How are public sector organizations managing is outsourcing risks? An analysis of outsourcing guidelines from three jurisdictions

In the past few years the public sector has witnessed some of the most spectacular information systems (IS) outsourcing failures. Public officials have come under fire for sloppy management of IS outsourcing engagements. Citizens are demanding legislation to control outsourcing practice and more accountability from public sector managers. In an effort to better understand the context of IS outsourcing management in the public sector, we analyze the IS outsourcing guidelines of three public jurisdictions: Alberta, Canada; Queensland, Australia, and Texas, USA. These guidelines offer insights into how some public organizations approach managing the risks inherent in the practice of IS outsourcing. In this paper we review the research literature on IS outsourcing to develop a risk framework and use it to analyze the guidelines. We use a content analysis methodology to identify the IS outsourcing risk factors and management mitigation strategies addressed by the guidelines. Our findings indicate that IS outsourcing risk factors are widely acknowledged in the literature but are not fully addressed in the IS outsourcing guidelines that public sector managers use for decision making and the management of IS outsourcing engagements. Our findings point to the need for better guidelines and more support for public sector managers who must make costly IS outsourcing decisions.