Young Writers Society

Risk Management in I.T Outsourcing Projects in Pakistan

Muhammad Nauman Rashid

Department of Computer Science, Government College University Faisalabad, Pakistan

Abstract:In today's global economy, outsourcing has become a very common phenomenon. Many large organizations have outsourced some or all of their IT functions. Factors such as lower costs, improved productivity, improved quality, increased customer satisfaction, time to market and ability to focus on core areas are some of the benefits of outsourcing. However, there are many challenges and risks associated with outsourcing. Aspects behind outsourcing are Cost and Efficiency Savings, Develop Internal Staff, Continuity & Risk Management, Focus On Core Activities, Reduced Overhead, Operational Control, Staffing Flexibility the study is attributed to remove some involved risk factors i.e., Possibility of week management, Inexperience staff, Business uncertainty, Outdated technology, Hidden cost, Endemic certainty, Lack of organization learning, Loose of innovative capacity, Danger of an eternal triangle, Technology invisibility. While keeping in mind study will evaluated all given parameters in this context both by qualitatively and quantitatively and produce a safe standard model for multidimensional organizations. Thesis investigates the important steps of the decision-making and risk management outsourcing. Due to the complexity of the decision-making process, especially in the outsourcing companies do not achieve their expected goals. The main objective of this thesis is, therefore, necessary to explain this type of outsourcing decision-making and risk management steps of the main problems associated with factors to make a decision, and she has two main exposures. As a secondary source of information, books and from previous research on this topic in order to give a better understanding of some of the documents used in the thesis topic. Gather relevant empirical data, a questionnaire was sent to a number of Pakistani companies. Report thesis, effective IT outsourcing is a decision and a clear view of the problem, and shows the impact of the need to take him to a decision.

Keywords:Risk Management, Pakistan, Analysis of Decision to outsource, Selection of Service Provider, Contract Management, On-Going Monitoring. IT Outsourcing.

• I.INTRODUCTION

Objective of this study is to propose a frame work or model for in IT out sourcing projects for the organizations how outsource their I.T project partially or fully from other organizations. Risk management is a crucial part of any project that is going to be started if you cannot manage the risk timely the ultimately hinders the project and pave it to the failure. Risk is generally defined as the possibility of loss or injury. Project risk management is generally concerned with the (1) Risk Identification (2) Risk response plan(3) Risk monitoring and control (4) Prioritization of risks (5) Risk Analysis (Qualitative & Quantitative) [4] and proposed the knowledge management infrastructure will help in improving the implementation of project risk management. Project risk management is the systematic and responding to project risks and the knowledge based framework provides the ability for the pattern analysis and the knowledge reuse for the previous projects. The proposed paradigm will facilitate in reducing the human involvement in project risk management and less experienced project managers may benefit from this proposed elucidation. The objective of risk management in I.T outsourcing for software is to identify, address and eliminate risks before undesirable outcome occur. It minimize the chance of project failure keeping view of different factors such as delay of delivery the product and cost increase etc. The basic purpose of knowledge management is to enable an organization to leverage the knowledge and in turn improve productivity. Outsourcing is a stage background; the reader is given an overview of the importance and outsourcing decisions. Explains all the steps related to the theoretical part of the outsourcing decision. Outsourcing and what problems they face by outsourcing this section also explains why the decision. Swedish companies and outsourcing-related information on the Pakistanis have been used for the questionnaire process. In the early 2000s, outsourcing, researchers, scholars had great importance. Companies that do not have internal IT technology and the whole experience can be outsourced their IT function they also reduce costs and focus, regardless of their core activities and are outsourcing some of their activities. Companies are not large enough IT knowledge and experiences. Therefore, these companies adopted outsourcing as a solution for the development and maintenance of IT applications. The method companies in the capacity, flexibility and cost reduction in order to achieve short and long term perspective, the outsourcing of use. However, many companies do not benefit from outsourcing. The decision is difficult for any organization and management of outsourced IT services. IT outsourcing could be considered because they are not delivering the expected value of the projects, according to a new report from research firm Gartner, half failed. Outsourcing is a difficult decision. The most important steps to successful outsourcing suppliers provisioning option, you need to know. Outsourcing provides an overview of the most important steps in this thesis. Because of the globalization of the business world it has become increasingly competitive in recent decades. Almost all companies are not only competing with other companies in the same region anymore, but also with companies around the world. In addition, the customer demands to be provided with more diversified and customized products and live time product decreases as a result of rapidly developing technology. To respond to these changes, academics suggest companies to determine their core competencies and concentrate on them, “top executives were judged on their ability to restructure, deciliter, and retarder their corporations. Depending on the type of area, there are different kinds of possibilities to resolve this issue and one often used is outsourcing, which will be the main topic of this thesis. It is defined as change operation of a transaction previously governed internally to an external provider through a long-term contract, which involves the transfer to the supplier." The main idea behind this is to let a non-core area done by an outside vendor, who has specialized in this. Therefore, in theory, it is carried out better the area, for example, lower costs or with higher quality. A common example for the outsourcing process is the transport of goods usually carried out by freight companies " therefore, the term of outsourcing was first used in the 19s by manufacturing executives; However, it was certainly can use the concept of outsourcing long before. However, outsourcing did not become prominent until the 2000s, when companies were searching for a solution to overcome a severe resection the US economy was facing.4 Today, it is a tool often used for businesses. In describing the advantages of outsourcing in the background chapter, outsourcing sounds promising for each company.

