{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,27]],"date-time":"2025-03-27T21:59:02Z","timestamp":1743112742309,"version":"3.40.3"},"publisher-location":"Berlin, Heidelberg","reference-count":40,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642392177"},{"type":"electronic","value":"9783642392184"}],"license":[{"start":{"date-parts":[[2013,1,1]],"date-time":"2013-01-01T00:00:00Z","timestamp":1356998400000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2013]]},"DOI":"10.1007\/978-3-642-39218-4_30","type":"book-chapter","created":{"date-parts":[[2013,7,3]],"date-time":"2013-07-03T08:41:05Z","timestamp":1372840865000},"page":"405-418","source":"Crossref","is-referenced-by-count":0,"title":["Secure Outsourcing: An Investigation of the Fit between Clients and Providers"],"prefix":"10.1007","author":[{"given":"Gurpreet","family":"Dhillon","sequence":"first","affiliation":[]},{"given":"Romilla","family":"Chowdhuri","sequence":"additional","affiliation":[]},{"given":"Filipe","family":"de S\u00e1-Soares","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"issue":"2","key":"30_CR1","doi-asserted-by":"publisher","first-page":"233","DOI":"10.1016\/S0304-3878(96)00399-9","volume":"50","author":"A. Arora","year":"1996","unstructured":"Arora, A.: Contracting for tacit knowledge: the provision of technical services in technology licensing contracts. Journal of Development Economics\u00a050(2), 233\u2013256 (1996)","journal-title":"Journal of Development Economics"},{"issue":"3","key":"30_CR2","first-page":"60","volume":"42","author":"J. Barthelemy","year":"2001","unstructured":"Barthelemy, J.: The hidden costs of IT outsourcing. MIT Sloan Management Review\u00a042(3), 60\u201369 (2001)","journal-title":"MIT Sloan Management Review"},{"issue":"5","key":"30_CR3","doi-asserted-by":"publisher","first-page":"413","DOI":"10.1016\/j.ijinfomgt.2008.02.002","volume":"28","author":"R. Bojanc","year":"2008","unstructured":"Bojanc, R., Jerman-Bla\u017ei\u010d, B.: An economic modelling approach to information security risk management. International Journal of Information Management\u00a028(5), 413\u2013422 (2008)","journal-title":"International Journal of Information Management"},{"issue":"4","key":"30_CR4","doi-asserted-by":"publisher","first-page":"343","DOI":"10.1108\/09685220610690817","volume":"14","author":"A.J.T. Chang","year":"2006","unstructured":"Chang, A.J.T., Yeh, Q.J.: On security preparations against possible IS threats across industries. Information Management & Computer Security\u00a014(4), 343\u2013360 (2006)","journal-title":"Information Management & Computer Security"},{"issue":"1","key":"30_CR5","doi-asserted-by":"publisher","first-page":"79","DOI":"10.1007\/s10550-007-0011-y","volume":"25","author":"C. Colwill","year":"2007","unstructured":"Colwill, C., Gray, A.: Creating an effective security risk model for outsourcing decisions. BT Technology Journal\u00a025(1), 79\u201387 (2007)","journal-title":"BT Technology Journal"},{"issue":"5","key":"30_CR6","doi-asserted-by":"publisher","first-page":"297","DOI":"10.1016\/j.im.2008.01.008","volume":"45","author":"G. Dhillon","year":"2008","unstructured":"Dhillon, G.: Organizational competence in harnessing IT: a case study. Information & Management\u00a045(5), 297\u2013303 (2008)","journal-title":"Information & Management"},{"issue":"4","key":"30_CR7","doi-asserted-by":"publisher","first-page":"6","DOI":"10.1145\/1035233.1035236","volume":"35","author":"J. Dibbern","year":"2004","unstructured":"Dibbern, J., Goles, T., Hirschheim, R., Jayatilaka, B.: Information systems outsourcing: a survey and analysis of the literature. ACM SIGMIS Database\u00a035(4), 6\u2013102 (2004)","journal-title":"ACM SIGMIS Database"},{"issue":"3","key":"30_CR8","doi-asserted-by":"publisher","first-page":"189","DOI":"10.1016\/j.cose.2008.11.007","volume":"28","author":"M.T. Dlamini","year":"2009","unstructured":"Dlamini, M.T., Eloff, J.H., Eloff, M.M.: Information security: The moving target. Computers & Security\u00a028(3), 189\u2013198 (2009)","journal-title":"Computers & Security"},{"issue":"6","key":"30_CR9","doi-asserted-by":"publisher","first-page":"849","DOI":"10.1108\/14637150810916026","volume":"14","author":"M.R. Doomun","year":"2008","unstructured":"Doomun, M.R.: