Information Technology Offshore Outsourcing Security Risks and Safeguards

Abstract

AbstractInformation security is important when information technology (IT) moves to offshore outsourcing. This paper aims at discovering information security risk factors and providing safeguards for IT offshore outsourcing. Specifically, first, information security risks and safeguards are identified during IT offshore outsourcing based on literature review and interviewing with subject matter experts. And IT offshore outsourcing process (ITOOP) model was developed to logically link these information security risks based on flow and task analysis in the client and vendor environments. Safeguards are also developed to protect information security attacks by linking to these information security risks. The ITOOP model with information security risks and safeguard solutions from this research will help decision makers in offshore IT outsourcing identify possible occurrences of security risks in offshore processes; and thereby, incorporate wise decisions on safeguards to protect information and improve secur...