Open access peer-reviewed chapter

Outsourcing: Overview and Trends

Written By

Yingying Pang, Shishu Zhang and Albert Xin Jiang

Submitted: November 2nd, 2020 Reviewed: May 11th, 2021 Published: May 29th, 2021

DOI: 10.5772/intechopen.98333

Chapter metrics overview

473 Chapter Downloads

View Full Metrics


Outsourcing is a valuable strategy for firms to gain more benefits from the global supply chain. Outsourcing can be defined as a business agreement in which a firm is contracting out certain existing parts of the firm to either domestic and/or international third parties. In this chapter, we give an overview to the benefits and disadvantages of outsourcing. We also discuss recent trends in outsourcing; in particular, with the benefit of technology development, robots are starting to join in outsourcing.


  • outsourcing and offshoring
  • pros and cons
  • industry trends
  • past experience
  • future outlook

1. Introduction

Outsourcing is one of the current mainstream business strategies for firms to earn more benefits from the global supply chain [1]. According to [2], the U.S. outsourcing industry’s revenue grew over 20 billion U.S. dollars from 2010 to 2019. Moreover, globally, the total outsourcing industry revenue increased from 93.1 billion U.S. dollars to 135.5 billion U.S. dollars.

With the blooming of outsourcing, academic researchers conducted studies to better understand the many aspects of outsourcing. To date, Google Scholar has listed approximately 390,000 articles related to the keyword “outsourcing” published since 2010. Although the researchers’ interests in outsourcing varied, in recent years many researchers were focusing on outsourcing with Information Technologies [3, 4, 5], Logistics [6, 7, 8], and Education [9, 10, 11]. Researchers are particularly interested in outsourcing with Information Technologies [5, 12], including issues related to cloud computing [13, 14, 15, 16] and security [13, 14, 15, 17, 18].

In the rest of this chapter, we will first give an overview of the historical background of the development of outsourcing, and the definition of outsourcing. We will then discuss benefits of outsourcing, including lowering cost, improving the focus on core competencies, receiving the best technology within the industry which the firms did not have, and increasing the employees’ flexibility. We will also discuss the risks or potential disadvantages of outsourcing. We will also discuss recent trends in outsourcing, focusing on the impact of new technologies including cloud computing and artificial intelligence.


2. Historical background

Outsourcing could trace back to Rome for tax collection [19]. However, the concept of outsourcing was first proposed by Adam Smith in his book The Wealth of Nations [20]. This book posited that division of labor and specialization of labor are the key factors for productivity optimization. Smith argued that labor specialization promotes individual productivity and helps groups of employees cooperate with each other.

In the 1830s, innovations on railway networks and telegraph reduced the exchange time of both information and products. The development of the manufacturing industry allowed firms to enjoy the benefits from economics of scale and expand their business areas [21].

Later, in the post-war period, companies were advocated to conduct horizontal acquisition and vertical acquisition. At that time, proposers believed that conglomerate mergers’ strategy could help businesses earn better control over both production and market share [22].

However, between the 1970s and 1980s, academics continued to discover that the conglomerate firms were under-performing in the market [23, 24, 25].

Then in 1985, Williamson [26] proposed a new concept called Asset Specificity. Williamson illustrated that in order to optimize the company, the company needs to consider both production cost and transaction cost. Williamson identified the differences between these two costs as a function of asset specificity. In addition, Williamson’s Transaction Cost Theory [27] presumed that the most advantageous economic organizational structure is the one that was minimizing the transaction cost while maximizing the profit. Williamson defined Transaction Cost as the cost which summarized all the cost to make a transaction except production cost.

Williamson [26] proposed that economic institutions contained two characteristics - bounded rationality and opportunism. While in the exclusive contract situation, asset specificity would be added as a significant factor. When a circumstance consists of all three elements, the economic institutions will coordinate transactions to save limited rationality while protecting both sides from opportunism attacks. This concept was distinct from the traditional concept of profit maximization.

The concept of Asset Specificity helped explain the phenomenon of conglomerate firms under-performing in the market when they should be bringing great advantages to the business [28]. A Conglomerate merger is two or more economic institutions construct an exclusive contract with each other. Compared to the privately held company, the main concept of conglomerate firms already from profit maximization shift to coordinate transactions. Even though the conglomerate merger will reduce the company’s production cost, the transaction cost will increase since the company’s size is increasing.

Despite Williamson’s significant effort on enlightening outsourcing by transaction cost theory, according to [22], Tom Peter was the one who significantly influenced the companies back to concentrate on the firm’s core business.

Many firms were inspired by the Core Competency concept [29]. Core competency is a unique value that makes a firm stand out in the marketplace by utilizing its available resources and knowledge. However, the firms based on this concept to reengineering to more focus on the “core” [22].

Meanwhile, the public sector’s outsourcing is helping economic institutions to strengthen the idea of Outsourcing. Between the 1980s to 1990s, notably in the U.K., governments are using privatization and outsourcing to reform the public sector. The public sector’s reform set an example for firms about the strengths of Outsourcing. The reform also promoted the development of outsourcing in both the public and private sectors. The U.K. example influenced numerous firms to start to restructure their organizational framework to outsource unnecessary tasks and focus on the core activities [22].


3. Definition of outsourcing

As discussed above, outsourcing as a practical strategic tool has appeared for a long time; however, the official definition did not exist until 1997 [30].

The academics had been arguing about the definition since 1992. However, the broad definition of outsourcing is that it obtains activities that an organization has the knowledge and resources to execute, from outside of the organization [31].

Recently, Ishizaka et al. [1] examined the existing literature from 1994 to 2020 and came to a comprehensive conclusion:

“Outsourcing is a business agreement, either domestic and/or international (known as offshoring), and strategic management initiative for gaining a competitive advantage of a firm by contracting out their existing internal and/or external non-value added functions, and/or value-added functions, and/or core competencies to competent supplier(s) to produce products and/or services efficiently and effectively for the outsourcing firm.” ([1], p. 1, para 4).

Ishizaka et al.’s [1] definition contained multiple elements, including multiple branches and sub-branches. First overall and the most fundamental, Outsourcing is a business agreement. It indicates that demander and supplier reach a consensus through either oral or written agreement.

Outsourcing is a strategic management initiative that uses a contract-out the firm’s either existing functions and/or core competencies to earn the opportunity to stand out in the market. This indicated that companies could outsource not only the functions but also the core competencies to the third parties.

Last but not least, outsourcing can be a strategic management initiative by contracting out to qualified supplier(s) to efficiently and effectively produce products and/or services for the outsourcing firm to stand out in the market. This statement is to clarify that outsourcing does not need to be limited to products or services. A company can outsource their business process regardless of whether they provide either physical goods, non-physical goods, or both as long as this contract-out behavior can help the firm optimize productivity and quality.

With such a complex nature of outsourcing, Alexandre Dolgui and Jean-Marie Proth [32] provided some additional information to help clarify Outsourcing. Dolgui and Proth found that the frequent confusions for outsourcing are to separate outsourcing, offshore outsourcing, offshoring, and subcontracting.

The differences between outsourcing and offshore outsourcing are related to the location of the supplier and the outsourcing firm. Outsourcing commonly identified as both supplier and the firm both located in the same country. However, offshore outsourcing defined as the supplier is located in a country different than the firm. On top of that, offshore is classified as the firm constructed a branch in a different country.