Multi-level information system security in outsourcing domain. Business Process Management Journal\u00a014(6), 849\u2013857 (2008)","journal-title":"Business Process Management Journal"},{"key":"30_CR10","first-page":"26","volume":"37","author":"M.J. Earl","year":"1996","unstructured":"Earl, M.J.: The risks of outsourcing IT. Sloan Management Review\u00a037, 26\u201332 (1996)","journal-title":"Sloan Management Review"},{"issue":"3","key":"30_CR11","doi-asserted-by":"publisher","first-page":"106","DOI":"10.1108\/09685220310480381","volume":"11","author":"H. Fulford","year":"2003","unstructured":"Fulford, H., Doherty, N.F.: The application of information security policies in large UK-based organizations: an exploratory investigation. Information Management & Computer Security\u00a011(3), 106\u2013114 (2003)","journal-title":"Information Management & Computer Security"},{"key":"30_CR12","volume-title":"The Impact of Client-Vendor Relationship on Outsourcing Success","author":"T. Goles","year":"2001","unstructured":"Goles, T.: The Impact of Client-Vendor Relationship on Outsourcing Success. University of Houston, Houston (2001)"},{"issue":"1","key":"30_CR13","doi-asserted-by":"publisher","first-page":"4","DOI":"10.1147\/sj.382.0472","volume":"32","author":"J.C. Henderson","year":"1993","unstructured":"Henderson, J.C., Venkatraman, N.: Strategic alignment: leveraging information technology for transforming organisations. IBM Systems Journal\u00a032(1), 4\u201316 (1993)","journal-title":"IBM Systems Journal"},{"issue":"2","key":"30_CR14","first-page":"69","volume":"3","author":"K.M. Kaiser","year":"2004","unstructured":"Kaiser, K.M., Hawk, S.: Evolution of offshore software development: From outsourcing to cosourcing. MIS Quarterly Executive\u00a03(2), 69\u201381 (2004)","journal-title":"MIS Quarterly Executive"},{"issue":"2","key":"30_CR15","first-page":"113","volume":"1","author":"T. Kern","year":"2002","unstructured":"Kern, T., Willcocks, L.P., Lacity, M.C.: Application service provision: Risk assessment and mitigation. MIS Quarterly Executive\u00a01(2), 113\u2013126 (2002)","journal-title":"MIS Quarterly Executive"},{"issue":"1","key":"30_CR16","doi-asserted-by":"publisher","first-page":"29","DOI":"10.1016\/j.ijinfomgt.2003.12.001","volume":"24","author":"A.M. Khalfan","year":"2004","unstructured":"Khalfan, A.M.: Information security considerations in IS\/IT outsourcing projects: a descriptive case study of two sectors. International Journal of Information Management\u00a024(1), 29\u201342 (2004)","journal-title":"International Journal of Information Management"},{"issue":"3","key":"30_CR17","doi-asserted-by":"publisher","first-page":"363","DOI":"10.2307\/249670","volume":"22","author":"M.C. Lacity","year":"1998","unstructured":"Lacity, M.C., Willcocks, L.P.: An Empirical Investigation of Information Technology Sourcing Practices: Lessons from Experience. MIS Quarterly\u00a022(3), 363\u2013408 (1998)","journal-title":"MIS Quarterly"},{"issue":"4","key":"30_CR18","doi-asserted-by":"publisher","first-page":"395","DOI":"10.1057\/jit.2010.21","volume":"25","author":"M.C. Lacity","year":"2010","unstructured":"Lacity, M.C., Khan, S., Yan, A., Willcocks, L.P.: A review of the IT outsourcing empirical literature and future research directions. Journal of Information Technology\u00a025(4), 395\u2013433 (2010)","journal-title":"Journal of Information Technology"},{"issue":"3","key":"30_CR19","doi-asserted-by":"crossref","first-page":"331","DOI":"10.2307\/30036537","volume":"27","author":"Levina","year":"2003","unstructured":"Levina, N., Ross, J.W.: From the vendor\u2019s perspective: exploring the value proposition in information technology outsourcing. MIS Quarterly, 331\u2013364 (2003)","journal-title":"MIS Quarterly"},{"issue":"1","key":"30_CR20","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1111\/j.1365-2575.1992.tb00064.x","volume":"2","author":"J. Livari","year":"1992","unstructured":"Livari, J.: The organizational fit of information systems. Information Systems Journal\u00a02(1), 3\u201329 (1992)","journal-title":"Information Systems