In fact, a 2001 survey, asking managers 1000, revealed that only 5% of them believe that outsourcing has given the high profits they expected the causes of the problems have to be determined, resulting from changes due to outsourcing. The theory provides us with a wide variety of sources for this topic, but this Bachelor Thesis focuses only on changes in the planning environment due to outsourcing and the resulting effects for the planning method. The reason for this is that only a thorough and detailed analysis of a specified area leads to gain additional knowledge. Moreover, as there are several types of outsourcing, it is reasonable to limit to race this project to a specific one, as the resulting effects on the environment planning are very different, when you outsource a single component or a whole part of the production. This thesis will deal with the outsourcing of production of a module that is deployed on each end product of the company. The main driver of this outsourcing is to reduce costs. Moreover, the focus is only set in a manufacturing company, regardless of its suppliers and its customers. Knowledge has been identified as a vital source for innovative companies a competitive advantage and value creation. It's like a key to the development of basic skills dynamic ingredient and, in general, as a determinant for companies with global ambitions factor to meet the challenges. Companies are now required to organize projects and structures. Many of them rely on their own resources or external to fulfill their objectives and be better prepared for the changes in their environment resources. Moreover, companies face risks every day several types due to changes in the global environment that could introduce new risks. The source of risks differs from internal or external environment. Environmental uncertainty and behaviors that influence on problems in monitoring the results of cooperation on the level and investment risk. If this risky environment is not properly managed, it could have a negative impact on business today and tomorrow. For this reason, administrators need to consider the risks that can affect and have to minimize their impact on the organization. One of the essential functions of governance information technology (IT) is risk management, which aims to provide a safe environment for e-commerce and IT projects are characterized by a high degree of risk. The rapid transformation in information technology combines changes in business processes to create amazing changes in cost, cost-benefit ratio, and the feasibility of doing specific things in a certain way. In support of various IT organizations, concerned with standards they have published different methods of risk management. These methods have been partially or fully adopted by the companies use IT to identify, analyze, and minimize risks to their IT activities. The risks facing IT projects are not essentially financial risks. By understanding these fundamental problems in real terms, rather than through its financial impact, project managers, IT can move more quickly to resolve problems before they become major problems that jeopardize the project objectives. Most IT professionals understand that there is different financial risk of the project risks. risk IT projects, consists of financial resources, technology, security, information, people, business processes, management, external, and even the risk of success (which occurs when the project is so well done that attracts more transactions expected and not to scale requirements overload).

