Business Process Management
Abstract
The literature review on the topic of enterprise resource planning (ERP) of business process management (BPM) as part of information systems (IS) strategies in South African businesses covers both scholarly and professional management discussions about outsource administration of IT systems operations. The rise of outsource IT in the business sector is predicted to realign business and trade into the future. The trend in emergent market outsource IS data management in and by South African firms is fast becoming a lead topic in a nation formerly characterised as an industrial economy with developing country challenges.
The enactment of South Africa’s Electronic Communications Security (PTY) Ltd. Act 2002 evidences that the nation has been quick to respond to global changes in IS business process operations. This includes the widespread use of merchant services platforms for cloud computing data storage, inventory control, supply chain management, and point-of-sale electronic financial transactions (EFT) by way of Web-based transaction gateways reveals the operations-side of South Africa’s workday
Introduction
The literature review on the topic of enterprise resource planning (ERP) of business process management (BPM) as part of information systems (IS) strategies in South African businesses covers both scholarly and professional management discussions about outsource administration of IT systems operations. The rise of outsource IT in the business sector is predicted to realign business and trade into the future. The trend in emergent market outsource IS data management in and by South African firms is fast becoming a lead topic in a nation formerly characterised as an industrial economy with developing country challenges.
The enactment of South Africa’s Electronic Communications Security (PTY) Ltd. Act 2002 evidences that the nation has been quick to respond to innovations in global IS business process operations. This includes the widespread use of merchant services platforms for cloud computing data storage, inventory control, supply chain management, and point-of-sale electronic financial transactions (EFT) by way of Web-based transaction gateways reveals the operations-side of South Africa’s workday (Gunasekaran and Zahir, 2001). Third party software application as system (SaaS) providers also provide South African businesses with BPM platform of core operations infrastructure used for synchronous distribution of data across entire value chains. What has come out of the advancement of ERP of BPM in the IT sector has induced a critical breaking point for organizations seeking competitive advantage.
Companies with the most up-to-date SaaS enterprise systems infrastructure are the ones profiting from continuous tracking of inventory and sales performance. Controllers now have on-demand access to data for analysis and reporting as well. When forming profitable partnerships, it just doesn’t get any better than IS sharing via a cloud many managers will attest, as traditional timeframes for execution of production or other priority strategy between partners is no longer delayed by inconsistent or uneven information on record. This was the promise of Big Data, and it has largely been realised in South Africa in the form of IS networks.
While South Africa remains primarily an industrial economy, with priority attention given to legislative policy and safety practices targeting health and injury in the healthcare, manufacturing, maritime, and mining sectors; ERP principles and concerns are now closely aligned with information systems infrastructure and enterprise system resource management of business processes. Multinational enterprises (MNE) have also been joined by small-medium sized enterprises (SME) in global expansion.
The business culture of global organizations is predictably characterized by high change strategies. Measured against productivity, the question of profitability is generally one said to be tied to business processes management in operations. From employee incentives to SaaS updates, business processes cover the entire scope of production activities at work in South African companies.
With introduction of enterprise systems ERP and BPM strategies as the primary framework for productivity in operations, there are also new risks associated designated user access to company IT systems networks, and control of IS in coordination with external partners involved in data sharing across a value chain of stakeholders (Hahn, Doh and Bunyaratavej, 2009). Communications flowing from South African companies integrated in large networks of users have the potential of circulating outside of the parameters of user access.
Beyond stakeholder participation in BPM, there are a whole host of security factors such as wireless IP and server violations posing major risk to company operations (Hahn, Doh and Bunyaratavej, 2009). Although some of this risk has been mitigated by way of cloud computing data warehousing and administration with immediate recovery time to operations (RTO), the possibility that a company may sustain damage to key BPM infrastructure makes this concern a nearly universal, strategic priority.
The relevancy of risk is seen in companies looking to increase financial control with more advanced BPM. Managers responsible for ERP of business process components as part of their operations strategy must protect the organization from the most dangerous scenario of accounting gone haywire. Noted within global acquisition and merger scenarios, systems failures caused by sabotage not only lead to lost accounting data, but the inability of the company to control finance crucial to daily operations. When company networks become more extensive in terms of number of users and database interface, the obvious challenge is to establish security protocol for managing operations during a systems failure (Rao and Young 1994).
