Articles and questions
312 Information Systems Management, 26: 312–326 Copyright © Taylor & Francis Group, LLC ISSN: 1058-0530 print/1934-8703 online DOI: 10.1080/10580530903245549 UISM Offshore Outsourcing: Risks, Challenges, and Potential Solutions Offshore Outsourcing: Risks, Challenges, and Potential Solutions Tejaswini Herath 1 and Rajiv Kishore 2 1 Brock University, Department of Finance, Operations and Information Systems, St. Catharines, Ontario, Canada 2SUNY at Buffalo, Department of Management Science & Systems, School of Management Jacobs Management Center, Buffalo, New York, USA Abstract While offshore outsourcing is associated with several benefits, these ventures also pose many risks. In this paper, through an in-depth review, we develop a type 1 analysis theory about the various risks involved in offshore outsourcing projects, the challenges faced by managers in these collaboration initiatives, and solutions that may aid in overcoming those challenges. This paper contributes to both the theoretical and practice domains by providing a comprehensive offshoring challenges and solutions framework. Keywords outsourcing collaborations, offshore outsourcing, offshore outsourcing risks, offshore outsourcing challenges Introduction In recent years, many firms have adopted outsourcing as a means to manage their information technology (IT) operations. However, the reported success rate of off- shore outsourcing has been comparatively lower than expected due to various reasons. Despite its widespread diffusion over the years, management of IT outsourcing continues to challenge organizations. Organizations out- source operations to achieve major benefits such as reduced costs, increased flexibility, higher quality of ser- vices, and access to new technology (McFarlan & Nolan, 1995) as well as to enable staff to focus their efforts on higher value work thus improving output. The search for competitive advantage such as lower cost, technical knowledge etc. forces organizations to search for exter- nal solutions. Offshore outsourcing, defined as the dele- gation of non-core operations or jobs from internal production within a business to an external entity (such as a subcontractor) in a country other than the one where the product or service will be sold or consumed (Evaristo et al., 2005), has been explored by US based firms to take advantage of the opportunities made avail- able by the progress of IT and an emerging global work force (Apte & Mason, 1995). Global IT outsourcing createsstrategic advantages for firms in terms of access to highly skilled labor at low cost and potential market opportuni- ties (Chen et al., 2002).
While outsourcing is associated with several important benefits, it also entails number of risk factors (Auburt et al., 1999; Earl, 1996). Grover et al. (Grover et al., 1996) argue that the acquisition of resources from outside does not, by itself, guarantee competitive advantage to the firm.
Research in managing the outsourcing relationships has considered formal processes in earlier phases such as con- tract negotiations and bidding to reduce opportunistic behaviors (Aron et al., 2005; Wang et al., 1997); and to infor- mal processes such as relationship management. Contracts have long been essential in outsourcing relationships. Aca- demics have paid great attention to economic and legal contracts analyzing and guiding the types of contracts for different scenarios (Halvey & Mummery, 1996; Lee et al., 2004; Olson, 2000). Researchers, however, have also recog- nized the importance of informal processes (Kern & Willcocks, 2002; Shi et al., 2005) in light of the successes of long term relationships in outsourcing (Lee et al., 2004). It has been suggested that “outsourcing should be considered more as the management of relationships with a vendor rather than a simple subcontract for IS commodities” (Kishore et al., 2003). Yet, the quest for the most effective way to manage client-vendor relationship is still active (Kaiser & Hawk, 2004; Lacity & Willcocks, 1998; McFarlan & Nolan, 1995) and calls for additional research in this area have been made (Kern & Willcocks, 2002; Lacity & Willcocks, 2000; Lee & Kim, 1999).
Address correspondence to Rajiv Kishore, SUNY at Buffalo, Depart- ment of Management Science & Systems, School of Management Jacobs Management Center Buffalo, New York 14260-4000, USA.
E-mail: [email protected] Offshore Outsourcing: Risks, Challenges, and Potential Solutions313 To find out the best way to manage offshore outsourc- ing decisions, it is important to have a clear understand- ing of various risks posed in collaboration initiatives, challenges faced by managers, and solutions that may allow overcoming some of these issues to succeed in these ventures. In this conceptual paper, with a founda- tion of supporting cases, industry surveys, and relevant literature in this area, we identify various risks that firms face in offshore outsourcing collaborations, several chal- lenges posed by those risks to outsourcing managers, and the solutions proposed by researchers to overcome out- sourcing risks and challenges. Because offshore outsourc- ing is a particular type of outsourcing, the risks that are posed to any outsourcing venture will also apply in an offshore outsourcing context as well. Further, offshore outsourcing arrangements pose additional risks and issues that need consideration. Therefore, in this paper, we provide a comprehensive discussion of risks, chal- lenges, and solutions that are common to general out- sourcing and offshore outsourcing as well as those risks, challenges, and solutions that are unique to offshore out- sourcing contexts.
Further, outsourcing literature to date has produced several survey papers focusing on variety of issues (Dibbern et al., 2004; Lee et al., 2000). One of the most notable papers by Dibbern et al (2004) explores and syn- thesizes what has been done so far in the field with an intention of providing “a roadmap of the IS outsourcing academic literature, highlighting what has been so far how the work fits together under one umbrella.” Dibbern et al.’s paper “looks at the research objectives, methods used and theoretical foundations of the papers.” As Dibbern et al. (2004) argue, outsourcing is a practitioner- driven phenomenon. With this in mind, one of the key goals of this paper is to also aid offshore outsourcing managers find the best way to manage outsourcing deci- sions by gaining a deeper understanding of the variety of risks and challenges they may face in offshore outsourc- ing contexts and solutions that have been successfully used in the past.
We believe that this detailed literature review will enhance our understanding about successful and innova- tive collaboration in an offshoring context both in the theoretical domain as well as in the domain of practice.
To understand these criteria in a structured way, we build a type I analysis theory (Gregor, 2006) using induc- tive theory construction (Babbie, 2004). Type I theory, usually represented by frameworks, classifications sche- mas, or taxonomies, is a theory for analyzing. It allows examination of “what is” rather than explaining causal- ity or attempting predictive generalization, and is valu- able since it provides a description of the phenomenon of interest with evidence gathered (Gregor, 2006). The risks identified with a review of the cases both from the practi- tioner as well as academic literature lead to challengesthat fall into four major categories: Strategic Decision Challenges, Vendor Selection Challenges, Vendor Man- agement Challenges, and Technology Challenges. We discuss the solutions proposed in the literature in these four dimensions and discuss the applicability and poten- tial of balanced score card (BSC) method to effectively implement an outsourcing strategy and manage the collaboration process. Risks, Challenges, and Implications Several researchers have discussed a wide range of risks in outsourcing scenarios resulting in undesirable out- comes such as unexpected escalated costs, disputes and litigations, lock-ins, and loss of organizational competen- cies (Auburt et al., 1999; Bahli & Rivard, 2003a). These risks can result from factors such as (1) degree of exper- tise in outsourcing and IT operations on both client and vendor side; (2) other transaction related risk factors such as availability of suppliers, (3) asset specificity issues including investments on vendor side (such as training of vendor or client personnel; modification of processes to accommodate clients tools and systems; investment in equipment, hardware etc.) as well as client side invest- ments on contracts or contractual amendments, etc., (4) uncertainty (due to imperfect information regarding market demand as well as technological changes and breakthroughs), (5) relatedness (interdependence of systems and processes that are outsourced), and (6) measurement problems (differences in interpretations of performance) (Bahli & Rivard, 2003a; Earl, 1996; Lacity, 1995). Addition- ally, risk factors may include (7) loss of institutional knowl- edge (the chance that knowledge in the enterprise will eventually be lost as employees are displaced or retrained in reorganization), and (8) loss of control over outsourced functions. When outsourcing is carried out with an off- shore vendor it poses additional risks such as cultural differ- ences, language barriers, and geographical and time zone related barriers (Chen et al., 2002; Evaristo et al., 2005).
These particular offshoring risks, and their fallout, are clearly evident in the case of Dell. After an onslaught of complaints, computer maker Dell stopped using a technical support center in India to handle calls from its corporate customers. Some U.S.
customers complained that the Indian technical-support representatives were difficult to communicate with because of thick accents and scripted responses. Corpo- rate customers account for about 85% of Dell ’s business, with only 15% coming from the consumer market.