• II.REVIEW OF LITERATURE

Outsourcing is becoming a trend nowadays. Pakistan also took this opportunity and embraces IT outsourcing. As a result, Pakistan as well, India and China are the most attractive destination for outsourcing is in place. Despite the growing number of companies involved in outsourcing, it should be noted that outsourcing is not a panacea. It comes with risks. Losses, uncontrolled failure can lead to outsourcing. Although it has been adopted in other parts of the material risk management, outsourcing risk management application is very accomplished. Risk Management Outsourcing may interfere with the smooth flow and to prevent or reduce the impact of losses if they occur, to foresee the risks, outsourcing should be carried out. It should be carried out at an early stage and should be performed regularly until the end of the outsourcing life cycle. Outsourcing risk management process framework, as well as the outsourcing of risk management to be carried out at each stage of the lifecycle will cover the principle. Outsourcing computing is everywhere in the world. The rapid development of this sector with great potential for development and the potential for increased productivity Rapid technological change has been accompanied by many changes in the way it looks and is managed by institutions. Reflects the trend towards outsourcing of the group of experts believe that the maturity of the computer world. The main outsourcing companies to focus on their core competencies and to find out other functions seen as advantageous. The most common processes outsourced IT outsourcing, software, system hosting and system management are the expansion. For decades, many companies are outsourcing their business using IT outsourcing strategy for all the servers, software upgrades and network, etc. for a specific application, which operates as a third party. However, the system management support, implementation, and technology infrastructure, business development progress of banking and insurance software development, system management, basic household systems and hosting services have adopted the systems used by most of the information technology outsourcing policy. Economically, it is estimated that due to the immediate reaction to the whole or part of the security will be useful for a company that wants to outsource. Highly tested security assessments are performed periodically, to staff cuts, the costs of personnel to carry throughout the year or just a section, allocate resources elsewhere. Thinking about outsourcing, but also the information technology requirements of modern organizations outsources functions, respectively Evolution (IT) should be considered. The reason for that; In recent years, many companies have adopted information technology outsourcing. Special application of information technology outsourcing and related servers, networks and software as a third party to manage the contractor to perform upgrades. They have all of their information technology outsourcing, global sourcing jobs in the outsourcing market stands out from the rest by taking almost 28% are outsourcing. Instead of performing the function of a company is a service company that hires an IT function that occurs when the IT outsourcing. "" It will define outsourcing "Turn It provides services for a long time, it is a third-party provider, a company decision or companies outsourcing IT assets, people, and / or selling operations" from one company to another, "Information systems and information technology services or business processes, which is to transfer outsourcing is defined as the transfer of a function / TI is already home to a third party provider.

Outsourcing is the definition of a student, after analyzing the various ranges of "third-party organization IT for a specific time to make a deal when providing services. The term “Outsourcing” is the process of shifting or externalizing tasks and services previously performed in-house to outside vendors (Beaumont and Sohal 2004 cited in Beaumont 2006). In its strongest form it means, passing ownership and control of functions previously performed in-house to an outside contractor (Beaumont and Sohal 2004 cited in Goonetilleke 2012). “Outsource” is also known as “external source”. It is a management approach that allows delegates to an external agent the operational responsibility for processes or services previously delivered by an activity. It can be defined as “the purchase of a good or a service”. The two main actors of outsourcing processes are the “outsourcee” and the “outsourcer”. The “customer”, outsources his/her requirements, while the second, the enterprise, delivers outsourced services (similar to the terms supplier or vendor) (Franceschini et al, 2003 cited in Goonetilleke 2012, p. 13). “Outsourcing refers to the use of an external provider of goods or services instead of having recourse to internal resources to provide the same goods or services” (radu and Ramona, 2010, p.80).“In the IT world, outsourcing means turning over a firm’s computer operation, network operations, or other IT functions to a provider for a specified time” (McNurlin and Sprague, 2006, p.8). It reflects the use of external agents to perform one or more organizational activity (Kehal and Singh, 2006), and it is not specific to IS. As a result, numerous definitions for the term “outsourcing” have been stated in the past. However, outsourcing in its most basic form was conceived as, contracting out the procuring of service or products from an outside supplier or manufacturer rather than having them provided by in-house facilities (Aubert et al. 2008).

Correspondingly, precise definitions of IS outsourcing differs in the literature; traditionally it referred to the conditions under which the organization’s data were processed at an external computer service bureau (Fink 2004 cited in Gulla and Gupta 2009) Now, however, it can mean much more and the current state of outsourcing is vastly different from its traditional forms. Factor (2001), has given a good overview between traditional (legacy) and modern IS outsourcing paradigms. Figure 2.1 is shown