The efficacy of ERP in BPM is seen in change management discussions. Change IS specialists argue that the core competency of any organization is the ability of those firms to coalesce and align all functions within a system of production. If corporations are prompted to develop IS responses that support IT infrastructure and merely the other way around, they have in effect achieved the ultimate goal of any corporation, which is to reinforce their business process operations mechanistically.
Automation of strategic growth models in operations capacity building is entire focus of SaaS development in the business sector. If user interface achieved maximum productivity of human value, the same can be said for data itself. Organizations that have found a way to harness IS as infrastructural support are generally also competitive leaders in their sector or segment. For example, knowledge management now also includes reporting on employee productivity, reported on each user application.
If supply chains are dependent on a series of decoupling points in a total chain of operations, productivity can be increased or even automated at each phase in many manufacturing or services firms (Schoenherr, 2010, Wee, Peng and Wee, 2010, Whipple and Russell, 2007). This also creates a legal record of employee activity, protecting both company and staff.
Since the enactment of South Africa’s Electronic Communications Security (PTY) Ltd. Act 2002, the potential for integration of legislative rules and principles concerning IT infrastructure and security in organisations has advanced the country’s development of a new culture of organisational safety. Rule elements to the 2002 Act now serve as a framework to the implementation of internal policies, as well as guidelines to point-by-point procedural integration of law within operational functions.
The emergence of public-private partnerships (PPP) in the business environment through public sector development and private financial investment (PFI) in South Africa, illustrates the transition from the traditional corporate model of supply chain activity to that of a new model of BPM resource planning. Business processes ERP by public administration is used by private partners involved in the development and maintenance of public infrastructure.
The integration of private organisations on public sector projects and programs is normally accompanied by network-based reporting to a government IS database by the latter. Moreover, third party security providers provide IT support to South Africa’s government administration and the companies it partners with.
Business Process Outsourcing
The entrance of business process outsourcing (BPO) in response to cost cutting measures in business organisations globally, has added a number of external variables to workplace operations. Companies contracting outsourcing services and especially information systems platform integration of SaaS infrastructure within their value chain of operations acknowledge that safety provisions are uneven in protection of enterprise and employees (Power, Damien, and Bhakoo, 2007).
The competitive advantage offered in BPO efficiencies and cost is undeniable. Less examined, however, are the safety and security risks as a result of IT systems integration with third party providers, and this is a critical discussion within international policy as well (Hahn, Doh and Bunyaratavej, 2009). With each core business process function (i.e. email, data storage, information sharing, electronic transactions and reporting) across a business supply chain or network of partners, come potential risks. Now more than ever organisations are experiencing the threat of information based liability, and this is critical to safety as it is to reputation and profit.
Since the global financial crisis of 2008, the severity of risk to companies posed by employee violation of designated user credentials, electronic transaction gateways and unauthorised data has been further compounded by external threat to core IT infrastructure. Companies reliant on command switch systems as part of distribution networks in their supply and delivery of energy and other high risk resources are especially vulnerable to ISP hacking and malicious viral attacks.
The initiation of an IT security culture aligned with changes in BPM innovation, have also led to substantial concern about control of risk. At no time has interest in ERP been higher. The importance of adequate and continuous enterprise resource planning is nothing short of critical to the efficiency of business process operations.
This change has been a substantial motivator of South African IT innovation, both in Web-based infrastructure and software development. New competitors to emerge in the national outsourcing environment provide business process outsourcing (BPO) services to customers as well as receive services. There is some confluence of scholarly discussions on offshoring and outsourcing as two distinct business activities that are nevertheless treated as similar in strategic focus and outcome (Holcomb and Hitt, 2007).
When companies began to seek out outsourcing firms to cut in-house costs, they looked to organisations dispersed geographically, yet of added value well matched to their chain of production (Ågerfalk and Fitzgerald, 2008, Espino-Rodríguez and Padrón-Robaina, 2006). Offshore business and trade had long been present in the financial and other economies of scale as an alternative mechanism to growth (Gupta, 2009, Levina and Vaast, 2008). The entrance of bridge organisations or BPO companies in the IT sector is an offshoot of offshore banking institution electronic systems administration by third parties (Ramasubbu et al., 2008).
The case study of HCL BPO addresses a global outsourcing firm with IT and SAP enterprise systems services capabilities such as application development and re-engineering, hardware design, Oracle ERP, onsite technical support, risk migration, Siebel crm, and voice and data communication (HCL 2011). The case reflects similar research conducted around the world on BPO firms in the past decade.
