Causing factors, outcomes, and governance of Shadow IT and business-managed IT: a systematic literature review

Shadow IT and Business-managed IT describe the autonomous deployment/procurement or management of Information Technology (IT) instances, i.e., software, hardware, or IT services, by business entities. For Shadow IT, this happens covertly, i.e., without alignment with the IT organization; for Business-managed IT this happens overtly, i.e., in alignment with the IT organization or in a split responsibility model. We conduct a systematic literature review and structure the identified research themes in a framework of causing factors, outcomes, and governance. As causing factors, we identify enablers, motivators, and missing barriers. Outcomes can be benefits as well as risks/shortcomings of Shadow IT and Business-managed IT. Concerning governance, we distinguish two subcategories: general governance for Shadow IT and Business-managed IT and instance governance for overt Business-managed IT. Thus, a specific set of governance approaches exists for Business-managed IT that cannot be applied to Shadow IT due to its covert nature. Hence, we extend the existing conceptual understanding and allocate research themes to Shadow IT, Business-managed IT, or both concepts and particularly distinguish the governance of the two concepts. Besides, we find that governance themes have been the primary research focus since 2016, whereas older publications (until 2015) focused on causing factors

Causing factors, outcomes, and governance of Shadow IT and business-managed IT: a systematic literature review

Shadow IT and Business-managed IT describe the autonomous deployment/procurement or management of Information Technology (IT) instances, i.e., software, hardware, or IT services, by business entities. For Shadow IT, this happens covertly, i.e., without alignment with the IT organization; for Business-managed IT this happens overtly, i.e., in alignment with the IT organization or in a split responsibility model. We conduct a systematic literature review and structure the identified research themes in a framework of causing factors, outcomes, and governance. As causing factors, we identify enablers, motivators, and missing barriers. Outcomes can be benefits as well as risks/shortcomings of Shadow IT and Business-managed IT. Concerning governance, we distinguish two subcategories: general governance for Shadow IT and Business-managed IT and instance governance for overt Business-managed IT. Thus, a specific set of governance approaches exists for Business-managed IT that cannot be applied to Shadow IT due to its covert nature. Hence, we extend the existing conceptual understanding and allocate research themes to Shadow IT, Business-managed IT, or both concepts and particularly distinguish the governance of the two concepts. Besides, we find that governance themes have been the primary research focus since 2016, whereas older publications (until 2015) focused on causing factors

Implikationen von inoffiziellen Projekten für die IT-Governance

Aus der IT-Governance-Perspektive ist eine zentrale Aufgabe des Projektportfoliomanagements sicherzustellen, dass offizielle Projekte auf die ihnen zugewiesenen Ressourcen zugreifen können. In der Praxis ist dabei zu beobachten, dass Mitarbeiter, die laut offiziellen Planungen für ein bestimmtes Projektvorhaben vollständig verfügbar sein sollten, tatsächlich mit anderen Vorhaben beschäftigt und somit nicht in angenommenem Umfang verfügbar sind. Als zentrale Ursache wird das Auftreten inoffizieller Projekte angeführt. Dieser Fachartikel beschreibt die ersten Zwischenergebnisse einer Fallstudienforschung mit dem Ziel der Untersuchung, welche spezifischen Typen von inoffiziellen Projekten in den untersuchten Unternehmen auftreten und welche zentralen Treiber die Entstehung dieser Projekttypen beeinflussen. Darauf aufbauend werden die Implikationen für die Ausgestaltung der IT-Governance diskutiert und Handlungsempfehlungen für das strategische IT-Management abgeleitet