However, though there are small different aspects considered in all the definitions, there seems to be a general agreement about outsourcing is a process of carrying out of IT functions by third parties To list a few of them: Information systems outsourcing, or IS outsourcing, is the practice of turning over part or all of an organization’s IS functions to external service providers (Grover and Cheon 2006 cited in Li and Li 2009, p. 3) “Information System (IS) Outsourcing means that the physical and/or human resources related to one organization’s Information Technologies (ITs) are supplied and/or administered by an external specialized provider” (Enrique et al, 2002, p. 3). “Information system (IS) or information technology (IT) outsourcing can be defined as the transferring of an IS/IT function that was previously carried inhouse, to a third party provider” (Mulat, 2007, p. 24). In addition to these definitions of outsourcing, many authors also describe various outsourcing arrangements or options. For example, based on how many clients and vendors are involved in the outsourcing relationship, Gallivan and Oh (2009) identified four classes of outsourcing relationships, which is summarized in the following table 1;

Other authors have also categorized the variety of outsourcing contact options.

Pandey and Bansal (2003) used the following taxonomy to capture the range of outsourcing contact options:

(a) In-sourcing- organizations use their own IT department to take the responsibility.

(b) Value-added outsourcing- the organizations enter into a close and strategic alliance with the

supplier.

(c) Short-term outsourcing- the activity is outsourced for a short period

(d) Long-term outsourcing- the activity is outsourced to a vendor for a long period of time.

• III.MATERIALS AND METHODS

The risks facing IT projects are, in essence, financial risks. The financial measures are only indicators of underlying problems. By understanding these underlying problems in real terms, rather than through its financial impact, project managers, IT can move more quickly to resolve problems before they become major problems that jeopardize the project objectives. Most IT professionals understand that there is different financial risk of the project risks. risk of IT projects is divided into nine categories, including financial risk, technological risk, security risk, information risk, the risk of people, the risk of business processes, risk management, external risk, and even the risk of success (which occurs when the project is so well done that attracts more transactions than expected and cannot scale requirements overload . anecdotes, surveys and field research established that many IT projects fail. managers leave some of these systems fail. Other projects are over budget or delay ultimately result in useful systems Such as building construction projects and states that the main causes of failure of IT projects are the use of technologies rapidly changing, its long development times in general and volatility user expectations about what will produce the project. Because projects generally include all these features, which are likely to fail, cost overruns and schedule delays Organizations need to keep IT projects on time and costs under control. However, organizations should also encourage managers to respond to changing business needs and take advantage of technological opportunities before their competitors do As for IT projects, risks may vary, if it is a software development project, project safety, outsourcing project or task specific programming. IT projects are known for their high failure rate. They were carried out from in-depth interviews with IT professionals from leading organizations in Western Australia to determine how IT risks are managed in their projects. Respondents ranked 27 IT risks in terms of likelihood and consequences of identifying the most important risks. The five major risks, in order, are: lack of staff; project schedule and reasonable budget; Unrealistic expectations; incomplete requirements; and the window of opportunity decreased due to the delay in delivering software. Moreover, respondents mostly apply the treatment strategy of risk reduction to manage these risks. In addition, these strategies are primarily project management processes, rather than technical processes. Therefore, this shows that project management is an RM strategy. In particular, management's expectations of stakeholders are a specific risk treatment that helps manage several key IT risks. Risk issues referring to the software development process are not seen as essential object of discussion. On the other hand, most organizations expect to successfully implement systems while taking their regular business processes.

• Research Questions and Research Objective

The research questions in this study are:

• v What are the factors that influence organization to outsource I.T Projects?
• v What type of risk organization faces during outsources and what you are trying to solve?
• v What % of the work organization outsource?
• v What methodologies used by organization to take decision to outsource I.T projects?
• v What methodologies used to manage the risks existing solution?
• v What is the limitation of existing solutions?

The aim of the study is to investigate project risk management as an amalgam with the knowledge management from a very practical viewpoint with respect to the software project industry. It also explores that to what extent the software project based organizations are aware about knowledge management utilization, focusing on how KM initiators foresee the implementation process and derive the benefits about of it. The report will focus on investigation of the scope of effective implementation of a KM approach in the project risk management.

To be able to answer the research question, several objectives need to be fulfilled. The objective of the study is to:

• Ø Identify the distinctive characteristics of Software Project Management Risks processes, approaches and assisting tools and techniques
• Ø Exploration of risk knowledge from past projects be extracted from archives
• Ø The study will aim at providing assistance to the user in deciding the appropriate content to
• re-use
• Ø Focusing on accommodating the evolution of risk information and outcomes over the software project life cycle by the KM content.