HCL is the largest BPO in Northern Ireland, and first Indian BPO to enter the Telecommunications Expense Management (TEM) market. The outsourcing firm ranks among the Top 10 ITeS-BPO companies in India as seen in the company profile (Table 1) (HCL, 2011, NASSCOM & Dataquest, 2011).
Figure 1. Company Profile, HCL BPO (HCL, 2011).
With over 11,000 professional service providers in India, Northern Ireland and the United States HCL currently generates an approximate USD $231.4 million in annual revenues in support of twenty two operations centres offering 24X7 multi-channel, multi-lingual support in eight (8) European and eight (8) APAC languages. HCL BPO operations focus on verticals involved in ‘Telecom, Retail & CPG, Banking & Financial Services, Insurance, Hi-Tech & Manufacturing and Media, Publishing & Entertainment’ and ‘Supply Chain Management, Finance & Accounting Services, Knowledge & Legal Services, Customer Relationship Management and Technical Support Services’ (HCL 2011). HCL is the largest provider of Telecom engagement in India.
HCL’s situation and historical presence as a Full and Multiple Process Outsource firm in the global IT services sector since 2001, is compatible with recent theoretical perspectives in scholarship on offshore bridge outsourcing firms. In Lacity, Willcocks and Rottman (2008) Global outsourcing of back office services: lessons, trends, and enduring challenges looks at review of lessons learned from successful exploitation of maturity in Information Technology Outsourcing (ITO) and BPO markets (Lacity, Willcocks and Rottman, 2008). Analysis of back office services provided to major corporate clients through ITO and BPO as part of those companies’ core operations activities, reflects a growth sector in global outsourcing.
HCL Global BPO bridges IS between: 1) the client; 2) HCL Ireland; and 3) telecentre partners in India. Control of the integrity of customer data is a significant promise in service.
The integration of new clients into a network of IS sharing and reporting requires agreement of data transfer, management and retention at HCL BPO, the main characteristic of a bridge organisation. The two tiers of ‘value’ function simultaneously in HCL BPO channel operations. Synchronised data sharing is part of the contractual agreement between the bridge firm and its clients. For this reason, multi-scale matrices of information sharing in bridge firms allow for a dense number of capabilities to be integrated and deployed.
Quality control at HCL BPO is aligned with industry best practices. The company conducts audit in compliance of both internal and external certification, including: ‘COPC 2000 (CSP Release 4.1), ISO 20000:2005, ISO 9001:2000, OHSAS 18001:2007 and ISO 14001:2004; Security Systems certification - ISO 27001:2005 and audit certification in SAS 70’ (HCL 2011). The firm uses a metric-based quality index for assessment of all processes in support of its ‘robust technology infrastructure, strong human resources and a customized training program and transition frameworks’ (HCL 2011).
Findings to the HCL study show that the bridge institution’s current outsource operations are successful in response to both internal organization; and external forces (Zhu, Zhiwei and Lillie, 2001). ‘High value’ strategies have much to do with the type of reception HCL has seen. The trend toward increased specialisation includes the foci of the outsourcing firms themselves. Extended networks of consultants may converge to supply service provision in a single product to a client in agreement with a lead outsource firm. For many organizations, the productivity offered by outsourcing firms at a distance is the best possible solution to greater cost-savings, efficiency and freedom in the home market(s) (Journal of Management Development 2000).
The careful attention to ERP of BPM value, the core competency of any outsourcing firm, has set the organisation apart in performance and profit. Technological lifecycle is a central factor in the efficiency and market leadership of an outsourcing firm (Mojsilović et al., 2007).
As Contractor et al. (2010), suggest in Reconceptualizing the Firm in a World of Outsourcing and Offshoring: The Organizational and Geographical Relocation of High-Value Company Functions, the real concept of global strategy in the contemporary moment supports: (1 optimal disaggregation of the firm's value chain into constituent segments as is organizationally and economically viable, so that (2 decisions on how each segment might be allocated geographically ('offshoring') and organizationally ('outsourcing') (Contractor et al. 2010). Like HCL, South African BPO firms are finding similar response.
