Exploring decisive factors affecting an organization’s SaaS adoption: A case study

International Journal of Information Management xxx (2011) xxx–xxx

Contents lists available atScienceDirect

International Journal of Information Management

Case study

Exploring decisive factors affecting an organization’s SaaS adoption: A case study

Wei-Wen Wu

_{, Lawrence W. Lan}

_{, Yu-Ting Lee}

a_{Department of International Trade, Ta Hwa Institute of Technology, No. 1, Ta-Hwa Rd., Chiung-Lin, Hsinchu 30740, Taiwan} b_{Department of Marketing and Logistics Management, Ta Hwa Institute of Technology, Taiwan}

c_{National Chiao Tung University, Taiwan}

a r t i c l e i n f o

Article history: Available online xxx Keywords:

Software as a Service (SaaS) Adoption

Trust

Decision Making Trial and Evaluation Laboratory (DEMATEL)

a b s t r a c t

Software as a Service (SaaS) is regarded as a favorable solution to enhance a modern organization’s IT performance and competitiveness; however, many organizations may still be reluctant to introduce SaaS solutions mainly because of the trust concern—they may perceive more risks than benefits. This paper presumes that an organization will augment the trust of adopting SaaS solutions when perceived risks decrease and/or perceived benefits increase. To gain insights into this issue, a solution framework using a modified Decision Making Trial and Evaluation Laboratory (DEMATEL) approach is proposed. The core logic is to treat perceived benefits and perceived risks as two distinct themes so that a visible cause–effect diagram can be developed to facilitate the decision makers. A case study is conducted on a Taiwanese company—one of the world’s leading manufacturers in the niche and specialized resistor markets. The findings suggest that the case company concern more about strategic-oriented benefits than economic-oriented benefits and more about subjective risks than technical risks. Some implications are addressed accordingly.

© 2011 Elsevier Ltd. All rights reserved.

1. Introduction

Cloud services can be viewed as a cluster of service solutions based on cloud computing, which involves making computing, data storage, and software services available via the Internet. Cloud computing is carried out on behalf of customers on hardware that the customers do not necessarily own or operate, which provides the other types of cloud implementation (e.g., private and hybrid deployment). When a customer sends out the input data to the cloud, the data will be processed by the cloud service providers, and the results will be sent back to the customer. Consequently, cloud computing can provide the services on demand at lower cost with greater scalability.Goscinski and Brock (2010)indicated that com-puting resources hosted within the cloud can perform in many roles such as database services, virtual servers, service workflows or con-figurations of distributed computing systems. More importantly, cloud services based on cloud computing can free an organization from the burden of having to develop and maintain large-scale IT systems; therefore, the organization can focus on its core business processes and implement the supporting applications to deliver the competitive advantages (Feuerlicht, 2010). Today, cloud services have been regarded not only as the favorable solutions to improve an organization’s performance and competitiveness, but also as the

∗ Corresponding author.

E-mail addresses: itmike@thit.edu.tw (W.-W. Wu),lawrencelan@thit.edu.tw (L.W. Lan),ittina@thit.edu.tw(Y.-T. Lee).

new business models for providing novel ways of delivering and applying computing services through IT.

Generally, cloud services can be divided into three categories: Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS). Among them, SaaS is regarded as a potential segment and the utilization of SaaS solutions can lead to many benefits for enterprise users with profound conse-quences in improving IT performance (Catteddu & Hogben, 2009). SaaS delivers applications’ functionality through the media of the Internet as a service (Sultan, 2010). Although many vendors announced that the SaaS adoption can bring out promising ben-efits, yet some organizations are still reluctant to introduce SaaS solutions due mainly to the trust concern (e.g., data security, net-work security). In fact, each service model (SaaS, PaaS, or IaaS) has its own security issues and calls for a different level of secu-rity requirement in the cloud environment (Catteddu & Hogben, 2009; Subashini & Kavitha, 2010). Some surveys related to cloud services have enhanced our understandings of the factors involved in adoption of SaaS solutions. For example, in The Adoption of Software as a Service in Small and Medium-Sized Businesses (IDC #205798, 2007), the report remarked that while SaaS has strong growth potential, small and medium-sized businesses have not been adopting SaaS as quickly as originally anticipated. Concern about data security is the factor most frequently cited as discour-aging the use of SaaS. Marketing efforts are called for, including establishing appropriate sales channels and deciding how best to market SaaS to these firms. This report also revealed that market-ing efforts for the SaaS adoption should highlight the issue of trust 0268-4012/$ – see front matter © 2011 Elsevier Ltd. All rights reserved.

perceived risks.

In SaaS,Subashini and Kavitha (2010)pointed out that some key security elements should be considered, including data secu-rity, network secusecu-rity, data locality, data integsecu-rity, data segregation, data access, authentication and authorization, data confidentiality, web application security, data breaches, virtualization vulnera-bility (e.g., weaknesses or flaws of virtualization technologies, which allow attackers to reduce a system’s information assurance), availability, backup, as well as identity management and sign-on process. Although some studies have addressed possible benefits and risks in terms of SaaS adoption, very few have discussed the significance of separating possible benefits/risks into cause/effect groups. If the factors (e.g., possible benefits and risks) could have been clustered into cause and effect groups, it would provide more insights for the organizations to make better decisions. Moreover, it would also facilitate the SaaS vendors to take more effective measures to promote the SaaS adoption. With this motivation, this study aims to develop a solution framework which can distinct the perceived benefits from the perceived risks so as to help the organi-zations to make better decisions on the adoption of SaaS solutions. In fact, the adoption of new technologies or service solutions is an eternally hot topic because new technologies or service solu-tions are regarded as the enablers for improving an organization’s competitiveness. Many studies have investigated important factors affecting the adoption of new technologies or service solutions. For example,Tarafdar and Vaidya (2006)indicated that the adoption of e-commerce technologies could be affected by such factors as the role of top management, aspects of organization culture, char-acteristics of information system professionals, and organization structure.Elahi and Hassanzadeh (2009)pointed out that technical, organizational and inter-organizational are three essential dimen-sions for evaluating e-commerce adoption. However, few studies have discussed in-depth the determinants of SaaS adoption for an organization, with a compact and comprehensive framework.

