Abstract: Enterprise Information is a modern enterprise the only way to survive and develop, enterprises in order to enhance the core competitiveness of the market, it is necessary to focus on their core business, while the non-core IT outsourcing business; however, there are many non-IT outsourcing process foreseeable factors at higher risk. Based on a comprehensive analysis of the causes of the IT outsourcing risk, establish a dynamic risk management models. Through the analysis of the model in favor of the right decisions during the various stages of IT outsourcing, you can achieve the risk of migration and reduce the risk of harm.
Paper Keywords: enterprise information technology, outsourcing, risk analysis, dynamic management with enterprise and improve the level of information and market competition intensifies, companies must continue to reduce costs and focus on their core business, the non-core business of enterprise IT outsource, therefore, IT outsourcing services in the enterprise information construction in which the position is increasingly strengthened. IT Outsourcing means that a company will be contracted out all or part of the work of an IT professional services company to complete or to achieve lower costs, improve efficiency, and give full play to its own core competitiveness and enhance the resilience of a management model of their external environment. IT outsourcing include the following: information technology planning and consulting, equipment and software selection, network systems and application software system construction, the entire system network management, and routine maintenance upgrades. This has become a rapidly growing industry, but covers a wide range of IT outsourcing services, investment, long cycle, many unforeseen factors of IT outsourcing risk analysis and control, has important practical significance.
One, IT outsourcing is the only way for enterprise information technology enterprise information is to enhance the market competitiveness of objective needs, but also an effective way to achieve management innovation, it is the only way for a modern enterprise to survive and develop. To reduce costs, speed up technological progress and enhance market competitiveness, enhance economic efficiency, companies must increase the enterprise information construction.
However, companies in the information construction process of discovery, is the result of enterprise IT systems need to support their business and the use of IT systems, IT systems, rather than the process itself. While enterprises in order to reduce overhead costs in the operation and maintenance of IT systems, reduce management costs and cultivate their core competitiveness. Companies put more effort and resources into their own good core business, while the ancillary business, non-core businesses will be given to external professionals to undertake in order to obtain higher overall operational efficiency. So often the process of building enterprise IT systems to the IT professional company that he controlled a result, IT outsourcing services are becoming an inevitable choice for the modern enterprise IT systems.
Two, IT outsourcing services in the risk analysis is a substantive business and IT service providers of IT outsourcing services between 'principal - agent' relationship, due to the existence of information asymmetry between the principal and the agent side, the information distortion and other issues , coupled with the uncertainty of the market and the macroeconomic environment, leading to the presence of a variety of business risks in the implementation of IT outsourcing process. Avoid or eliminate the risk entirely is impossible, but you can fully grasp the source of risk analysis and generate the conditions, the nature of its occurrence, which can reduce the frequency of occurrence of the risk, reducing the extent of losses. To successfully implement an enterprise IT outsourcing, often must undergo internal needs analysis and assessment, the choice of service providers, as well as the signing of contracts for contract implementation, management and monitoring phases. IT outsourcing services in the whole process fraught with risk.
1. Demand is unknown, the risks of poor planning during the information construction companies, if the purpose is unknown, positioning, can not play its due role will lead the implementation of the system. Some companies in the information technology in order to obtain an immediate effect, without a thorough analysis of their IT needs, just do a rough plan on the introduction of IT outsourcing service providers to the system, the system construction in the blind pursuit of large and functional complete, one-stop solutions, counterproductive, demand is not necessarily to be met, while also increasing the investment and operational costs, which will bring to the enterprise information potential risks.
Because enterprise IT systems development is a big investment, long cycle, there is a certain risk of complex systems engineering, while establishing enterprise IT systems to introduce new management model and Business Process Reengineering (BPR), will take place on a far-reaching corporate governance influence, so before system development must be based on the development of IT technology, business environment and business development strategy for the system to conduct a comprehensive investigation, to ascertain the real needs of the user basis, rational planning and feasibility studies. A good system planning can promote further enhance the competitiveness of enterprises and IT applications; ensure that the user's needs are fully met, information resources can be rational distribution and use, while reducing input costs, IT systems, reducing IT systems risk construction.
2. Select the risk of improper service providers bring to choose the right IT outsourcing service provider, IT outsourcing process is a very important part. Enterprises in addition to consider the price factor, the more overall ability to deal with the outsourcer comprehensive assessment (including experience, ability, technology, capital, credit, familiarity with the IT industry, the stability of their own development, etc.), as well as previous outsourcer customers do in-depth investigation and verification. Inappropriate choice of partners, will add additional coordination costs, not quality, timely completion of the system at risk costs. Therefore, companies must carefully combine the needs of IT outsourcing business, scientific and rational evaluation and selection of outsourcing providers.
3. After the outsourcing agreement is not careful the risks of outsourcing service provider is selected, it should be possible to develop a detailed and thorough outsourcing agreement, in order to standardize and restrain each other's behavior. By signing outsourcing agreement, you can define the rights and obligations of the relationship between business and IT outsourcing service provider between after the agreement is signed, the two sides should strictly fulfill the obligations stipulated in the agreement and to enjoy the rights stipulated in the agreement. IT outsourcing agreement is different from other contracts, the contracting parties should be in a 'win-win' mentality, and maintain regular communication and contact, in order to avoid contracting process because the information is not completely symmetrical bring moral hazard.
4. supervision of project implementation risks IT system implementation requires good cooperation of both parties, but in the implementation process, due to differences in background knowledge to implement and users in maximizing their own interests, driven by ideology, could lead to the project poor implementation of control, especially in difficult to guarantee the quality of projects, which led to the final system is not expected to play a role, and often lead to implementation risks. To effectively control IT outsourcing risk, in addition to their own need to prevent, control mechanism is also an important factor, a sound regulatory mechanism can encourage enterprises to effectively control the risk. Therefore, we must build the appropriate regulatory regime to guide IT outsourcing in the context of the normal development of risk control.