Identify the implications and benefits of implementing a knowledge based risk management process concurrent to the implementation of the core project management processes.

Problem statement

Currently in the field of I.T outsourcing, we have not found any solution focusing on the risk management software project based organizations in Pakistan. We have found solutions from the varying domains of the risk management and multiple knowledge areas have been focused with respect to the knowledge domain. But our concentration will be mainly on the aspects of KM as a complete solution for the risk management ranging from the risk identification to the qualitative and quantitative risk mitigation for the software project based organizations. Project risk management is the systematic and iterative process of identifying, analyzing, and responding to project risks and the knowledge based framework provides the ability for the pattern analysis and the knowledge reuse for the previous projects. The proposed paradigm will facilitate in reducing the human involvement in project risk management and less experienced project managers may benefit from this proposed elucidation.

The objective of KM for project risk management is to identify, address and eliminate risks before undesirable outcome occur. It protects intellectual assets from decay, seeks opportunities to enhance decisions, services and products through adding intelligence, increasing value and providing flexibility.

• IV.RESULTS AND DISCUSSION

The research involved ten organizations to measure their risk management practices. The designation of the respondents are Project Director, Principle Assistant Director, IT Manager, three System Analysts and four IT/IS officers. From ten of the organizations, five involve in services, three in health care, one in human resources and another one is a law enforcer. Six organizations outsourced their application system development functions, two organizations outsourced their ICT application maintenance, one organization outsourced its ICT infrastructure and one organization outsourced its strategic planning.

All government agencies agreed that the reason they outsourced a particular function is the resources and expertise are not available in-house. Surprisingly, cost reduction is not the main reason to outsource a function in government agencies. This might support the research where cost reduction is a goal of traditional outsourcing and therefore might not be appropriate in current environment.

Other reasons to outsource include focusing on core business, to improve productivity, to achieve higher quality, to achieve higher customer satisfaction and government support. From the ten organizations surveyed, only one organization involved the use of multi-vendor to complete the task. Six out of ten organizations focused on selective outsourcing. Selective outsourcing is the decision to outsource selected IT functions to service providers the rest of the organization Factors practice in Analysis of Decision to Outsource Alpha performed total outsourcing.

Six of the organizations set up strategic partnership type of relationship. The rest of the agencies set up buyer/seller relationship arrangement. All organizations sign fee-for-service contract. Fee-for-service contract is divided into four types, namely standards, detail, loose and mixed. From the four types of contract, seven organizations signed detailed contract while the rest Factors practice in Selection of Service Provider 10 0.874 Phases practice in Contract Management 12 0.647 variables are consistent and reliable. Details of the reliability analysis are as tabulated in Table 6. Based on the data gathered from the questionnaire

The questionnaire was sent to five companies in Pakistan. Two Pakistani companies replied. Out of these 5 companies two Pakistani resorts to IT outsourcing. However, the process of gathering information from businesses is a difficult task because many companies have the ability to share data has proven to be a violation of privacy.

Brief summary of Pakistani responsive companies:

Pakistan Petroleum Limited:

Pakistan Petrolem Limited (PPL) is a leading Exploration and Production (E&P) Oil Company in Pakistan. Its activities in this field dates back to the 1950s, half a century Pakistan Petroleum Limited (PPL) at its inception in 1952, the Burma Shell Pakistan Petroleum Limited (PPL) formed an exploration and production company with became. Currently, all areas of the country, the company have 15 exploration licenses. Beyond the limits of its expanding their horizons by getting involved in the oil business Pakistan has become synonymous with Gas Company in Pakistan, namely Sui, owning the biggest gas field. PPL is a leader in the browser and oil and gas producer in the country. Moreover, it is beyond the country's borders to exploit oil and gas resources are intended to have a major paradigm shift.

Mari Gas Company Limited:

Mari Gas Company Limited (MGCL) is an Exploration and Production Company that started its business in 1960. Currently MGCL is a leading exploration company in Pakistan. The company's oil and gas production in the country Mari Gas Company exploration and production company, and is actively involved in the exploitation of natural resources Pakistan properly. MGCL the domestic sector is one of the most important institutions. Currently, the company provides 15% of the total production of hydrocarbons in the country. Pakistan Petroleum Limited (PPL) IT outsourcing

Pakistan Petroleum Limited is outsourcing IT activities for last 5 years. IT outsourcing of software development and computer systems management is the main activities of the PPL. The main reasons for outsourcing decisions, access to new technologies and to focus on its core business, the company has started.

