The information technology (IT) function is multifaceted and complex. This complexity is increased as components and infrastructure built using new technology advances at a dizzying pace. The rate of adoption of new technology to enable organizations’ 1 business processes to be differentiated from those of the competition, and, ultimately, to deliver products and services to customers, is just as feverishly brisk. IT components are, in addition, pervasive, and have become a mandatory function in most business operations.
As organizations realize the need for the IT function, they are faced with a new problem, i.e. the increasing challenge of maintaining a fully operational IT function within the organization. This is challenging because the IT function is often not a core function and continues to distract organizational activities from a main focus. Outsourcing the IT function then becomes a tantalizing prospect, which allows organizations to maintain a fully operational IT function that will have predicable outcomes and costs and that will allow them to maintain a focus on core business operations. Allowing a third party to maintain the IT function solves the difficulty. Or so it seems.
When the IT function is combined with outsourcing activity, the risks that are introduced form a new set of risks (or risk profile), one that is rarely observed in any other environment. For example, in this situation, elements of agency theory are observed where two entities (the buyer and supplier) are contracted in an environment where there is a complex combination of tasks. This gives rise to organizational and environmental risks that are often neglected in performance measurement or payment schemes. The interaction of the environment and various factors external to either the buyer or the supplier also contributes to this complexity because of the extended duration of the contract. This combination of factors provides for a risk profile that is constructed from multiple risk types. 