CNN, November 25, 2003 More recently security related risks such as data security protection /confidentiality issues have become more 314Herath and Kishore prominent (Evaristo et al., 2005). The examples below highlight these issues: In terms of sheer scale, the hacking of more than 10 million card accounts held by an independent sales organization earlier this year was the worst ever in financial services — worse than the heist of 3.7 million accounts from Egghead.com in 2000. . . .
Increased use of Internet technology, for example, is calling into question practices that have been around for years to assess the security of third parties. . . .
To respond effectively to electronic threats, financial institutions need to work closely with third-party part- ners to make sure the latter understand the importance of security. Charlotte-based Wachovia Corp., for example, subjects its third-party partners to “a lot of due diligence,” says chief e-commerce officer Lawrence Baxter. Compared with the early days of electronic commerce, when invest- ing in new services such as electronic bill presentment and payment topped the agenda, today ’s e-commerce pri- orities are risk management, disaster recovery, security and privacy, Baxter says. . . .
With cheaper offshore labor shaving about 40% off typical outsourcing costs, few large institutions can afford to ignore this option. The largest 100 global finan- cial services firms are expected to transfer $356 billion of operations and two million jobs overseas over the next five years, which will increase the percentage of financial firms sending work overseas from 30% to 75% within two years, according to Deloitte Research, a division of New York-based Deloitte Consulting.
Despite the efficiency benefits, offshoring also brings unique risks. The most obvious are prospects for war, civil unrest or other turmoil in the host country, which affects the manner in which institutions need to evaluate and prepare for business continuity, says Ward Holland, Wachovia ’s chief sourcing officer for strategic initiatives.
Offshore outsourcing puts additional pressures on information security systems because the outsourced data requires a higher level of encryption. The encoding and decoding of data prevents the outsourcer — or viruses introduced by the outsourcer — from penetrating the bank ’s network, says Holland, who is based in Charlotte.
Outsourcing ’s New Risks, Chris Costanzo, http://www.bai.org/bankingstrategies/2003-jul-aug/ outsourcing/ Based on a review of the extant literature, both in the academic and practitioner domains, we juxtapose the major types of IT offshore outsourcing with examples of different types of risks that may plague those types out- sourcing projects in Table 1 in order to develop a finer grained understanding about the various risks involved in IT offshore outsourcing contexts.
To broadly categorize the management challenges posed by these risks, we use an inductive approach which allows a discovery of pattern that represents some degree of order among the given events (Babbie, 2004; Dibbernet al., 2004). With the help of our literature review, we identify the various types of risks encountered in out- sourcing ventures to structure them into constituent parts (Table 2). These risks falls into four main categories and pose challenges related to: (1) Strategic Decision Challenges, (2) Vendor Selection Challenges, (3) Vendor Management Challenges and (4) Technology Challenges.
We map these challenge areas to Dibbern et al.’s (2004) five-stage outsourcing model in Figure 2. As the outsourc- ing is best understood as management decision, Dibbern et al. (2004) developed a five-stage outsourcing frame- work that is based on Simon’s four stage model of deci- sion making. Although mainly developed to understand the research objectives or research questions in the out- sourcing literature this model allows consideration of why, what, which, how and outcome contexts of out- sourcing decisions and thus can be used to map the chal- lenge areas identified in this study. Strategic Decision Challenges Researchers have applied different perspectives to under- stand sourcing decision, the key among them being pro- duction and transaction cost economics (Ang & Straub, 1998), resource-based views (RBV), and resource-depen- dence views (Teng et al., 1995). The Resource-Based View (RBV) argues that a firm’s competitive advantage depends heavily on its resources, as well as how these are used.
Resources that are valuable and rare can lead to the cre- ation of competitive advantage (Wade & Hulland, 2004).
Competitive advantage can be sustained over longer time periods to the extent that the firm is able to protect against resource imitation, transfer, or substitution. The knowledge-based theory (KBV) of the firm considers knowledge as the most strategically significant resource of the firm. Its proponents argue that, because knowl- edge-based resources are usually difficult to imitate and socially complex, heterogeneous knowledge bases and capabilities among firms are the major determinants of sustained competitive advantage and superior corporate performance.
There is certain level of paradox in outsourcing when viewed from RBV or KBV prisms. Proponents of outsourc- ing have often used RBV to justify outsourcing decisions.
The lack of resources, or resource gaps, that a firm has can also be rectified by acquiring resources from outside the firm boundaries by souring arrangement (Teng et al., 1995). Outsourcing has been considered as a part of the way that firms assemble knowledge from suppliers (Shi et al., 2005). Thus, information systems (IS) outsourcing can be seen as a mechanism to integrate IS knowledge from IS vendors. Knowledge sharing by both, client and supplier sides, is considered to be a success factor in out- sourcing (Lee, 2001). However, some researchers have Offshore Outsourcing: Risks, Challenges, and Potential Solutions315 Table 1.Information Systems Outsourcing Types and Examples of Risks Posed Outsourcing Type Description Examples of Some Key Risks 1. Network managementSurveillance, administration, diagnostics, and maintenance for LANs, WANs, or both.
Vendor(s) typically assume responsibility for operation and maintenance of the ser- vice. They may also reengineer facilities, evaluate alternative technologies, or com- bine facilities to optimize further.Inadequate infrastructure,loss of internal know-how, loss of core group 2. Telecommunications managementServices related to (1) traditional voice services and also long distance, local loop bypass, and 800 numbers; (2) facilities linking remote offices to regional and cor- porate sites; and (3) public data networks.antiquated communication infrastructure 3. Mainframe/server managementMaintenance for all computer hardware including mainframe computers, servers, work- stations, printers and all types of peripherals to minimize the impact of any hardware failure. Services include fault diagnosis, fault resolution, preventive maintenance.Loss of internal know-how, loss of core group, operational risks due to vendor locations 4. Desktop support Management, protection, support and optimization of desktop and distributed computing environment. Desktop support spans over the entire lifecycle of desktop computing from acquisition to retirement. Example tasks include system configuration, user account management, network access, disk imaging, patching, and logging. Such support is enabled through standardization and automation of remote service provisioning.Antiquated infrastructure, loss of internal know-how, loss of core group 5. Helpdesk Support services including troubleshooting and resolving end-user computer system problems and the education of end users on computer and software use. Helpdesk services may be provided through calls, emails, fax, and live Internet chat.Communication problems, cultural differences 6. Application maintenanceApplication maintenance tasks such as: (1) improving stability and efficiency of mission- critical applications, (2) continuously improving the quality of application systems, (3) keeping applications in line with the latest technologies, (4) migrating application sys- tems to new and emerging technologies, and (5) reducing total cost of ownership.Loss of internal know-how, loss of core group 7. Data center managementSupport business applications that handle the core business and operational data of the enterprise. Typical tasks include operations of the application systems, data warehousing, database administration, storage area networking, etc.Operational risks due to ven- dor locations 8. Enterprise integrationCreating an integrated, enterprise-wide IT platform to suit business needs. Includes all systems life cycle tasks from feasibility studies, requirement analysis, technical analy- sis, solution development, network design, equipment and hardware selection, instal- lation, testing, end user training, etc.Poorly articulated require- ments, incompatible development tools, vendors providing legacy technology 9. Technical systems integrationLinking together different computing systems and software applications, physically or functionally. This integration is technology-oriented with an effort to improve IS productivity.Antiquated communication infrastructure, inadequate infrastructure 10. IS planning Review of strategic business imperatives, assessment of existing IS infrastructure (tech- nology and applications, organizational structure, and resources), identification of gaps between business needs and IS infrastructure and performance, review and approval of IS improvement planning, prioritization of alternatives, and scheduling of implementation.Reverse engineering of critical business processes, stealing and/or using proprietary information for secondary purposes 11. Application development Requirement analysis, architecture design, project planning, risk assessment, soft- ware development, quality assurance and testing, maintenance related to applica- tion development. The vendor assumes responsibility to deliver software solutions that are custom-developed for the specific business needs and the IT environment of the client.Poorly articulated require- ments, incompatible develop- ment tools, vendors providing legacy technology, reverse engineering of critical busi- ness processes, stealing and/or using proprietary information for secondary purposes 12. Business process outsourcing:Management of business processes such as customer service center (aka call center), human resource, finance, accounting, procurement, medical, legal, transcription, data capture based on defined and measurable performance metrics.Loss of internal know-how, loss of core group, loss of intellec- tual property, operational risks due to vendor locations 13. Knowledge process outsourcing:Delegation of knowledge-intensive business sectors and processes such as research and product design, patent filing, intellectual property management, engineering design, equity research, and market research to offshore providers who have high- end domain knowledge and skills.Loss of intellectual property, knowledge hoarding, operational risks due to vendor locations 14. Enterprise business process outsourcing:Delegation of a set of business processes (both functional and engineering) that are integrated for enterprise-wide functions and resource management to offshore vendors. This outsourcing differs from previous ones in that the client firm does not outsource disconnected and individual business processes; it outsourcers a set of integrated business and knowledge processes to the vendor. The vendor assumes responsibility to manage all the involved sectors and processes for pre- defined performance.Loss of internal know-how, loss of core group, loss of intellec- tual property, knowledge hoarding, operational risks due to vendor locations, reverse engineering of critical business processes, stealing and/or using proprietary infor- mation for secondary purposes 316Herath and Kishore raised concerns regarding the potential loss of internal know-how through IS outsourcing (Willcocks et al., 2004) and the potential loss of intellectual property (Chen et al., 2002; Evaristo et al., 2005). Outsourcing involves the inherent risk of forgoing the development of the knowl- edge base of the firm. Hoecht and Trott (2006) argues that innovative capability of the firm is largely dependent on cumulative knowledge built up over many years of expe- rience. Innovative ability cannot be simply bought and sold. Earl (1996) argues that innovation needs slack resources, organic and fluid organizational processes, and experimental and entrepreneurial competences - all attributes that external sourcing does not guarantee.