Journal"},{"issue":"2","key":"30_CR21","doi-asserted-by":"crossref","first-page":"173","DOI":"10.2307\/249574","volume":"16","author":"Karen D. Loch","year":"1992","unstructured":"Loch, K.D., Carr, H.H., Warkentin, M.E.: Threats to information systems: today\u2019s reality, yesterday\u2019s understanding. MIS Quarterly, 173\u2013186 (1992)","journal-title":"MIS Quarterly"},{"issue":"3","key":"30_CR22","doi-asserted-by":"publisher","first-page":"152","DOI":"10.1057\/palgrave.jit.2000045","volume":"20","author":"S.M. Miranda","year":"2005","unstructured":"Miranda, S.M., Kavan, C.B.: Moments of governance in IS outsourcing: conceptualizing effects of contracts on value capture and creation. Journal of Information Technology\u00a020(3), 152\u2013169 (2005)","journal-title":"Journal of Information Technology"},{"issue":"3","key":"30_CR23","doi-asserted-by":"publisher","first-page":"4","DOI":"10.1108\/02635571211210059","volume":"112","author":"G. Nassimbeni","year":"2012","unstructured":"Nassimbeni, G., Sartor, M., Dus, D.: Security risks in service offshoring and outsourcing. Industrial Management & Data Systems\u00a0112(3), 4\u20134 (2012)","journal-title":"Industrial Management & Data Systems"},{"issue":"2","key":"30_CR24","doi-asserted-by":"crossref","first-page":"264","DOI":"10.2307\/2391960","volume":"22","author":"Donald V. Nightingale","year":"1977","unstructured":"Nightingale, D.V., Toulouse, J.M.: Toward a multilevel congruence theory of organization. Administrative Science Quarterly, 264\u2013280 (1977)","journal-title":"Administrative Science Quarterly"},{"issue":"2","key":"30_CR25","doi-asserted-by":"publisher","first-page":"177","DOI":"10.1016\/S1047-8310(02)00050-0","volume":"13","author":"P.M. Norman","year":"2002","unstructured":"Norman, P.M.: Protecting knowledge in strategic alliances: Resource and relational characteristics. The Journal of High Technology Management Research\u00a013(2), 177\u2013202 (2002)","journal-title":"The Journal of High Technology Management Research"},{"issue":"1","key":"30_CR26","doi-asserted-by":"publisher","first-page":"15","DOI":"10.1016\/j.im.2003.11.002","volume":"42","author":"C. Okoli","year":"2004","unstructured":"Okoli, C., Pawlowski, S.D.: The Delphi method as a research tool: an example, design considerations and applications. Information & Management\u00a042(1), 15\u201329 (2004)","journal-title":"Information & Management"},{"issue":"1","key":"30_CR27","doi-asserted-by":"publisher","first-page":"245","DOI":"10.1016\/j.ejor.2005.01.060","volume":"174","author":"K.-M. Osei-Bryson","year":"2006","unstructured":"Osei-Bryson, K.-M., Ngwenyama, O.K.: Managing risks in information systems outsourcing: an approach to analyzing outsourcing risks and structuring incentive contracts. European Journal of Operational Research\u00a0174(1), 245\u2013264 (2006)","journal-title":"European Journal of Operational Research"},{"issue":"1","key":"30_CR28","doi-asserted-by":"publisher","first-page":"21","DOI":"10.1108\/14637150710721113","volume":"13","author":"A.K. Pai","year":"2007","unstructured":"Pai, A.K., Basu, S.: Offshore technology outsourcing: overview of management and legal issues. Business Process Management Journal\u00a013(1), 21\u201346 (2007)","journal-title":"Business Process Management Journal"},{"issue":"8","key":"30_CR29","doi-asserted-by":"publisher","first-page":"638","DOI":"10.1016\/j.cose.2004.10.006","volume":"23","author":"S. Posthumus","year":"2004","unstructured":"Posthumus, S., Von Solms, R.: A framework for the governance of information security. Computers & Security\u00a023(8), 638\u2013646 (2004)","journal-title":"Computers & Security"},{"key":"30_CR30","unstructured":"Raghu, T.: Cyber-security policies and legal frameworks governing Business Process and IT Outsourcing arrangements. Paper Presented at the Indo-US Conference on Cyber-Security, Cyber-Crime & Cyber Forensics (2009)"},{"issue":"4","key":"30_CR31","doi-asserted-by":"publisher","first-page":"69","DOI":"10.1145\/1232743.1232750","volume":"50","author":"S. Sakthivel","year":"2007","unstructured":"Sakthivel, S.: Managing risk in offshore systems development. Communications of the ACM\u00a050(4), 69\u201375 (2007)","journal-title":"Communications of the ACM"},{"issue":"3","key":"30_CR32","doi-asserted-by":"publisher","first-page":"763","DOI":"10.1111\/j.1540-5915.1997.tb01330.x","volume":"28","author":"R.C. Schmidt","year":"1997","unstructured":"Schmidt, R.C.: Managing Delphi surveys using nonparametric statistical techniques. Decision Sciences\u00a028(3), 763\u2013774 (1997)","journal-title":"Decision Sciences"},{"issue":"4","key":"30_CR33","doi-asserted-by":"publisher","first-page":"503","DOI":"10.1287\/mnsc.43.4.503","volume":"43","author":"J.D. Sterman","year":"1997","unstructured":"Sterman, J.D., Repenning, N.P., Kofman, F.: Unanticipated side effects of successful quality programs: Exploring a paradox of organizational improvement. Management Science\u00a043(4), 503\u2013521 (1997)","journal-title":"Management Science"},{"issue":"10","key":"30_CR34","doi-asserted-by":"publisher","first-page":"9","DOI":"10.1016\/S1361-3723(02)01011-4","volume":"2002","author":"I. Tickle","year":"2002","unstructured":"Tickle, I.: Data integrity assurance in a layered security strategy. Computer Fraud & Security\u00a02002(10), 9\u201313 (2002)","journal-title":"Computer Fraud & Security"},{"issue":"5","key":"30_CR35","doi-asserted-by":"publisher","first-page":"237","DOI":"10.1108\/09685220210446588","volume":"10","author":"E. Tran","year":"2002","unstructured":"Tran, E., Atkinson, M.: Security of personal data across national borders. Information Management & Computer Security\u00a010(5), 237\u2013241 (2002)","journal-title":"Information Management & Computer Security"},{"issue":"3","key":"30_CR36","first-page":"51","volume":"38","author":"N. Venkatraman","year":"1997","unstructured":"Venkatraman, N.: Beyond outsourcing: managing IT resources as a value center. Sloan Management Review\u00a038(3), 51\u201364 (1997)","journal-title":"Sloan Management Review"},{"issue":"6","key":"30_CR37","doi-asserted-by":"publisher","first-page":"72","DOI":"10.1109\/MIC.2010.147","volume":"14","author":"Y. Wei","year":"2010","unstructured":"Wei, Y., Blake, M.: Service-oriented computing and cloud computing: Challenges and opportunities. IEEE Internet Computing\u00a014(6), 72\u201375 (2010)","journal-title":"IEEE Internet Computing"},{"key":"30_CR38","first-page":"355","volume-title":"Framing the Domains of IT Management","author":"L. Willcocks","year":"2000","unstructured":"Willcocks, L., Lacity, M.C.: Relationships in IT Outsourcing: A Stakholder Perspective. In: Zmud, R. (ed.) Framing the Domains of IT Management, pp. 355\u2013384. Pinnaflex Inc., Ohio (2000)"},{"issue":"3","key":"30_CR39","doi-asserted-by":"publisher","first-page":"7","DOI":"10.1201\/1078\/44432.21.3.20040601\/82471.2","volume":"21","author":"L. Willcocks","year":"2004","unstructured":"Willcocks, L., Hindle, J., Feeny, D., Lacity, M.: IT and business process outsourcing: The knowledge potential. Information Systems Management\u00a021(3), 7\u201315 (2004)","journal-title":"Information Systems Management"},{"issue":"2","key":"30_CR40","doi-asserted-by":"publisher","first-page":"211","DOI":"10.1007\/s10796-008-9063-x","volume":"10","author":"K. W\u00fcllenweber","year":"2008","unstructured":"W\u00fcllenweber, K., Beimborn, D., Weitzel, T., K\u00f6nig, W.: The impact of process standardization on business process outsourcing success. Information Systems Frontiers\u00a010(2), 211\u2013224 (2008)","journal-title":"Information Systems Frontiers"}],"container-title":["IFIP Advances in Information and Communication Technology","Security and Privacy Protection in Information Processing Systems"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-39218-4_30","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2018,10,11]],"date-time":"2018-10-11T00:43:14Z","timestamp":1539218594000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-39218-4_30"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013]]},"ISBN":["9783642392177","9783642392184"],"references-count":40,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-39218-4_30","relation":{},"ISSN":["1868-4238","1868-422X"],"issn-type":[{"type":"print","value":"1868-4238"},{"type":"electronic","value":"1868-422X"}],"subject":[],"published":{"date-parts":[[2013]]}}}