Technology Acceptance Model (TAM), originally proposed by Davis (1986), has become one of the most extensively used models while dealing with the adoption of a new technology or service solution, partly because of its understandability and simplicity (King & He, 2006). Subsequently, the original TAM has been modi-fied into different advanced forms, for instance, the first modimodi-fied version (Davis, Bagozzi, & Warshaw, 1989), the final modified version (Venkatesh & Davis, 1996), TAM2 (Venkatesh & Davis, 2000), the Unified Theory of Acceptance and Use of Technol-ogy (UTAUT) model (Venkatesh, Morris, Davis, & Davis, 2003), TAM3 (Venkatesh & Bala, 2008), TAM-Diffusion Theory Model (Lopez-Nicolas, Molina-Castillo, & Bouwman, 2008), among oth-ers. However, these TAM-related models are lacking of considering the issue of trust which has been emphasized by several reports on cloud services. It is believed that trust has the power to affect one’s belief in amplifying the acceptance of perceived benefits and lessening the fear of perceived risks. As such, this study is further motivated to build a solution framework, with consideration of trust issue, to explore the decisive factors affecting an organiza-tion’s SaaS adoption.

Another promising approach is the Decision Making Trial and Evaluation Laboratory (DEMATEL), which can divide a set of factors into cause and effect groups with a causal diagram (Gabus & Fontela, 1972; Gabus & Fontela, 1973). With a cause–effect diagram, one can then view those in the cause group as the decisive factors affecting the SaaS adoption. This can enable the SaaS vendors to deeply grasp customer needs and thereby to make effective effort to promote marketing activities, as well as to allow potential users to conduct a thoughtful analysis for adopting new technologies.

Based on the above motivations, this paper aims to propose a solution framework with a modified DEMATEL approach which

tion. The core logic of the proposed solution framework is to treat perceived benefits and perceived risks as two distinct themes so that a visible cause–effect diagram can be developed to help make better decisions. To demonstrate the applicability of the proposed approach, a case study is conducted. The rest of this paper is orga-nized as follows. In Section2, the proposed solution framework is elaborated. In Section3, a case company is studied. Based on the findings, some managerial implications are discussed in Section4. Finally, conclusions, limitations and suggestions for future studies are addressed.

2. Methodologies

2.1. Dematel

The DEMATEL approach, a mathematical procedure originated from the Geneva Research Centre of the Battelle Memorial Insti-tute, was designed to deal with important issues of world societies (Gabus & Fontela, 1972 1973). Because of the advantages of visualiz-ing the structure of complicated causal relationships, the DEMATEL approach has been widely applied in various fields, including ser-vice quality (Tseng, 2009; Shieh, Wu, & Huang, 2010), portfolio selection (Ho, Tsai, Tzeng, & Fang, 2011), management system selection (Tsai & Chou, 2009), technology selection (Shen, Lin, & Tzeng, 2011), critical success factors (Shieh et al., 2010; Zhou, Huang, & Zhang, 2011), supplier selection criteria (Chang, Chang, & Wu, 2011), e-learning programs (Tzeng, Chiang, & Li, 2007), higher education (Chen & Chen, 2010), employment service outreach pro-gram (Wu, Li, & Kuo, 2010), importance–performance analysis (Hu, Lee, Yen, & Tsai, 2009), group decision-making (Lin & Wu, 2008), among others. The DEMATEL possesses some excellent features. For instance, it is based on matrices or digraphs which portray a contextual relation between the elements of the system, in which a numeral represents the strength of influence. It converts the cause–effect relationship of factors into an intelligible structural model. More importantly, it can separate involved factors into a cause group and an effect group. A modified DEMATEL approach is proposed below.

2.2. The proposed solution framework

Trust is widely considered as a key factor of success in any types of e-commerce (Wu, Chen, & Shieh, 2010), it is also true for the SaaS adoption. Referring toDeutsch (1962), trust is the willingness of an individual to behave in risky and uncertain situations when expected benefits surpass perceived risks. When users have low knowledge or less self-confidence of the situation of vulnerabil-ity and risk, trust is especially important to reduce users’ perceived risks. According toSlovic (1992), risk is subjectively defined by indi-viduals who may be influenced by a wide array of psychological, social, institutional and cultural factors. This reveals that dealing with the issues of SaaS adoption requires considering not only the technical security risks but also the subjective security risks.Evans and Krueger (2010)exhibited a model related to expected value of trust. Based on their concept, we presume that trust augments when perceived risks decrease and/or perceived benefits increase. That is, perceived risks will act as barriers to the SaaS adoption, whereas perceived benefits will serve as driving forces.