According to Dolgui and Proth, practitioners such as managers were more likely to confuse the concept of outsourcing with sub-contracting. Sub-contracting is the firm contract-out partial works to another firm that contain specific resources and/or skills to provide better task results. Outsourcing, on the other hand, is the firm contract-out partial works to the supplier to allow the supplier to collaborate with the outsourcing firm.

In other words, sub-contracting only provides product and/or services that are specified in the contract; meanwhile, outsourcing is defined as the outsourcing firm establishing a partnership with the supplier. Dolgui and Proth pointed out that outsourcing requires some level of technical and organizational information exchange.


4. Motivation of outsourcing

Lacity et al. provided a systematic analysis of the motivations of outsourcing [33, 34, 35]. They categorized outsourcing into business process outsourcing and information technology outsourcing [33, 34]. Business process outsourcing is contract-out the business process to the entity outside of the company. Information technology outsourcing is contract-out the information technology services to the entity outside of the company. Lacity et al. [35] explained with more details when merging the two as business services outsourcing. The types of outsourcing “include, but not limited to, financial and accounting, human resources, procurement, R&D, call centers/customer service, software development, software support, infrastructure management services, systems integration services, and legal service.”

Lacity et al. [33, 34, 35] analyzed over 400 empirical studies from 1992 to 2014. They discovered 19 independent variables frequently shown up crossing six factors [35]. They found that the outsourcing firm had multiple motives to make the outsourcing decision other than just cost-saving. Lacity et al. pointed out that the firm tends to make an outsourcing decision when the firm craves on optimizing the quality and flexibility of the services while the firm wants to have a supplier’s professional skills and global markets in order to focus on the critical services. In other words, the outsourcing firm is looking to use the minimum cost to get the best results and tends to focus on the “core” of the company. However, the firm also considers losing control as a negative effect. This factor will make the firm prefer to make a decision against outsourcing.

In addition to the reasons above, Lacity et al. [35] also found that the outsourcing firm also frequently consider transaction attributes (such as high transaction costs, difficulty formalizing knowledge, high service complexity, and lack of service standards). The outsourcing firm will be more confident when the outsourcing firm possesses a certain level of technical and methodological capabilities. One interesting point is, when the nature of the firm is high degrees of internationalization, the firm more prefers outsourcing and offshoring.

Building on [33, 34, 35], Asatiani et al. [36] ran a regression based on a rich data set of 337 companies. They found that the motivation of outsourcing seems to be more dynamic than linear. They point out that even though cost-saving and focus on the “core” is positively correlated with outsourcing, the need for external expertise is a negative factor.


5. Risks of outsourcing

With all the advantages that outsourcing brings along, there are some risks of outsourcing that require the manager to notice before and after making the outsourcing decision.

5.1 Types of risks

Aron et al. [37] proposed that outsourcing risks can be divided into four categories: strategic risks, operational risks, intrinsic risks of atrophy, and intrinsic risks of location. Strategic risks referred to the risks related to opportunistic behavior for both the outsourcing firm and the supplier. The agent problem always comes with the same two reasons: the supplier did not work as hard as the outsourcing firm expected. The outsourcing firm manager cannot be aware of the manager hiring unqualified supplier due to lack of information or resources [37].

Information Leakage issues can happen to the supplier either unintentionally or intentionally. The supplier can either purposely steal the information the outsourcing firm provided and developed as supplier’s new advantages or leak the information to the third parties accidentally due to the supplier’s imperfect system structure.

Opportunistic renegotiation can be triggered when the supplier realizes that the outsourcing firm heavily relies on their products or services and there are no better solutions in the existing market. In that scenario, the supplier will push the outsourcing firm to renegotiate the distribution of benefits to ensure the supplier’s profit maximization.

Operational risks referred to the risks of communication and cooperation between the outsourcing firm and supplier in the period of outsourcing. Operational risks can happen in many circumstances, such as complexity of operations, geographic location differences between the supplier and the outsourcing firm, and the communication barriers and transmit systems between the supplier and the outsourcing firm. Benefit from the information technology rapidly developing, the operational risks keep decreasing. However, lowering the operational risks required to transform massive information outside of the outsourcing firm will significantly increase information leakage’s strategic risk [37].

Intrinsic risks of atrophy referred to after the outsourcing decision was made, the outsourcing firm will lose the professional whose expertise in the outsourcing activities. Depending on the outsourcing firm’s strategy is focusing on cost-saving or maintain the company’s control, this issue can be big or small. It also can interact with the strategic risk of opportunistic renegotiation. When the supplier posse a renegotiation request, if the outsourcing firm still maintains the professions with such expertise, it increases its bargaining power.

Intrinsic risks of location referred to the risk of outsourcing the firm to a remote location. The location risks can be but are not limited to geopolitical risks, sovereign risks, and exchange rate risks. This type of risk ties to the specific of outsourcing location; each region had its own unique cultural and political background. Without the manager understanding the supplier’s country in advance, it can increase the possibility that the outsourcing firm must take the extra cost from not familiar with the supplier’s country. This type of risk often happens when a manager makes an offshore outsourcing decision.

Overall, the types of risks summarized the possible directions a firm can meet the obstacles and lead to an outsourcing decision’s failure. Next, this chapter would like to introduce the risk of outsourcing based on outsourcing processes to understand outsourcing risks further.

5.2 Business process risk

Shi [38] posed that business process outsourcing usually contains two types of risks: market performance risks and organizational risks. Based on the time of outsourcing, Shi divided the risks further into four types. However, within market performance risks when the firm just outsourcing, the balancing cost and outsourcing results and increase customer complaints are tie back to agent problem. Meanwhile, operation shut-down is the side effect of intrinsic risks of atrophy. After time passes, Shi mentioned the risk could become the price or contract creep and low innovation rate. For the change of the price or contract, it can tie back to the opportunistic renegotiation. As a result of operation shut-down, the firm will have a low rate of innovation due to the profession’s loss within such expertise. This risk can refer back to intrinsic risks of atrophy.

For organizational risks, when the firm just outsourcing, the firm will experience losing the specific knowledge that the firm outsourcing to the supplier, loss of confidential information, loss of employees whose contained loyalty and capability and lower the existing employee’s morale and productivity. The loss of specific knowledge, loss of employee, and lower existing employee’s morale is the side effect of the operation shut-down. However, this type of risk tie to the intrinsic risks of atrophy, which more rely on the manager’s decision on cost-saving or preserve the bargaining power. On the other hand, loss of confidential information is the risk of transferring to a new system which indicated this risk tie to information leakage. The risk of lower employee productivity can interpret from two aspects. One of the risk is that the employee’s productivity is lower due to the working process has changed due to the firm’s recent outsourcing decision. The employees require extra time to adapt to the new methods of doing their old job. The other interpretation is due to the operation shut-down, the resignation wave within the firm, and the low morale among employees, the existing employee became low productive. Lower employee productivity risk can refer back to intrinsic risks of atrophy since all of them are the side effect of operation shut-down.

After the firm adapted to outsourcing, the firm can have organizational risks such as relying on the supplier, losing control of strategic assets, locking in between the outsourcing firm and supplier, adapting to the incompatible architectural style, and unsuitable competitive signaling, Loss of innovation capabilities and strategic flexibility.

