Trust or Control ?

IFIP 8.2 - CreativeSME – 2009, © J. Devos

1

IT Governance in SMEs: Trust or Control?

Jan DevosGhent University Association

Keywords: SMEs, Agency Theory, Control, Trust, Case Study, Positivism,

Co-authors:Prof. Dr. ir. H. Van Landeghem, UGent, Industrial Management

Prof. Dr. ir. D. Deschoolmeester, UGent, Vlerickschool for Management


2

Small and Medium-Sized Enterprises

• Definitional problem – Bolton Committee defines an SME as:

1) one that has a relatively small market share,

2) one that is managed by its owners or part owners in a personalized way, not by an organized managerial structure and 3) one that is independent with the owners/managers having control of the activities of the business.

– U.S. Small Business Administration (Size Standard)depending on the industry of the SME

number of employees (<500) or the average annual receipts

independently owned and operated and not dominant in its field of operation


3

SMEs

• Definitional problem – Europe

– Singapore– New Zealand– Australia– Canada– ....


4

SMEs

Our Focus:

– Small companies (<<200)– Family owned and managed– Turnover < €20 million – Cross sectional – Small (domestic) markets and export


5

IT and SMEs

• Different economical, cultural and managerial environment (compared to corporate accounts) – Resource poverty (financial, knowledge, IT, ...) – Depend on external IT expertise– Low IT capabilities and practices– Central role of CEO (owner) – Slow adopters of IT

• Lack of relevant IS research in SMEs– Since 1978 (to august 2008): only 247 refereed A1-

publications (Devos, 2009; working paper)


6

IT Governance

• IT Governance (IT Governance Institute)

to direct IT endeavors, to ensure ITs performance meets the following objectives:

- for IT to be aligned with the enterprise and realize the promised benefits- for IT to enable the enterprise by exploiting opportunities and

maximizing benefits- for IT resources to be used responsibly- for IT related risks to be managed appropriately

“Placing IT on the agenda of the board” (W. Van Grembergen)


7

IT Governance and SMEs

• Outsourced IS Failure (OISF)– A lot of failures (Standish Group, 2007)

– Theorizing on failures (Lyytinen & Hirschheim, 1987; Sauer, 1993)

– OISF is a failure during an IS project in an outsourced environment and an IT Governance failure in SMEs (Devos et al, 2008)

• How and why do OISFs occur in SMEs?• IT Governance: Control or Trust ?


8

(Positivistic) Retrospective Multiple-case Study

Case Sector Turnover Staff Type of Project

Result Dispute Resolution

Rockit Textile €11.64 million 67 ERP No failure -

Woody Trading n.a. < 200 SDI Process Failure Litigation

Mach Manufacturing €12.75 million 146 ERP Expectation Failure Litigation

Bupo Software €475000 8 SD Process Failure Litigation

Dybo Trading €15.65 million 16 SDI Process Failure Litigation

Stones Manufacturing €31.25 million 200 ERP Expectation Failure ADR

Boxcars Service €5.00 - €20.00 million

10-30 DIS Expectation Failure ADR

Hero Service €4.00 million 5 SDI Escalation Failure Litigation

Cases has been selected where the phenomenon under investigation occurs

Ceteris paribus criteria: Outsourcing Project Management, SMEs, Missions Critical projects

Explanatory power of the cases

Research Methodology


9

Mapping propositions and observations

Positivistic approach (Yin, Lee)

Research Methodology


10

Theoretical Framework

Control

• Homo economicus• Agency theory• Opportunistic behavior

(moral hazard / adverse selection)

• Structured controls• Written contract

(outcome/behavior based)

Trust

• Social interactions• Shared moral values and

norms• Competence – Relational

trust• Trust levels and trust

building mechanisms• Psychological contract


11

Theoretical frameworkAgency Theory

Principal = customer / determines the work

Agent = contractor: ISV (Independent Software Vendor) or ERP Implementor / undertakes the work

Contract =


12

Theoretical framework(Inter)organizational trust

AgentOrganization

Principal Organization

A. Zaheer et al.

P2

P1

A1

Interorganizational Trust

Interpersonal Trust

A1 – Primary Boundary Spanner P1 – Primary Boundary SpannerP2 – Secondary Boundary Spanner