Based on the aforementioned presumption, the proposed solu-tion framework is depicted inFig. 1. Notice that perceived benefits (PB) and perceived risks (PR) here are treated as two distinct themes, which require being handled by the DEMATEL approach separately to obtain the respective cause–effect factors. Further-more, the results of cause–effect analysis can be combined into a

W.-W. Wu et al. / International Journal of Information Management xxx (2011) xxx–xxx 3

Trust of SaaS adoption

PB-PR matrix

Perceived benefits (PB) Perceived risks (PR)

Cause-effect factors of PB Cause-effect factors of PR DEMATEL approach

Fig. 1. The proposed solution framework.

PB–PR matrix, which serves as a causal map to offer visible insights. In sum, the proposed solution framework embraces three main steps: (1) selecting a set of PB and PR for the SaaS adoption; (2) using the DEMATEL to conduct the cause–effect analysis through creating the initial direct-relation matrix, normalizing the initial direct-relation matrix, and completing the total-relation matrix; and (3) building the PB–PR matrix. The DEMATEL and the PB–PR matrix are further explained as follows.

The conventional DEMATEL contains four main steps: gener-ating the initial relation matrix, normalizing the direct-relation matrix, attaining the total-direct-relation matrix, and producing a causal diagram (Wu, 2008). Unlike many conventional DEMATEL related studies (Fontela & Gabus, 1976; Wu, 2008; Wu & Lee, 2007) which merely dealt with one theme, this paper develops a modi-fied DEMATEL approach to dealing with two themes (i.e., PB and PR), coupled with an integrated causal map (i.e., PB–PR matrix).

Let vector D and vector R respectively denote the sum of rows and the sum of columns from the total-relation matrix. The horizon-tal axis (D + R), named “Prominence,” reveals how much importance the factor has; the vertical axis (D− R), named “Relation,” divides factors into a cause group and an effect group. The factor belongs to “cause group” if (D− R) is positive, whereas it belongs to “effect group” if (D_{− R) is negative (}Wu, 2008; Wu & Lee, 2007). How-ever, there is a primary difference between our modified DEMATEL and the conventional DEMATEL. Our modified DEMATEL intends to combine two causal maps into the PB–PR matrix. The value of (D + R) of each factor of the PR requires transforming “positive” into “negative” such that the cause–effect factors of PR are located in Quadrant II and Quadrant III, and that the cause–effect factors of PB are positioned in Quadrant I and Quadrant IV (Fig. 2). To boost the trust of SaaS adoption, one should always focus on two cate-gories of factors—the “cause factors” of PR in Quadrant II and PB in Quadrant I. This is the basis of our modified DEMATEL approach.

Mathematically, the solving steps of the proposed modified DEMATEL can be further narrated as follows:

Step 1. Generating the direct relation matrix

The initial direct-relation matrix Z is a n× n matrix obtained by pair-wise comparisons in terms of influences and directions between criteria, in which zij is denoted as the degree to which the criterion i affects the criterion j, i.e.,Z = [zij]n×n.

Step 2. Normalizing the direct relation matrix

The normalized direct-relation matrix X, i.e., X = [xij]n×n and 0≤ xij≤ 1 can be obtained through the formulas(1) and (2), in which

D+R D-R

Quadrant III Quadrant IV

Quadrant II Quadrant I Cause factors of perceived benefits Effect factors of perceived benefits Cause factors of perceived risks Effcet factors of perceived risks

Fig. 2. The PB–PR matrix.

all principal diagonal elements are equal to zero:

X = s · Z (1) where s = 1 max 1≤i≤n



Step 3. Attaining the total relation matrix

Once the normalized direct-relation matrix X is obtained, the total-relation matrix T can be acquired by using the formula(3), in which I denotes the identity matrix:

T = X(I − X)−1 (3)

Step 4. Producing a causal diagram

The sum of rows and the sum of columns are separately denoted as D and R through the formulas(4)–(6):

T = [tij]n×n, i, j = 1, 2, ..., n (4) D =

⎡

⎣



⎤

⎦

⎡

⎣



⎤

⎦

In these equations, vector D and vector R denote the sum of rows and the sum of columns from total-relation matrix T, respectively.

Step 5. Building a cause–effect diagram

A causal diagram can be acquired by mapping the dataset of (D + R, D− R), where the horizontal axis (D + R) is made by adding D to R, and the vertical axis (D− R) is made by subtracting D from R.

3. Case study

3.1. The case company

The SaaS solution is considered as an effective way to enhance an organization’s IT competitiveness because it comprises several benefits, including speedy deployment, lower initial costs, no need for software maintenance, IT staff savings, among others. In Taiwan,

most of the small and medium enterprises (SMEs) are not famil-iar with the SaaS solutions. It reflects that the vendors’ marketing efforts might be insufficient. But, more importantly, it requires improving the trust which involves both users’ perceived benefits and perceived risks for the SaaS adoption.

Many Taiwanese SMEs are in effect facing severe decreasing profit margins due to the vying competition from Japan, Korea and China. Nonetheless, the case company F is an outstanding SME in its advanced technologies with high operating margin of around 40%. The case company was established in 1969 and now has dis-tributors in USA, Belarus, Israel, Japan, Singapore, France, Germany, Poland, and so on. It is one of the world’s leading manufacturers in the niche and specialized resistor markets (especially focusing on Germany and Japan markets). F Company is wishing to serve as an advanced resistor technology platform with emphases on high flex-ibility and automation, high quality, customization, professional R&D service team, one-stop shopping, just-in-time delivery system, and application consulting.

