Christopher Rentrop

A Multiple Case Study on the Nature and Management of Shadow Information Technology

ABSTRACT In several organizations, business workgroups autonomously implement information technology (IT) outside the purview of the IT department. Shadow IT, evolving as a type of workaround from nontransparent and unapproved end-user computing (EUC), is a term used to refer to this phenomenon, which challenges norms relative to IT controllability. This report describes shadow IT based on case studies of three companies and investigates its management. In 62 percent of cases, companies decided to reengineer detected instances or reallocate related subtasks to their IT department. Considerations of risks and transaction cost economics with regard to specificity, uncertainty, and scope explain these actions and the resulting coordination of IT responsibilities between the business workgroups and IT departments. This turns shadow IT into controlled business-managed IT activities and enhances EUC management. The results contribute to the governance of IT task responsibilities and provide a way to formalize t...

The Influence of Shadow IT Systems on Enterprise Architecture Management Concerns

Shadow information technology systems (SITS) coexist with formal enterprise systems in organisations. SITS pose risks but also increase flexibility of business units. Practice shows that SITS emerge, despite that Enterprise Architecture Management (EAM) aims at controling all IT systems in an organization. Studies acknowledge this problem in general. However, they neither show the specific influencing areas of SITS nor provide approaches to address them. To close this gap, we use a literature review to analyse examples of practical SITS and their interference with EAM concerns. Thus, we find that they hinder especially transparency, reduction of EA complexity and governance. Research has focused on achieving transparency, governing the evolution of the EA but lacks strategies for reducing complexity. This study contributes to research and practice by uncovering the main influencing areas of SITS on EAM, as well as by laying a foundation for future research on this topic.

Governing IT Activities in Business Workgroups—Design Principles for a Method to Control Identified Shadow IT

The IT unit is not the only provider of information technology (IT) used in business processes. Aiming for increased work performance, many business workgroups autonomously implement IT resources not covered by their organizational IT service management. This is called shadow IT. Associated risks and inefficiencies challenge organizations. This study proposes design principles for a method to control identified shadow IT following action design research in four organizational settings. The procedure results in an allocation of task responsibilities between the business and the IT units following risk considerations and transaction cost economics. This contributes to governance research regarding business-located IT activities.