Managing of Information Systems Risks in Extended Enterprises: The Case of Outsourcing

Authors

Bastian Schlaak, University of GoettingenFollow
Scott Dynes, Dartmouth CollegeFollow
Lutz M. Kolbe, University of GoettingenFollow
Ragnar Schierholz, ABB Switzerland Ltd.Follow

Abstract

IT security issues and outsourcing of business processes are common but largely disjoint themes in the literature; common consideration is rare even though information security risk becomes a shared risk both through IS-based processes at outsourcing partners and potentially tightly-integrated IS systems. This paper explores this lack of an integrated model combining IT risk management view with the outsourcing process. Towards the development of an integrated model outsourcing and risk managing process phases are detailed; common phases of each serve as the basis for the introduction of an integrated model. Finally the paper suggests some points for future research.

Recommended Citation

Schlaak, Bastian; Dynes, Scott; Kolbe, Lutz M.; and Schierholz, Ragnar, "Managing of Information Systems Risks in Extended Enterprises: The Case of Outsourcing" (2008). AMCIS 2008 Proceedings. 280.
https://aisel.aisnet.org/amcis2008/280