Among all the risks above, the incompatible architectural style and unsuitable competitive signaling can tie to both the agent problem and operational risks. The incompatible architectural style indicated that the firm partially sacrifices its operating mode to fit the style supplier provided to cooperate better. And unsuitable competitive signaling indicated the firm permitted some of the non-value-added terms to earn the opportunity to work with the supplier or make the outsourcing process run smoother at the beginning of the outsourcing. However, when time passes by, the existing terms lost their advantages. These two risks can happen cause of the firm lack of necessary information to discover a suitable supplier or in the existing market, there is no existing supplier that can perfectly fit the outsourcing firm’s requirement. Therefore, they can tie to both agent problem and operational risks.

As for the lock-in, loss control on strategic assets, loss of innovation capabilities and strategic flexibility, and reliance on the supplier, they all can tie to intrinsic risks of atrophy. Lock-in is due to asset specificity. When the outsourcing firm and supplier made a contract, the outsourcing firm and the supplier are naturally locked in. Cause of the characteristics of lock-in and the how much the outsourcing firm is sacrificing to reach an agreement, the outsourcing firm will lose some level of strategic flexibility or control on strategic assets. Furthermore, on a cost-saving basis, the operation shut-down decision is made, the risks of innovation capabilities loss and reliance on the supplier will exist due to the talent loss. But after all, these risks all relate to the nature of outsourcing and the firm’s decision of cost-saving. Therefore, they all refer to intrinsic risks of atrophy.

5.3 Information technology risk

Aubert et al. [39] in total list seven undesirable outcomes: unexpected transition and management cost, switching cost, expensive contractual amendments, disputes and litigation, service degradation, increased cost, organizational competencies loss, and hidden service cost.

Unexpected transition and management costs are attributed to three risk factors: either the outsourcing firm and/or the supplier’s lack of knowledge on the outsourcing, the supplier unfamiliar with the outsourcing firm, and unfamiliar with the legal environment.

Both outsourcing firm and the supplier can increase the transition and management cost when either of them is unfamiliar with the outsourcing process. Furthermore, this situation increases the overall cost for the outsourcing firm to get their expected results. The reason behind that is the outsourcing firm’s lack of knowledge of either the outsourcing process or awareness on the supplier’s qualification. Therefore, either the outsourcing firm or the supplier’s lack of experience in the outsourcing process is the agent problem. Meanwhile, when the supplier is unfamiliar with the outsourcing firm, the firm needs to train the supplier the same as the new employees. The extra training requires the firm to pay the additional cost to smooth the outsourcing process. These risks only exist when the firm needs to adapt the services or unfamiliar system which the supplier provided. It can be identified as operational risks. Also, unfamiliar with the legal environment can be classified as intrinsic risk of location because the legal system gets involved. If the supplier and the outsourcing firm are located in the same region, the supplier should share the same legal system with the outsourcing firm. Then less likely, both sides need to experience the risk of an unfamiliar legal environment unless one of them or both of them are new to outsourcing. Hence, unexpected transition and management cost and its risk factors can be identified as Agent Problem, Operational Risks, and Intrinsic Risk of Location.

Switching cost as an undesirable outcome contained lock-in, repatriation, and transfer to another supplier. Switching cost is the cost the outsourcing firm needs to consider when the firm needs to consider replacing the supplier or not. Asset specificity, a small number of suppliers, economic scope, and interdependence of activities are the risk factors associated with switching costs. Asset specificity is the characteristic of a contract; the number of suppliers and the economic scope decided the outsourcing firm’s interdependency level. All the risk factors related to switching cost can be identified as opportunistic renegotiation and intrinsic risks of atrophy. After all, all the risk factors related to switching cost depend on how unique the supplier’s resource or knowledge—the more unique, the higher the switching cost. The uniqueness provided the supplier the power to renegotiate and influence the outsourcing firm’s decision-making on withholding specific professions to remain bargaining power to the supplier.

Expensive contractual amendment is the cost of adjusting the contract caused by uncertainty, technological discontinuity, and task complexity. Uncertainty indicated that the supplier’s performance could not be measured will be forced both sides to adjust the existing contract to confirm shift the invalid performance measurement to the new performance measurement. Invalid performance measurement can happen when either task is too complex or the supplier cannot provide a good performance for the outsourcing firm. The task complexity will discuss shortly. This suggested uncertainty is both agent problem and opportunistic renegotiation. When no supplier in the existing market provides a discontinued technology, the outsourcing firm is forced to renew the contract with the supplier to accept the substitute solutions. Task complexity related to the uncertainty of the future needs, Aubert et al. [39] posed that when the task is too complex when changes appear, both sides are forced to renegotiate the contract. In general, expensive contractual amendments and their related risk factors are classified as opportunistic renegotiation mainly and attached the agent problem.

Disputes and litigation as the undesirable outcomes mainly indicate the issues created by contracts, agreements, and legal environments. Measurement Issues, Lack of knowledge in outsourcing contracts from either the supplier or the outsourcing firm, unfamiliar with the legal environment, and poor cultural fit are the risk factors for disputes and litigation. As mentioned earlier, the measurement issue is the opportunistic renegotiation and agent problem, lack of knowledge in outsourcing contracts from either the supplier or the outsourcing firm is agent problem, and unfamiliar with the legal environment is an intrinsic risk of location. Poor cultural fit belongs to the intrinsic risk of location. Poor cultural fit originated from the cultural differences between the two regions.

Service degradation indicated that the outsourcing company’s service after the outsourcing decision is not as good as the firm before outsourcing. Such downgrade is caused by interdependence of activities, the supplier unfamiliar with the outsourcing firm, the size of supplier, supplier’s financial instability, measurement issue, and task complexity. As shown before, the interdependence of activities is opportunistic renegotiation and intrinsic risks of atrophy, the supplier unfamiliar with the outsourcing firm is operational risks, the measurement issue is agent problem and opportunistic renegotiation, and task complexity is opportunistic renegotiation. Earl [40] argued that the quality of service largely depends on the supplier’s size, financial stability, and expertise. Since the size and stability are the characteristics of determining is the supplier a qualified supplier or not, the supplier size and supplier’s stability are referred to as agent problem.

The increased cost is related to the risk factors of the supplier’s lack of knowledge with contract management, measurement issue, and the supplier unfamiliar with the outsourcing firm. When the supplier performance but both sides could not come up with a valid measurement to determine the quality of the supplier’s performance, it can be caused by either the outsourcing firm lack of effective monitoring methods or the supplier did not provide enough details allow the outsourcing firm to inspect the performance quality.

Organizational competencies loss means that due to the outsourcing firm’s getting contract-out to the supplier, the outsourcing firm may experience the loss of the professions and knowledge related to the outsourced part. Organizational competencies loss is connected to the risk of contract scope, close to the core competency, and interdependence of activities. Scope of contract means the more outsourcing firm contract out to one supplier, the harder the outsourcing firm can maintain independence. Meanwhile, when the outsourcing is too close to the “core,” the outsourcing activity will cause the outsourcing firm to lose the essential skills [29]. Moreover, this kind of loss can have a negative impact on the future of the outsourcing firm. Organizational competency loss can be identified as intrinsic risks of atrophy since all the risks are shown up after outsourcing behavior happened. The talent loss situation from Intrinsic risks of atrophy can lead to opportunistic renegotiation due to the outsourcing firm heavily relying on the supplier.