Aron (2005) describes these risks as the long-term intrinsic risks of atrophy. These risks are an inevitable byproduct of the process of outsourcing. Over time, if a company outsources an activity completely, it loses the core group of people who were familiar with it. They retire, they leave for employment where their skills are more valued, or they simply become less technically com- petent and out of date. Reliance on outsourcing is prob- lematic, not only because key areas of expertise may be gradually lost to the outsourcing organization but also because outside providers may not have the desired lead- ing edge expertise over the long-term (Earl, 1996) or may spread their expertise among many clients so that it degrades from core competency to mere industry stan- dard. Hoecht & Trott (2006) remind senior managers of the harm that may be inflicted on the ability of the orga- nization to survive in the long term if its core competen- cies are slowly eroded through outsourcing.
A related issue is that of the strategic intent (DiRomualdo & Gurbaxani, 1998) behind the offshore outsourcing decision by organizations. Strategic intent in this context can range from an improvement in the IS unit of the organization (which generally provides the lowest degree of benefits), an improvement in the busi- ness processes of the overall organization, or a commer- cial intent to generate profits by developing core expertise in the domain of outsourced IT service (Kishore et al., 2004–2005). The commercial intent is exemplified in the oft-cited case of American Airlines who established a new subsidiary to sell airline reservation related ser- vices commercially to other airlines and travel agents using Sabre, its airline reservation system, and to gener- ate new revenues and profits from this line of business.
Strategic intent behind outsourcing is an important chal- lenge as it has been shown that stock market reacts favor- ably and rewards companies when they outsource with an intent of creating the maximum returns for the firm (Agrawal et al., 2006).
On the vendor side, vendors can develop their exper- tise through building knowledge from experiences and holding the knowledge for competitive advantage.
Szulanski (Szulanski, 1996) identifies lack of incentives, Table 2.Risks and Challenges in Outsourcing Risks Challenges Posed –Knowledge hoarding–What IT functions to outsourceStrategic Decision Making – Loss of intellectual property– What is the right proportion to outsource – Loss of internal know-how – Loss of core group – Loss of core capability – Loss of competitive edge –Disparity between what it negotiated and what is delivered – Cost escalation –Vendors providing legacy technology – Operational risks due to vendor locations –Risks due to environmental, cultural, legal differences– Selecting an appropriate vendor (with experience in scoping the project, up to date technology skills and match other cultural and orga- nizational facetsVendor Selection –Deliberate underperformance by vendor–What type of contract to chose –How long the contract should be –How to manage the vendor relationshipsVendor Management – Reverse engineering of critical business processes, stealing and/or using proprietary information for secondary purposes –Lock-in situations – Loss of bargaining power leading to disputes and litigations –Antiquated communication infrastructure – Complexity in codes –Conflicting standards – Poorly articulated requirements –Incompatible development tools– To have enough control and under- standing of the technologies usedTechnology Offshore Outsourcing: Risks, Challenges, and Potential Solutions317 lack of confidence, turf protection, and the “not invented here” syndrome as motivational factors potentially influ- encing knowledge transfer in outsourcing arrangements.
This two-sided nature of knowledge transfer is expected to create asymmetric information leading to outsourcing failures. From a client’s view several challenges then arise including deciding what is the right proportion of IT function insourced or outsourced, and what IT appli- cation should be outsourced or kept within for strategic reasons. Vendor Selection Challenges Numerous risks lie in selection of appropriate vendor.
Kern et al. (Kern et al., 2002) discuss the challenges that arise in selection and bidding process in outsourcing. In IT outsourcing, various suppliers may be asked to bid to provide IT services, with or without the use of intermedi- aries who can help in the process of vendor selection (Agrawal et al., 2005). One danger is the often large dis- parity between what suppliers initially advertise in their proposals and what is delivered at the end of the day.
Frequently the exact value and service requirements cannot be clearly determined. Suppliers often have to bid based on incomplete information, as the overall IT envi- ronment of an organization is often too highly inte- grated to evaluate objectively the actual service costs and technical requirements. IT technical capability continues to evolve at a dizzying pace, making it difficult to predict IT needs with any certainty. IT value often lies in the cross-functional integration of business processes andthe penetration of IT into the core of organizational func- tions. Such value is difficult to measure and contract for.
The difficulty in such bidding circumstances is to select those suppliers that offer the best deal, and here the focus tends to be on what cost efficiencies suppliers can deliver (Kern et al., 2002). The likely danger is that suppliers can out-bid themselves and subsequently find it impossible to continue with the deal as priced and structured. These experiences can place considerable pressure on an outsourcing venture and relationship to the point where re-negotiation or early termination become the only options. Regardless of whether the ven- ture is saved, significant costs will arise for both parties, raising general doubts over the financial viability of such deals in general. Understanding how such scenarios can evolve is the starting point for avoiding these situations.
Thus, related challenges for managers are then to select an appropriate vendor who has expertise in assessing the scope of the project as well as the vision to foresee the scenarios that may arise.
According to Aron et al. (2005) outsourcing ventures are also exposed to operational risks caused by the break- down in operations at the vendor locations. These risks are not caused by deliberate actions by the vendor or by unethical behavior of the vendor. Rather, they are a by- product of the complexity of operations, the geographic separation between client and vendor, the cultural gap between the environments of the client and the vendor, and/or the limitations of the communications and trans- mission systems between the two. Offshore outsourcing introduces many other types of risks that need consider- ation before a vendor is selected. (Apte & Mason, 1995; Figure 1.Map of outsourcing stages and related challenge areas. Why outsource What to outsource Outcomes How to outsource Which Choice to make Phase 1:
Decision Process Phase 2:
Implementation Determinants Advantages/Disadvantages Degree of Ownership Degree of Outsourcing Guidelines, Procedures Evaluation Vendor Selection Relationship Management Experiences/Learning Determinants of Success Other external factors Strategic Decision Challenges Related Challenge Areas Vendor Selection Challenges Vendor Management Challenges Technology Challenges 318Herath and Kishore Chen et al., 2002; Evaristo et al., 2005; Kliem, 2004) dis- cuss some of these risks as below:
Cost Savings Risk:Lower wages in developing countries do not necessarily translate to overall cost savings. Poor estimates, provider’s failure to deliver, poor selection of provider are some of the causes. Communication, long distance management, travel, training, and pro- vider management costs must also be factored into the analysis.
