Abstract
Subcontracting of information systems services to third parties ‐ outsourcing ‐ is increasing. There are many reasons why managements might ask why we should not outsource IT activitities. Conversely, theoretical analysis suggests that such a policy change should be entertained with caution. Drawing on information systems research evidence, the author proposes a policy framework for analysis. This can be used in private and public sector organizations and warns against universal prescriptions both within and across organizations.