In PPL, led by senior management in the department who are responsible for the decision of outsourcing is part of a committee. In case of any emergency, an outsourcing decision, to speed up the process and will be completed within a month, it may take as long as two months. The primary criteria for selecting IT service provider first, selective competent vendors are invited to the auction, will be called. Once the auction is reached, and then performs the technical and economic evaluation. The right provider can be selected on the basis of technical capacity and financial stability.

PPL is the main problem, which is lack of access to suppliers the ability to face, so often carried in the cost of the project, which in turn makes it difficult for a company making healthy competition among the vendors out there will again be a minimum number of vendors. PPL outsourcing success rate is 75%. PPL to reduce labor costs in the future and to help increase the efficiency of IT outsourcing

Mari Gas Company Limited (MGCL) IT outsourcing

Mari Gas Company Limited (MGCL) is a leading exploration company of Pakistan. MGCL involved in outsourcing for the past three to five years. MGCL IT test systems and IT system management outsourcing service providers are the main activities. The main reason for outsourcing to focus on its core business and enable the company to gain access to new technology

Senior management, especially the CEO's are making outsourcing decisions. Decisions typically require two or three weeks. Mari Gas Company Limited of some IT services outsources. Therefore, the supplier is determined according to the nature of the problem at hand. The main problem faced by the outsourcing LQAS from a selection of the lack of competition in the market for a job. When required the company to provide IT services MGCL faces the problem of finding skilled providers. The success rate is similar to PPL of MGCL. MGCL of outsourcing success rate is at 75%.

MGCL IT outsourcing allows you to increase capacity in the future. Analysis of empirical data with theoretical data

The decision of the Pakistani companies outsourcing companies obtained evidence that exposure to different reasons. These companies, which leads to the assumption that this is the main reason for us mentioning the decision to focus on the core business of the company The theoretical data, the research team Robin Sood, Lynda M. Applegate and Elizabeth Sparrow benefits, including reducing costs as the main reason for outsourcing, said that in order to show the economic costs of capital and the cost of labor. Elizabeth Sparrow and Robin Sood mention focus on the core business of the company are responsible for the researchers (Brown, Douglas, Wilson, Scott and Sparrow), the third group, the research team has stated that the main reason for outsourcing is to gain access to technical expertise.

There are different types of outsourcing risks. According to the results of the data collection experience, the main risk facing the outsourcing companies that meet the needs of all in finding skilled providers. Provide a description of the risks to the subject of various studies. Especially Elizabeth Sparrow (research group 1), the most important are the risks of security and privacy. Group 2 consists of research and lack of experience in outsourcing Warren Axelrod and stated that the major threat to the bears. Research group 3 (Annette Brannemo, Johan Falk and Jonas Hagman) is the main threat of loss of control that must be taken into account.

• V.CONCLUSION AND FUTURE WORK

Future Research

The results of this study are the specific implications for future research. After purification, the questionnaire distributed to gather information on the risk management practices of outsourcing. The results of this study can be used to manage the risks to the development of the framework of IT outsourcing. In this framework to help organizations manage projects and outsourcing reduce the risks of outsourcing, which increases the likelihood of success.

Conclusion

The art of delegating functions to third parties; it is becoming a trend in many organizations. Insider participation in the project will invite more risks. These risks are likely to affect the company as compared to the service provider. The project will be the likelihood of success, so, companies should be able to handle the risk. Research on the effectiveness of risk management should be to increase the success of outsourcing. Therefore, this work examines the practices of risk management, IT outsourcing project filled in the gap and can be used to manage the risk of outsourcing projects to suggest a conceptual framework. A survey was conducted to validate the conceptual framework. The survey results did not follow the stages of risk management as companies close to the late delivery, cost overruns; the quality is not up to the expectation and has to face many problems. Consequently, five out of ten respondents in the cases of termination of the contract before the completion of the project until the termination clause of the project is completed. Close to the risk management committee and risk management practice began with the creation of three companies, the successful completion of the outsourcing. Risk management practices to remain low due to the lack of knowledge and skills. However, attempts to identify a risk management practice. From the findings, it is the most successful IT outsourcing risks can be controlled and mitigated by the practice of risk management and as a place to run. Therefore, in the case of outsourcing of risk management to help organizations in managing the risks of outsourcing projects will be developed.

