=Paper=
{{Paper
|id=Vol-247/paper-2
|storemode=property
|title=Achieving trust in IT outsourcing relationships
|pdfUrl=https://ceur-ws.org/Vol-247/FORUM_01.pdf
|volume=Vol-247
|dblpUrl=https://dblp.org/rec/conf/caise/SoderstromL07
}}
==Achieving trust in IT outsourcing relationships==
https://ceur-ws.org/Vol-247/FORUM_01.pdf
1
Achieving trust in IT outsourcing relationships
Eva Söderström and Christian Lennerholt
School of Humanities and Informatics, University of Skövde, Box 408, 541 28 Skövde,
Sweden
[eva.soderstrom; christian.lennerholt]@his.se
Abstract. IT outsourcing is a viable option for organizations to maintain
competitiveness and get the ability to focus on core competences. However,
there are risks, such as handing over sensitive information to another
organisation, lack of knowledge about security experience of the other part,
cultural differences, etc. Trust is therefore becoming a more and more important
issue in IT outsourcing relationships. This paper aims to identify and describe
the process of achieving trust in IT outsourcing relationships. A framework was
created based on an extensive literature survey. Three concept areas are
included: contract, culture, and security. Each area is described, and critical
success factors (CSF) were developed to support practical use.
Keywords: IT Outsourcing, Trust, Framework, Critical Success Factors
1 Introduction
In today’s dynamic world, organizations must stay competitive, for which IT
outsourcing is a viable option. IT outsourcing can be defined as the process of
handing over IT services to an external provider. Benefits include cost reduction,
improved quality of service, and risk reduction [1]. Risk awareness does not
guarantee success, however, and trust is thus important in outsourcing relationships.
A first step is to understand critical success factors (CSF) that must be fulfilled in
order to achieve success [2]. Previous research has identified that trust aspects in IT
outsourcing are more important than for example control and flexibility [3], and that
trust us part of the soft side of outsourcing [4]. Studies of risks also show that trust is
important for risk avoidance [1; 5; 6]. The aim of this paper is to identify and describe
a framework for how to achieve trust in IT outsourcing relationships. A framework in
this context is a suggested point of view for an attack on a scientific problem [7]. The
framework is theoretically grounded and based on an extensive literature survey. It
takes a management perspective and describes important perspectives to be
considered, and connects each perspective to a number of CSF.
2 Trust
In order to achieve the expectations and accomplishments of an outsourcing
relationship, the organization must trust the outsourcing vendor [9]. Trust in itself is
difficult to define, since it varies from one context to another [10]. It can be perceived
as the result of cognitive processes, decision-making concerning economics, and
�2
social relationships. Expectation is an important part of trust definitions (see e.g. 8;
11), since trust can be seen in terms of e.g. reliable promises including both positive
expectations and risk avoidance. In this paper, we define trust as being achieved when
the agreement is reliable and expectations are fulfilled in a behavioural goodwill. An
agreement is reliable when it is worthy of being dependent on and its expectations are
viewed to be achievable in a predictable and fair way. Behavioural goodwill can be
viewed as an attitude of kindness or friendliness between two parts [11].
3 Framework for achieving trust in IT outsourcing relationships
The framework for achieving trust in IT outsourcing was developed through a
literature review of relevant sources. Since critical success factors may raise the
chances of success, the framework will be based on such CSF.
3.1 Framework foundation
As a basis for the framework, we have adapted Dahanayaka et al’s [12] framework for
understanding information systems development. This framework was selected since
it aims for a consistent, systematic and integrated support throughout a system’s
lifecycle, plus that it is based on necessary concepts for a successful process. We have
adapted this framework to fit the process of achieving trust in IT outsourcing
relationships. The main difference is that we remove way of supporting and way of
modelling, because our paper does not concern the lifecycle. Our adaptation focuses
on important aspects of the process of how to achieve trust in IT outsourcing
relationships in the following manner:
x Way of thinking: deals with the role of IT outsourcing and its purposes. Visualizes
the philosophy of how to achieve trust in IT outsourcing relationships.
x Way of controlling: deals with how to manage the process of how to achieve trust
in IT outsourcing relationships. Different situations require different solutions.
x Way of working: a means for structuring problems that arise in the process.
Distinguishes between which types of tasks that should be dealt with in a certain
order. Also what means that are suited to solve a certain situation.
Our framework is a structure consisting of CSF for achieving trust in IT outsourcing
relationships. The way of thinking influences how the organization is controlling and
working in order to achieve trust in IT outsourcing relationships. Way of controlling
and way of working determine one another. Changes in the way of controlling may
require a different way of working and vice versa. The CSFs are created from the way
of controlling, and the way of working. In order to achieve trust, organizations have to
know how to control different projects, and how to actually work to achieve trust.
