| With continuous innovation in information technology and advancement in its management,the information systems occupy an important position in the strategic development of enterprises.As an important means of obtaining information systems,outsourcing has its certain advantages.However,due to factors such as the capability of outsourcing service provider,the content of outsourcing contract,the quality of negotiation communication,and the objective of organization,information system outsourcing can be risky.These risks are difficult to be solved in reality.Therefore,it is practical and significant to establish a generalized risk management system for information system outsourcing.This dissertation focuses on the risks of information system outsourcing from the perspective of management control.This perspective can make up for relevant theoretical vacancy,and enrich the perspectives of risk management theory for information system.This paper first analyzes the theoretical and practical needs of information system outsourcing risk management.From the perspective of management control,this paper continues to explore the effective methods of risk management for information system outsourcing.Through combining the characteristics of outsourcing,risk management requirements,management control requirements and related theories,this paper designs a management control framework for information system outsourcing.The content analysis method is then used to identify the specific risk points indicated in lots of documents.These risk points are classified according to the previously proposed management control framework.Meanwhile,the rationality of this model are verified according to the objectivity of risk and the scientific classification method.Based on the CMM model and its derivative model theory,and the key control domain of the management control framework in this paper,the risk evaluation criteria and processes are then put forward.Via the proposed framework and risk assessment criteria,the risk control measures are gradually classified and graded.These measures are collected as the risk “measure pool”.The risk measure selection method is set accordingly.Finally,the general process of risk management is established to form a risk management system.A case study is performed to test the operability of the risk management system constructed in this paper.Then,the application feedback of the risk management system is derived from this practical application.The first chapter and the second chapter of this paper sort out the actual situation and research status of information system outsourcing risk management,and propose the research purpose and significance of this paper.The third chapter is to construct the information system outsourcing management control model,which is the foundation and premise of the fourth chapter risk management system construction.The fifth chapter applies the research to the risk system and obtains the application feedback,which confirms the operability and management effect of the risk management system constructed in this paper. |
PDF Full Text Request