IJCSNS International Journal of Computer Science and Network Security, VOL.22 No.3, March 2022 229 Manuscript received March 5, 2022 M anuscript revised M arch 20, 2022 https://doi.org/10.22937/IJCSNS.2022.22.3.29 An Empirical Investigation of Vendor Readiness to Assess Offshore Software Maintenance Outsourcing Project Atif Ikram 1,2 , Masita Abdul Jalil 1 , Amir Bin Ngah 1 , Ahmad Salman Khan 3 , Yasir Mahmood 3,4 1 Faculty of Ocean Engineering Technology and Informatics, Universiti Malaysia Terengganu, Malaysia aikram4u@gmail.co m 2 Department of CS&IT, The University of Lahore, Pakistan 3 Department of Software Engineering, The University of Lahore, Pakistan 4 Advanced Informatics Department, Razak Faculty of Technology and Informatics, Universiti Teknologi Malaysia, Kuala Lumpur, Malaysia Summary The process of correcting, upgrading, and improving software products after they have been handed over to the consumer is known as software maintenance. Offshore software maintenance outsourcing (OSMO) clients benefit from cost savings, time savings, and improved quality software through OSM O. In most circumstances, the OSM O vendor makes a lot of money but not in all the cases. Especially, when the OSMO project offer is not properly assessed. An efficient outsourcing contract might yield successful outcomes for outsourced projects. But before sending a detailed proposal to bid on the OSMO project the vendor must have to assess the client's project (business offer) requirements. The purpose of this study is to find out common trends within the assessment of a OSMO project. A case study approach along with semi-structured interviews from eight companies concluded ten common practices and several roles. Among these practices, four (code structure, requirements, communication barriers and required infrastructure) were consistent amongst the responses. The findings, limitations and future work are discussed. Keywords: An empirical study, Client project assessment, Offshore software maintenance outsourcing, Software risk, Software Practices. 1. Introduction Offshore software maintenance outsourcing (OSMO) is a modern business strategy for developing high- quality software at low cost in low-wage countries [1, 2]. Software maintenance outsourcing is a contract-based relationship between client and vendor organizations in which client(s) contracts out all or part of its software development activities to vendor(s), who provides agreed services in return for remuneration [3]. This paper aims to identify such practices that are essential to an OSMO vendor while assessing a project. These practices will help vendors shortlist a more suitable project and move further for a detailed proposal to be sent to the short-listed OSMO client. This may also help to ensure successful outcomes of outsourcing projects and long-lasting relationships between clients and vendors. Along with essential practices. While this paper does not address the ethical and regulatory aspects of undertaking OSMO [25], it highlights common roles within a context of continuous erosion of centralized technology management. The paper also accentuates some of the drivers behind outsourcing software maintenance services. Client organizations benefit from OSMO because of lower costs of manpower in developing countries that might reach to one-third less than domestic vendors and even less when compared with in-house operations [reference]. McKinsey Consulting argues that for every dollar of US client organizations spent on outsourcing to vendor organizations in India, American corporations benefit $1.14 and India by 0.33 cents [4]. Moreover, Vendors often seek OSMO projects as opportunities for skills, exposure, and experience development, and learning new ways to satisfy clients’ requirements. It is professed that OSMO vendors can add significant value to their clients’ supply chains. To balance the outsourcing benefits there are substantial risks in the software outsourcing decisions [5, 6, 7, 8]. Despite the growing regulations and rise apprehensions about data security and privacy, pervasive cloud computing seems to unfold the geographical barriers for OSMO services [25]. Most of the identified risks entwined with OSMO are skewed towards projects’ social (e.g., client- vendor capacities, communications, and commitments) rather than technical, legal, or geographical nature [23]. Hence, the cloud has been considered an enabler to OSMO projects [ 24]. One of the key challenges is the selection of an appropriate and more suitable project. This is only possible by keenly observing the client’s business offer or project and taking the right decision. To do this we intend to address the following research questions; RQ1.What practices are important while assessing the OSMO client’s project? RQ2. What are the key team roles within OSMO projects?