Recently, F Company considered the use of SaaS as a favorable way to perform sourcing strategies, and tried to introduce SaaS solutions from Salesforce.com for customer relationship manage-ment as well as from Workday.com for human capital managemanage-ment. This company has certain understandings about the merits of the SaaS adoption that can enhance the IT competitive advantages, yet it is still seeking for a systemic way to assess the potential benefits and risks. Due to lack of time and knowledge to conduct research on the SaaS adoption, F Company has sought one of the authors to develop the proposed solution framework for use. The following shows how F Company successfully utilized the proposed solution framework to explore the decisive factors affecting its intensions on the SaaS adoption.

First, F Company followed our proposed solution framework by forming a task force group of five key persons, including the General Manager and four managers from marketing, production, financial, and information technology departments. After several group meetings, they decided to refer to IDC report (2009) “New IDC IT Cloud Services Survey: Top Benefits and Challenges” by select-ing eight perceived benefits: PB1(pay only for what you use), PB2 (easy and fast to deploy to end-users), PB3(monthly payments), PB4(encourages standard systems), PB5(requires less in-house IT staff, costs), PB6(always offers latest functionally), PB7(sharing sys-tems with partners simpler), and PB8(seems like the way of future). Moreover, they chose seven perceived risks from a recent work by Subashini and Kavitha (2010), which included PR1(data locality and security), PR2 (network and web application security), PR3 (data integrity and segregation), PR4(authentication and authorization), PR5(virtualization vulnerability), PR6(data access and backup), and PR7(identity management and sign-on process).

Then, the modified DEMATEL approach was utilized to con-duct the cause–effect analysis. Several tasks were completed here, including assessing the relationship between criteria using such linguistic scale as 0 (no influence), 1 (very low influence), 2 (low influence), 3 (high influence), and 4 (very high influence); acquiring and aggregating the assessments of decision makers; conducting the initial direct-relation matrix, the normalized direct-relation matrix using formulas(1) and (2), the total-relation matrix using formula(3); and building the cause–effect diagram using formulas (4)–(6).

3.2. The results

To demonstrate the step-by-step details in implementing the proposed modified DEMATEL approach, the following tables are detailed.Tables 1 and 2reveal the initial direct-relation matrix for perceived benefits and the initial direct-relation matrix for

The initial direct-relation matrix for perceived benefits.

PB1 PB2 PB3 PB4 PB5 PB6 PB7 PB8 PB1 0 1 4 0 4 3 2 2 PB2 3 0 3 3 4 2 2 2 PB3 4 2 0 0 4 1 0 1 PB4 1 1 0 0 1 1 2 1 PB5 4 3 4 1 0 0 0 1 PB6 1 1 0 0 0 0 2 2 PB7 0 1 1 2 0 0 0 1 PB8 2 1 1 2 4 1 1 0

perceived risks, respectively. Tables 3 and 4, display the nor-malized direct-relation matrix for perceived benefits and the normalized direct-relation matrix for perceived risks, respectively. Tables 5 and 6, present the details of the total-relation matrix for perceived benefits and the total-relation matrix for perceived risks, respectively. It should be noted that arithmetic mean method is often used to aggregate the decision makers’ assessments. The arithmetic average, however, is not necessarily representing the consensus of group decisions. Therefore, the majority rule was employed instead to carry out the group decision-making in the case study.

According toTables 5 and 6, we can build the PB–PR matrix displayed inFig. 3. One could obviously see that PB2(easy and fast to deploy to end-users) was the most influential factor among the eight perceived benefits, followed by PB8(seems like the way of future). On the other hand, PR1(data locality and security) was the foremost concern among the seven perceived risks, followed by PR4 (authentication and authorization).

4. Discussion and implications

Referring toMehrtens, Cragg, and Mills (2001), the SaaS adop-tion could be influenced by a set of factors such as an organizaadop-tion’s characteristics and competitive strategies, influences of internal and external parties on the adoption decision process, perceived benefits of the new technology, and organizational readiness. In addition, an organization needs to consider other factors when identifying its suitability for the adoption of cloud computing. These include the size of the IT resources, the utilization pattern of the resources, sensitivity of the data they are handling, and crit-icality of work done by the organization (Misra & Mondal, 2010). Referring toCatteddu and Hogben (2009), among possible reasons for using cloud services, the foremost reason is avoiding capital expenditure in hardware, software, and IT support, followed by the flexibility and scalability of IT resources. The main concerns with regard to using the cloud services include privacy, availability of services and/or data, integrity of services and/or data, and confiden-tiality of corporate data. The SaaS, a leading type of cloud services, can be viewed as a hopeful business model on the value proposi-tion of offering such benefits as better flexibility and scalability of IT resources with lower costs. The value proposition is an essential part of a business model, which usually places emphasis on pro-moting the possible benefits to users. However, it requires the trust

Table 2

The initial direct-relation matrix for perceived risks.

PR1 PR2 PR3 PR4 PR5 PR6 PR7 PR1 0 3 3 3 4 2 3 PR2 3 0 3 4 4 2 3 PR3 3 1 0 1 1 3 1 PR4 1 3 0 0 1 4 4 PR5 2 4 0 1 0 4 1 PR6 2 2 2 3 4 0 2 PR7 2 3 0 3 1 1 0

W.-W. Wu et al. / International Journal of Information Management xxx (2011) xxx–xxx 5

Table 3

The normalized direct-relation matrix for perceived benefits.

PB1 PB2 PB3 PB4 PB5 PB6 PB7 PB8 PB1 0.000 0.053 0.211 0.000 0.211 0.158 0.105 0.105 PB2 0.158 0.000 0.158 0.158 0.211 0.105 0.105 0.105 PB3 0.211 0.105 0.000 0.000 0.211 0.053 0.000 0.053 PB4 0.053 0.053 0.000 0.000 0.053 0.053 0.105 0.053 PB5 0.211 0.158 0.211 0.053 0.000 0.000 0.000 0.053 PB6 0.053 0.053 0.000 0.000 0.000 0.000 0.105 0.105 PB7 0.000 0.053 0.053 0.105 0.000 0.000 0.000 0.053 PB8 0.105 0.053 0.053 0.105 0.211 0.053 0.053 0.000 Table 4

The normalized direct-relation matrix for perceived risks.