The last undesirable outcome is the hidden service cost. Hidden service cost contained three risk factors: task complexity, measurement issue, and uncertainty. Agency theory suggested that when the supplier on purposely created measurement issues to increase the cost assessment challenge due to low morale, then more than likely hidden service cost will increase.

In summary, information technology outsourcing is involved in all four risks. Unlike business process outsourcing, Information technology outsourcing tends to more frequent to have agent problem, Intrinsic risks of atrophy, and opportunistic renegotiation. In other words, the outsourcing firm manager should pay more attention to talents lost and its series of consequences. Simultaneously, the manager should work harder to identify a qualified supplier to avoid undesirable outcomes.

As Asatiani et al. [36] mentioned, the outsourcing factors are dynamic. Many firms are now contracting-out their parts to multiple suppliers [41, 42]. Outsourcing firm can contract multiple parts to multiple suppliers. To increase the firm’s control, the manager can even split the business process into several pieces for different suppliers. Therefore, each outsourcing firm will experience its unique challenges since they had its unique combination of outsourcing.

5.4 Risk management assessment

Existing literature tends to study the outsourcing risk as to the risk management cases instead of developing a measurement tool [43, 44, 45]. In addition, many studies only study the Risk Assessment in Information Technology Outsourcing [46, 47, 48].

When Aron et al. [37] posed the outsourcing risks into four categories, they also proposed a task decomposition of the process that the bank requested. This process had three steps: identification, formulation of retention strategy, and retention. Aron et al. adjusted this method to fit for outsourcing risk assessment. Identification is based on the four risk categories to identify an outsourcing firm’s risks. The next step, the formulation of retention strategy, is managers and researchers propose multiple solutions to determine the best solution for the situation based on the risks. The last step is retention. This step is to execute the solution determined in the second step. For more details, see [37].

Welborn [49] also proposed using a specific assessment tool to help managers and researchers to identified outsourcing risks. Welborn suggested using Failure Mode Effects Analysis (FMEA) to identify outsourcing risk since FMEA is used for risk management. FMEA was evolved from Failure Mode, Effects and Criticality Analysis (FMECA). FMECA was proposed in [50]. It is a traditional criticality analysis assessment tool to identify item failure. FMEA become a popular tool for many industries used to conduct safety and reliability analysis related to systems, products, processes, and services [51].

FMEA suggested that users identified risk categories and then detail specific potential risks. After that, based on severity, frequency of occurrence, and detectability, to score each risk and calculate the Risk Priority Number (RPN) by multiple all three aspects’ scores. They are then using a pareto distribution to analyze the RPN of each risk and develop a solution against the high RPN. FMEA is an assessment tool that is able to execute when the process occurs changes repeatedly [51].

Lee et al. [42] take advantage of FMEA’s universally suitable features, they used the adjusted the FMEA framework Supply Chain Risk-Failure Mode and Effect Analysis (SCR-FMEA, [52]) and combined it with Monte Carlo Simulation (MCS) to conduct a risk assessment tool which contains both qualitative and quantitative risk assessment.


6. Trends and discussion

6.1 Trends in the academia

Lacity et al. [35] found that there still many mysteries to be revealed. To better understand the motivation of outsourcing, Lacity et al. call for more studies related to governance determinants since there are limited studies on such areas. Lacity et al. [35] encouraged researchers to extend their interest to relate outsourcing with innovation, disclosed more about environmental factors’ relationship with outsourcing, and understand more about the outsourcing firm’s capabilities and the supplier. Lacity et al. suggested exploring more on outsourcing configurational methods, discovering new pricing models other than fixed-price model and time & materials model, understanding better on business analytics sourcing, and revealing emerging models. They discuss how outsourcing and its related personnel positively influence marginalized populations and their roles in sustaining the planet. The other future directions are discussed in advisors, the threat of cybersecurity, and the influence of service automation.

In addition, [53] point out that many researchers are aware of lacking longitudinal datasets, and they encouraged researchers to conduct longitudinal studies to help understand outsourcing. Another suggestion provided by [53] is to extend the related personnel to the parties responsible for outsourcing and the other stakeholders whose careers are impacted and/or threatened by the outsourcing decision.

6.2 Trends in the practice

Kakabadse and Kakabadse [41] concluded that outsourcing in the 2000s was more focused on cost management and functional specialization, and differentiation strategy and market response capability would become of the future. The outsourcing cost of data storage, e-commerce, and website setup was drastically reduced. Small and Medium-sized enterprises tend to seek contract-out to the third party by paying the monthly flat fee. In addition, the outsourcing process is from carrying non-core function moving to the core, from a single function extend to a complete business process and/or value-added intangible assets. Meanwhile, outsourcing firms were shifted from manufacturing to small/medium-sized enterprises and public sectors.

Also, the ways of cooperation between the outsourcing firm and the supplier became looser. The outsourcing firm tends to change from recruit single suppliers to multiple suppliers. Moreover, the outsourcing firm tended to produce a white label product to reduce the cost further and maximize the profit. The outsourcing firm also intends to construct a joint venture partnership with the supplier to allow the supplier to join the decision-making process and bear the cost together. Meanwhile, the payment method changed from pre-payment to pay-on-demand.

Due to the rapid development of outsourcing, the company’s concept had changed from vertically integrative diversified corporation to the networked enterprise specialized corporation that seeks the best variety in the enterprise network. Also, the outsourcing firm tends to focus on cost reduction of R&D and systems innovation. The supplier tends to just install and run new systems instead of takeover the existing assets. Moreover, the outsourcing firm was transferred their habit of contract-out the entire complex operation to one supplier to assign multiple suppliers based on the professional requirements of each area.

Because of the development of technology, more and more information technology outsourcing strategy has discovered. Hanafizadeh and Zareravasan [53], based on their review of 91 Information technology outsourcing studies published between 2000 and 2018 in over 50 journals, summarized that the following seven strategies are the mainstream strategy of ITO: cloud computing, IT operations and maintenance outsourcing, information system development outsourcing, BPO, offshore outsourcing. The outsourcing firm shows a trend on relying on machine’s computing capabilities and using a machine to replace human for repetitive behavior.

6.3 New player in the outsourcing industry

Before we discuss who the new player is in the outsourcing business and the pros and cons, let us briefly clarify some of the concepts first. This section will adopt the concept of cloud computing, big data analytics, and service automation.

Cloud computing is a shared computing technology where software and hardware cooperate with the real-time network to provide users a service which allows user access certain supplier-provided services or functions remotely. Cloud computing consists of Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS) [54, 55].

Big data analytics is human adopting advanced analytics techniques on the big data set [56].

Service automation is a concept proposed by [57]. Service automation indicated the service sector used a machine to provide service instead of a human. Lacity et al. [35] referred that service automation as a machine that replaces humans to accomplish highly perceptual tasks and highly cognitive tasks. Brynjolfsson and McAfee [58] believed that the first machine age existed in industrial revolution. At that time, machines replace humans’ manual labor. Furthermore, the second machine age is the era in which machines replaced humans for mental work.

Davenport and Ronanki [59] categorized artificial intelligence application in business into three categories: process automation, cognitive insight, and cognitive engagement.

