Identifying and Analyzing Risks and Responses for Risk Management in Information Technology Outsourcing Projects Under Fuzzy Environment

Abstract

Due to ever-increasing trend in outsourcing information technology projects in today's competitive world, the risk management in information technology outsourcing (ITO) projects is a challenging issue. Hence, this paper reviews and extracts present corresponding risks by literature review to implement risk management in ITO. After reviewing a number of frameworks in the literatures related to prioritizing of extracted risk factors, a new framework is presented to determine the priority of them. Because of network structure of the proposed framework and multi-dimensional nature of the project risk, the fuzzy analytic network process (fuzzy ANP) is applied to prioritize risk factors. Also, since identifying and prioritizing of risk factors cannot necessarily meet the organization's needs related to the project risk, the ways to respond to these factors are evaluated. For this purpose, responses to the five highest ranked risk factors are considered. Prioritization of responses to these risk factors is done by applying fuzzy technique for order preference by similarity to ideal solution (fuzzy TOPSIS) based on four criteria: quality, cost, time, and scope. Results, achieved from experts' judgment, show that the risk factor "Supplier's lack of expertise with an IT operation" is the most significant. Also, the best response for this factor, is "Review of monetary value and volume of suppliers' contracts prior to their selection" according to experts' point of view. In addition, a sensitivity analysis is carried out for validating the results.