PR1 PR2 PR3 PR4 PR5 PR6 PR7 PR1 0.006 0.158 0.158 0.158 0.211 0.105 0.158 PR2 0.006 0.000 0.158 0.211 0.211 0.105 0.158 PR3 0.008 0.053 0.000 0.053 0.053 0.158 0.053 PR4 0.011 0.158 0.000 0.000 0.053 0.211 0.211 PR5 0.011 0.211 0.000 0.053 0.000 0.211 0.053 PR6 0.000 0.105 0.105 0.158 0.211 0.000 0.105 PR7 0.003 0.158 0.000 0.158 0.053 0.053 0.000 Table 5

The total-relation matrix for perceived benefits.

PB1 PB2 PB3 PB4 PB5 PB6 PB7 PB8 D R D + R D− R PB1 0.269 0.228 0.425 0.109 0.463 0.266 0.210 0.249 2.218 2.241 4.459 −0.022 PB2 0.439 0.201 0.415 0.270 0.505 0.246 0.241 0.274 2.593 1.502 4.094 1.091 PB3 0.431 0.255 0.242 0.096 0.451 0.175 0.111 0.191 1.950 2.047 3.998 −0.097 PB4 0.144 0.117 0.096 0.055 0.155 0.102 0.155 0.115 0.940 1.059 1.999 −0.119 PB5 0.451 0.307 0.434 0.151 0.301 0.145 0.121 0.201 2.112 2.464 4.575 −0.352 PB6 0.130 0.105 0.081 0.054 0.102 0.047 0.149 0.155 0.824 1.170 1.994 −0.346 PB7 0.077 0.099 0.110 0.140 0.088 0.041 0.043 0.095 0.692 1.176 1.868 −0.484 PB8 0.300 0.188 0.244 0.184 0.399 0.149 0.145 0.118 1.727 1.398 3.126 0.329

in ways that increases the perceived benefits and/or decreases the perceived risks for users. Being indecisive to introduce SaaS solu-tions may be regarded as a trust problem involving users’ perceived benefits and risks.

Referring toFig. 3, we can obtain some interesting findings about how F Company will consider introducing the SaaS services. In the aspect of perceived benefits, F Company seemed to be strategic-oriented rather than economic-strategic-oriented because the foremost two benefits were PB2(easy and fast to deploy to end-users) and PB8 (seems like the way of future). This finding has revealed F Com-pany’s most desires for adopting SaaS solutions. Therefore, the SaaS vendors should emphasize the strategic-oriented benefits to cope with F Company’s needs. In the aspect of perceived risks, on the other hand, F Company’s concerned mostly about PR1(data local-ity and securlocal-ity) and PR4(authentication and authorization). In fact, both PR1 and PB8 are subjective, rather than technical, because most organizations normally dislike completely lacking for own-ership and control of the cloud computing implementation. This finding has suggested that the SaaS vendors should place more emphases on the subjective aspects in lessening F Company’s secu-rity worries. The finding has provided the SaaS vendors with useful

information to know the F Company’s intent. That would certainly facilitate the SaaS vendors to develop a better starting point for a customized assessment. In sum, the findings are beneficial to both SaaS vendors and case company in that the vendors can offer bet-ter individual customization with the flexibility of adjusting selling points, whereas the case company can request more suitable cus-tomization needs for use.

The SaaS solution is a sort of advanced online service as well as a new-fangled type of e-commerce. For the purpose of pro-moting conventional e-commerce, some studies have noticed the importance of perceived risk or trust. For example,Crespo and del Bosque (2010) identified three influential factors including atti-tudes toward e-commerce, subjective norm, and perceived risk. Moreover,Cho (2010)accentuated that customer needs can be sig-nificantly affected by such factors as unease of delivery, complexity of services, trust and reliability. However, no studies have system-ically discussed the SaaS adoption with the viewpoint of perceived benefits, risks and trust. From the view of trust, this paper high-lighted the different importance between perceived benefits and perceived risks, which are in effect two diverse concepts (like sat-isfaction and dissatsat-isfaction). The proposed solution framework can

Table 6

The total-relation matrix for perceived risks.

PR1 PR2 PR3 PR4 PR5 PR6 PR7 D R D + R D− R PR1 0.021 0.442 0.273 0.419 0.450 0.401 0.399 2.405 0.116 −2.521 2.288 PR2 0.019 0.261 0.240 0.417 0.400 0.364 0.362 2.062 2.205 −4.267 −0.142 PR3 0.014 0.173 0.058 0.170 0.168 0.266 0.158 1.008 1.020 −2.028 −0.013 PR4 0.020 0.351 0.099 0.215 0.247 0.382 0.373 1.687 0.000 −1.687 1.687 PR5 0.019 0.371 0.101 0.242 0.190 0.370 0.219 1.511 2.009 −3.520 −0.498 PR6 0.012 0.315 0.181 0.335 0.369 0.226 0.280 1.717 2.212 −3.929 −0.494 PR7 0.011 0.292 0.069 0.289 0.185 0.203 0.143 1.192 1.935 −3.127 −0.742

PB1 PB2 PB3 PB4 PB5 PB6 PB7 PB8 PR1 PR2 PR3 PR4 PR5 PR6 PR7 -1.00 -0.50 0.00 0.50 1.00 1.50 2.00 2.50 -5.00 -4.00 -3.00 -2.00 -1.00 0.00 1.00 2.00 3.00 4.00 5.00 6.00 D-R D+R

Fig. 3. The resulted PB–PR matrix.

serve as a useful tool for SaaS vendors to grasp the customer knowl-edge. More importantly, the solution framework can also facilitate a company to explore the imperative factors so as to further make decisions on the SaaS adoption.