Process automation is the robot using robotic process automation to automate the digital and physical task. The machine simulates humans to input and output information from multiple information technology systems. Cognitive Insight is the robot using massive user data to predict users’ behavior and preferences based on algorithms. This kind of robot is usually used for optimized job performance for machines. The tasks that the machine needs to accomplish are too complex for humans; therefore, human jobs are unaffected by this type of machine [59].

Cognitive Engagement is the robot use intelligent agents, machine learning technology, and natural language processing chatbots to interact with a human.

Cloud computing is a technology that allows customers to access products, resources, and/or services remotely by using the software as an interface regardless of the hardware setting. Big data analytics is a technology in which humans use massive data to explore the unfound facts from data producers using the analytic technique. Service automation is a technology using the robot to substitute partial mental work. Due to technological development, the robot is joining the outsourcing industry.

Computer and machine bring great advantages for business. They can help the firms to optimize their efficiency. Meanwhile, they also contained multiple risks and challenges. The following section proposes the possible benefits, challenges, and risks of cloud computing and service automation in outsourcing to bring researchers and practitioners some thoughts.

6.3.1 The benefits

Mainly Cloud Computing Technology contained three benefits: cost-saving, flexibility, and rapidity. One of the main benefits for businesses to select a cloud computing service is to reduce their investment budget in IT [60]. The on-demand pricing model, on some level, exempts the user’s partial cost to access the service and the upfront cost to establish such a service [61]. For example, developing a virtual machine algorithm on optimizing resource allocation is the cost that the firm might require to pay upfront [62].

Cloud computing outsourcing allows the firm to enjoy flexibility at the level of allocating resources. The firm is buying the resource based on real-time demand instead of pre-purchased hardware and software. The charming part of such flexibility is that the firm does not need to pay additional costs for idle digital storage space [61].

The firm exploits the characteristics of rapid and flexible cloud computing to conduct many strategies and product tests to determine the best solution for the company [63]. Moreover, Cloud computing allows the firm to rapidly gather the required resources and provide a fundamental infrastructure within a few days [60].

Service automation’s benefit needs to target by each specific technology. Process automation is the lowest cost among the three robots and had low user learning cost to access this service [59]. Process automation can help the outsourcing firm save massive time that the employees spend on repetitive low-level mental tasks. In addition, it works excellent for multi-system cross-referencing. This indicated that if a company shifts service to a different provider when a contract is over, the process automation can play the role of a middleman to help smooth the data transfer process.

Cognitive insight mainly helps the outsourcing firm optimize machine’s job performance, which means this type of robot will not steal human’s job because humans are unable to accomplish a job that this type of robot does [59]. Another benefit is that since this kind of robot has a cognitive function, it indicated that the robot has self-learning and self-optimization functions in understanding users and optimizing the quality of future data collection.

Cognitive Engagement mainly simulates human interaction with customers, this type of robot’s cognitive function is enhanced in creating a solution for the users and simulating human language [59]. The benefit of this kind of robot is freeing customer service time from answering a large number of repeated, basic questions.

Davenport and Ronanki [59] found that over half of the company executives they interviewed (51%) motivated by service automation can optimize its products. In addition, many executives agree that service automation can help optimize internal business operations (36%), free up employees to conduct a more creative task (36%), make a better decision (35%), product innovation (32%), optimize external business process (30%), extent the market (25%), access and rational use of scarce knowledge (25%), and only close to one-fifth of the executives (22%) mentions on use service automation to streamlining the company population. This indicated that for most managers, using robots to replace humans is not the primary purpose of bringing in the robot to the company.

6.3.2 The challenges

For cloud computing services, challenges and risks exist for both the service provider and the users. Alali and Yeh [60] expressed their concern about data security risks and the importance of standardization guidance for cloud computing. For service providers, the security risk is to protect all the data from leakage by third parties.

Data breaches are becoming more and more common. Verizon [64] found 3,950 confirmed data breaches during the period from the beginning of November 2018 to the end of October 2019.

Verizon found that the most common cause for data breach involved hacking (45%), errors (22%), social attacks (22%), malware (17%), misuse by authorized users (8%), and physical actions (4%). Meanwhile, most of the breaches conducted by the individual outside of the company (70%), over half of them involved organized criminal groups (55%), some of them involve inside job (30%), and perpetrator involving partner (1%), multiple parties (1%), and an attacker alliance which had four or more members in a single breach (4%) are rare to see. Verizon found that 72% of the breaches target large companies. Moreover, Verizon emphasized that since the business is trending into cloud-based solutions, the use of stolen credentials would increase in the future.

For the service clients, the security risk is to ensure the data storage in the outsourced company did not leak to the supplier company (service provider) and/or the unrelated third parties [60]. Cannon [65] also suggested that the cloud computing designer should focus more on optimizing data privacy protection.

Of course, the proposals above are not groundless. Verizon’s report showed that over half of the victims (58%) from the data breaches experience personal data leakage. This indicated that the outsourced company’s information gets leakage, and outsourced firm’s customers will also be affected. For example, Adobe in 2013 got a data breach that impacted at least 38 million of their customers. The hacker stole 3 million credit card records and login information from Adobe’s users. On this basis, tens of millions of user accounts may have been compromised. Even there are risks for the cloud computing service company (the supplier). However, the outcome of a data breach can affect the outsourced firm since the customers belong to the outsourced company instead of the cloud-service provider.

Another risk that is more concerned by the cloud supplier but might affect the outsourced company is local laws and regulations. Since data can be stored anywhere, the cloud service provider and its clients should pay attention to the laws and regulations where the data is stored and related trans-border laws [66]. For example, United States had no single principal data protection legislation [67]. Meanwhile, multiple laws and regulations are available at the federal and state levels. Therefore, the cloud service provider and the outsourced firm need to make sure nothing is crossing the line.

As for service automation, [59] found serval challenges exist when a company makes a decision to go service automation. They revealed that close to half of the manager found that it is difficult to retain existing process and system while adopting the service automation (47%), many of the managers discovered that the cost of technologies and expertise are expensive (40%), the managers unfamiliar with service automation and its mechanism (37%), lack of professions in Technology areas (35%), Technology is not yet mature (31%), and technologies have been oversold in the market (18%).

Overall, the challenges discovered from [59] indicated that the obstacles for the outsourced firm could cause by service automation is a newly developing technology. This means that it will be expensive, knowledge and professions are scarce, and the majority of the population unable to understand it. Moreover, since it is a newly developing technology, it also indicated that this technology has many areas await perfection. Meanwhile, the cost of business structure optimization is a crucial concern above all the expense of bringing in the new technology. And of course, last but not least, the concern of robots replacing humans.

6.3.3 The risks

The risk section adopts the risk framework of [37] to discuss cloud computing and service automation risks. The risks contain strategy risks, operational risks, intrinsic risks of atrophy, and intrinsic risks of location. Among them, strategy risks include agent problem, information leakage, and opportunistic renegotiation.

Firstly, there is the strategy risks-agent problem. Aron et al. [37] explained that the agent problem usually indicated that the supplier’s outcome did not meet the outsourced firm’s expectation and/or the outsourced firm’s lack of resources to identify an unqualified supplier. In other words, the outsourced firm felt that they did not get what they paid for. For computers and robots, it is hard to tell whether they “work hard enough.” However, based on the supplier’s performance, the outsourced firm can determine if the service that the supplier provided is over-price or not.

