Risk of adopting mission-critical OSS applications: an interpretive case study

Purpose ‐ This study aims to explore the process of open source software (OSS) adoption in small- and medium-sized enterprises (SMEs), and more specifically open source enterprise resource planning (ERP) as a "mission critical" OSS application in manufacturing. It also addresses the fundamental issue of ERP risk management that shapes this process. Design/methodology/approach ‐ The approach is done through an interpretive case study of a small Canadian manufacturer that has adopted an open source ERP system. Findings ‐ Interpreted in the light of the IT risk management, OSS and packaged application adoption literatures, results indicate that the small manufacturer successfully managed the adoption process in a rather intuitive manner, based on one guiding principle and nine practices. In analyzing the data, diffusion of innovation theory appeared to fit rather well with the situation observed and to offer rich insights to explain the mission-critical OSS adoption process. Research limitations/implications ‐ A single case study of successful IT adoption should be eventually counterbalanced by future cases considered to be partial or total failures, using a wider multiple case study approach for comparative purposes. And this should include alternative theoretical interpretations and more detailed empirical work on the extent to which the distinctive features of OSS make its adoption more or less risk-laden. This initial effort should also be followed by further research on mission-critical OSS adoption in contexts other than SMEs (e.g. healthcare organizations) and other than ERP (e.g. customer-relationship management). Practical implications ‐ This research confirms that open source is a credible alternative for SMEs that decide willingly or under external pressure to adopt a mission-critical system such as ERP. Moreover, it suggests that a high level of formalization is not always necessary. Originality/value ‐ The authors argue that rich insights into the dynamics of the mission-critical OSS adoption process can be obtained by framing this process within an IT risk management context.