Enterprise resource planning (ERP) of infrastructure used in business process management (BPM) in South African organisations, and particularly in the outsourcing economy, is subject to IT security regulatory rules to network systems use (Franceschini et al., 2003). Most companies now have dedicated ERP guidelines, BPM protocols and contingency plans in place to ward against potential cyber-attack or other systems failure. Companies partnered with third party service providers of SaaS and cloud storage administration have access to back-up of key data.
Network attached storage (NAS) devices are also popular in South African companies. BPM planning of IS often includes ERP of both cloud and NAS storage. NAS function as part of network systems back-up without external processing. The use of NAS storage to store file-level data creates proprietary ownership of information on the spot (Roy and Sivakumar, 2011). When a company joins a group of partners, NAS are useful in operations management and data monitoring in addition to cloud resources. The fact that NAS can also stand in the place of an operating system and platform for architecture, hardware and software applications, and costs less than other options makes it a standard ERP procurement item in South African IT departments.
NAS storage can be used to design-in infrastructural components and new software applications. The best redundant storage in a network environment, NAS contains multiple hard drives so that risks to data are eliminated. NAS does not require authentication so that internal file serving across servers in an intranet network is immediate, and without external processing. NAS can be incorporated into existing enterprise systems networks to enable access to files by any standard file sharing protocol such as AFP, NFS and SMB/CIFS. The end result is that NAS affords greater IT security in systems operation and maintenance.
The presence of both cloud computing and NAS in South African contingency planning models supports the broader spectrum of security systems ERP as part of BPM planning and execution (Barr 2009, 2010, 2013). The inclusion of mobile malware defense systems, security key infrastructure, internet service provider credentials and security incident handling are examples of contingency planning in South African IT risk management and security programmes is common (Barr 2009, 2010, 2013, Keston 2013).
Establishing a quality organisational security programme has become a substantial undertaking, says Kokt (2009) as “private security aids public policing and the military forces in combating the growing occurrence of crime and terrorism, especially in the Western world” as well as MNE and even SME in the pursuit of data integrity and control of operations (Kokt 2009). In spite of the exceptional role that private security firms are having in surveillance of organizations and governance, the field of “private security is a neglected area of investigation, especially in the South African context” (Kokt 2009). Sampling of the distribution of private security in South African organisations in the study reveals disaggregation in access and deployment of security infrastructure (Figure 2) (Kokt 2009).
Figure 2. Distribution of private security in South African organisations (Kokt 2009).
Kokt’s research on organisational culture and quality (TQM) offers a replicable model for implementation of major private security company values in South Africa’s organisational context (Kokt 2009). Following Schein’s (1992) tri-partite framework, she examines one of South Africa's lead security companies as a model “for the establishment of a quality culture in the organisation” (Kokt 2009).
Regulation of BPM Networks
The provision of IT administration security by private companies in South Africa following the enactment of the Electronic Communications Security (PTY) Ltd. Act 2002 set the pace for an entire scope of security policy reforms in organisational safety (Republic of South Africa 2002). Responsive to the global trend in security criteria to general rules to safety, the inclusion of computer misuse laws in organisational policy is relevant to all areas of designated user access, privacy in communications, data integrity and guaranteed electronic financial transaction (Barr 2009, 2010, 2013).
The exploitation of organisational intelligence and control over data and other resources, not to mention user access protections is a growing problem internationally. South Africa’s 2002 legislation is meant to control the spread of cybercrime related to breach of credentials, and cease unauthorised access to interception of transaction and other data where a person is not authorised (Act No. 25 of 2002, Chapter XIII - Cyber Crime) (Republic of South Africa 2002). The latter provision pre-empts the Interception and Monitoring Prohibition Act, 1992 (Act No. 127 of 1992) and provides continuity to rules on the interception of data and sentencing for such offences (Republic of South Africa 2002).
The 2002 legislation also deems unlawful production, sale, tender procurement, design, adaptation, distribution or possession of an employer’s data, device or computer program or component illegal. Security breaches are a violation of those terms, as well as utilisation of data or other property of the company for contravention or fakery; or attempt or commission of computer related extortion, forgery or fraud (Republic of South Africa 2002). Sentencing for the mentioned offences is referred to in Sections 37(3), 40(2), 58(2), 80(5), 82(2), 86(1), (2) or (3) and 86(4) or (5) or section 87 with stipulation to fine and imprisonment of up to five years (Republic of South Africa 2002).