Needless to say, discovering the key perceived benefits as well as perceived risks involved in the SaaS adoption can not only help enterprise users gain insights into the SaaS adoption process, but also help SaaS vendors obtain inspirations in developing more effective marketing actions. Furthermore, to deal with the issue why organizations are still reluctant to introduce SaaS solutions, we may broadly divide the problem into B type (perceived benefits sur-pass perceived risks) and R type (perceived risks sursur-pass perceived benefits). For B type, the SaaS vendors require making sure of the selling point regarding what perceived benefits an individual user would prefer to, whereas the user necessitates selecting a superior vendor for successful adoption. For R type, the SaaS vendors need to reduce security risks of SaaS adoption through demonstrating the best practices of celebrity firms as well as expert recommen-dations, whereas the user requires making sure of what perceived risks really matter.

Although some reports noted that many organizations nowa-days are still reluctant to introduce SaaS solutions mainly because of the trust issue—they may perceive more risks than benefits, yet few studies have so far addressed this issue in a systematic and profound way. To add contribution to this, the present paper has devised a novel framework to explore the critical factors affect-ing the advancement of SaaS adoption, usaffect-ing the concept of the trust model coined byEvans and Krueger (2010), in conjunction with a modified DEMATEL technique. More specifically, the main contributions of this work include the following. First, unlike some previous studies on e-business that have dealt with the trust issue by treating PB and PR individually or in separate models, this paper combined such distinct themes (PB and PR) into a model for cloud service issues. As such, this paper can provide more informative

message to both SaaS vendors and enterprise users to help iden-tify the root causes leading to SaaS adoption. Second, this paper developed a discernible PB–PR matrix that simultaneously exhibits two sets of cause–effect factors in the DEMATEL, vis-à-vis the con-ventional DEMATEL handling the cause–effect relations for one theme only. The PB–PR matrix is handy-dandy for the SaaS ven-dors to develop effective marketing strategies. It is also manifest for the potential users to remove their barriers should they wish to introduce SaaS solutions. Third, to the best of authors’ knowledge, this paper is a pioneering work integrating the trust model of two distinct themes with DEMATEL approach for the issue of SaaS adop-tion. In theory, it adds to the literature with novel methodological framework; in practice, it also helps the dilemma of adopting the SaaS for a real company.

The values of using our proposed new framework may include the following. It splits complex factors into two themes – PB & PR – and further produces an integrated causal map for the distinct themes, which can manifestly provide the decision makers with perceivable and comprehensive information (key factors) such that they can easily focus on the root causes to develop effectual actions. If PB and PR are mixed in one theme, it may result in an endless dispute about which one is more important: PB or PR? Besides, the integrated causal map based on the PB–PR matrix is ratio-nal and helpful to serve as a constructive communication tool for receiving cooperation or support from the stakeholders, which can certainly enhance a company’s competitive advantage. Without the proposed framework, one can hardly achieve an integrated causal map to advance the quality of decision-making and, thereby, to facilitate the process of transforming strategic objectives into effec-tive actions. Last but not least, the proposed framework should be applicable for dealing with the adoption issues of other new tech-nologies or service solutions, which deserve further exploration. It is recommended that both vendors and users utilize our proposed framework to look into PB and PR together so as to identify the most

W.-W. Wu et al. / International Journal of Information Management xxx (2011) xxx–xxx 7 critical concerns about the SaaS adoption. The ultimate goal is to

expedite the adoption of SaaS solutions at the individual, business, and government levels to enhance the worldwide competitiveness of a nation.

5. Concluding remarks

5.1. Conclusions

We presumed that SaaS adoption is a trust issue involving per-ceived benefits and perper-ceived risks, as also argued byEvans and Krueger (2010). The present paper has proposed a solution frame-work that employs a modified DEMATEL approach to cluster a number of criteria (perceived benefits and perceived risks) into a cause group and an effect group, respectively. The proposed framework can handle two themes (PB and PR) and build a PB–PR matrix to display four segments regarding the cause–effect factors of perceived benefits and perceived risks. This added an important contribution to literature.

To demonstrate the application of the proposed solution frame-work, a case study was successfully presented. The findings have explicitly revealed the root causes such that the enterprise users can remove the critical barriers that hindered the SaaS adoption. The findings have also provided the SaaS vendors with a clue to develop more effective marketing strategies to promote the growth of SaaS business.

In sum, the present paper has contributed to the extension of practical applications of DEMATEL in the field of cloud services, and has proposed a valuable solution framework for dealing with the SaaS adoption with consideration of trust issue. Specifically, the proposed framework is advanced and practical because it can deal with two themes – perceived benefits and perceived risks – together with producing a visible cause–effect map, which is help-ful to perform better decision-makings (for the enterprise users) and to initiate more effective marketing strategies (for the SaaS vendors). The case study has also successfully demonstrated the applicability of the proposed framework. It provides a paradigm for other organizations to systemically look into the complex factors while planning to introduce the SaaS solutions.