Choosing a qualified supplier can help the outsourced firm reduce the risk of information leakage in both the cloud computing and service automation areas. The qualified supplier should be the supplier who is qualified both morally and in capability. The capability indicates that the supplier can protect the data by using practical tools and algorithms at both the software and hardware level. The supplier should have the ability to protect the outsourced firm’s information both digitally and in-person from both outside of the company and the inside job.

In addition to capability, researchers found that the moral standard is an underestimated factor. Many papers did not consider discovering the moral of the supplier. However, recently, moral becomes more and more critical. Especially now, moral can be the factor that increases opportunity risk. To prevent the moral risk evolved into opportunity risk in opportunistic renegotiation, the authors suggest that an individual third party in either public sectors and/or private sectors construct a standard or guideline to help service providers practice business morally in cloud-computing area and service automation area.

Secondly, there is the strategy risk-information leakage. This indicates that the risk of both cloud computing and service automation will rise continuously. Therefore, the demand for improving data protection is increasing. However, in service automation, there is a dilemma for both the supplier and outsourced company. When the robot uses the black-box model to conduct a prediction and analysis, it significantly increases data security and privacy since no human can “look inside” to see how it works. This can provide the outsourced firm deniability on the outsourced service because they do not have access to the robot and the knowledge. All they get is the results.

However, the white-box model allows inspection from humans, but being able to inspect the robot’s working mechanism may also indicate that individuals can access the client’s confidential information. The supplier may violate the outsourced firm’s data privacy.

Winfield and Jirotka [68] conducted an in-depth discussion on a dilemma between the right of human privacy and for reducing the public harm created by the black-box model. They referenced the “black box” from flight data recorders and proposed an insight that the service provider should create an ethical black box inside the black-box model robots to record the sense data and the decisions. Meanwhile, they also suggest that robots develop moral values to fit human interests.

Thirdly, there is the strategy risks-opportunistic renegotiation. If one party completely controls the relationship, one will gain greater profits and/or voices.

With the trends of cloud solutions and big data Analytics, everything is heavily data related. Even the service automation (such as the cognitive insight and cognitive engagement technology) requires users’ data to analyze, predict, and improve. Data become essential for profit. Hence, data protection has become the key to winning the competition in the marketplace.

An immoral cloud computing service supplier may get involved in the data breach and identity stolen in such a condition. However, the service automation outsourcing firm will experience the same harms as cloud computing service plus the company’s core strategy or the newly developed technology got duplicated or stolen.

Worst scenario, the supplier based on the customers and technologies the outsourced firm provided to optimized and develop an upgraded version of substitute product/service. The outsourced firm may be forced to pay to become the middleman between the supplier and the customers. The outsourced firm forced the founder to transfer to its distributor.

The mechanism of this scenario is the same as when the firm in the 20th century determined automated the internal business process, due to the automation has evolved into too complicated. The firms began to have to outsource the process [69]. However, in this case, the outsourced firm did not force to outsource the business process. The firm was forced to outsource the core competence, which made them unique in the market.

Once the outsourced firm is caught in this predicament, it is difficult to leave this situation. The robots can optimize the product/service so rapidly that no human can follow, the outsourced firm became experienced the dilemma of either the firm become the distributor of the supplier company under the pressure of peer competition, or the entire company needs to experience a path shift in the core competencies.

To avoid this situation, the authors suggest focusing on agent problem and information leakage to seek solutions. First of all, if the outsourced firm can find a morally qualified supplier, this situation can be eliminated. Of course, most of the time, the outsourced firm did not have the resource and information to avoid unqualified suppliers is the reason push the firm into this situation. That is why data protection capability comes along. When a supplier is qualified both morally and in capability, the supplier can design an encryption algorithm and safety code that only the client (the outsourced firm) can access the data and/or the results and services from a black-box model robot. In this way, even the supplier firm did not have access to the outsourced firm’s data and knowledge. Even when an error occurs, the firm can invite the government and the public to inspect the supplier firm to fix the issue.

Fourthly, there is the operational risks. Operational risk happens between the supplier and the outsourced firm when outsourcing is on-process. It usually is the risk of the communication and/or transmission systems between the supplier, and the outsourced firm is different. This risk exists at the beginning of the new outsourcing relationship for both cloud computing and service automation. The more the outsourced firm changed the supplier, the operational risks increase. If the firm changes its supplier every three years, the operational risk will higher than the firm changes its supplier every five years.

However, changing the supplier is more expensive for the first time change to cloud computing and service automation. When the firm first outsources cloud solutions and service automation, the firm needs to take risks and costs to digitize all the existing information. Also, service automation requires optimizing the business structure to fit for service automation. After that, when the outsourcing company shifted between the suppliers, they already had the foundation to work with cloud computing service and service automation. All they need to do now is to transmit the data and adjust the existing structure to fit the new supplier better.

Operational Risk and its cost now are turning into a common obstacle for the outsourcing firm executives who preferred the service automation technology. After all, nearly half of the executives in [59]‘s study found that the existing business structure is not compatible with service automation technology.

Fifthly, there is the intrinsic risks of atrophy. Due to now the cloud computing and service automation are still a newly developing technology, this risk exists when the firm decides to adopt cloud computing and service automation. This is one of the main issues discussed in [59]. The executives that adopted service automation technology disclosed that the service automation technology is so complicated that the professions are scarce and expensive. The executives have difficulty understanding the technology.

For cloud computing, the challenge and the risk are similar. Maybe cloud computing will be a little user friendly than service automation when it comes to the feeling of use. However, when it comes to data protection and maintenance professions, the outsourced firm will have to outsource all the services to the supplier firm who is storing the outsourcing firm’s data since the Encryption Algorithm, the hardware, and the software is all owned by the supplier.

Besides, there is the intrinsic risks of location. For both cloud computing and service automation, the main issue for this risk is where the location is that stores all the data. When data is transfer across states and even countries, the Intrinsic Risks of location increase.

Last but not least, there is one more challenge: the money issue. Davenport and Ronanki [59] showed that 40% of executives disclosed that the technology is too expensive. Meanwhile, an artificial intelligence project launched by the MD Anderson cancer center using IBM’s Watson cognitive system to diagnose and recommend treatment plans for certain forms of cancer got suspend due to the cost of the program is rising to $62 million in 2017. This example gives an example of how expensive service automation technology can be. The large corporations might be able to handle such a price, but it is hard for small and medium firms to access the benefits of service automation such as IBM’s cognitive system.

With this challenge, the authors of this chapter suggest the outsourcing firm with the same or similar interest construct an alliance to group all the outsourcing firms’ budgets. The alliance can determine the permissions of the technology based on agreement or contract for each type of alliance member. However, the alliance is the one sign the contract with the supplier and fund the supplier’s expensive new technology.

In recent decades, the supply–demand relationship in outsourcing is leaning toward buyer’s market. However, due to the advantages that computers and robots created, the outsourcing industry will fall back to the seller’s market.


7. Suggestions and recommendations

In this section we provide some suggestions and recommendations for researchers and practitioners.