Third, the importance of dynamic IT outsourcing risk management of IT outsourcing risk 1. Dynamic risk management is composed of many uncertain factors. Enterprises in order to obtain the expected profits, and thus must be properly assess efforts to control IT outsourcing risk. The most commonly used non-dynamic risk management, the control process is generally carried out in accordance with the project is divided into several stages, each stage of the analysis of potential risk factors, in order to develop appropriate countermeasures. Risk management between the various stages of the lack of necessary and organic links, did not work at all stages, processes and unify risk factors were taken into account, this solution is targeted, but the lack of flexibility.
Dynamic risk management is to issue a single decision in order to avoid the risk of a multi-stage, improve decision-making efficiency. In other words, the whole process indicators divided by time, space, several interrelated phases, each needs to make a decision, the goal is to make the effect of the whole process of optimization. Dynamic risk management can be done, 'trivialize, to nothing.'
2.IT outsourcing is a multi-stage process of IT outsourcing decision-making process can be divided into internal needs analysis and assessment, four stages interconnected service provider selection, contract, and contract implementation and supervision at every stage have to make decisions, is a multi-stage decision. In the multi-stage decision, the decision taken at all stages, and time is generally related to each stage of the decision-making is dependent on both the current state, but also affect the development process in the future, so each stage should select a different decision , active policy and effectiveness of the process is different. Regardless of the status of the last stage is the form in which the current decision-making must be based on the current status of the decision-making basis, to consider the next activity. IT outsourcing risk status process shifts from past to present risks to the state. Risks faced by the migration took place, into a new risk control loop, which formed a 'migration effect' risks.
3.IT outsourcing risk management models of dynamic risk (Risk) refers to the uncertainty of loss, which is a function of the probability of occurrence of adverse events or loss and its consequences, with a mathematical formula expressed as: R = P * C, where R represents risk, P represents the probability of adverse events, C represents the consequences of such an event occurring. In other words, the risk is a consequence of the intended target people because of the decisions of the future behavior of the objective conditions and uncertainties that may cause the occurrence of negative deviation of synthesis. IT outsourcing risk refers to the IT outsourcing project implementation results in relation to the degree of change in the expected results, that is the extent of changes in the expected benefits of IT outsourcing companies.
IT outsourcing is a dynamic stochastic process, even given the state xk and decision uk first paragraph k (xk), the state of the first segment k + 1 can not be completely sure, but a random variable, only know the probability distribution, Transfer system state law has the Markov property. IT outsourcing can be divided into N (N = 4) stage, set up the first
Phase shift to the probability of adverse events occurred in the first stage for j
There should be
Represents the system in the first
Probability stage adverse events, P =
To transfer matrix adverse events. They set up the first
Phase shift of the consequences of adverse events and the intended target for the first phase occurs j negative deviation occurs due denoted
. With the transfer of such adverse events can produce a series of bias, saying that C =
As the deviation matrix.
Consider the system after a phase of total expected deviation. Hutchison r (
) For the first
A desired phase shift deviation, there are:
= 1,2, ..., N
Said Q = [r (1), r (2), ..., r (N)] as a deviation of the desired transfer vectors. Remember
For the system by the first stage after i n times the total expected deviation after the transfer, there are:
= 1,2, ..., N
] For n times the total desired deviation vector transfer. For P =
And C =
Definition of multiplication
, N = 1,2, ..., N
In this issue of the decision-making process, if the choice of different decisions can be changed in a certain state transition matrix corresponding adverse events
And the deviation matrix
, Resulting in a dynamic stochastic systems seek the optimal strategy. Following a brief with the 'value iteration method' to find IT outsourcing process minimizes the total expected deviation (ie, risk minimization).
Provided m (1
) Represents the number of stages of IT outsourcing;
Indicates that the current in the state
The next step in
Kinds of decision-making is transferred to the probability of state j adverse events;
Represents the initial state of the system
The total expected deviation using the optimal strategy is minimum. Then the following equation:
m = 2, ..., N
With the above value iteration method, which can calculate the current state of IT outsourcing process
What should be taken after the second shift of the optimal strategy and the resulting total expected deviation value, it is a good IT outsourcing right decisions at every stage of the process, which can make the achievement of objectives for each stage optimization process until the entire IT Outsourcing gifted, truly realize the risk of migration can reduce the risk of harm, and strive to make risk 'to nothing.'
CONCLUSIONS IT Outsourcing in China started late, enterprise IT application level is not high enough, IT outsourcing market is not mature, so the problem in the IT outsourcing process still faces many risks still exist in various stages great. Therefore, enterprises in the implementation of IT outsourcing process should be a comprehensive survey and assessment of the status and needs of specific programs of IT applications, evaluation and determination of IT applications, strategic planning and implementation of enterprise IT strategy development, the establishment of the various stages of IT outsourcing risk assessment and early warning mechanism, to make the right IT outsourcing decisions, which can effectively prevent and eliminate all kinds of risks.
1 Boehm, B, BW, Software Risk Management [J], IEEE Computer Society Press, Los Alamitos, California, 1989
2 Aubert, BA, Patry M., Rivard, S.Assessing the Risk of IT outsourcing [J] Proceedings of theThirty-First Hawaii International Conference on System Sciences, VolumeVI, 1998, pp.685-693
3 Guoyao in Huang et al., 'Operations research principles and methods', Southwest Jiaotong University 1998.4
4 James .R. Evans waiting, 'simulation and risk analysis', Shanghai People's Publishing House 2001.9