Coercive, Normative, and Mimetic Influences on the Assimilation of BCM in Outsourcing Relationships

Today many business processes are based on IT systems. These systems are exposed to different threats, which may lead to failures of critical business processes. Thus, enterprises prepare themselves against threats and failures of critical IT systems by means of Business Continuity Management (BCM). The phenomenon of outsourcing introduces a new dimension to BCM. In an outsourcing relationship the client organization is still responsible for the continuity of its processes but does not have full control over the implemented business continuity measures. In this paper we build a research model based on institutional and assimilation theories to describe and explain how and why BCM is assimilated in outsourcing relationships. In our case studies we found evidence that primarily coercive and normative pressures influence the assimilation of BCM in outsourcing relationships and support the explanation of variation across enterprises. Mimetic pressures seem to influence the assimilation but do not explain variations.

[1]  A. Meyer,et al.  Organizational Assimilation of Innovations: A Multi-Level Contextual Analysis , 1988 .

[2]  Robert W. Zmud,et al.  Measuring the Extent of EDI Usage in Complex Organizations: Strategies and Illustrative Examples , 1996, MIS Q..

[3]  Gerhard Knolmayer,et al.  Assimilation of Compliance Software in Highly Regulated Industries: An Empirical Multitheoretical Investigation , 2013, 2013 46th Hawaii International Conference on System Sciences.

[4]  Zia Saquib,et al.  A new approach to disaster recovery as a service over cloud for database system , 2013, 2013 15th International Conference on Advanced Computing Technologies (ICACT).

[5]  Karlene H. Roberts,et al.  The Self-Designing High-Reliability Organization: Aircraft Carrier Flight Operations at Sea , 1987 .

[6]  Andrew R. McGill,et al.  Normal accidents: Living with high‐risk technologies, by Charles Perrow. New York, Basic Books, 386 pp. $21.95 , 1984 .

[7]  W. Scott,et al.  Institutions and Organizations. , 1995 .

[8]  Jonna Järveläinen,et al.  IT incidents and business impacts: Validating a framework for continuity management in information systems , 2013, Int. J. Inf. Manag..

[9]  L. L. Cummings,et al.  Strategic Response to Institutional Influences on Information Systems Outsourcing , 1997 .

[10]  Robert G. Fichman,et al.  Going Beyond the Dominant Paradigm for Information Technology Innovation Research: Emerging Concepts and Methods , 2004, J. Assoc. Inf. Syst..

[11]  Harkeerat Singh Bedi,et al.  Evaluating security and privacy in cloud computing services: A Stakeholder's perspective , 2012, 2012 International Conference for Internet Technology and Secured Transactions.

[12]  Michael J. Gallivan,et al.  Organizational adoption and assimilation of complex technological innovations: development and application of a new framework , 2001, DATB.

[13]  A. Langley Strategies for Theorizing from Process Data , 1999 .

[14]  G. Zsidisin,et al.  An institutional theory perspective of business continuity planning for purchasing and supply management , 2005 .

[15]  Forbes Gibb,et al.  A framework for business continuity management , 2006, Int. J. Inf. Manag..

[16]  D. L. Simms,et al.  Normal Accidents: Living with High-Risk Technologies , 1986 .

[17]  K. Weick Organizational Culture as a Source of High Reliability , 1987 .

[18]  Gerhard Knolmayer,et al.  Assuring Compliance in IT Subcontracting and Cloud Computing , 2011, Global Sourcing Workshop.

[19]  Eric K. Clemons,et al.  Just Right Outsourcing: Understanding and Managing Risk , 2005, J. Manag. Inf. Syst..

[20]  Kalle Lyytinen,et al.  What's Wrong with the Diffusion of Innovation Theory , 2001, Diffusing Software Products and Process Innovations.

[21]  Detmar W. Straub,et al.  Institutional Influences on Information Systems Security Innovations , 2012, Inf. Syst. Res..

[22]  Izak Benbasat,et al.  Predicting Intention to Adopt Interorganizational Linkages: An Institutional Perspective , 2003, MIS Q..

[23]  Leslie P. Willcocks,et al.  A review of the IT outsourcing literature: Insights for practice , 2009, J. Strateg. Inf. Syst..

[24]  Jürgen Beyer,et al.  Jeffrey Pfeffer and Gerald R. Salancik: The External Control of Organizations : A Resource Dependence Perspective , 2000 .

[25]  K. Eisenhardt Building theories from case study research , 1989, STUDI ORGANIZZATIVI.

[26]  F. Damanpour Organizational Innovation: A Meta-Analysis Of Effects Of Determinants and Moderators , 1991 .

[27]  Brahim Herbane The evolution of business continuity management: A historical review of practices and drivers , 2010 .

[28]  R. Zmud,et al.  Information technology implementation research: a technological diffusion approach , 1990 .

[29]  W. Powell,et al.  The iron cage revisited institutional isomorphism and collective rationality in organizational fields , 1983 .

[30]  Robert N. Stern,et al.  The External Control of Organizations: A Resource Dependence Perspective. , 1979 .

[31]  Phil Skelton Business continuity and supply chain management: How to manage logistical operations in the event of an interruption or emergency , 2007 .

[32]  Kristi Jackson,et al.  Qualitative Data Analysis with NVivo , 2007 .

[33]  Qing Hu,et al.  The role of external and internal influences on information systems security - a neo-institutional perspective , 2007, J. Strateg. Inf. Syst..

[34]  Robert R. Moeller Sarbanes-Oxley and the New Internal Auditing Rules , 2004 .

[35]  Qing Hu,et al.  Assimilation of Enterprise Systems: The Effect of Institutional Pressures and the Mediating Role of Top Management , 2007, MIS Q..

[36]  Suzanne Rivard,et al.  Measuring and Managing IT Outsourcing Risk: Lessons Learned , 2006 .

[37]  R. Yin,et al.  Case Study Research: Design and Methods (4th ed. , 2009 .