The 2002 Act established the conditions for a new culture of IT based organisational safety in South Africa with an emphasis on designated access credential licensure, training and monitoring, as well as guidelines enterprise systems security systems and technologies. From a technological point-of-view the legislation follows international recommendations on designated user access in organisations found in international protocol, as well as the promotion of organisational strategy in this area. Intellectual property laws covering outsourcing agreements are certain to follow (Roy and Sivakumar, 2011).
Policy Reform of IT-Based BPM
The prevalence of social engineering attacks in escalation of risk in South African organisations is also on the increase; as violations cited in new regulation targeting cyberbullying and cyberstalking are only partly covered in the country’s 2002 computer misuse law (Block Lombardi 2012). Such forms of inappropriate or even criminal behavior commissioned in "cyberspace" by employees, inside organisations and across networks of stakeholders via shared internet-based infrastructure can be stealth blow to a company not well-prepared in enterprise systems security operations.
Section 36, Disclosure of information to the Occupational Health and Safety Act 1993, delimits information sharing, restricting the terms to (b) purposes of the administration of justice (Republic of South Africa 1993). Moreover, “no person shall disclose any information concerning the affairs of any other person obtained by him in carrying out his functions in terms of this Act, except (a) to the extent to which it may be necessary for the proper administration of a provision of this Act [. . .] at the request of a health and safety representative or a health and safety committee entitled thereto” (Republic of South Africa 1993).
Provision of rules for controlling violation of persons in the work environment where information is concerned is proscriptive to investigation, but not entirely worked out in risk management guidelines as a priority area of OHS enforcement. At the organisational level, the substantial and growing risk of information sharing in relation to breach of designated user credentials and enterprise systems IT infrastructure is often limited to rules stated as part of communications policy.
Similar to inter-office conflict management protocol, such security breaches are seen to be solvable by way of mediation (Block Lombardi 2012). Violation of designated user access credentials to bully via privacy invasion and tampering with emails is more serious and may result in arrest and criminal charges, however. The severity of Web-based bullying and stalking in organisational settings is clear.
International policies offer framework to development of rules to control of computer misuse violations and subsequent injury to employees. Where precedent to lawsuits alleging intentional infliction of distress or compromise of company security, liabilities from designated user credential breach are the ground for creating better safety and security policies at both the national and organisational levels.
Without precise attention to computer misuse within national legislation and in BPM policies in companies, the once distant problems of employee violation (i.e. privacy violation, malicious information spreading, etc.) and IT infrastructure security breach promises significant risk to South Africa’s business environment. Some analysts cite the trend of designated user credentials a potential precursor to other forms of violence (Block Lombardi 2012).
Loss of productivity and diminished mental health of workers is certain loss to profits, argues Block Lombardi, as IT privacy invasion and cyberbullying and cyberstalking by co-workers is the cause of toxic work stress (Block Lombardi 2012). Workplace violence often categorized as peer-to-peer or lateral violence is a growing problem the world over. Evidence based practice research citing lateral violence is extensive.
For instance, the single most cited employee liability in healthcare institution cases, lateral violence in the nursing practice sector illustrates the extent by which intimidation and dominance in communications play a role in the contemporary workplace. Employees made vulnerable by peer co-workers by way of nefarious or reputational information spreading are growing in numbers, as competition and pressures to perform exceed former expectations.
Theorists working toward redefinition of the scope of ERP of IT focused BPM look at best practices to emphasize the value of risk reduction. The dual liability scenario of IT security and employee user credential breach place information at the center of the concern. Substantial risk to both employees and organisations, information systems are fast becoming the main site of investigation within employee complaints the world over.
South Africa is well-prepared for BPM leadership in this new era IT Security rule formation. The country’s substantial history in the development of a competent, employee rights centered culture of security and policy formation lends itself to formation of fair and protective practices in the monitoring of computer misuse.
Such policies are essential to the assurance that ERP finance is well spent, as well as to a secure working environment. One may effectively argue that it is law and its rules to IT security that must come before all else in the value chain of technology ERP, and BPM offers the feedback loop connecting human production the site of network operations.
Process oriented approaches to BPM in outsourcing contexts incorporate security operations (Marshall, 2005). The growing demand for methods of establishing universal rules to ERP oversight of IT, extend the obligation to network systems security as a core priority in planning (Block Lombardi 2012). An example of such a process oriented approach is found in recommendation of an information systems risk management scenario in six (6) procedural steps:
- Organizational Review—coordination of Human Resources, Legal, and IT Departments to gather information on recommended policy implementation model.
