Making the Decision to Contract for Cloud Services: Managing the Risk of an Extreme Form of IT Outsourcing

Obtaining cloud computing services can be viewed as a form of outsourcing, and as such it shares the essential risk profile of all outsourcing contracts concerning opportunistic behavior, shirking, poaching, and opportunistic renegotiation. Developing cloud computing is also an advanced technological development effort, and as such it shares all of the risks of large and uncertain development efforts and the essential risk profile of all development efforts where for a variety of reasons success cannot be ensured, including functionality, political, project, technical, and financial risks. Since E-Government services are almost by definition delivered online, rather than by visiting government service locations or through paper-based interaction, they would appear an obvious candidate for cloud-based delivery; consequently the risks of cloud-based delivery services are of critical interest to the safe execution of numerous E-Government missions. This paper focuses on understanding the risks, both through understanding standards and understanding contracting for cloud services. Standards for cloud computing may reduce many of the risks of opportunistic behavior on the part of vendors. Standards efforts cannot mitigate most of the development risks of cloud computing; no amount of legislation or standardization can make it possible for firms to do that which they could not have done, or that which is indeed algorithmically or computationally infeasible.

[1]  Robert J. Kauffman,et al.  Risk Management of Contract Portfolios in IT Services: The Profit-at-Risk Approach , 2008, J. Manag. Inf. Syst..

[2]  Eric K. Clemons,et al.  The Impact of Information Technology on the Organization of Economic Activity: The "Move to the Middle" Hypothesis , 1993, J. Manag. Inf. Syst..

[3]  Leslie P. Willcocks,et al.  IT outsourcing in insurance services: risk, creative contracting and business advantage , 1999, Inf. Syst. J..

[4]  Eric K. Clemons,et al.  Capital One Financial and a decade of experience with newly vulnerable markets: Some propositions concerning the competitive advantage of new entrants , 2008, J. Strateg. Inf. Syst..

[5]  Eric K. Clemons,et al.  Just Right Outsourcing: Understanding and Managing Risk , 2005, J. Manag. Inf. Syst..

[6]  Robert J. Kauffman,et al.  Proprietary and Open Systems Adoption in E-Procurement: A Risk-Augmented Transaction Cost Perspective , 2004, J. Manag. Inf. Syst..

[7]  Amrit Tiwana,et al.  Functionality Risk in Information Systems Development: An Empirical Investigation , 2006, IEEE Transactions on Engineering Management.

[8]  B. Bahli,et al.  Validating measures of information technology outsourcing risk factors , 2005 .

[9]  Valaria P. Vendrzyk,et al.  Defense Procurement Fraud, Penalties, and Contractor Influence , 1999, Journal of Political Economy.

[10]  H. Demsetz,et al.  Production, Information Costs, and Economic Organization , 1975, IEEE Engineering Management Review.

[11]  W. Baumol Contestable Markets: An Uprising in the Theory of Industry Structure , 1982 .

[12]  Aidan R. Vining,et al.  PUBLIC-PRIVATE PARTNERSHIPS IN THE U.S. AND CANADA: CASE STUDIES AND LESSONS 1 , 2004 .

[13]  Suzanne Rivard,et al.  Managing the Risk of IT Outsourcing , 1999, HICSS.

[14]  Scott Mitchell,et al.  A comparison of the strategic priorities of public and private sector information resource management executives , 2004, Gov. Inf. Q..

[15]  Miriam Wugmeister,et al.  Global Solution for Cross-Border Data Transfers: Making the Case for Corporate Privacy Rules , 2007 .

[16]  O. Williamson The economic institutions of capitalism , 1985 .

[17]  L. Willcocks,et al.  Interpreting information technology sourcing decisions from a transaction cost perspective: Findings and critique , 1995 .

[18]  Markus Biehl,et al.  Selecting internal and external supply chain functionality: The case of ERP systems versus electronic marketplaces , 2005, J. Enterp. Inf. Manag..

[19]  Robert J. Kauffman,et al.  Information Exploitation and Interorganizational Systems Ownership , 2004, J. Manag. Inf. Syst..

[20]  Ephraim R. McLean,et al.  Measuring e-Commerce Success: Applying the DeLone & McLean Information Systems Success Model , 2004, Int. J. Electron. Commer..

[21]  Anandhi Bharadwaj,et al.  An Empirical Analysis of Contract Structures in IT Outsourcing , 2009, Inf. Syst. Res..

[22]  Eric K. Clemons,et al.  Justifying Contingent Information Technology Investments: Balancing the Need for Speed of Action with Certainty Before Action , 2003, J. Manag. Inf. Syst..

[23]  K. Eisenhardt Agency Theory: An Assessment and Review , 1989 .

[24]  B. Klein,et al.  Vertical Integration, Appropriable Rents, and the Competitive Contracting Process , 1978, The Journal of Law and Economics.

[25]  E. Clemons,et al.  National Westminsters's strategic IT infrastructure: redefining branch banking with Pounds 500 million, making the investment decision, managing the risk , 1992, Proceedings of the Twenty-Fifth Hawaii International Conference on System Sciences.

[26]  Abraham Seidmann,et al.  Software Development Outsourcing Contract: Structure and Business Value , 1993, J. Manag. Inf. Syst..

[27]  Eric K. Clemons,et al.  Strategic Information Technology Investments: Guidelines for Decision Making , 1990, J. Manag. Inf. Syst..

[28]  Ephraim R. McLean,et al.  The DeLone and McLean Model of Information Systems Success: A Ten-Year Update , 2003, J. Manag. Inf. Syst..

[29]  Leslie P. Willcocks,et al.  An Empirical Investigation of Information Technology Sourcing Practices: Lessons From Experience , 1998, MIS Q..

[30]  E. Clemons,et al.  Poaching and the Misappropriation of Information: Transaction Risks of Information Exchange , 2004 .

[31]  Mingdi Xin,et al.  Software-as-a-Service Model: Elaborating Client-Side Adoption Factors , 2008, ICIS.

[32]  Eric A. Walden,et al.  Intellecutal Property Rights and Cannibalization in Information Technology Outsourcing Contracts , 2005, MIS Q..

[33]  Eric K. Clemons,et al.  Information technology and industrial cooperation , 1992, Proceedings of the Twenty-Fifth Hawaii International Conference on System Sciences.

[34]  Eric K. Clemons,et al.  Information Technology and Industrial Cooperation: The Changing Economics of Coordination and Ownership , 1992, J. Manag. Inf. Syst..

[35]  Leslie P. Willcocks,et al.  Risk mitigation in IT outsourcing strategy revisited: longitudinal case research at LISA , 1999, J. Strateg. Inf. Syst..

[36]  Amrit Tiwana,et al.  Functionality Risk in Software Development , 2006 .

[37]  D. Teece Profiting from technological innovation: Implications for integration, collaboration, licensing and public policy , 1993 .

[38]  Siani Pearson,et al.  Taking account of privacy when designing cloud computing services , 2009, 2009 ICSE Workshop on Software Engineering Challenges of Cloud Computing.

[39]  Mary Lacity,et al.  Twenty Practices for Offshore Sourcing , 2004, MIS Q. Executive.

[40]  Robert J. Kauffman,et al.  Proprietary and Open Systems Adoption: A Risk-Augmented Transactions Cost Perspective. , 2004 .

[41]  Detmar W. Straub,et al.  Coping With Systems Risk: Security Planning Models for Management Decision Making , 1998, MIS Q..

[42]  Li Jiang,et al.  Trust and Electronic Government Success: An Empirical Study , 2008, J. Manag. Inf. Syst..