Abstract
The IT unit is not the only provider of information technology (IT) used in business processes. Aiming for increased work performance, many business workgroups autonomously implement IT resources not covered by their organizational IT service management. This is called shadow IT. Associated risks and inefficiencies challenge organizations. This study proposes design principles for a method to control identified shadow IT following action design research in four organizational settings. The procedure results in an allocation of task responsibilities between the business and the IT units following risk considerations and transaction cost economics. This contributes to governance research regarding business-located IT activities.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
We reviewed prior literature to build a basis for our research. We queried EBSCOhost, ScienceDirect, IEEE Xplore, AISeL, Jstor based on abstract, title, and keywords. Employing the four-eye principle, we removed duplicates and irrelevant papers. The search terms shadow IT, shadow systems, feral systems, gray IT, rogue IT, and hidden IT combined with IT, information services, information systems, and information security resulted in 29 papers.
References
Chejfec, T.: Shadow IT survey v3. http://chejfec.com/2012/11/03/shadow-it-infographic/shadow-it-survey-v3/. Accessed 12 Mar 2016
Behrens, S.: Shadow systems: the good, the bad and the ugly. Commun. ACM 52(2), 124–129 (2009)
Alter, S.: Theory of workarounds. Commun. Assoc. Inf. Syst. 34(1), 1042–1066 (2014)
Rentrop, C., Zimmermann, S.: Schatten-IT. Informatik Spektrum 38(6), 564–567 (2015)
Györy, A., Cleven, A., Uebernickel, F., Brenner, W.: Exploring the shadows: IT governance approaches to user-driven innovation. In: Proceedings of the 20th European Conference on Information Systems, Barcelona, Spain (2012)
Zimmermann, S., Rentrop, C., Felden, C.: Managing shadow IT instances - a method to control autonomous IT solutions in the business departments. In: Proceedings of the 20th Americas Conference on Information Systems, Savannah, Georgia, USA (2014)
Chua, C., Storey, V., Chen, L.: Central IT or Shadow IT? Factors shaping users’ decision to go rogue with IT. In: Proceedings of the 35th International Conference on Information Systems, Auckland, New Zealand (2014)
Beimborn, D., Palitza, M.: Enterprise app stores for mobile applications - development of a benefits framework. In: Proceedings of the 19th Americas Conference on Information Systems, Chicago, IL (2013)
Sein, M., Henfridsson, O., Purao, S., Rossi, M., Lindgren, R.: Action design research. Manag. Inf. Syst. Q. 35(1), 37–56 (2011)
Picot, A.: Division of labour and responsibilities. In: Grochla, E., Gaugler, E., et al. (eds.) Handbook of German Business Management, pp. 745–752. Poeschel, Stuttgart (1990)
Williamson, O.E.: The Economic Institutions of Capitalism. Firms, Markets, Relational Contracting. Free Press, New York (1985)
Winkler, T.J., Brown, C.V.: Horizontal allocation of decision rights for on-premise applications and software-as-a-service. J. Manag. Inf. Syst. 30(3), 13–48 (2014)
Ferneley, E.H.: Covert end user development: a study of success. J. Organ. End User Comput. 19(1), 62–71 (2007)
Panko, R.R., Port, D.N.: End user computing: the dark matter (and dark energy) of corporate IT. J. Organ. End User Comput. 25(3), 1–19 (2013)
Zimmermann, S., Rentrop, C.: On the emergence of shadow IT – a transaction cost-based approach. In: Proceedings of the 22nd European Conference on Information Systems, Tel Aviv, ISR (2014)
Haag, S., Eckhardt, A., Bozoyan, C.: Are shadow system users the better IS users? – insights of a lab experiment. In: Proceedings of the 36th International Conference on Information Systems, Fort Worth, TX (2015)
Silic, M., Back, A.: Shadow IT – a view from behind the curtain. Comput. Secur. 45, 274–283 (2014)
Haag, S.: Appearance of dark clouds? - an empirical analysis of users’ shadow sourcing of cloud services. In: Wirtschaftsinformatik Proceedings, Osnabrück, Germany (2015)
Zainuddin, E.: Secretly saas-ing: stealth adoption of software-as-a-service from the embeddedness perspective. In: Proceedings of the 33rd International Conference on Information Systems, Orlando, FL (2012)
Buchwald, A., Urbach, N.: Exploring the role of un-enacted projects in IT project portfolio management. In: Proceedings of the 33rd International Conference on Information Systems, Orlando, FL (2012)
Jones, D., Behrens, S., Jamieson, K., Tansley, E.: The rise and fall of a shadow system: lessons for enterprise system implementation. In: Proceedings of the 15th Australasian Conference on Information Systems, Hobart, Australia (2004)
Behrens, S., Sedera, W.: Why do shadow systems exist after an ERP implementation? Lessons from a case study. In: Proceedings of the 8th Pacific Asia Conference on Information Systems, pp. 1712–1726, Shanghai, China (2004)
Gozman, D., Willcocks, L.: Crocodiles in the regulatory swamp: navigating the dangers of outsourcing, SaaS and shadow IT. In: Proceedings of the 36th International Conference on Information Systems, Fort Worth, TX (2015)
Fürstenau, D., Rothe, H.: Shadow IT systems: discerning the good and the evil. In: Proceedings of the 22nd European Conference on Information Systems, Tel Aviv, ISR (2014)
Weill, P., Ross, J.W.: IT Governance. How Top Performers Manage IT Decision Rights for Superior Results. Harvard Business School Press, Boston (2004)
Tiwana, A.: Governance-knowledge fit in systems development projects. Inf. Syst. Res. 20(2), 180–197 (2009)
Williamson, O.E.: The economics of governance. Am. Econ. Rev. 95(2), 1–18 (2005)
Braun, C., Wortmann, F., Hafner, M., Winter, R.: Method construction - a core approach to organizational engineering. In: ACM Symposium 2005, pp. 1295–1299 (2005)
Moloney, M., Church, L.: Engaged scholarship: action design research for new software product development. In: Proceedings of the 33rd International Conference on Information Systems, Orlando, FL (2012)
Yin, R.K.: Case Study Research. Design and Methods. Sage Publ., Los Angeles (2014)
Flick, U.: An Introduction to Qualitative Research. Sage Publ., Los Angeles (2009)
Powell, W.W.: Neither market nor hierarchy: Network forms of organization. Res. Organ. Behav. 12, 295–336 (1990)
McIvor, R.: How the transaction cost and resource-based theories of the firm inform outsourcing evaluation. J. Oper. Manag. 27(1), 45–63 (2009)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Zimmermann, S., Rentrop, C., Felden, C. (2016). Governing IT Activities in Business Workgroups—Design Principles for a Method to Control Identified Shadow IT. In: Abramowicz, W., Alt, R., Franczyk, B. (eds) Business Information Systems. BIS 2016. Lecture Notes in Business Information Processing, vol 255. Springer, Cham. https://doi.org/10.1007/978-3-319-39426-8_20
Download citation
DOI: https://doi.org/10.1007/978-3-319-39426-8_20
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-39425-1
Online ISBN: 978-3-319-39426-8
eBook Packages: Business and ManagementBusiness and Management (R0)