Risk Management Framework for IT System Outsourcing in Public Sector using Case Study Analysis

Abstract

Technological developments and internet penetration made Information Technology (IT) and Information Systems as important elements of every business organization. Such an importance made many public sector organizations acquire IT/IS through outsourcing and use it as a supportive activity for enhancing its core business activities. With increasing number of public sector organizations, outsourcing their IT/IS projects, there is a need to overcome the risks faced by them which resulted in undertaking this research. Case study research methodology was used in this project to focus on specifically SABIC which is a public sector chemical company based on Riyadh, Saudi Arabia. Case study analysis was done using secondary data collected about IT outsourcing projects undertaken by SABIC Company. Case study analysis found that SABIC has outsourced IT/IS as a supportive business activity. Through decision matrix, vendor specific risks, human resource risks and economic risks were identified as the main risks faced by SABIC in its IT outsourcing projects. These findings revealed a significant shift in the trend of IT outsourcing from economic perspective to a relational perspective in order to maximize the probability of IT outsourcing success. Based on this finding, a risk management framework has been developed for SABIC. Evaluation of this framework showed that considering risk tree and enterprise architecture helps the developed framework in making SABIC to consistently manage the risks occurring in IT outsourcing projects and thereby increase the success probability of these projects.