Internal Employee Issues:Backlash among the enterprise’s current employees is to be expected as an operation is offshored since their jobs are at stake.
Management Complexity:Management is inherently diffi- cult in the complex offshoring process with multiple development centers in different time-zones, conti- nents, and cultures.
Geopolitical Risk: Political instability, labor unrest, power shortage, and infrastructure status may affect the software development progress.
Risk of Intellectual Property (IP) Loss:The enterprise’s IP may get stolen in outsourcing and subcontracting, result- ing in a provider one day becoming a competitor.
Some countries have rather lax laws on IP protection while other countries may have laws on software piracy and data privacy but that are seldom enforced.
International Data Sharing:When data from different global locations are accessed and consolidated, it requires well-defined and highly compatible global data standards. Furthermore, issues may arise due to lax or primitive legal systems regarding data sharing.
Global Cultural Environment:Cultural differences exist with differences in language, customs and even the pace of daily life. Language problems in international collabora- tion, cultural differences in employer-employee relation- ships, seniority and personal relationship with authority, and socialist/capitalist principles cannot be ignored.
Financial Risks:Currency exchange rate fluctuations are important and cannot be wished away.
Difficulties in Communication and Coordination:Poor tele- communications infrastructure in underdeveloped countries can be a serious drawback.
These risks lead to the primary challenge of selecting an appropriate vendor in an appropriate country who will have expertise in outsourcing including the ability to fore- see and deal with various scenarios and problems that may occur, expertise in the field, ability to maintain expertise and provide services, and cultural and organizational fit. Vendor Management Challenges Earl (1996) proposes that IT operations and development have always been inherently uncertain, users are notsure of their needs, new technology is risky, business requirements change, and implementation is full of sur- prises. While clear specifications of the problems and clear expectations are necessary, Earl (1996) argues that a project management regime that demands no changes to specifications and rigid time and budget controls can produce applications that do not achieve their full poten- tial or can create user-specialist conflicts. Companies should avoid outsourcing contracts that are set in con- crete. As a result, there is plenty of advice in the out- sourcing literature to build variation clauses in contracts, develop agreements on annual reviews, and sign short-term contracts. In reality, one-year reviews can involve costly annual contract amendments. Short-term contracts may attract cost premiums, and contract varia- tion clauses may not foresee all the uncertainties. Being willing to pay for flexibility may be better than specify- ing tight performance contracts with penalty clauses, fol- lowed by litigation. With diverse suggestions as to what is beneficial, the managers are then faced with a chal- lenge about what is the appropriate length of the con- tract and how to achieve a right balance between flexibility and cost implications.
While claiming full payment, the vendor can do less work than required, less work than contracted for, or less work than what you are paying for. Aron et al. (2005) describes this deliberate under-performance as shirking.
Deliberate under-performance occurs because the vendor’s incentives for hard work are different and the lack of infor- mation available makes it difficult or impossible to detect.
Vendors can also misuse information that was originally provided in a legitimate contract (Aron et al., 2005; Hoecht & Trott, 2006). Aron et al. (2005) describe this phenomenon as “poaching” which can entail reverse engineering of critical proprietary business processes, stealing them, and reselling them or using them as a direct competitor of the client.
Poaching as a phenomenon has become more significant since information has become a valuable asset in the infor- mation based economy where information can be more eas- ily codified, and also because outsourcing has increased.
When the client has no alternative source of support, goods, or services, it is likely to result in a lock-in condi- tion. In such situations, the client must pay its current supplier whatever price the supplier demands in the future. This loss of bargaining power, and the associated escalation of pricing, has occurred so frequently that this form of opportunistic renegotiation has its own name — vendor holdup —in the outsourcing literature.
Based in the transaction cost economics Bahli and Rivard (2003a, 2003b) and Aubert et al. (1996, 1998) dis- cuss several risks that arise in outsourcing transactions.
Lock-in:Lock-ins can occur due to asset specificity, fewer number of suppliers, client’s degree of expertise in outsourcing contracts Offshore Outsourcing: Risks, Challenges, and Potential Solutions319 Costly contractual amendments:caused due to uncertainty Unexpected transition and management costs:Due to uncer- tainty, client’s degree of expertise in IT operations, client’s degree of expertise in outsourcing contracts, and relatedness of IT infrastructure Disputes and litigation:due to measurement problems, and due to issues related to supplier’s degree of exper- tise in IT operations Conflicts in outsourcing are a result of differences of interests between the client and their vendors. One of the major risks in IT outsourcing is contractual conflicts, which arise because of: differences in objectives of the client and vendor; incomplete and/or poorly designed contracts that do not cover all future contingencies; different interpretations of the contract; change in the business needs and requirements of the client; or techno- logical changes (Parolia & Parikh, 2005). Presence of conflict among the vendors affects the client-vendor rela- tionship (Choi et al., 2002). If conflicts are not resolved amicably, the hostility and bitterness resulting from them can lead to negative consequences including rela- tionship termination (Morgan & Hunt, 1994).
Contract is a major governance instrument for out- sourcing relationship management and risk mitigation (Goo et al., 2009). However, choosing an appropriate con- tract is not an easy task. Choosing the duration of a con- tract can have pros and cons that need to be considered.
For example, longer duration contracts provide stable and higher revenue. They are considered for better devel- opment of relationship with the vendor. On the other hand, they may create lock-in situations and can be more risky. Short term contracts earn lower revenue due to learning curve effects. However, they are less risky than longer term contracts. Researchers find that longer term relationships are more successful than short term rela- tionships(Goo et al., 2007; Lee, Miranda, & Kim, 2004).
The authors argue that this may be because time is a crit- ical dimension in the development of relationships; while time introduces an element of risk in relation- ships, it also facilitates cooperation among the parties.
An outsourcing company then faces the challenge in terms of deciding the appropriate contract duration, i.e.
the period of time for which both parties are committed to each other.
In outsourcing research, academics have paid great attention to economic and legal contracts analyzing and guiding the types of contracts for different scenarios (Bragg, 1998; Domberger, 1998; Halvey & Mummery, 1996; Olson, 2000). Given the complexities of outsourc- ing arrangements due to rapidly changing environment and technologies, reliance on the legal contracts alone is not sufficient. Early theories on contracts posit that interorganizational relationships are governed by more than legal exchanges. Written obligations incorporatedin legal contracts can never be complete and parties must be supplemented by unwritten promised and spirit of the contract (Goo et al., 2009). This has led researchers to recommend managing outsourcing ventures as strate- gic partnerships (Kishore et al., 2003; Willcocks & Choi, 1995). Outsourcing involves mutual obligations, which are beyond mutual expectations and based upon per- ceived promises of a reciprocal exchange. Failure to meet obligations is likely to lead to erosion of the trust and relationship between the client and vendor, and impact client’s satisfaction.
Risks discussed in this section as well as in the earlier section pose questions about what kind of outsourcing relationship to pursue. Different types of sourcing rela- tionships from insourcing, co-souring to partnerships and strategic alliances are proposed in the literature.
Decisions also have to consider an issue related to who will retain the control over the process that is not con- tractually stipulated. Technology and Technical Challenges Earl (1996) mentions a case of a vendor stating: “We have won some good business by taking over legacy systems.
