Threats

Risk is the major drawback with Business Process Outsourcing. Outsourcing of an Information System, for example, can cause security risks both from a communication and from a privacy perspective. For example, security of North American or European company data is more difficult to maintain when accessed or controlled in the Sub-Continent. From a knowledge perspective, a changing attitude in employees, underestimation of running costs and the major risk of losing independence, outsourcing leads to a different relationship between an organization and its contractor.[14][15]

Risks and threats of outsourcing must therefore be managed, to achieve any benefits. In order to manage outsourcing in a structured way, maximizing positive outcome, and minimizing risks and avoiding any threats, a Business Continuity Management (BCM) model is setup. BCM consists of a set of steps, to successfully identify, manage and control the business processes that are, or can be outsourced.[16]
Another framework, more focused on the identification process of potential outsourceable Information Systems, identified as AHP, is explained.[17]
L. Willcocks, M. Lacity and G. Fitzgerald identify several contracting problems companies face, ranging from unclear contract formatting, to a lack of understanding of technical IT- processes