IT Governance in SMEs: Trust or Control?

It is believed by many scholars that a small and medium-sized enterprise (SME) cannot be seen through the lens of a large firm. Theories which explain IT governance in large organizations and methodologies used by practitioners can therefore not be extrapolated to SMEs, which have a completely different economic, cultural and managerial environment. SMEs suffer from resource poverty, have less IS experience and need more external support. SMEs largely contribute to the failure of many IS projects. We define an outsourced information system failure (OISF) as a failure of IT governance in an SME environment and propose a structure for stating propositions derived from both agency theory and theory of trust. The theoretical question addressed in this paper is: how and why do OISFs occur in SMEs? We have chosen a qualitative and positivistic IS case study research strategy based on multiple cases. Eight cases of IS projects were selected. We found that trust is more important than control issues like output-based contracts and structured controls for eliminating opportunistic behaviour in SMEs. We conclude that the world of SMEs is significantly different from that of large companies. This necessitates extra care to be taken on the part of researchers and practitioners when designing artefacts for SMEs.

[1]  Line Dubé,et al.  Rigor in Information Systems Positivist Case Research: Current Practices , 2003, MIS Q..

[2]  Bandula Jayatilaka,et al.  Information systems outsourcing: a survey and analysis of the literature , 2004, DATB.

[3]  K. Blois Trust in Business to Business Relationships: An Evaluation of its Status , 1999 .

[4]  Laurie J. Kirsch,et al.  Portfolios of Control Modes and IS Project Management , 1997, Inf. Syst. Res..

[5]  RameshV.,et al.  Research in Information Systems , 2002 .

[6]  Allen S. Lee A Scientific Methodology for MIS Case Studies , 1989, MIS Q..

[7]  M. Markus,et al.  Information technology and organizational change: causal structure in theory and research , 1988 .

[8]  S. Ghoshal Bad Management Theories Are Destroying Good Management Practices , 2005 .

[9]  Daniel Gooch,et al.  Communications of the ACM , 2011, XRDS.

[10]  Brad Tuttle,et al.  Moral Hazard, Ethical Considerations, and the Decision to Implement an Information System , 1997, J. Manag. Inf. Syst..

[11]  Pia Hurmelinna,et al.  Playing the collaboration game right—balancing trust and contracting , 2005 .

[12]  P. Beynon-Davies,et al.  Information systems ‘failure’: the case of the London Ambulance Service's Computer Aided Despatch project , 1995 .

[13]  Weidong Xia,et al.  Organizational size and IT innovation adoption: A meta-analysis , 2006, Inf. Manag..

[14]  Cynthia K. Riemenschneider,et al.  Understanding it adoption decisions in small business: integrating current theories , 2003, Inf. Manag..

[15]  Michael Ivor Reed,et al.  Organization, Trust and Control: A Realist Analysis , 2001 .

[16]  Christina Soh,et al.  How IT Creates Business Value: A Process Theory Synthesis , 1995, ICIS.

[17]  L. Diamond IT Governance : How Top Performers Manage IT Decision Rights for Superior Results , 2005 .

[18]  G. Paré Investigating Information Systems with Positivist Case Study Research , 2004 .

[19]  Patricia Carlson,et al.  Information Technology and Organizational Change , 1999, SIGDOC '99.

[20]  Russell L. Purvis,et al.  Controlling Information Systems Development Projects: The View from the Client , 2002, Manag. Sci..

[21]  Russell L. Ackoff,et al.  Management misinformation systems , 1967 .

[22]  Sally Baffour Understanding Adoption , 1996 .

[23]  P. I. Zorkoczy,et al.  Oxford Surveys in Information Technology , 1985 .

[24]  Tony Moynihan,et al.  Coping with client-based 'people-problems': the theories-of-action of experienced IS/software project managers , 2002, Inf. Manag..

[25]  Harlan D. Mills Software Development , 1976, IEEE Transactions on Software Engineering.

[26]  M. C. Jensen,et al.  Harvard Business School; SSRN; National Bureau of Economic Research (NBER); European Corporate Governance Institute (ECGI); Harvard University - Accounting & Control Unit , 1976 .

[27]  Rajiv Sabherwal,et al.  Portfolios of Control in Outsourced Software Development Projects , 2003, Inf. Syst. Res..

[28]  Kalle Lyytinen,et al.  Information systems failures—a survey and classification of the empirical literature , 1988 .

[29]  Cynthia K. Riemenschneider,et al.  What small business executives have learned about managing information technology , 2000, Inf. Manag..

[30]  Jean Tirole,et al.  Bounded Rationality and Incomplete Contracts , 2007 .

[31]  A. Zaheer,et al.  Does Trust Matter? Exploring the Effectsof Interorganizational and Interpersonaltrust on Performance , 1998 .

[32]  Ali R. Montazemi,et al.  How they manage IT: SMEs in Canada and the U.S. , 2006, CACM.