- Employee Education – awareness training and policy introduction of new programming.
- Prevention Training – rule application in the digital communications environment. Employees trained on use and monitoring of email and management of data, as well as IT security incident reporting procedure.
- Internal IT Systems Monitoring – monthly reporting on IT network activity. Email interface backup.
- Intervention – the promotion of early intervention to enforce company policy and to protect employees from risk and trauma.
The inclusion of information security as actionable priority within BPM is not new, yet somewhat novel in the face of other developments as South Africa’s labour market is transformed by an industrial economy often still characterized by problems more often associated with developing countries. Security theorists argue that technological inclusion in South Africa’s legal culture of regulatory guidance is critical for controlling IT security risks in the business environment.
Conclusion
South African organizations opting to use outsourcing as part of ERP scheme to meet budgetary constraints face new challenges in BPM and in IT security. Companies providing BPO to clients are also put in the position of meeting similar obligations in the development of an effective and efficient support systems model. IT infrastructure ERP, the primary focus of BPM operations strategies is the result of globalisation, and particularly the rapid innovation of new enterprise systems technologies. South African businesses are exceedingly interested in going global to leverage border crossing capital. Transnational trade makes the outsourcing equation a vital solution to traditional business process management problems.
As Harvey suggests, we are in the late-capitalist moment (Harvey, 1987). The deconstruction of a Modern economy of scale, where organizations ‘strategize’ according to dialectic reactions rather than sheer ‘constructivism’ is critical to fore thinking technological systems now innate to access of capital. By proxy, transactions involving supply of services (i.e. labour), perform as ‘fragments’ he maintains, as flexible accumulation also pertains to modes of production.
Outsourcing emerged at a time when companies were looking to offset rising costs in labour. The end result is that risk to information must be centred in strategic planning at all times (Hahn, Doh and Bunyaratavej, 2009). IT infrastructure is the most vulnerable in companies undergoing acquisition or in outsourcing relationships. It hardly surprising, then, that a ‘total’ operations approach is far more than internal management of production, but extends to logistics and an entire value chain of operations once reserved as a discretionary or separate workflow (Wong, nd.).
As South African’s strive for a democratic model of economic participation, outsourcing is perhaps the most immediate solution to a new generation of enterprise resource planning of IT supply chain management. Management theorists have offered parallel insights in the last several decades, as the level of discipline exhibited by large companies is attributed to strategic orientations meant to optimize global market opportunities.
Restructuring efforts typically involve reduction of product range and reorganization of companies from a traditional ‘vertical’ framework of decision makers, to one of horizontal project managers and similar functionaries capable of reinforcing capitalisation from their various locations (Journal of Management Development 2000). Bridge firms like HCL BPO enable those larger firms to succeed in this process. In the meantime, they are building their multi-scale organizations toward new horizons in financial and knowledge accumulation.
Future recommendations to research targeting the knowledge management element outsource management of IT outsourced, electronic transactional networks is perhaps best proscribed to the realm of legal practice dedicated to intellectual property law and rules to accessing, defending, and exploiting IP in global outsourcing (Roy and Sivakumar 2011).
At times, strategies for organizational growth are attempts to capture and evolve the essence of firm dynamics as ‘core’ activities or fulfillment of mission and planning. Where core competencies are measured against pure profit, the scale may change radically once put into the global exchange of labor for capital, and ‘sliding scales’ in accounting and other systems of accountability complicate knowledge and day-to-day management of those processes.
References
Ågerfalk, P, & Fitzgerald, B. (2008). Outsourcing to an unknown workforce: exploring opensourcing as a global sourcing strategy. MIS Quarterly 32 (2), 385-409.
Barr, J. G (2013). Security Architecture. Faulkner Information Services Mar 2013.
Barr, J.G. (2009). Enterprise Risk Management. Faulkner Information Services Nov 2009.
Barr, J. G. (2010). Social Engineering Attacks. Faulkner Information Services Sept 2010.
Barr, J.G. (2009). Security Incident Handling. Faulkner Information Services May 2009.
Block-Lombardi, C. (2012). Enterprise Cyberbullying/Stalking Policy Guidelines. Faulkner Information Services Mar 2012.
Chakrabarty, S., Gandhi, P., & Kaka, N. (2006). The untapped market for offshore services. McKinsey Quarterly 2, 16-19.
