Gartner Blog Network

Lightening the depths of shadow IT

by Mark P. McDonald  |  March 22, 2012  |  11 Comments

Shadow IT is IT activity that occurs outside of IT.  Shadow IT is growing in many organizations driven by consumerized technology, mobility, the availability of cloud solutions and quite frankly relatively slow cycle times within captive IT organizations.

How do you control or eliminate shadow IT is a frequent question raised by CIOs and IT professionals.

The question and the desired answer say a lot about IT, much of it not good.

Before we discuss that let me acknowledge that shadow IT based applications and activities represent an off the balance sheet/budget risk for CIOs and IT.  It’s a risk because while the business is great at initiating technology projects on their own, their interest and attention to finishing what they started is about the same a three year old who has tired of a new toy.  This often leaves IT holding the bag when the business says ‘here operate and integrate this, after all isn’t this your job’.

So how do you look to eliminate shadow IT?

Here are two ideas.

First don’t.

Restructuring Shadow IT

Restructure rather than restrict shadow IT.  Restricting IT through governance, policy or other prohibitions only drives shadow IT underground. Makes shadow IT harder to find and much more of a surprise when it ‘pops’ up.  So rather than saying no, let me suggest that CIOs need to restructure the organization and figure out how to say yes.

Go back and look at the real nature of Shadow IT demand and solutions.  In many cases the shadow applications are requests for greater information consumption and rather than information creation or production systems.

Support information consumption and manipulation applications through creating standard API’s and information services that extract but do not put back information.  Now that is nothing new, but facilitating the business getting unfettered access to its information gives your peers what they want and you the ability to differentiate between giving people access to information and enabling processes to transact with core systems.

Core transaction processes should remain within the IT governance structure not because IT says so, but because core transaction systems carry a different level of business, technical, risk and control requirements that demand formal processes.

Restructuring shadow IT enables you to say ‘yes’ to things that your business peers need but do not challenge the integrity or operational performance of the enterprise so you can say ‘NO’ to situations that require greater control.

Raise IT Throughput

Another approach to lightening the depth of shadow IT involves raising IT’s throughput, productivity and cycle time.  Shadow IT exists, in part, because the business believes that IT does not have the capacity, availability or skills to meet their needs.  They get that impression from IT processes and productivity levels all of which signal that IT is too busy handling its formal and planned demand and therefore is closed for any additional business. Too many CIOs signal to their peers that “sorry sir, but the park is closed’ that is natural for business peers to look elsewhere or do IT themselves.

Every additional project you are able to complete, you take power away from Shadow IT and more importantly you are delivering tangible value to the business.  Lighten the depths of shadow IT by increasing your own productivity, raising your throughput and reducing your cycle time.

Does your IT organization have formal plans, targets and goals for raising IT productivity particularly throughput with goals for completing more projects and reducing time to market.  Chances are that while you have a plan to allocate all IT resources to projects, you lack a plan for driving IT productivity to make the pie bigger.  This leaves the business with no choice but to roll its own technology.

Clearing the shadows in shadow IT

Your response to shadow IT tells others about your confidence, management approach, and views on IT.  If you see shadow IT as renegade competition to in-house IT, then you believe that you and your IT team are the only game in town.  Captive IT has never had a monopoly on the application of technology in their business.  Continuing to believe so only lends credence to the IT that while IT is good at some things; there are many other things that we have to do for ourselves.  You see what the CIO sees as shadow IT, their business colleagues see as a reasonable response to delivering their plans.

Recognize that in a world of greater consumerization, information consumption demands will outstrip your ability to support them.  If you have already given business colleagues greater control and ability to generate their own reports, then you can also give them greater abilities to extract information into mobile and other applications. After all, information in motion creates value.

Realize as well that business demand for IT will always be imperfect, inaccurate and fickle.  It will change and should change in the face of competition, changing performance requirements and customer realities.  These realities demand greater productivity from IT in terms of its ability to produce solutions, updates, upgrades, etc. not just faster, but also more of them.  Shadow IT fills the gap created by unstable demand and stable or declining IT productive capacity.  Greater control will not close that gap.  Greater capacity, productivity and throughput from within IT is the only sustainable solution.

Additional Resources

Category: 2012  amplifying-the-enterprise  it-governance  management  

Tags: 2012-planning  cio-leadership  cio-strategy  control  it-organization  technology-leadership  

Mark McDonald, Ph.D., is a Vice President and Fellow Emeritus in Gartner for General Managers Program.

Thoughts on Lightening the depths of shadow IT

  1. Ercan Yilmaz says:

    Great article, Mark! Shadow IT has been there long before mobile and cloud. R&D, engineering, creative, customer-facing capabilities are some of the examples. I believe CIOs have an opportunity to build trust and confidence among business leaders by taking a more proactive approcah in selectively crowdsourcing low-risk solutions while making sure that mpacque farchildno line is crossed with respect to internal controls and security. In addition, picking a few low-hanging opportunities to collaborate more closely with business will not only present a terrific development opportunity for IT folks involved but also help credibility and relationship building once delivered successfully. As for increasing the throughput, on top of following best practices such as finding bottlenecks and removing them iteratively (Goldratt’s TCO,) finding creative ways to introduce and expose IT associates to competition and sense of urgency as dictated by market forces ought to be considered.

  2. […] So says Mark McDonald, Ph.D., a Group Vice President and Head of Research in Gartner Executive Programs in a new blog post. […]

  3. […] So says Mark McDonald, Ph.D., a Group Vice President and Head of Research in Gartner Executive Programs in a new blog post. […]

  4. Kumar Byakod says:

    This is happening across organizations of all sizes. With the SaaS model applications it’s really easy for business users to by-pass IT completely. IT Leaders and teams need to show that they are partners with business and support SaaS/cloud adoption. One way IT can show their value is innovating. Innovation should not be limited to just products/services instead should cover processes, collaboration and the entire way how IT conducts it’s business.

  5. […] Lightening the depths of shadow IT ( […]

  6. […] actually bad for IT, and will impact business effectiveness negatively. A recent blog by Gartner, the lengthening shadow of IT is the latest […]

  7. […] til fildeling mellem enheder og brugere. Analysebureauet Gartner kalder fænomenet skygge it (Shadow IT) og peger på de ikke helt ubetydelige sikkerhedsrisici, som er forbundet med at […]

  8. […] IT.” This growth of shadow IT decision making and spending is being nicely chronicled by various Gartner researchers and analysts.  Ad hoc work groups, departments and even teams that span across enterprise boundaries are […]

  9. have a look at this infographic and discover the result of a ten question survey about CIO and Shadow IT :

  10. Sanjiv Sharma says:

    Great thoughts and discussion topic. The reason that shodow IT exists because IT can’t deliver quality projects in time and always behind, is correct but lacks deeper understanding of the problem. In any exisiting organization there are legacy of IT Architecture, from assembly codes to SOA. The data is all over the place – flat files to ODBMS. Demand and data consumption is always changing, IT budgets and resources are not only constrained but also stretched. The IT looks like mostly a used cars lot, where each car should not only work but everytime it should cost less. Sometime a high performance car is braught in and somehow other cars should parallel its performance or use.

    As suggested stopping business from going out and buying new technologies is not the solution, however (a) involving IT in decision making from the start is; (b) outlining an IT budget for continuous rationlization; (c) defining EA that supports Services; (d) providing dynamic governance to make sure controls are there; (e) focusing on converting application architecture to business services; and (f) offerring these services to business, so that busienss can make informed decisions.

Comments are closed

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.