13

(Inter)organizational trust

Theoretical framework

Written Contract

Psychological Contract

Unexpected Changes

Structural Controls Trust

R. Sabherwal


14

Theoretical framework

• Both theories are process theories• Discrete outcomes (may not occur even when

conditions are present)• Logical form with conditions as ‘necessary’ or

‘sufficient’ rather than ‘dependent’ and ‘independent’ variables

• Time is a crucial factor (trajectory of IS project)• Falsifiable propositions


15

Propositions

P1 – An OISF must happen if there are no structured controls implemented

P2 – An OISF must happen if the contract is not outcome-based

P3 – An OISF must happen if (there are no structured controls implemented and the contract is not outcome-based)

P4 – An OISF must happen if (there is no trust between the principal and the agent)


16

Table 2. Overview and summary of the case observations

Case Foam Case Woody Case Mach Case BupoPrincipal Manufacturer (plastic

foam) Trader (lumber) Trader and

manufacturer (veneered boards, ceiling coverings, wall planks)

ISV

Turnover €50 million n.a. €12.75 million €475000Staff 100 White collars

450 Blue collars146 (total) 8 white collars

IT Maturity CMM level 1 CMM level 1 CMM level 1 CMM level 1Application ERP + customizing ERP development ERP + customizing Office application

Cost Original: €644000Final: 1.290000

€372000 €90000 €50000

Litigation Yes Yes Yes YesType of contract Outcome-based Outcome-based Mixed Outcome-based

Structural controls in contract and in project Yes/Yes Yes/Yes Yes/No Yes/No

External consultancy No No Yes NoPrivate information (agent) Yes Yes Yes Yes

Private information (principal) Yes No Yes No

Hidden actions agent Yes Yes Yes YesHidden actions principal Yes No Yes No

Adverse selection No No No YesProspect framing Positive Positive Positive -Vendor lock Yes No No NoLack of commitment (agent) No Yes Yes Yes

Lack of commitment (principal) No No No No

Level of trust Deterrence Deterrence Deterrence Deterrence Trust deterioration Yes Yes Yes YesTrust-building mechanism No No No No

Observations


17

Table 2. Overview and summary of the case observations (cont.)

Case Dybo Case Stones Case Boxcars Case HeroPrincipal Trader and

manufacturer (lumber)

Manufacturer (stones, street furniture)

Dealer in cars Contractor (waste removal)

Turnover €15.65 million €31.25 million n.a. n.a.Staff 16 (total) 80 white collars

120 blue collars- 5

IT Maturity CMM level 0 CMM Level 2 CMM level 1 CMM level 0Application ERP development ERP + customizing DIS + customizing Office and DB

application development

Cost €50000 €750000 60x€75000 €75000Litigation Yes No (dispute) No (disputes) Yes Type of contract Mixed Behaviour-based Mixed Outcome-based

Structural controls in contract and in project No/No Yes/Yes Yes/Yes Yes/No

External consultancy No No Yes NoPrivate information (agent) Yes Yes Yes Yes

Private information (principal) No No No Yes

Hidden actions agent No Yes Yes NoHidden actions principal No No No No

Adverse selection No Yes Yes NoProspect framing - Positive Positive PositiveVendor lock Yes Yes Yes NoLack of commitment (agent) No No No No

Lack of commitment (principal) Yes No Yes Yes

Level of trust Deterrence Knowledge Deterrence Deterrence Trust deterioration Yes No No YesTrust-building mechanism No No No No

Observations


18

Discussion

Structural controls

OISF can be avoided without structural controls (P1)

Outcome based contract

OISF can be avoided without outcome-based contract (P2)

Structural controls AND Outcome based contractOISF can be avoided without structural controls and outcome-based contract (P3)

TrustAn OISF happens if there is no trust (P4)


19

Conclusions

- Trust seems to be more important than structural controls and outcome based contracts in SMEs

- Strong descriptive power of Agency theory- Trust and control are may be not rivalry theories- SMEs are different ?

family-owned and CEO centric

- IT Governance phenomena are complex

What about fairness, intuition and empathy ?


20

Questions ?

Trust or Control ?

Technology

Transcript of Trust or Control ?