Contractor, F. et al. (2010). Reconceptualizing the Firm in a World of Outsourcing and Offshoring: The Organizational and Geographical Relocation of High-Value Company Functions. Journal of Management Studies 47 (8), 1417-1433.
Drive for outsourcing (2000). Journal of Management Development 19 (8), 670-728.
Espino-Rodríguez, T. F. and Padrón-Robaina, V. (2006). A review of outsourcing from the resource-based view of the firm. International Journal of Management Reviews 8 (1), 49–70.
Franceschini, F. et al. (2003). Outsourcing: guidelines for a structured approach. Benchmarking: An International Journal 10 (3), 246-260.
Gunasekaran, A. and Zahir I. Z.(2001). Modelling and analysis of outsourcing decisions in global supply chains. International Journal of Production Research 15, p. 301.
Gupta, A. (2009). Deriving Mutual Benefits from Offshore Outsourcing. Communications of the ACM 52 (6), 122-126.
Hahn, E, Doh, J, and Bunyaratavej, K. (2009). The Evolution of Risk in Information Systems Offshoring: the impact of home country risk, firm learning, and competitive dynamics. MIS Quarterly 33 (3), 597-616.
Harvey, D. (1987). The Condition of Postmodernity: An Enquiry into the Origins of Cultural Change. Cambridge: Blackwell.
HCL Business Process Outsourcing (2011). Retrieved from: http://www.hcltech.com/BPO/
Holcomb, Tim R. and Hitt, M.A. (2007). Toward a model of strategic outsourcing. Journal of Operations Management 25, 464–481.
International Organization for Standards (2013). Retrieved from: http://www.iso.org/iso/home.html
Keston, G. (2013). Mobile Malware Defenses. Faulkner Information Services Jul 2013.
Kokt, D. (2009). A model for establishing a quality culture in a major private security company. Total Quality Management & Business Excellence 20 (8), 787-798.
Lacity, M.C. et al. (2008). Global outsourcing of back office services: lessons, trends, and enduring challenges. Strategic Outsourcing: An International Journal 1 (1), 13-34.
Levina, N. and Vaast, E. (2008). Innovating or doing as told? Status differences and overlapping boundaries in offshore collaboration. MIS Quarterly 32 (2), 307-332.
Marshall, Donna et al. (2005). The development of an outsourcing process model. International Journal of Logistics Research and Applications 8 (4), 347 – 359.
Mojsilović, A. et al. (2007). A logistic regression framework for information technology outsourcing lifecycle management. Computers & Operations Research 34 (12), 3609-3627.
Power, D. et al. (2007). Adding value through outsourcing Contribution of 3PL services to customer. Performance. Management Research News 30 (3), 228-235.
Ramasubbu, N. et al. (2008). Work Dispersion, Process-Based Learning, and offshore software development performance. MIS Quarterly 32 (2), 437-458.
Rao, K. and Young, R.R. (1994). Global Supply Chains: Factors Influencing Outsourcing of Logistics Functions. International Journal of Physical Distribution & Logistics Management 24 (6), 11-19.
Republic of South Africa (2002). Electronic Communications Security (Pty) Ltd Act. 2002. Retrieved from: http://www.info.gov.za/view/DownloadFileAction?id=68106
Roy, S. and Sivakumar, K. (2011). Managing Intellectual Property in Global Outsourcing for Innovation Generation. Journal of Product Innovation Management 28 (1), 48-62.
Schoenherr, T. (2010). Outsourcing decisions in global supply chains: an exploratory multi-country survey', International Journal of Production Research 48 (2), 343-378.
Wee, H, Peng, S. and Wee, P. (2010). Modelling of outsourcing decisions in global supply chains. An empirical study on supplier management performance with different outsourcing strategies', International Journal of Production Research 48 (7), 2081-2094.
Whipple, J. M. and Russell, D. (2007). Building supply chain collaboration: a typology of collaborative approaches. The International Journal of Logistics Management 18 (2), 174-196.
Wong, Y-Y, nd. Strategic Alliances in Logistics Outsourcing. Asia Pacific Journal of Marketing and Logistics, pp. 4-21.
Zhu, Zhiwei, Hsu, K. and Lillie, J. (2001). Outsourcing - a strategic move: the process and the ingredients for success. Management Decision 39 (5), 373-378.