[33]  Gregory A. Bigley,et al.  Straining for Shared Meaning in Organization Science: Problems of Trust and Distrust , 1998 .

[34]  R. Mason,et al.  The Influence Prism in SMEs: The Power of CEOs' Perceptions on Technology Policy and Its Organizational Impacts , 1997 .

[35]  Fadi P. Deek,et al.  Risk Management for Collaborative Software Development , 2006, Inf. Syst. Manag..

[36]  Joseph Natovich,et al.  Vendor Related Risks in IT Development: A Chronology of an Outsourced Project Failure , 2003, Technol. Anal. Strateg. Manag..

[37]  Suzanne Rivard,et al.  A tale of two outsourcing contracts , 2003, Wirtschaftsinf..

[38]  Kweku Ewusi-Mensah,et al.  Software Development Failures , 2003 .

[39]  P. Ring,et al.  Developmental Processes of Cooperative Interorganizational Relationships , 1994 .

[40]  D. Fink,et al.  Guidelines for the Successful Adoption of Information Technology in Small and Medium Enterprises , 1998 .

[41]  Philip Powell,et al.  SMEs Co-opetition and Knowledge Sharing: The IS Role , 2001, ECIS.

[42]  Kathleen M. Eisenhardt,et al.  Control: Organizational and Economic Approaches , 1985 .

[43]  Suzanne Rivard,et al.  A framework for information technology outsourcing risk management , 2005, DATB.

[44]  Bart Nooteboom,et al.  Trust, Opportunism and Governance: A Process and Control Model , 1996 .

[45]  Mark Keil,et al.  Pulling the Plug: Software Project Management and the Problem of Project Escalation , 1995, MIS Q..

[46]  M. Lubatkin A Theory of the Firm Only a Microeconomist Could Love , 2005 .

[47]  Russell L. Purvis,et al.  Trust-building mechanisms utilized in outsourced IS development projects: a case study , 2004, Inf. Manag..

[48]  Sanford J. Grossman,et al.  AN ANALYSIS OF THE PRINCIPAL-AGENT PROBLEM , 1983 .

[49]  Shirley Gregor,et al.  Managerial IT unconsciousness , 2006, CACM.

[50]  Louis Raymond,et al.  Organizational Characteristics and MIS Success in the Context of Small Business , 1985, MIS Q..

[51]  Chris Sauer,et al.  Why information systems fail: a case study approach , 1993 .

[52]  Kar Yan Tam,et al.  Mobile data service fuels the desire for uniqueness , 2006, CACM.

[53]  Suzanne Rivard,et al.  The information technology outsourcing risk: a transaction cost and agency theory-based perspective , 2003, J. Inf. Technol..

[54]  Henry C. Lucas,et al.  Why information systems fail , 1975 .

[55]  John A. Welsh,et al.  A Small Business is not a Little Big Business Harvard Business Review, Vol. 59, No. 4, July/August, 1981, pp.18 (9 pages , 1982 .

[56]  J. Thong Resource Constraints and Information Systems Implementation in Singaporean Small Businesses , 2001 .

[57]  Charalambos L. Iacovou Managing MIS project failures : a crisis management perspective , 1999 .

[58]  Kentaro Sakai ICT, E-Business and SMEs , 2005 .

[59]  Cynthia K. Riemenschneider,et al.  Executive Decisions About Adoption of Information Technology in Small Business: Theory and Empirical Tests , 1997, Inf. Syst. Res..

[60]  Guy Paré,et al.  Investigating Information Systems with Positivist Case Research , 2004, Commun. Assoc. Inf. Syst..

[61]  Rajiv Sabherwal,et al.  The role of trust in outsourced IS development projects , 1999, CACM.

[62]  David Gefen,et al.  What Makes an ERP Implementation Relationship Worthwhile: Linking Trust Mechanisms and ERP Usefulness , 2004, J. Manag. Inf. Syst..

[63]  K. Eisenhardt Agency Theory: An Assessment and Review , 1989 .

[64]  RivardSuzanne,et al.  A framework for information technology outsourcing risk management , 2005 .

[65]  Philip Powell,et al.  SMEs, co-opetition and knowledge sharing: the role of information systems , 2003, Eur. J. Inf. Syst..

[66]  Richard Baskerville,et al.  Generalizing Generalizability in Information Systems Research , 2003, Inf. Syst. Res..

[67]  Ray J. Paul,et al.  The Labyrinths of Information: Challenging the Wisdom of Systems , 2005, Eur. J. Inf. Syst..

[68]  R. Paul Review of "The labyrinths of information: Challenging the wisdoms of systems" by Claudio Ciborra, Oxford University Press, Oxford, UK, 2002 , 2005 .

[69]  P. Weill,et al.  IT Governance , 2017 .

[70]  Chee-Sing Yap,et al.  Environments for Information Systems Implementation in Small Businesses , 1997, J. Organ. Comput. Electron. Commer..

[71]  K. Eason Information Technology and Organizational Change , 1989 .