You cannot outsource risk

According to Gartner, more than 60% of companies do not do any security risk mitigation when outsourcing development.

Rob Rachwald has some suggestions.