• VI.REFERENCES

B. E. Perrott, "“A strategic risk approach to knowledge management”," Business Horizons, vol. 50, no. 6, pp. 523-533, 2007.

B. Whittaker, "What went wrong? Unsuccessful information technology projects.," Information Management & Computer Security, vol. 7, no. 1, pp. 23-29, 2009.

Bakker, K., Boonstra, A. and Wortmann, H. , "How risk management influences IT project success," in IRNOP IX Conference 2010, Berlin, Germany, 2009.

Bandyopadhyay, K., Myktyn, P., & Myktyn, K. , "A framework for integrated risk management in information technology.," Management Decision, pp. 437-444, 2009.

Beck, T., Levine, R., Loayza N., "Finance and the Sources of Growth," Journal of Finance and Economics, vol. 58, pp. 261-300, 2000.

Boehm, B., & Bose, P. , "A collaborative spiral software process model based on theory W," in 3rd International Conference on the Software Process (ICSP94), New York, 2004.

Bruckner, M., List, B., & Schiefer, J., "Risk-Management for Data Warehouse Systems," Data Warehousing and Knowledge, pp. 219-229, 2001.

Cule, P., Schmidt, R., Lyyttnen, K., & Keil, M. , "Strategies for Leading off is Project Failure," Information Systems Management, vol. 14, no. 2, pp. 68-73, 2000.

Del Cano, D., & Cruz, P. , "Integrated Methodology for Project Risk Management," Journal of Construction Engineering and Management, vol. 128, no. 6, pp. 473-485, 2002.

E. Levine, "Defining Risks," CA Magazine, vol. 133, no. 3, pp. 45-46, April 2000.

Ewusi-Mensah, K., & Przasnyski, H. , "On Information Systems Project Abandonment:An Exploratory Study of Organizational Practice.," MIS Quarterly, vol. 15, no. 1, pp. 67-88, 2001.

G. Anthes, "SEC electronic filing system in high gear," Computerworld, vol. 27, pp. 59-67, 2003.

H. Havenstein, "IT execs seek new ways to justify Web 2.0," Computerworld, vol. 41, no. 33, pp. 14-15, 2007.

Higuera.R & Haimes.Y, "Software Risk Management," Software Engineering Institute Carnegie Mellon University, Pittsburgh, Pennsylvania 15213, Technical Report CMU/SEI-96-TR-012 ESC-TR-96-012, 2006.

I. Sommerville, Software Engineering, 6th ed.: Addison-Wesley, 2001.

J. Johnson, Chaos: The dollar drain of IT project failures.: Application Development Trends, 2005, vol. 2.

J. Kontio, "The Riskit Method for Software Risk Management version 1, 00," University of Maryland College Park, MD, Computer Science Technical Reports CS-TR-3782 / UMIACSTR- 97-38, 2007.

J.,Jurison,"Softwareprojectmanagement: The manager’s view. ," Communications of Association for Information Systems, vol. 2, no. 17, pp. 2-52, 2009.

K. Schwalbe, Information technology project

L. Kumar, "Managing risks in IT projects: an options perspective," Information & Management, vol. 40, pp. 63-74., 2002.

M. & Sabherwal, R. Newman, "Determinants of commitment to information systems development: A longitudinal investigation.," MIS Quarterly, vol. 20, pp. 23-54, 2006.

M. and Schneider, M. Levin, "Making the Distinction: Risk Management, Risk Exposure," Risk Management, vol. 44, no. 8, pp. 36-42, 2007.

McKeen, J. & Smith, H. , Making IT happen: Critical issues in IT management. West Sussex, England: Wiley, Ltd, 2003.

Meyer, A., De, C., Loch, H. and Rich, M.T., "Managing project uncertainty: from variation to chaos," MIT Sloan Manage. Review, vol. 43, no. 2, pp. 60-67, 2002.

P. & Merritt, G. Smith, "Proactive Risk Management: Controlling Uncertainty in Product Development," Productivity Press, New York, 2002.