5.2. Limitations and directions for future studies

The study has some limitations. First, the study only conducted a case study for F Company in Taiwan; the findings should not be generalized to other enterprise users. Second, the case com-pany formed a task force which determined to make use of fifteen criteria—eight perceived benefits and seven perceived risks, and utilized the majority rule to reach a group conclusive value for each criterion. It is believed that different enterprises may have different concerns (criteria) about the SaaS adoption and they may also have different decision-making processes. In this sense, it is worthwhile to perform more cases study in order to unearth new criteria as well as to attempt other promising decision-making processes. Third, the proposed modified DEMATEL approach was the first attempt in literature to undertake two dimensions (PB and PR) of casual anal-yses. It would be more practical if one could extend the analysis by introducing more criteria in other dimensions, such as finan-cial aspect and customer satisfaction, to the SaaS adoption in the future study. Moreover, the trust addressed in this paper may be rather limited. Other types and definitions of trust deserve further exploration in the future research as well.

It is interesting to further examine the difference between adopted and non-adopted companies for the SaaS solutions. In the future, one can conduct such a comparison study to explore more insights regarding the SaaS adoption. Finally, the proposed

DEMATEL approach offers the means to explore micro-level knowl-edge about SaaS adoption. Other creditable models such as TAM, UTAUT, and TAM-Diffusion Theory Model may also provide the means to examine the macro-level knowledge on SaaS adoption. It deserves further explorations as well. It may be favorable to link a micro-level approach (e.g., the proposed modified DEMATEL) with a macro-level one (e.g., TAM-Diffusion Theory Model) in order to gain more in-depth insights into the similar issues in the future research.

References

Catteddu, D., & Hogben, G. (2009). Cloud computing: Benefits, risks and recom-mendations for information security. European Network and Information Security Agency (ENISA), 1–125.

Chang, B., Chang, C. W., & Wu, C. H. (2011). Fuzzy DEMATEL method for developing supplier selection criteria. Expert Systems with Applications, 38(3), 1850–1858. Chen, J. K., & Chen, I. S. (2010). Using a novel conjunctive MCDM approach based on

DEMATEL, fuzzy ANP, and TOPSIS as an innovation support system for Taiwanese higher education. Expert Systems with Applications, 37(3), 1981–1990. Cho, S. E. (2010). Perceived risks and customer needs of geographical

accessibil-ity in electronic commerce. Electronic Commerce Research and Applications, 9(6), 495–506.

Crespo, A. H., & del Bosque, I. R. (2010). The influence of the commercial features of the Internet on the adoption of e-commerce by consumers. Electronic Commerce Research and Applications, 9(6), 562–575.

Davis, F. D. (1986). A technology acceptance model for empirically testing new end-user information systems: Theory and results. Doctoral dissertation. Cambridge, MA: Sloan School of Management, Massachusetts Institute of Technology. Davis, F. D., Bagozzi, R. P., & Warshaw, P. R. (1989). User acceptance of computer

technology: A comparison of two theoretical models. Management Science, 35(8), 982–1003.

Deutsch, M. (1962). Cooperation and trust: Some theoretical notes. In M. R. Jones (Ed.), Nebrasca symposium on motivation (pp. 275–318). Nebrasca: University Press.

Elahi, S., & Hassanzadeh, A. (2009). A framework for evaluating electronic commerce adoption in Iranian companies. International Journal of Information Management, 29(1), 27–36.

Evans, A. M., & Krueger, J. I. (2010). Elements of trust: Risk and perspective-taking. Journal of Experimental Social Psychology, doi:10.1016/j.jesp.2010.08.007 Feuerlicht, G. (2010). Next generation SOA: Can SOA survive cloud computing? In V.

Snasel, V. Snasel, et al. (Eds.), Advances in intelligent web mastering - 2, AISC 67 (pp. 19–29).

Fontela, E., & Gabus, A. (1976). The DEMATEL observer, DEMATEL 1976 report. Geneva, Switzerland: BATTELLE Institute, Geneva Research Center.

Gabus, A., & Fontela, E. (1973). Perceptions of the World Problematique: Communi-cation Procedure. In Communicating with those bearing collective responsibility (DEMATEL Report No. 1). Geneva, Switzerland: BATTELLE Institute, Geneva Research Centre.

Gabus, A., & Fontela, E. (1972). World problems, an invitation to further thought within the framework of DEMATEL. Geneva, Switzerland: BATTELLE Institute, Geneva Research Centre.

Goscinski, A., & Brock, M. (2010). Toward dynamic and attribute based publica-tion, discovery and selection for cloud computing. Future Generation Computer Systems, doi:10.1016/j.future.2010.03.009

Ho, W. R. J., Tsai, C. L., Tzeng, G. H., & Fang, S. K. (2011). Combined DEMATEL technique with a novel MCDM model for exploring portfolio selection based on CAPM. Expert Systems with Applications, 38(1), 16–25.

Hu, H. Y., Lee, Y. C., Yen, T. M., & Tsai, C. H. (2009). Using BPNN and DEMATEL to modify importance–performance analysis model—A study of the computer industry. Expert Systems with Applications, 36(6), 9969–9979.

King, W. R., & He, J. (2006). A meta-analysis of the technology acceptance model. Information & Management, 43(6), 740–755.

Lin, Ch. J., & Wu, W. W. (2008). A causal analytical method for group decision-making under fuzzy environment. Expert Systems with Applications, 34(1), 205–213. Lopez-Nicolas, C., Molina-Castillo, F. J., & Bouwman, H. (2008). An assessment of

advanced mobile services acceptance: Contributions from TAM and diffusion theory models. Information & Management, 45(6), 359–364.