The trouble is we now have legacy IT skills, and our customers are sometimes technologically ahead of us.” When teams are working across sites, the lack of tech- nical synchronization between the client and the vendor can be particularly critical and have an adverse impact on the outsourcing relationship. Kliem (2004) and Jennex and Adelakun (2003) outline other technical risks in out- sourcing. These risks can be in terms of:
Communication infrastructure:antiquated network backbone Complexity:Development of “spaghetti” code Configuration control:No versioning of objects or modules Databases:Expensive conversion of data Methodologies:Noncompliance with embraced methodologies Standards:Conflicting development standards Requirements:Poorly articulated requirements Tools:Incompatible development tools Considerations for Effective Management of Outsourcing The nature of IT sourcing research has changed over years. As practice has evolved from a simple make-or-buy decision to complex contracts and partnership, the sourcing research also has evolved from consideration of outsourcing for competitive advantage to dealing with risks in outsourcing and ways to overcome it. In light of out- sourcing risks, several researchers have given guidelines as to what clients can do or look for in the vendor (Balaji & 320Herath and Kishore Brown, 2005; Baldwin et al., 2001; Choudhury & Sabherwal, 2003; Shi et al., 2005) to achieve outsourcing success. In Table 3, we summarize the challenges discussed in the above sections and discuss in more details below some related solutions that are suggested in the literature. Strategic Decision Considerations In considering what IT functions to outsource, King (2007) and Baldwin et al. (2001) caution that certain IT functions should be retained in the organization. King (2007) argues that while many offshoring contracts relate to operating business processes, the analysis and modeling skills that are required for process redesign must reside in the organization’s internal IS function. He also suggests that strategic IS planning is the link between the business strategy and the mission. As such, this planning process requires in-depth understanding of the firm, and should never be outsourced or offshored. Doucette (CIO of Hartford, Connecticut based United Tech- nologies) created a sourcing plan stating what goes off- shore, what goes to U.S. outsourcers and what stays at UTC.
His criteria for what goes where are pretty simple. “First, you have to ask yourself if the work is strategic. If the answer is yes, you should keep it internal,” Doucette says.
“Then, if it ’s not strategic, you have to ask yourself if it ’s going to the lowest-cost source. If you ’re not the lowest- cost provider of that service, you need to contract it out.” Inside Outsourcing in India, Stephanie Overby, CIO.com, June 01, 2003, http://www.cio.com/article/print/31928 IS strategic planning has been integrated into strategic business planning in many firms. When outsourcingtakes place, top managers tend to presume that IT’s role in the business is lessened and they may give less attention to it (King, 2007). IT people must understand business strat- egy and IT’s role in it, and keep these issues in the mix of those treated in strategic business planning. King (2007) maintains that the development of mission-critical soft- ware/systems must usually be retained in-house since this is where the essence of one’s informational core compe- tence resides. Most organizations have trade secrets and/or critical key processes embedded in their software and sys- tems that they would not wish to be made available to out- siders. Through exhaustive research, Willcocks et al.
(2004) provide suggestions for the fee-for-service outsourc- ing deals and arrive at many similar conclusions and rec- ommend retaining core in-house capabilities.
Apte & Mason (1995) develop six criteria for selecting and organizing service activities that can be disaggre- gated. They recommend the analysis based on informa- tion intensity, customer contact need, and physical presence need. Based on the rating of these three dimen- sions the activity may have high or low potential for disaggregation. Apte & Mason (1995) suggest further eval- uation for feasibility and desirability based on three more factors: separability of symbolic manipulation com- ponent, structuredness and specificity, and legal and cul- tural feasibility. This framework was further tested in the context of a variety of service sector professions and found to be quite robust (Mithas & Whitaker, 2007).
Aron et al. (2005) suggest division of processes into smaller chunks what they call “chunkification” to over- come the issue of what should be outsourced. They sug- gest that vertical chunkification, i.e., dividing a process into sequential non-overlapping activities, can greatly reduce the knowledge transfer associated with outsourcing and can reduce the risk of knowledge leaks. Similarly, Table 3. Outsourcing Risks, Ch allenges an d Solutions Challenges PosedSolutions Strategic Decision Challenges – What IT functions to outsource – What is the right proportion of IT assets to outsource– Selecting service activities that can be disaggregated – Vertical and Horizontal Chunkification Vendor Selection Challenges – Selecting an appropriate vendor with experience in scoping the project and up to date technology skills and who has a good match with client ’s cultural and other organizational facets– Multi-criteria decision making tools for vendor evaluation – Vendor with cultural and organizational fit Vendor Management Challenges – What type of contract to choose – How long the contract should be – How to manage client-vendor relationships– Contract type based on the need of the firm and expectations of outcome – Vendor management, project management and process management with portfolio of controls – Balanced score card approach for performance measurement Technology Challenges – To have enough control and understanding of the technologies used– Joint client vendor teams – Up to date understanding of technology environment and technology offerings by different vendors Offshore Outsourcing: Risks, Challenges, and Potential Solutions321 horizontal chunkification, i.e., dividing the volume of a process or a sub-task among alternative vendors, can greatly reduce the risks of shirking and opportunistic renegotiation, especially if some of the volume is retained internally. Business processes can be evaluated for the possibility for such divisions. Vendor Selection Considerations In vendor selection, managers have to pay attention to select a vendor with appropriate expertise and experi- ence as well as matched cultural and other needs. In this context, academics have proposed multi-criteria deci- sion-making tools for vendor evaluation.
In consideration of whether to use a single vendor or multiple vendors, division of process/task can provide vendor selection guidance in addition to guidance about what to outsource (Aron et al., 2005). As discussed above, vertical “chunkification” can greatly reduce the risk of poaching while horizontal “chunkification” can reduce the risks of shirking and opportunistic renegotiation, especially if some of the volume is retained internally. In addition, division of processes and tasks into vertical or horizontal chunks can also allow for consideration of mul- tiple vendors. Thus, a firm can decide whether to choose one vendor to do the entire task itself, or choose many ven- dors to do chunks of the same tasks or different tasks.
Akomode et al. (1998) provide valuable insight into this issue with a framework that can be used in calculat- ing (evaluating) risk in choice of vendors. This frame- work uses a multi-criteria decision making analytical approach for evaluation. They show an example of vendor evaluation based on following dimensions: ■Performance (image, market share, and reliability), ■Technical expertise ( tools maintenance, skilled staff, innovation) ■Commitment (project management, political stability, proximity) ■Time – to volume (capacity, orders, cycle–time) ■Quality (ISO 9000/BS 5750, audit scheme, manage- ment capability) ■Total Cost (design/ development, tariffs, relation- ship management, inventory, freight) When considering offshore outsourcing, additional factors such as cultural similarity and communication expertise of the personnel on teams may need additional atten- tion. Willcocks et al. (2004) recommend that outsourcing client firms should ensure that they and their supplier have a cultural fit and that the supplier has sector and domain knowledge and experience.
Baldwin et al. (2001) recommend choosing from a broad range of IT vendors and considering outsourcingcarefully when faced with a limited choice of vendors.
They also recommend analyzing vendors’ bid proposals to rethink and re-evaluate an in-house provision of the IT service(s) by examining how vendors intend to provide better solutions.
Willcocks et al. (2004) recommend that outsourcing firms should carry out due diligence prior to signing the contract. This is quite important as vendor capabil- ities across different process areas can differ and can have a positive or an adverse impact on delivery performance of the vendor (Swinarski et al., 2006).
A report based on a survey of 315 organizations across the world carried out by PA Consulting, notes that sixty-six percent of clients participating in the study wished they had focused more on the suppliers’ ability to deliver on their promises. Scott Hamilton, a mem- ber of PA’s management group and sourcing executive board, mentions: “A supplier is only ever going to name a reference client from a successful project.” However, he was still surprised to find that 58% of cli- ents in the survey had not undertaken any form of due diligence at all (http://www.out-law.com/page-6965).
Trust is an important factor in adopting outsourcing as a strategy and in selecting a service provider (Randeree et al., 2008), and due diligence allows for the development of trust in a vendor who is capable of delivering on the client firm’s requirements without exhibiting an opportunistic behavior. Vendor Management Considerations Outsourcing is one of the managerial options to mitigate risks suggested in the IT systems development (Benaroch, 2002). However, outsourcing itself is a risky venture.
Hence, outsourcing should be considered as portfolio of options. In the valuation of contracts several different alternatives can be considered such as: deferral option (deferring the decision to outsource), continue using same vendor or considering another vendor (switching option), and abandonment option (discarding the practice of outsourcing).
Researchers have proposed out-tasking, co-sourcing, application service provider (ASP), managed service provider (MSP), and gain-sharing as different levels of outsourcing. To avoid the risk of losing skills and facing the risk of lock-ins, a firm might consider keeping opera- tions completely in-house (insourcing). If the resource gap cannot be filled internally within the organization, a firm might consider keeping part of the control in-house by considering sourcing part of the process outside (co- sourcing/out-tasking). As proposed by Lee et al. (2004), based on the needs of a firm and its expectation of the outcomes, a firm may have to choose an appropriate outsourcing strategy (Table 4). 322Herath and Kishore Table 4.Outsourcing Strategy Choice Hoecht & Trott (2006) suggest that trust brought about by interest in repeat dealings is a possible mecha- nism for managers to deal with knowledge leakage.
