Managing the Risks of Outsourcing IT Security in Supply Chain

Introduction

Contemporary enterprises are facing the fastidious antagonism of delivering services to customers and Information Technology is the tool that could assist them in achieving service (production or/and delivery) efficiency. But with limited resources (economic) outsourcing becomes the value proposition for them. Although the meaning and practice of outsourcing (especially the one of IS/IT) has evolved over time and the spending has boost, the percentage of budget allocated to outsourcing services, haven’t changed dramatically over the past several years (Langley, 2008) (Fink, 1994). According to Lee and Choi (2011) although “the global outsourcing market reached US$340 billion in 2007, and it is expected to increase to US$509 billion by 2012” the evidence of outsourcing value remains a challenging task for both service providers and clients. Enterprises are expeditiously outsourcing the non-core business processes and functions. This is happening in order for new efficiencies to be found and costs to be reduced along with the increase of shareholder value.

Lacity and Hirschheim (2009) envisage the outsourcing phenomenon by explaining two major tends. First it evolved into a utility and second a significant bandwagon effect was noted. Outsourcing is a strategy that is used to provide quality (high some times) services at a low cost. The underlying idea stands in that we can take advantage of a vendor’s considerable experience and economies of scale. In theoretical and traditional level the outsourcing firm it is believed that reduces the production costs associated with product or service development due to achievement of economies of scale (Stewart Schwaig et al., 2008), (Doldán Tié et al., 2006). It is indispensable to comment that the outsourcing IT is neither simple nor a transaction it is a strategy for managing the delivery of IT services and as all management strategies, the fundamental base is how the strategy is planned, implemented and managed (Cullen and Willcocks, 2003).

Supply chain is a system compromising of several processes or functions which by turn they break into activities and items in order for cost to decrease and to achieve a better customer service. This can happen through efficient management and so we eventuate to supply chain management. Supply chain management (SCM) resulted from the attempt to integrate suppliers/partnering firms in virtual enterprise and supply chain in order to meet the contemporary’ market requirements with the use of IT/IS (Williamson et al., 2004). IT and its security are essential for the integration of the chain of SCM and securing the success (Al Kattan et al., 2009).

Supply chain management aims to minimize the total system costs from customers to suppliers so it can attract and retain customers and to achieve the efficiency of supply chain network so it can meet the philosophy of just-in-time manufacturing/delivery (Chen et al., 2007). This efficiency of a supply chain network is relied on the success of the supply information network software system and IT infrastructure. Supply chain management and Information Technology are tied together. Simply it would impracticable and prohibitive to implement supply chain strategies without the assistance of information technology and coinstantaneously a number of developments in information technology have become true from requirements that enterprises set in the collaboration with their partners in the supply chain field (ex. web services) (Williamson et al., 2004) (Chandra and Grabis 2007).

A Supply Chain Network includes plenty entities such as (Palaniswami et al., 2010):

• •

  Suppliers of raw materials,

• •

  Producers of goods,

• •

  Logistics management firms,

• •

  Consolidators,

• •

  Various modes of transportation,

• •

  Financial and information services and

• •

  End users of the final products.