. This risk will be reduced as organizations become more agile [Goldman et al. 95], depending less upon formal, rigid organizational structures. Environmental risk includes dependence risk, where one organization becomes dependent on another organization that attempts to change the terms of the contract or fails to perform adequately, and competitive risk, where one organization attempts to "steal' competitive information from another. With more open systems in rapidly changing environments and the use of information technology's monitoring capabilities, dependence risk will decrease. However, competitive risk will become more significant as functionality and accessibility of shared information increases.  This paper provides a framework for understanding the different types of IOIS and analyzes the factors that affect the dimensions of risk that these systems pose. Moreover, we suggest that increased functionality and accessibility of information systems, while reducing the need for traditional market intermediaries, may provide a new role for the business intermediary: the "trust" intermediary whose major role is to minimize competitive risk.  Interorganizational Information Sharing  While trading partners have always shared information, improved connectability will increase the accessibility of information not only to many more trading partners, but to other nontraditional partners, both noncompetitors and competitors. In addition, the types of information that may be shared between organizations increases significantly beyond traditional trade documents. This information sharing will use free format communication tools such as email, groupware, and videoconferencing, as well as fixed format linked and shared databases including, for example, quality, inventory, personnel, and customer information; information that was formerly kept internal to most organizations.  The business concept has always required that adjacent partners in the industry value chain share information. Traditional information shared between buyers and suppliers has always included information on what is for sale and at what price. We call this external market information. This information has been shared in product catalogs, quotes, purchase orders, invoices, etc. EDI enables organizations to transmit this information at a much faster rate. However, the information content has been relatively unchanged in most organizations that have adopted EDI; the most common transaction set is the purchase order, followed by the invoice [Fergusson & Masson 93].  Once IOIS are installed, however, organizations find that they can share much more information than they previously did, especially information that was previously difficult, costly, and/or time consuming to compile non-electronically. For example, in the retail industry, some suppliers have achieved access to timely information on exactly what items are selling, enabling the supplier to control inventory replenishment. In the auto industry, electronic hierarchies [Malone et al. 87] have enabled suppliers to jointly design subsystems.  While functionality of shared information has increased, technology has also enabled increased accessibility. Traditionally shared external market information is now increasingly available to many more participants through the advent of electronic markets, particularly for items that are simply described and not asset specific [Malone et al. 87].  Moreover, as more functions are shared by many more organizations, IOIS open up many new opportunities to share new information, from customer databases to personnel records. This has led to alliances among non competitors such as Citibank/AA/MCI and AA/Hilton/Budget as well as competitive alliances such as MAC, the ATM network.  Figure 1 shows the different types of IOIS. In the next section, we discuss the risks of these different types of systems.  Risks in Interorganizational Information Systems  Standard EDI provides minimal risk to the organizations using these techniques since it primarily replaces paper documents with electronic sharing of information that has always been available to both trading partners. The risks that currently exist are technical risks arising from connectivity issues. As more open systems develop, these risks will be greatly reduced.  As electronic hierarchies have formed, organizations have begun to share new information. This has increased both environmental and organizational risk. Organizational risk initially increases as organizations transform to adapt to new roles. For example, Walmart has eliminated its own purchasing groups, contracting with suppliers to replace products as sold. Electronic hierarchies can redistribute power and authority as access to information changes. These changes present dependence risk as power and advantage are redistributed with changing access to information. The risks that are introduced include [Clemons & Row 92]:  opportunistic renegotiation - one party attempts to renegotiate the terms of the contract, especially after the second party contributes substantial sunk costs or loses control of important resources, and shirking - one party does not perform its tasks satisfactorily.  As more open systems are developed and non-biased electronic markets replace hierarchies [Malone et al. 87], the risk of opportunistic renegotiation is reduced. Information technology can help monitor behavior of partners to manage the risk of shirking [Clemons & Row 92].  