Parvatiyar, A., & Sheth, N., "Customer Relationship Management: Emerging Practice, Process, and Discipline.," Journal of Economic and Social Research, vol. 3, no. 2, pp. 1-34, 2001.

Powell, P. L., & Kelin, J. H., "Risk Management for Information Systems Development," Journal of Information Technology, pp. 309-319, 2006.

Project Management Institute, A Guide to the Project Management Body of Knowledge (PMBOK® Guide) , 4th ed., 2008. [Online]. http://www.projectsmart.co.uk/pdf/pmbok.pdf

S., Feather, M., & Hicks, K. Cornford, "DDPTool for life-Cycle Risk Management. Jet Propulsion Laboratory," Californaia Institutte of Technology, IEEE, 2001.

Sicotte, H. & Bourgault, M., "Dimensions of uncertainty and their moderating effect on new product development project performance," R&D Management, vol. 38, no. 5, pp. 468-79, 2008.

Smith, G. & Merritt, M. , Proactive Risk Management: Controlling Uncertainty in Product Development.: Productivity Press., 2002.

Software & Systems Engineering Standards Committee of the IEEE Computer Society, "Systems and software engineering — Life cycle processes — Risk management ," International Organization for Standardization/International Electrotechnical Commission, ISO/IEC 16085 IEEE Std 16085-2006, ISO/IEC 16085:2006(E) IEEE Std 16085-2006, 2006.

Sommerville. I, Software Engineering, 8th ed. University of St. Andrews, , United Kingdom: Addison-Wesley, 2006.

Southern, S. , "Creating risk management strategies for IT security," Network Security, pp. 13-14, 2009.

TOGAF. (2009) The Open Group Architecture Framework (TOGAF). [Online]. http://www.kingdee.com/news/subject/10togaf/pdf/TOG AF_9_ziyuan.pdf

Weber, R., and Aha, D. W. "Intelligent Delivery of Military Lessons Learned," Decision Support Systems, 34(3): pp. 287–304, 2003

G., Lane, S., & Bruton, C Schneider, "Monitoring risk in information.," vol. 13, no. 1, pp. 63-67., 2009.

S. Murthi, "Managing the strategic IT project, Intelligent Enterprise," vol. 5, no. 18, pp. 49-52, 2002.

D., Salm, G., & Love, D. Baccarini, "Management of risks in information technology projects," Industrial Management & Data Systems, vol. 104, no. 4, pp. 286-295, 2004.

S. Maguire, "Identifying Risks during Information System Development: Managing the Process," Information Management and Computer Security, vol. 10, no. 3, pp. 126-137, 2002.

D.Kasap, M.Kaymak: Risk Identification Step of the Project Risk Management, PICMET 2007 Proceedings, 5-9 August, Portland, Oregon - USA © 2007 PICMET

K.Arrow: Knowledge-Based Proactive Project Risk Management, 2008 AACE INTERNATIONAL TRANSACTIONS

G. Servin: ABC of Knowledge Management

L.A.Deleris, K.Katircioglu, S.Kapoor, R.Lam, S.Bagchi: Adaptive Project Risk Management, 2007 IEEE.

GAO-Xia: Analysis about Risk Controlling in the Application Services Based on Knowledge Management Theory, 2010 3rd International Conference on Information Management, Innovation Management and Industrial Engineering

ZHANG Ya-li: Teamwork Pattern of Project Risk Management Based on knowledge Reuse, 2008 International Conference on Information Management, Innovation Management and Industrial Engineering

C.V. Ramamoorthy, C. Chandra, S. Ishihara, Y. Ng: Knowledge Based Tools for Risk Assessment in Software Development and Reuse, 2013 IEEE

S.KUN YU, L. LIU, M. FU: The Application Research on Knowledge Management of Project Manager, 2009

R. Weber, S. Gunawardena Designing Multifunctional Knowledge Management Systems, College of Information Science & Technology, Philadeplhia PA 19104

Alavi, M. and Leidner, D. E. “Knowledge management and knowledge management systems: Conceptual foundations and research issues,” MIS Quarterly, 25(1): pp. 107-136, 2001

Weber, R., Aha, D. W., and Becerra-Fernandez, I. "Intelligent Lessons Learned Systems," Expert Systems with Applications, 20(1): pp. 17–34, 2001