The trend for companies to outsource non-core operations is likely to continue even as the exact form of outsourcing that takes place evolves. More than ever, companies are evaluating service organisations in terms of cost, the control environment and standards of business practices. What is certain is that companies will need to actively manage outsourcing risk to extract maximum value from such arrangements, and to this end, the new standards for service organisation controls reporting will enable companies to do so more confidently.
Benjamin Chiang is partner, and Rajesh Desai is senior manager from the information technology risk & assurance practice at Ernst & Young Advisory.
Sign up for CIO Asia eNewsletters.