In electronic markets, environmental risk is high if the system is biased. However, Malone et al. [87] have suggested that electronic markets will eventually be driven by competitive and legal forces to unbiased and then personalized markets. If this occurs, organizational rather than environment risk may be a key factor if organizations are not flexible enough to transform their internal business processes to effectively use these new types of markets. One key impact is projected to be the decline of the traditional business intermediary. Traditionally, market intermediaries such as the wholesaler and retailer were needed to provide accessibility to markets. As information systems increasingly provide accessibility to trading partners, their role is declining, particularly for commodities [Benjamin & Wigand 95].  Sharing new information with new partners provides, of course, the greatest potential risk to organizations. The degree and type of risk is dependent upon the nature of the relationship between the partners. IOIS can be used to support alliances between non-competitors, such as the MCI/AA/Citibank IOIS used for joint marketing purposes. In this case, the risks are similar to the risks in electronic heirarchies. These include the dependence risks: opportunistic renegotiation and shirking. For competitive alliances the major risk is competitive risk or "poaching", the risk that one party goes after the other's customers or uses proprietary information for its own advantage [Clemons & Row 92]. This risk may lead to a new role for the business intermediary - the "trust" intermediary. For example, EDS performed this role when it set up an IOIS system to transform formatted claims/encounters, eligibility information and referral authorizations among health care plans, independent physicians associations and medical groups. Four competitors - PruCare, HealthNet, TakeCare and Blue Cross/Blue Shield of California - felt that they needed an intermediary to discover what they had in common without revealing proprietary data. EDS and Health Information technologies played a role as keepers of company specific information [Garner 93]. An interesting question arises: Once these intermediaries perform this function, will their role be eliminated? The answer to this question may depend upon the degree of the primary technical dimension of risk in IOIS - security.  The Future of IOIS  It is expected that connectability will improve as more open systems are developed. Currently, the adoption of EDI has not been as rapid as expected because of the costs involved [Bouchard 92]. It is expected that costs will decrease as we move towards more open systems. Security will be the key technical issue to be resolved. As costs decrease, the use of standard EDI will increase more rapidly. Then as existing business partners become used to sharing information electronically, functionality of shared information will increase. As accessibility improves, more new noncompetitors will increase the functionality of shared information. In these two cases, the risks will include organizational and environmental dependence risk. But it is hypothesized that these risks will decrease because:  1. More flexible organizations can more readily reengineer business processes to adapt to new exchanges of information; and  2. More open systems reduce the risk of opportunistic renegotiation and shirking.  The risk that will require most attention is the competitive risk that will occur when sharing information among potential competitors. It is hypothesized that this will lead to a new role for the business intermediary, the "trust" intermediary who will be needed to manage the risk of poaching, particularly in the initial development phase. If security risk is not adequately reduced, this role may continue once these systems are developed.  References  Bakos, J.Y., "Information Links and Electronic Marketplaces: The Role of Interorganizational Information Systems in Vertical Markets," Journal of Management Information Systems, Fall 1991, Vol. 8, No. 2, 31-52.  Benjamin, R., Wigand, R., "Electronic Markets and Virtual Value Chains on the Information Superhighway," Sloan Management Review, Winter 1995, 62-72.  Bouchard, L., "Decision Criteria in the Adoption of EDI," Proceedings of ICIS, December 1992, 365-376.  Clemons, E.K., Row, M.C., "Information Technology and Industrial Cooperation," HICSS Proceedings, January 1992, IEEE Press, 644-653.  Ferguson, D., Masson, D., "The State of EDI in the U.S. in 1993," EDI Forum, 6(4), 1993, 8-11.  Garner, R., "Networking with the Enemy," Computerworld, November 29, 1993, p. 811.  Goldman, S., Nagel, R., Preiss, K., Agile Competitors and Virtual Organizations, Van Nostrand Reinhold, 1995.  Malone, T., Yates, J., Benjamin, R., "Electronic Markets and Electronic Hierarchies," Communications of the ACM, June 1987, Vol. 30, No. 6, 484-496.  Sherer, S., "The Three Dimensions of Software Risk: Technical, Organizational, and Environmental", HICSS Proceedings, January 1995, IEEE Press, 369-378.  External  Market EDI Electronic  Information Markets  Functionality  Non-competitive  New Types of alliances  Information Electronic  (e.g. Inventory, Hierarchies Competitive  Customer, Personnel alliances  Traditional Business Partners New Partners  Accessibility    

Risk in Interorganizational Information Systems

https://aisel.aisnet.org/cgi/viewcontent.cgi?article=1163&amp;context=amcis1995

Risk in Interorganizational Information Systems

Abstract

Similar works

Full text

Available Versions

AIS Electronic Library (AISeL)