3.1.2 Framework overview
The framework consists of three main areas: contract, culture and security. Figure 1
shows the areas (ovals), their relationships (arrows), guidelines (rectangles), and
associated CSFs (bullets in the rectangles). Relationship examples include that culture
� 3
influences how contracts are created and managed, and how security issues are chosen
and used in order to increase the possibility to achieve success in IT outsourcing
relationships. Contract requirements will affect the choice and usage of security issues
and vice versa that together affect how the project is managed. For each area, a series
of guidelines have been developed. The guidelines are divided according the critical
subparts under each main area. Each guideline consists of several CSFs. It is clear that
the contract is essential in IT outsourcing relationships as a basis for trust. Three
guidelines can be associated to this category, of which seven CSFs concern the
written or mutual contract, three concern to minimize uncertainty, and one concerns
contract duration. Culture is another important category, which is displayed by the
three guidelines in this category. Leadership is the most emphasized issue with five
CSFs, communication is another with three CSFs, and context involves two CSFs.
Finally, security is an issue with increasing importance shown by seven factors
divided into administrative security (five CSFs), and technical security (two CSFs).
Fig. 1. The framework, its areas and critical success factors
In order to use the framework in outsourcing projects, we propose two steps:
understanding how the three areas relate to one another; and understanding the CSFs
in each area. In the first step, the focus is on how culture affects contract creation and
the necessary security adaptations, as well as how a contract affects the choice of
security issues and vice versa. The second step involves a deeper understanding of
each area and what to do in order to enhance the likelihood of actually achieving trust.
Tailoring of the framework to specific situations is included here. One example may
�4
be that a global IT outsourcing project could pay more attention to the cultural CSFs
before creating a contract, while another project has to have a tight security.
The purpose of the framework is to get a general understanding of how to achieve
trust in IT outsourcing relationships from a theoretical perspective. The result is an
awareness that can be used to tailor the knowledge into specific IT outsourcing
projects. It is important to understand how the three areas – contract, culture and
security – and their CSF may influence a specific project, and how important certain
areas are within the project.
Future work will be focused on several aspects: extending the literature survey to
cover a broader base of the outsourcing literature and possibly to detail the
framework; coupling with research on human behaviour and its relationship to trust to
create more direct usage guidelines for the framework; and to consider the systemic
trust perspective into a more holistic coverage of the entire trust area.
References
1. Bahli, B. & Rivard, S (2005). Validating measures of information technology outsourcing
risk factors. Omega, Volume 33, Issue 2, Pages 175-187.
2. Gasco, J., Gonzalez, R. & Llopis, J (2005). Information systems outsourcing success factors:
a review and some results. Information Management & Computer Security, Volume 13, Issue
5, Pages: 399-418.
3. Kadiyala, S. & Samaddar, S (2005). Information systems outsourcing: Replicating an
existing framework in a different cultural context, Journal of Operations Management, In
Press
4. Barthélemy, J (2003). The Hard and Soft Sides of IT Outsourcing Management. European
Management Journal, Volume 21, Issue 5, Pages 539-548
5. Kern, T., Lacity, M. & Willcocks, L (2000). Risk migration in IT outsourcing strategy
revisited: longitudinal case research at LISA, Journal of Strategic Information Systems,
Volume 8, Issue 3, Pages: 285-314
6. Tafti, M (2005). Risks factors associated with offshore IT outsourcing, Industrial
Management & Data Systems, Volume 105, Issue 5, Pages: 549-560
7. Aggestam, L. & Söderström, E. (2005). Managing Critical Success Factors in a B2B Setting,
In: Karmakar & Isaías (eds.), Proceedings of the IADIS International Conference
eCommerce 2005, Porto, Portugal, 15-17 December, Pages: 101-108
8. Kern, T. & Willcocks, L (2000). Exploring information technology outsourcing
relationships: theory and practice, The Journal of Strategic Information Systems, Volume 9,
Issue 4, Pages: 321-350.
9.Klimoski, R.J. & Webber, S.S (2004) Client-project manager engagements, trust, and loyalty,
Journal of Organizational Behavior, Volume 25, Issue 8, Pages: 997-1013.
10.Ibbott, C.J. & O’Keefe, R.M (2004) Trust, planning and benefits in a global
interorganizational system, Information Systems Journal, Volume 14, Issue 2, Pages: 131-
152.
11.Sabherwal, R (1999). The role of trust in outsourced is development projects,
Communications of the ACM, Volume 42, Issue 2., Pages: 80-86
12.Dahanayaka, A., Stojanovic, Z. & Sol, H (2001). A methodology for component-based
system development support, EMMSAD’2001, Sixth CaiSE/IFI8.1, Pages: XIX-1-XIX-14.
Available on: http://www.betade.tudelft.nl/publications/Stojanovic_EMMSAD2001.pdf
[Downloaded: 06.04.03].