Tightening legal contracts would also be an option to prevent knowledge leakage. However, research has shown that power over suppliers that comes from legal contracts often has a weaker effect on vendor commit- ment for the outsourcing relationship with a client firm as compared to a partnership style of relationship that fosters trust (Swinarski et al., 2008). In practice, the knowledge base of core competencies is often tacit in nature and difficult to codify, and it is next to impossible to prove that betrayal has occurred. Furthermore, the essence of strategic sourcing is to develop the capacity to participate directly in sourcing networks. This could be achieved by either retaining or recruiting individuals into the buyer firms who have the ability to judge indus- try developments and to actively participate in industry networks. The task of these individuals, who have to be highly regarded experts in their field, would be to act as boundary spanners between scientific research, the ser- vice providing consultancy firms and their respective buyer firms. Their job would entail the definition and demarcation of high-risk areas within their home organi- zations and the selection and supervision of those “exter- nals” that would be granted access to the business functions and processes identified as high risk.
Baldwin et al. (2001) suggests that companies out- sourcing for the first time must sign short-term to medium-term contracts with vendors to avoid a “contrac- tual stranglehold” and to acquire a better understanding of outsourcing and transaction costs. King (2007), among others, has also stressed the importance of having flexi- bility in contracts. Due to the ever changing nature of technology, potential improvements may become feasi- ble through technological advances. Competition in the marketplace may also allow for better technological offerings and service levels offered by other vendors. This makes negotiations and the terms of the contract impor- tant. He recommends that no client should allow them- selves to be truly “locked into” a long-term contract andcontracts should provide for continuous benchmarking of service-levels against other providers. In providing sug- gestions for the fee-for-service outsourcing deals, Willcocks et al. (2004) recommend that the client should write complete, detailed, and short-term (3 to 5 year) contracts because the circumstances and technologies will change fast.
To overcome the issues faced in offshoring, Krishna et al.
(Krishna et al., 2004) and Walsham (2002) give several rec- ommendations. Walsham (2002) suggests that there is a need for practitioners to be highly sensitive to cultural differences when working in a cross-cultural context.
Sensitivity to other cultures does not imply the need for practitioners to change their own attitudes and values to those of the other culture. What is needed is some under- standing, and ideally empathy, for the attitudes, norms, and values of others. Such understanding offers the possibility of mutual respect between cross-cultural part- ners. Krishna et al. (2004) have suggested ways to address challenges in cross-border software outsourcing relation- ships. These involve the initial strategic choice of appro- priate projects, ways of managing the relationship, and approaches to staffing and training.
Balaji & Brown (2005) suggest vendor management, project management and process management as key aspects for success in outsourcing. Keeping project mile- stones can be one such aspect of achieving success. This feature can be incorporated to enable managerial flexi- bility in contracts to allow amendments and/or changes.
A recent article by & Benaroch (2006) addresses this issue.
According to Clark et al. (1998) “.. the truly critical suc- cess factors associated with successful outsourcing are those associated with vendor governance. (p. 72)” Choudhury & Sabherwal (2003) suggest an evaluation of portfolio of controls for vendor governance. These mechanisms include control of outcomes (project plan, project timelines, regular delivery of software) as well as behavior control (project plan, weekly/monthly reports, meetings, calls, visits). Beulen and Ribbers (2002) pro- posed a descriptive framework that identifies relevant elements for managing complex IT-outsourcing partner- ships. In this framework the total management activity (or cycle) is divided into sub-activities plan, organize, target, motivate and control. Further the five major aspects of an outsourcing situation including IT strategy, information management, contracts, contract manage- ment, and availability of human resources should be managed using these five activities.
A recent report based on an interview with John Doucette, CIO of Hartford, Connecticut based United Technologies emphasizes the importance of process per- formance measurement. The report (Inside Outsourcing In India, Stephanie Overby, CIO.com, June 01, 2003, http://www.cio.com/article/print/31928 ) notes:
Expectation/Outcome Strategy • Strategic competence • Minimal outsourcing • Buy-in contract • Short-term duration • Cost efficiency • Selective outsourcing • Detailed specification of obligations • Medium-term contract • Technology catalysis • Comprehensive outsourcing • Unspecified contract • Long-term relationship Offshore Outsourcing: Risks, Challenges, and Potential Solutions323 If you want to know how important (David) Wood (CIO of Otis Asia Pacific in 1990s) thinks application develop- ment and maintenance processes are to working well in India, all you have to do is listen. In the course of an hour long discussion of offshore outsourcing, Wood uses the word process 48 times, sometimes up to four times in one sentence. “You cannot underestimate the importance of structuring and defining your processes, putting tools in place to measure the performance of those processes, and having processes in place to improve those processes,” he says.
Continuing to invest in the Indian outsourcing relation- ship on an ongoing basis in order to catch mistakes and improve processes is key. As it is, Wood is automating many of the new processes as well as the metrics to monitor them using software that captures and analyzes data such as cycle times and defects. “It ’s one thing to have good processes in place, but if you don ’t have another process to constantly monitor and improve those processes, they will be out of date in a month,” Wood says. Performance management has been cited as one of the factors in outsourcing successes by other successful out- sourcing ventures (Sagnes & Halleen, 2005). A May 2006 study by Capgemini and CFO Research Services reports that among the buyers who terminated their outsourc- ing relationships did the following things wrong: less than 20 percent respondents bothered to “define, docu- ment, capture, and report operational and financial per- formance metrics.”; the same number did not have a formal governance process to oversee their outsourcing relationships; less than 10 percent always audited their suppliers; and 90 percent did not build incentives or penalties into their contracts (http://www.outsourcing- best-practices.com/study.html).
One of the promising mechanism that can help man- age the processes and service level agreements is the Bal- anced Score Card (BSC) framework. This framework invented by Kaplan and Norton is a performance mea- surement based tool to implement organization strat- egy. The following quote from an expert interview (Beulen & Ribbers, 2002) clinches its usefulness in out- sourcing. “The Balanced Score Card is a tool useful for discussions at both tactical and strategic level to imple- ment changes in the contracts. The Balanced Score Card ensures a business discussion and prevents a technical oriented discussion” (Beulen & Ribbers, 2002). Despite its potential, this management tool used for performance measurement is not addressed adequately by the litera- ture in outsourcing.
Balanced score cards can be used in strategic decisions and performance measurement. The balanced scorecard translates an organization’s mission and strategy into a comprehensive set of performance measures. BSC does not focus solely on the financial objectives but also high- lights the nonfinancial objectives that must be achievedin order to meet the set goals. Kaplan and Norton (Kaplan & Norton, 1992) describe the four key perspectives that BSC measures performance from as: (1) financial, (2) cus- tomer, (3) internal business processes, and (4) learning and growth. Due to the ability to measure such intangi- ble aspects as learning and growth, this technique has also been suggested in the related area of knowledge management (Fairchild, 2002). BSCs allow measurement of operational measures such as cycle time, delivery, development of skills, and training which can be more important than financial measures in outsourcing contexts.
BSCs can be used for implementing strategies of firms that are one time or recurrent in nature. Since both financial and non-financial performance measure- ment need consideration, and since outsourcing strate- gies can be one time or recurrent, this technique is well suited for performance measurement in outsourcing arrangements. Specifically, a score card that is aligned from both client and supplier perspective in terms of meeting client objectives given supplier abilities as well as meeting supplier needs with client abilities has a great potential for effective management of outsourc- ing arrangements. Technology Considerations When a company outsources an IT service to a third party, it is important to ensure that vendor’s possess the right capabilities (Swinarski et al., 2006) and that their IT skills are not outdated. In many situations, vendors wish to consolidate the work of many clients on their own leg- acy technology to achieve economies of scale and high returns. IS executives from client organizations must independently assess evolving technology in order to maintain an awareness of potential improvements that may become feasible through technological advances.