Davenport and Ronanki [59] disclosed that only 22% of executives consider service automation as the solution to cut off headcount. Even though the robot is great, but the errors are more invisible than the previous. Davenport and Ronanki [59] suggested that the reallocated employee can switch to a big data analyst. However, for the front-line employees, can the trial-and-error clerk be their next career opportunity? Amazon Echo’s example showed us that some of the errors might be detected only by humans. Does the outsourcing firm need the human agents to trial run and detect the possible robot issues before the product or service release to the public? Since the ultimate question is “will robots replace human labor or not?” this paper calls for future researchers to record and track the executive’s decision making after the service automation outsourcing to reveal how the managers avoid the dismissal tide and relocate the existing employees.

Due to the dynamic, complex nature of its rapid development in the outsourcing industry, we feel the need to enhance the call for paper on longitude study. Based on the challenges section disclosed above, the tools and standardization of data protection are awaiting exploration and perfection. How to handle the balance between human privacy and artificial intelligence black-box model should bring more attention. We suggest that future researchers join the discussion and provide more suggestions and guidelines to help the industry construct such an issue.

We also call for a paper on the education field to discuss the future needs for human resources. Now, society is starting to use robots to help humans live better, but it already showed the challenge of the public unfamiliar with the robots and their working mechanism. Are future talents need to improve such skills? Or is this the service supplier’s obligation to make robots more user-friendly? We call for more papers on the topic of cloud computing and service automation in outsourcing. In addition, we call for more empirical studies to reveal the pros and cons of cloud computing and service automation. For the practitioner in the outsourcing industry, this paper recommends the executives consider constructing a network that allows all the buyers group their limited budgets to gain access to high-tech to help the business lower the cost and optimize the business. We also recommend that executives pay attention to the supplier’s moral value and construct a method to gain more control over the company’s core intangible assets.

The final recommendation requires researchers and practitioners’ cooperation. Lacity et al. [35] concerned about an undereducated outsourcing advisor can affect the expensive decision-making and can have a long-term influence for the companies. Meanwhile, Davenport and Ronanki [59] disclosed that some executives were unfamiliar with the service automation technology and its mechanism. In addition, Asatiani et al. [36] proposed that outsourcing is a complex and dynamic business strategy. With all these difficulties, we suggest that researchers and practitioners should team up together. Researchers help the practitioners to understand the outsourcing strategy and its related area professionally. Meanwhile, practitioners help researchers provide the research data and information to help academia understand the outsourcing topic better.


8. Conclusion

In this chapter, we briefly introduced the historical background of outsourcing, clarified the definition of outsourcing, discussed the motivation and risks of outsourcing, introduced the tools of risk management assessment. We also discussed the trends in outsourcing, focusing on the impact of cloud computing and service automation technology. Lastly, the chapter ends with recommendations for future researchers and practitioners in the outsourcing industry.


