Information security practices followed in the Indian software services industry: An exploratory study

India tops the global IT outsourcing supply chain world ranking. While there are numerous benefits, there are also perceived risks of IT outsourcing to India. The service quality gaps model encompassing the business model for information security has been applied on Indian Software Services Providers practices around information security while they deliver software service to their customers. This exploratory study employs data, theory and methodological triangulation to enhance confidence in the primary and secondary data collection and its findings. The results have been mapped onto the business model for information security in the overall context of service quality gaps model. The study concludes that from information security perspective there are service design and service performance gaps impacting service delivery of Indian Software Service Providers. However these gaps still put India at par with various countries, if not ahead with respect to information security practices, since the service quality gaps model is primarily customer driven. From a trade perspective the study concludes that information security gaps at Indian software Service Providers side will not impact Indian software exports growth adversely as long as the customer gap which is the gap between perceived and expected service, remains within customer defined tolerance limits.