The client in addition must continuously be aware of the technological offerings and service levels offered by other vendors. Client organization must also be aware that business processes cannot be effectively redesigned when time and distance barriers exist, and direct contact between analysts and employees who are involved in operating the processes is required.
King (2007) recommends that as the focus for systems implementation and integration shifts to joint consult- ant-client teams, system customization, implementation and integration is an area in which competence must be maintained and enhanced by the client IT department.
He asserts that in an outsourcing environment, a tech- nology assessment capability must be maintained or developed by the outsourcing client since the vendor’s objectives with regard to technology are not always con- sistent with those of the client. 324Herath and Kishore Conclusion Outsourcing failures call for understanding of issues that underlie such failures. In this article, we attempted to identify the various risks posed in outsourcing initiatives with a detailed review of the literature. These risks pose several managerial challenges for outsourcing (client) organizations. Researchers to date have suggested vari- ous mechanisms to overcome some of these challenges, which we discuss and summarize in this article.
This review of literature presents several implications for research and practice. From the research perspective, this paper reviews outsourcing risks that have been iden- tified and solutions that have been proposed in the litera- ture to give us deeper insights into the challenges in offshore outsourcing and how they can be managed. We identify BSC as a potential tool for successfully managing of outsourcing collaborations that is relatively new to the literature in outsourcing. Future research in BSC application to outsourcing is required for deeper under- standing of how this measurement mechanism can be used effectively in IT outsourcing contexts. Another such avenue for future research is consideration of different outsourcing alternatives from real option perspective to manage risks. The identification of challenges based on risks presented in this article provides avenues for researcher to study the various mitigating mechanisms that can be used to mitigate or overcome these risks.
Managers need to understand the present and future risks that may arise in outsourcing endeavors. While some risks are more generic and may be applicable to many, some risks may be situation specific and thus managers need to evaluate the scenarios that may evolve in their organizational contexts. Managers also need to understand various mechanisms, tools, and techniques that may allow them to effectively deal with these chal- lenges. In this regard, this article provides a stepping stone to managers in terms of a comprehensive discus- sion of the variety of risks and challenges that they may face, and the solutions that they may find useful in their own outsourcing initiatives. Author Bios Rajiv Kishore is an associate professor in the School of Management at the State University of New York at Buffalo. His interests are in improving organizational and IT performance through the effective manage- ment of global IT and services outsourcing projects, tech- nology adoption and implementation, and agile methods. His papers have been accepted or published in MISQ Quarterly, Journal of Management Information Systems, IEEE Transactions on Engineering Manage- ment, Communications of the ACM, Decision SupportSystems, Information & Management, Information Systems Frontiers, and Advances in Management Infor- mation Systems, among others. He also received a multi-year National Science Foundation research grant as a co-principal investigator in the area of IT outsourc- ing and is a guest co-editor of a special issue of the Journal of the AIS. Rajiv has consulted with a number of large companies, some of which include BellSouth, Blue Cross Blue Shield of Minnesota, IBM, and Pioneer Standard Electronics.
Tejaswini Herath, is an assistant professor in the Faculty of Business at Brock University, Canada. She graduated from Department of Management Science and Systems at State University of New York, Buffalo (UB). Previ- ously she worked as a systems analyst and a part time lecturer at University of Northern British Columbia, Canada. Her work has been accepted or published in the Journal of Management Information Systems, Decision Support Systems, European Journal of Infor- mation Systems, International Journal of Business Governance and Ethics, and International Journal of E-Government Research. She was the recipient of the Best Paper Award at the 30th McMaster World Con- gress (2009), and the recipient of the UB Ph.D. Student Achievement Award (2007–2008). References Agrawal, M., Hariharan, G., Kishore, R., & Rao, H. R. (2005). Match- ing intermediaries for information goods in the presence of direct search: An examination of switching costs and obsoles- cence of information. Decision Support Systems, 41(1), 20–36.
Agrawal, M., Kishore, R., & Rao, H. R. (2006). Market reactions to e-business outsourcing announcements: An event study. Infor- mation & Management, 43(7), 861–873.
Akomode, O. J., B. L., & Irgens, C. (1998). Constructing customised models and providing information to support it outsourcing decisions. Logistics Information Management, 11(2), 114–127.
Ang, S., & Straub, D. W. (1998). Production and transaction econo- mies and is outsourcing: A study of the U.S. Banking industry.
MIS Quarterly, 22(4 December), 535–552.
Apte, U., & Mason, R. O. (1995). Global disaggregation of informa- tion intensive services. Management Science, 41(7), 1250–1262.
Aron, R., Clemons, E., & Reddi, S. (2005). Just right outsourcing:
Understanding and managing risk. Paper presented at the Proceedings of the 38th Hawaii International Conference of System Sciences (HICSS), January 3–6, Hawaii.
Aubert,B. A., Rivard, S., & Patry, M. (1996). A transaction cost approach to outsourcing behavior: Some empirical evidence.
Information and Management, 30(2), 51–64.
Aubert, B., Dussault, S., Patry, M., & Rivard, S. (1998). Managing the risk of it sourcing. Paper presented at the Proceedings of the 32nd Hawaii International Conference of System Sciences (HICSS), January 6–9, Hawaii.
Aubert, B., Dussault, S., Patry, M., & Rivard, S. (1999). Managing the risk of it sourcing. Paper presented at the Proceedings of the 32nd Hawaii International Conference of System Sciences (HICSS), January 5–8, Hawaii. Offshore Outsourcing: Risks, Challenges, and Potential Solutions325 Babbie, E. (2004). The practice of social research. Belmont, CA: Thomson Learning.
Bahli, B., & Rivard, S. (2003a). The information technology out- sourcing risk: A transaction cost and agency theory-based per- spective. Journal of Information Technology, 18, 211–221.
Bahli, B., & Rivard, S. (2003b). A validation of measures associated with the risk factors in information technology outsourcing. Paper presented at the Proceedings of the 36th Hawaii Interna- tional Conference of System Sciences (HICSS), January 6–9, Hawaii.
Balaji, S., & Brown, S. (2005). Strategic is sourcing and dynamic capa- bilities: Bridging gap. Paper presented at the Proceedings of the 38th Hawaii International Conference of System Sciences (HICSS), January 3–6, Hawaii.
Baldwin, L. P., Irani, Z., & Love, P. E. (2001). Outsourcing infor- mation systems: Drawing lessons from a banking case study.
European Journal of Information Systems, 10(1), 15–24.
Benaroch, M. (2002). Managing information technology invest- ment risk: A real options perspective. Journal of Management Information Systems, 19(2), 43–84.
Beulen, E., & Ribbers, P. (2002). Managing complex it outsourcing – partnerships. Paper presented at the 35th Hawaii International Conference on System Sciences, Hawaii, USA.
Bragg, S. M. (1998). Outsourcing: A guide to selecting the correct business unit: Negotiating the contract and maintaining control of the process: John Wiley & Sons, Inc.
Chen, Q., Tu, Q., & Lin, B. (2002). Global it/is outsourcing: Expec- tations, considerations and implications. Advances in Competi- tiveness Research, 10(1), 100–111.
Choi, T., Wu, Z., Ellram, L., & Koka., B. (2002). Supplier–supplier relationships and their implications for buyer–supplier relation- ships. IEEE Transactions on Engineering Management, 49(2), 1–12.
Choudhury, V., & Sabherwal, R. (2003). Portfolios of control in outsourced software development projects. Information Systems Research, 14(3), 291–314.
Clark, T., R. W. Zmud, G. McCray. 1998. The outsourcing of information services: Transforming the Nature of business in the information industry. L. P. Willcocks, M. C. Latcity, eds.
Strategic Sourcing of Information Systems. Wiley, NY.
Dibbern, J., Goles, T., Hirschheim, R., & Jayatilaka, B. (2004). Infor- mation systems outsourcing: A survey and analysis of the litera- ture. The DATA BASE for Advances in Information Systems, 35(4), 6–102.
DiRomualdo, A., & Gurbaxani, V. (1998). Strategic intent for it outsourcing. Sloan Management Review, 39(4), 67–80.
Domberger, S. (1998). The contracting organization: A strategic guide to outsourcing. Oxford: Oxford University Press.