  1. 1. Ishizaka A, Bhattacharya A, Gunasekaran A, Dekkers R, Pereira V. Outsourcing and offshoring decision making. International Journal of Production Research. 2019;57(13):4187-4193
  2. 2. Statista Research Department. [Internet]. 2020. Available from:[accessed 2021Apr26]
  3. 3. Karimi-Alaghehband F, Rivard S. IT outsourcing success: A dynamic capability-based model. The Journal of Strategic Information Systems. 2020;29(1):101599
  4. 4. Lee J-N, Park Y, Straub DW, Koo Y. Holistic Archetypes of IT Outsourcing Strategy: A Contingency Fit and Configurational Approach. MIS Quarterly. 2019Dec;43(4):1201
  5. 5. Wei C-L, Ho C-T. Exploring Signaling Roles of Service Providers’ Reputation and Competence in Influencing Perceptions of Service Quality and Outsourcing Intentions. Journal of Organizational and End User Computing. 2019;31(1):86-109
  6. 6. Akbari M. Logistics outsourcing: a structured literature review. Benchmarking: An International Journal. 2018;25(5):1548-1580
  7. 7. Falagara Sigala I, Wakolbinger T. Outsourcing of humanitarian logistics to commercial logistics service providers. Journal of Humanitarian Logistics and Supply Chain Management. 2019;9(1):47-69
  8. 8. Zhu W, Ng SCH, Wang Z, Zhao X. The role of outsourcing management process in improving the effectiveness of logistics outsourcing. International Journal of Production Economics. 2017;188:29-40
  9. 9. Kurilova A, Lysenko E, Pronkin N, Mukhin K, Syromyatnikov D. The impact of strategic outsourcing on the interaction market in entrepreneurship education. Journal of Entrepreneurship Education. 2019;22(4):1-11
  10. 10. Romero M, Sandefur J, Sandholtz WA. Outsourcing Education: Experimental Evidence from Liberia. American Economic Review. 2020;110(2):364-400
  11. 11. Wekullo CS. Outsourcing in higher education: the known and unknown about the practice. Journal of Higher Education Policy and Management. 2017;39(4):453-468
  12. 12. Hong Y, Pavlou PA. On Buyer Selection of Service Providers in Online Outsourcing Platforms for IT Services. Information Systems Research. 2017;28(3):547-562
  13. 13. Huang Q , Yang Y, Wang L. Secure Data Access Control With Ciphertext Update and Computation Outsourcing in Fog Computing for Internet of Things. IEEE Access. 2017;5:12941-12950
  14. 14. Shan Z, Ren K, Blanton M, Wang C. Practical Secure Computation Outsourcing. ACM Computing Surveys. 2018;51(2):1-40
  15. 15. Xiong L, Shi Y. On the privacy-preserving outsourcing scheme of reversible data hiding over encrypted image data in cloud computing. Computers, Materials and Continua. 2018 Jan 1;55(3):523-539
  16. 16. Zhang Y, Deng RH, Liu X, Zheng D. Blockchain based efficient and robust fair payment for outsourcing services in cloud computing. Information Sciences. 2018;462:262-277
  17. 17. Dhillon G, Syed R, Sá-Soares Fde. Information security concerns in IT outsourcing: Identifying (in) congruence between clients and vendors. Information & Management. 2017;54(4):452-464
  18. 18. Li X, Zhu Y, Wang J, Liu Z, Liu Y, Zhang M. On the Soundness and Security of Privacy-Preserving SVM for Outsourcing Data Classification. IEEE Transactions on Dependable and Secure Computing. 2018;15(5):906-912
  19. 19. Duffy MN. Outsourcing a 401(k) plan. Journal of Accountancy. 2001;191(5):30-35
  20. 20. Smith A. An Inquiry into the Nature and Causes of the Wealth of Nations. Librito Mondi; 1791
  21. 21. Porter G. The rise of big business, 1860-1920. Arlington Heights, IL: Harlan Davidson; 1992
  22. 22. Lonsdale C, Cox A. The historical development of outsourcing: the latest fad? Industrial Management & Data Systems. 2000;100(9):444-450
  23. 23. Weston JF, Mansinghka SK. Tests of the efficiency performance of conglomerate firms. The Journal of Finance. 1971;26(4):919-936
  24. 24. Melicher RW, Rush DF. The performance of conglomerate firms: recent risk and return experience. The Journal of Finance. 1973;28(2):381-388
  25. 25. Rumelt RP. Strategy, structure, and economic performance. Boston, MA: Harvard University. Graduate School of Business Administration. Divison of Research; 1974
  26. 26. Williamson OE. The economic institutions of capitalism firms, markets, relational contracting. New York, NY: Free Press; 1985
  27. 27. Williamson OE. Transaction-Cost Economics: the governance of contractual relations. The Journal of Law and Economics. 1979;22(2):233-261
  28. 28. Riordan MH, Williamson OE. Asset specificity and economic organization. International Journal of Industrial Organization. 1985;3(4):365-378
  29. 29. Prahalad CK, Hamel G. The Core Competence of the Corporation. Harvard Business Review. 1990May;68(3):79-91
  30. 30. Deavers KL. Outsourcing: A corporate competitiveness strategy, not a search for low wages. Journal of Labor Research. 1997;18(4):503-519
  31. 31. Harland C, Knight L, Lamming R, Walker H. Outsourcing: assessing the risks and benefits for organisations, sectors and nations. International Journal of Operations & Production Management. 2005;25(9):831-850
  32. 32. Dolgui A, Proth J-M. Outsourcing: definitions and analysis. International Journal of Production Research. 2013;51(23-24):6769-6777
  33. 33. Lacity MC, Khan S, Yan A, Willcocks LP. A review of the IT outsourcing empirical literature and future research directions. Journal of Information Technology. 2010;25(4):395-433
  34. 34. Lacity MC, Solomon S, Yan A, Willcocks LP. Business process outsourcing studies: a critical review and research directions. Journal of Information Technology. 2011;26(4):221-258
  35. 35. Lacity MC, Khan SA, Yan A. Review of the empirical business services sourcing literature: an update and future directions. Journal of Information Technology. 2016;31(3):269-328
  36. 36. Asatiani A, Penttinen E, Kumar A. Uncovering the nature of the relationship between outsourcing motivations and the degree of outsourcing: An empirical study on Finnish small and medium-sized enterprises. Journal of Information Technology. 2019;34(1):39-58
  37. 37. Aron R, Clemons EK, Reddi S. Just right outsourcing: understanding and managing risk. Journal of Management Information Systems. 2005;22(2):37-55
  38. 38. Shi Y. Today’s solution and tomorrow’s problem: the business process outsourcing risk management puzzle. California Management Review. 2007;49(3):27-44
  39. 39. Aubert BA, Rivard S, Patry M. A transaction cost approach to outsourcing behavior: Some empirical evidence. Information & Management. 1996;30(2):51-64
  40. 40. Earl MJ. The risks of outsourcing IT. Sloan management review. 1996 Mar 1;37:26-32
  41. 41. Kakabadse A, Kakabadse N. Outsourcing: current and future trends. Thunderbird International Business Review. 2005;47(2):183-204
  42. 42. Lee CKM, Ching Yeung Y, Hong Z. An integrated framework for outsourcing risk management. Industrial Management & Data Systems. 2012;112(4):541-558
  43. 43. Aubert BA, Patry M, Rivard S, Smith H. IT outsourcing risk management at British Petroleum. Proceedings of the 34th Annual Hawaii International Conference on System Sciences. 2000
  44. 44. Liao C-J, Ho CC. Risk management for outsourcing biomedical waste disposal – Using the failure mode and effects analysis. Waste Management. 2014;34(7):1324-1329
  45. 45. Olson DL, Wu D. Risk management models for supply chain: a scenario analysis of outsourcing to China. Supply Chain Management: An International Journal. 2011;16(6):401-408
  46. 46. Aubert BA, Dussault S, Patry M, Rivard S. Managing the risk of IT outsourcing. Proceedings of the 32nd Annual Hawaii International Conference on Systems Sciences; 1999
  47. 47. Bahli B. Validating measures of information technology outsourcing risk factors. Omega. 2005;33(2):175-187
  48. 48. Bahli B, Rivard S. An assessment of information technology outsourcing risk. ICIS 2001 Proceedings. 2001 Dec 31:74
  49. 49. Welborn C. Using FMEA to assess outsourcing risk. Quality Progress. 2007;40(8):17-21
  50. 50. Bowles JB, Peláez CE. Fuzzy logic prioritization of failures in a system failure mode, effects and criticality analysis. Reliability Engineering & System Safety. 1995;50(2):203-213
  51. 51. Liu H-C, Liu L, Liu N. Risk evaluation approaches in failure mode and effects analysis: A literature review. Expert Systems with Applications. 2013;40(2):828-838
  52. 52. Carbone TA, Tippett DD. Project Risk Management Using the Project Risk FMEA. Engineering Management Journal. 2004;16(4):28-35
  53. 53. Hanafizadeh P, Zareravasan A. A systematic literature review on IT outsourcing decision and future research directions. Journal of Global Information Management. 2020;28(2):160-201
  54. 54. Abdel-Basset M, Mohamed M, Chang V. NMCDA: A framework for evaluating cloud computing services. Future Generation Computer Systems. 2018;86:12-29
  55. 55. Lee Y-C. Adoption Intention of Cloud Computing at the Firm Level. Journal of Computer Information Systems. 2017;59(1):61-72
  56. 56. Russom P. Big data analytics. TDWI Best Practices Report, Fourth Quarter. 2011 Sep 18;19(4):1-34
  57. 57. Collier DA. The service sector revolution: The automation of services. Long Range Planning. 1983;16(6):10-20
  58. 58. Brynjolfsson E, McAfee A. The second machine age: Work, progress, and prosperity in a time of brilliant technologies. WW Norton & Company; 2014 Jan 20
  59. 59. Davenport TH, Ronanki R. Artificial Intelligence for the Real World. Harvard Business Review. 2018;96(1):108-116
  60. 60. Alali FA, Yeh C-L. Cloud computing: overview and risk analysis. Journal of Information Systems. 2012;26(2):13-33
  61. 61. Armbrust M, Fox A, Griffith R, Joseph AD, Katz R, Konwinski A, et al. A view of cloud computing. Communications of the ACM. 2010;53(4):50-58
  62. 62. Buyya R, Yeo CS, Venugopal S, Broberg J, Brandic I. Cloud computing and emerging IT platforms: Vision, hype, and reality for delivering computing as the 5th utility. Future Generation Computer Systems. 2009;25(6):599-616
  63. 63. Garland, P., R. Gittings, and M. Pearl. Cloud computing gets strategic: Reducing technology costs is just the starting point. PricewaterhouseCoopers View. 2010;13:1-12
  64. 64. Verizon. 2020 Data Breach Investigations Report. Basking Ridge: Verizon; 2020
  65. 65. Cannon JC. Privacy: what developers and IT professionals should know. Addison-Wesley Professional; 2004 Sep 1
  66. 66. Vael M. Cloud computing: An insight in the governance & security aspects. InISACA Belgium Chapter Meeting 2010 May
  67. 67. Chabinsky S, Pittman FP. USA: Data protection laws and regulations 2020 [Internet]. Data Protection 2020. London, England: Global Legal Group; 2020 [cited 2021Apr30]. Available from:
  68. 68. Winfield AF, Jirotka M. The case for an ethical black box. Towards Autonomous Robotic Systems. 2017;:262-73
  69. 69. Wiencek D. Ethical Challenges of Information Systems: The Carnage of Outsourcing and Other Technology-Enabled Organizational Imperatives. Social, Ethical and Policy Implications of Information Technology. 2004:141-158

Written By

Yingying Pang, Shishu Zhang and Albert Xin Jiang

Submitted: November 2nd, 2020 Reviewed: May 11th, 2021 Published: May 29th, 2021