Outsourcing of business processes and information technology (IT) operations is an important trend in large and middle-sized organizations. However, outsourcing could affect the organization’s ability to align its IT with business strategy and operations. This article reports a qualitative study into the relationship between IT outsourcing (ITO) and business and IT alignment. It aims to provide recommendations for outsourcers and service providers on how outsourcing relationships should develop in order to support business and IT alignment. The research question of the study is “What is the effect of IT outsourcing on the business and IT alignment of companies that have outsourced their IT?”After a review of relevant literature and concepts, four cases are reported. The study revealed that a higher level of motivation for outsourcing paired with a higher level of the relationship between outsourcer and service provider and with a higher level of alignment maturity of the outsourcer. The study also showed that the ITO relationship is influenced by organizational turbulence on one or either side of the relationship and that the service providers tend to assess the relationship on a higher level than the outsourcers. These conclusions provide relevant directions for both outsourcers and service providers for improvement of the their relationship
This paper analyzes the application of PRINCE2® in a multivendor outsourcing context. Given the ongoing trend in large and middle-sized organizations to outsource part of their IT operations it is relevant and important to understand the effect of this trend on the way projects can be managed. Based on an analytical and qualitative approach, using an expert panel, the study provides identified three specific considerations for the management of projects in a multi vendor outsourcing context
In Dutch higher education institutions, IT outsourcing (ITO) is becoming more common. New applications nowadays are executed from the ‘cloud’. But what to do with on premise applications? Can they also be outsourced? If so, what factors does a higher education institution have to consider when making the ITO decision of their on-premise applications? This research starts with finding the factors that are already known in existing ITO literature (in different contexts). Then, these decision factors are validated in four explorative interviews before surveying the factors within a higher education context. In total, fourteen factors are deemed to be important for Dutch higher education institutions. Based upon the survey responses by Dutch IT decision makers, a hierarchy exist in these fourteen factors. Also, this research suggest a relationship between outsourcing decision factors and the sourcing models. Additionally, outsourcing objectives seem to influence this relationship.
LINK
Over the past decade, the trend in both the public sector and industry has been to outsource ICT to the cloud. While cost savings are often used as a rationale for outsourcing, another argument that is frequently used is that the cloud improves security. The reasoning behind this is twofold. First, cloud service providers are typically thought to have skilled staff trained in good security practices. Second, cloud providers often have a vastly distributed, highly connected network infrastructure, making them more resilient in the face of outages and denial-of-service attacks. Yet many examples of cloud outages, often due to attacks, call into question whether outsourcing to the cloud does improve security. In this project our goal therefore is to answer two questions: 1) did the cloud make use more secure?and 2) can we provide specific security guidance to support cloud outsourcing strategies? We will approach these questions in a multi-disciplinary fashion from a technical angle and from a business and management perspective. On the technical side, the project will focus on providing comprehensive insight into the attack surface at the network level of cloud providers and their users. We will use a measurement-based approach, leveraging large scale datasets about the Internet, both our own data (e.g. OpenINTEL, a large- scale dataset of active DNS measurements) and datasets from our long-term collaborators, such as CAIDA in the US (BGPStream, Network Telescope) and Saarland University in Germany (AmpPot). We will use this data to study the network infrastructure outside and within cloud environments to structurally map vulnerabilities to attacks as well as to identify security anti-patterns, where the way cloud services are managed or used introduce a weak point that attackers can target. From a business point of view, we will investigate outsourcing strategies for both the cloud providers and their customers. For guaranteeing 100% availability, cloud service providers have to maintain additional capacity at all times. They also need to forecast capacity requirements continuously for financially profitable decisions. If the forecast is lower than the capacity needed, then the cloud is not able to deliver 100% availability in case of an attack. Conversely, if the forecast is substantially higher, the cloud service provider might not be able to make desired profits. We therefore propose to assess the risk profiles of cloud providers (how likely it is a cloud provider is under attack at a given time given the nature of its customers) using available attack data to improve the provider resilience to future attacks. From the costumer perspective, we will investigate how we can support cloud outsourcing by taking into consideration business and technical constraints. Decision to choose a cloud service provider is typically based on multiple criteria depending upon the company’s needs (security and operational). We will develop decision support systems that will help in mapping companies’ needs to cloud service providers’ offers.