Earl, M. J. (1996). The risks of outsourcing it. Sloan Management Review, 37 (3), 26–32.
Evaristo, R., Nicolas, J., Prikladnicki, R., & Avritchir, J. (2005).
Wholly owned offshore subsidiaries for it development: A program of research. Paper presented at the Proceedings of the 38th Hawaii International Conference of System Sciences (HICSS), January 3–6, Hawaii.
Fairchild, A. (2002). Knowledge management metrics via a balanced score- card methodology. Paper presented at the 35th Hawaii Interna- tional Conference on System Sciences, January 7–10, Hawaii.
Goldstein, J., & Benaroch, M. (2006). Project milestones for managing risk in software development outsourcing: A real options perspective.
Paper presented at the Proceedings of 12th Americas Conference on Information Systems, August 4–6, Acapulco, México.Goo, J., Kishore, R., Nam, K., Rao, H. R. and Song, Y. (2007).
An Investigation of Factors that Influence the Duration of its Outsourcing Relationships. Decisions Support Systems, 42, 2107–2125.
Goo, J., Kishore, R., Rao, H. R., & Nam, K. (2009). The role of ser- vice level agreements in relational management of informa- tion technology outsourcing: An empirical study. MIS Quarterly, 33(1), 119–145.
Gregor, S. (2006). The nature of theory in information systems.
MIS Quarterly, 30(3), 611–641.
Grover, V., Cheon, M. J., & Teng, J. T. C. (1996). The effect of service quality and partnership on the outsourcing of infor- mation systems functions. Journal of Management Information Systems: JMIS, 12(4 (Spring)), 89–116.
Halvey, J. K., & Mummery, D. R. (1996). Can this relationship be saved? CIO Magazine.
Hoecht, A., & Trott, P. (2006). Innovation risks of strategic out- sourcing. Technovation, 26, 672–681.
Jennex, M. E., & Adelakun, O. (2003). Success factors for offshore information system development. Journal of Information Technology Cases and Applications, 5(3), 12–31.
Kaiser, K., & Hawk, S. (2004). Evolution of offshore software development: From outsourcing to cosourcing. MIS Quarterly Executive, 3(2), 69–81.
Kaplan, R., & Norton, D. (1992). The balanced score card- mea- sures that drive performance. Harvard Business Review, 71–79.
Kern, T., Willcocks, L., & Van Heck, E. (2002). The winner ’s curse in it outsourcing: Strategies for avoiding relational trauma.
California Management Reviwe, 44(2), 47–69.
Kern, T., & Willcocks, L. P. (2002). Exploring relationship in information technology outsourcing: The interaction approach. European Journal of Information Systems, 11(1), 3–19.
King, W. R. (2007). The is organization of the future: Impacts of global sourcing. Information Systems Management, 24(2), 121.
Kishore, R., Agrawal, M., & Rao, H. R. (2004–2005). Determinants of information technology sourcing during technology growth and maturity: An empirical study of e-commerce sourcing. Jour- nal of Management Information Systems, 21(3), 47–82.
Kishore, R., Rao, H. R., Nam, K., Rajagopalan, S., & Chaudhury, A.
(2003). A relationship perspective on it outsourcing. Communi- cations of the ACM, 46(12), 86–92.
Kliem, R. (2004). Managing the risks of offshore it development projects. Information Systems Management, 21(3), 22.
Krishna, S., Sahay, S., & Walsham, G. (2004). Managing cross- cultural issues in global software outsourcing. Communications of ACM, 47(4), 62–66.
Lacity, M. (1995). It outsourcing: Maximize flexibility and control.
Harvard Business Review(May-June), 84–93.
Lacity, M., & Willcocks, L. P. (1998, Sept.). An empirical investiga- tion of information technology sourcing practices: Lessons from experience. MIS Quarterly, 22, 363–408.
Lacity, M. C., & Willcocks, L. P. (2000). Relationships in it outsourc- ing: A stakeholder perspective. In R. W. Zmud (Ed.), Framing the domains of it management: Projecting the future through the past (pp. 355–384). Cincinnati, OH: Pinnaflex Education Resources.
Lee, J. N. (2001). The impact of knowledge sharing, organiza- tional capability and partnership quality on is outsourcing success. Information & Management, 38(5), 323–335.
Lee, J. N., Huynh, M. Q., Chi-wai, K. R., & Pi, S.-M. (2000). The evolution of outsourcing research: What is the next issue? Paper presented at 326Herath and Kishore the 33rd Annual Hawaii International Conference on System Sciences (HICSS), January 4–7, Hawaii.
Lee, J. N., & Kim, Y. G. (1999). Effect of partnership quality on is outsourcing success: Conceptual framework and empirical val- idation. Journal of Management Information Systems, 15(4), 29–61.
Lee, J. N., Miranda, S. M., & Kim, Y. M. (2004). It outsourcing strategies: Universalistic, contingency, and configurational explanations of success. Information Systems Research, 15(2), 110.
McFarlan, F. W., & Nolan, R. L. (1995). How to manage an it out- sourcing alliance. Sloan Management Review, 36(2 (Winter)), 9–23.
Mithas, S., & Whitaker, J. (2007). Is the world flat or spiky? Infor- mation intensity, skills, and global service disaggregation.
Information Systems Research, 18(3), 237–259.
Morgan, R. M., & Hunt, S. D. (1994). The commitment-trust the- ory of relationship marketing. Journal of Marketing, 58, 20–38.
Olson, T. G. (2000). Managing vendors: Tips for success. Harvard Business Review, 1.
Parolia, N., & Parikh, M. (2005). Conflicts in is outsourcing: Develop- ing a research model. Paper presented at the Proceedings of the 38th Hawaii International Conference of System Sciences (HICSS), January 3–6, Hawaii.
Randeree, E., Kishore, R., & Rao, H. R. (2008). Investigating trust in outsourcing: A study in the health care industry. In S. Rivard & B. A. Aubert (Eds.), Information technology outsourcing (pp. 135–160). Armonk, NY: M. E. Sharpe.
Sagnes, B., & Halleen, G. (2005). An outsourcing success story: North- west airlines. Paper presented at the Outsourcing World Summit, San Diego, California.
Shi, Z., Kunnathurb, A. S., & Ragu-Nathan, T. S. (2005). Is out- sourcing management competence dimensions: Instrument development and relationship exploration. Information & Management, 42, 901–919.Swinarski, M. E., Kishore, R., & Rao, H. R. (2006, January). Impact of it service provider process capabilities on service provider perfor- mance: An empirical study. Paper presented at the 39th Hawaii International Conference on System Sciences (HICSS-39), Kauai, Hawaii.
Swinarski, M. E., Kishore, R., & Rao, H. R. (2008). Vendor commit- ment in an asp outsourcing context: A comparative evaluation of the roles of power and partnership. In S. Rivard & B. A. Aubert (Eds.), Information technology outsourcing (pp. 189–223). Armonk, NY: M. E. Sharpe.
Szulanski, G. (1996). Exploring internal stickiness: Impediments to the transfer of best practice within the firm. Strategic Man- agement Journal, 17(Winter Special Issue), 27–43.
Teng, J. T. C., Cheon, M. J., & Grover, V. (1995). Decisions to out- sourcing information system function: Testing a strategy-the- oretic discrepancy model. Decision Science, 26 (1), 75–103.
Wade, M., & Hulland, J. (2004). Review: The resource-based view and information systems research: Review, extension, and suggestions for future research1. MIS Quarterly, 28(1), 107.
Walsham, G. (2002). Cross-cultural software production and use:
A structurational analysis. MIS Quarterly, 26(4), 359–380.
Wang, E. T. G., Barron, T., & Seidmann, A. (1997). Contract- ing structures for custom software development: The impacts of informational rents and uncertainty on inter- nal development and outsourcing. Management Science, 43(12), 1726–1744.
Willcocks, L., & Choi, C. J. (1995). Co-operative partnership and “total” it outsourcing: From contractual obligation to strate- gic alliance? European Management Journal, 13(1), 67.
Willcocks, L., Feeny, D., & Lacity, M. (2004). It and business pro- cess outsourcing: The knowledge potential. Information Systems Management, 21(3), 7–15.
