Governance of IT outsourcing

Corporate governance has been an important subject of discussion and research for decades. Recently, the interest in IT governance, which may be considered a special kind of corporate governance, is also growing. The relationship between the two will be discussed in Section 8.2. IT governance is the implementation of governance for IT by the service recipient and will be defined in Section 8.3. Service providers and service recipients are obviously both responsible for ensuring good IT governance; nevertheless, it is the recipient who retains final responsibility. Several frameworks, developed especially for the purpose of IT governance, will be discussed in Section 8.4: COBIT, ISO17799/ISO27001, ITIL/BS15000 and CMMi. Such frameworks help recipients and providers set up their IT governance structure. Section 8.5 presents an overview of the steadily growing number of laws and regulations concerning IT governance. Section 8.6 contains a conceptual framework to structure governance of IT outsourcing relationships. Especially in global sourcing relationships, culture is an important factor that affects governance. Theoretical foundations are presented in Section 8.7. Finally, in Section 8.8, we present a case study on IT outsourcing governance in a multicultural setting.