Mehrtens, J., Cragg, P. B., & Mills, A. M. (2001). A model of Internet adoption by SMEs. Information & Management, 39(3), 165–176.

Misra, S. C., & Mondal, A. (2010). Identification of a company’s suitability for the adoption of cloud computing and modelling its corresponding return on invest-ment. Mathematical and Computer Modelling, doi:10.1016/j.mcm.2010.03.037 Shen, Y. C., Lin, G. T. R., & Tzeng, G. H. (2011). Combined DEMATEL techniques with

novel MCDM for the organic light emitting diode technology selection. Expert Systems with Applications, 38(3), 1468–1481.

Shieh, J. I., Wu, H. H., & Huang, K. K. (2010). A DEMATEL method in identifying key success factors of hospital service quality. Knowledge-Based Systems, 23(3), 277–282.

Slovic, P. (1992). Perception of risk: Reflections on the psychometric paradigm. In S. Krimsky, & D. Golding (Eds.), Social theories of risk (pp. 117–152). New York: Praeger.

ery models of cloud computing. Journal of Network and Computer Applications, doi:10.1016/j.jnca.2010.07.006

Sultan, N. (2010). Cloud computing for education: A new dawn? International Journal of Information Management, 30(2), 109–116.

Tarafdar, M., & Vaidya, S. D. (2006). Challenges in the adoption of E-Commerce technologies in India: The role of organizational factors. International Journal of Information Management, 26(6), 428–441.

Tsai, W. H., & Chou, W. C. (2009). Selecting management systems for sustainable development in SMEs: A novel hybrid model based on DEMATEL, ANP, and ZOGP. Expert Systems with Applications, 36(2), 1444–1458.

Tseng, M. L. (2009). A causal and effect decision making model of service quality expectation using grey-fuzzy DEMATEL approach. Expert Systems with Applica-tions, 36(4), 7738–7748.

Tzeng, G. H., Chiang, C. H., & Li, C. W. (2007). Evaluating intertwined effects in e-learning programs: A novel hybrid MCDM model based on factor analysis and DEMATEL. Expert Systems with Applications, 32(4), 1028–1044.

Venkatesh, V., & Bala, H. (2008). Technology acceptance model 3 and a research agenda on interventions. Decision Sciences, 39(2), 273–315.

Venkatesh, V., & Davis, F. D. (2000). A theoretical extension of the technology acceptance model: Four longitudinal field studies. Management Science, 46(2), 186–204.

Venkatesh, V., & Davis, F. D. (1996). A model of the antecedents of perceived ease of use: Development and test. Decision Sciences, 27(3), 451–481.

Venkatesh, V., Morris, M. G., Davis, G. B., & Davis, F. D. (2003). User acceptance of information technology: Toward a unified view. MIS Quarterly, 27(3), 425–478. Wu, H. H., Chen, H. K., & Shieh, J. I. (2010). Evaluating performance criteria of Employ-ment Service Outreach Program personnel by DEMATEL method. Expert Systems with Applications, 37(7), 5219–5223.

Wu, F., Li, H. H., & Kuo, Y. H. (2010). Reputation evaluation for choosing a trustworthy counterparty in C2C e-commerce. Electronic Commerce Research and Applications, doi:10.1016/j.elerap.2010.09.004

Wu, W. W., & Lee, Y. T. (2007). Developing global managers’ competencies using the fuzzy DEMATEL method. Expert Systems with Applications, 32(2), 499–507.

ANP and DEMATEL approach. Expert Systems with Applications, 35(3), 828–835. Zhou, Q., Huang, W., & Zhang, Y. (2011). Identifying critical success factors in emergency management using a fuzzy DEMATEL method. Safety Science, 49(2), 243–252.

Wei-Wen Wu is currently an associate professor at Ta-Hwa Institute of Technology

in Taiwan. He is also one of the founders of Taiwanese Company in Digital Enter-tainment and Multimedia Solutions. He has been acting as a consultant to many companies in business strategy planning, and is currently devoted to developing and promoting evaluation techniques for business analysis. He held a Master’s degree in business analysis from Chuo University in Japan and worked for a marketing depart-ment in a leading Japanese company dealing with lighting products and industrial systems.

Lawrence W. Lan is currently a chair professor of Ta-Hwa Institute of Technology

and Emeritus Professor of National Chiao Tung University, Taiwan. He received his Ph.D. degree in transportation systems management from University of California at Berkeley. He has been serving as Editor-in-Chief, Guest Editor or Associate Edi-tor for many international journals. His recent research works were published in Journal of Cleaner Production, Environmental Monitoring and Assessment, Inter-national Journal of Applied Evolutionary Computation, WSEAS Transactions on Business and Economics, Computers & Industrial Engineering, International Journal of Environment and Sustainable Development, Journal of the Eastern Asia Society for Transportation Studies, Geneva Papers on Risk and Insurance, The Electronic Library, The American Journal of Chinese Medicine, Physica A, Transportation Research C, Transportmetrica, Journal of Advanced Transportation, International Journal of Transport Economics, European Journal of Operational Research, among others.

Yu-Ting Lee is currently a professor and vice president at Ta-Hwa Institute of

Tech-nology in Taiwan. She is also one of the founders of Taiwan Style Competency Study Group. She is a frequent consultant to the Hsinchu Human Resource Management Association, which was mainly formed by HR managers from Taiwan high-tech industries. She held a Master’s degree in Strategy Management from Komazawa University in Japan and had consulted and assisted many companies in developing HR strategies in Japan.