TY - CHAP A1 - Kopper, Andreas A1 - Fürstenau, Daniel A1 - Zimmermann, Stephan A1 - Rentrop, Christopher A1 - Rothe, Hannes A1 - Strahringer, Susanne A1 - Westner, Markus T1 - Business-managed IT: A Conceptual Framework and Empirical Illustration T2 - Twenty-Sixth European Conference on Information Systems (ECIS 2018), 23. - 28. Juni 2018, University of Portsmouth, Portsmouth, UK N2 - Research on Shadow IT is facing a conceptual dilemma in cases where previously "covert" systems developed by business entities (individual users, business workgroups, or business units) are integrated in the organizational IT management. These systems become visible, are therefore not "in the shadows" anymore, and subsequently do not fit to existing definitions of Shadow IT. Practice shows that some information systems share characteristics of Shadow IT, but are created openly in alignment with the IT department. This paper therefore proposes the term "Business-managed IT" to describe "overt" information systems developed or managed by business entities. We distinguish Business-managed IT from Shadow IT by illustrating case vignettes. Accordingly, our contribution is to suggest a concept and its delineation against other concepts. In this way, IS researchers interested in IT originated from or maintained by business entities can construct theories with a wider scope of application that are at the same time more specific to practical problems. In addition, value-laden terminology is complemented by a vocabulary that values potentially innovative developments by business entities more adequately. From a practical point of view, the distinction can be used to discuss the distribution of task responsibilities for information systems. KW - ShadowIT Y1 - 2018 UR - https://www.researchgate.net/publication/325853972 UR - https://aisel.aisnet.org/cgi/viewcontent.cgi?article=1076&context=ecis2018_rp ER - TY - CHAP A1 - Zimmermann, Stephan A1 - Rentrop, Christopher A1 - Felden, Carsten T1 - Governing identified shadow IT by allocating IT task responsibilities T2 - Americas Conference on Information Systems At San Diego, August 2016 N2 - The IT unit is not the only provider of information technology (IT) used in business processes. Aiming for increased performance, many business workgroups autonomously implement IT resources not covered by their organizational IT service management. This is called shadow IT. Risks and inefficiencies associated with this phenomenon challenge organizations. Organizations need to decide how to deal with identified shadow IT and if the business or the IT unit should be responsible for corresponding tasks and components. This study proposes design principles for a method to control identified shadow IT following action design research in four organizational settings. The procedure results in an allocation of IT task responsibilities between the business workgroups and the IT unit following risk considerations and transaction cost economics, leading to an IT service governance. This contributes to governance research regarding adaptive and efficient arrangements with reduced risks for business-located IT activities. KW - Shadow IT KW - IT service governance KW - Task allocation KW - IT risk KW - Transaction cost economics Y1 - 2016 UR - http://aisel.aisnet.org/cgi/viewcontent.cgi?article=1327&context=amcis2016 UR - https://www.researchgate.net/publication/305328559_Governing_Identified_Shadow_IT_by_Allocating_IT_Task_Responsibilities VL - 22 ER - TY - CHAP A1 - Huber, Melanie A1 - Zimmermann, Stephan A1 - Rentrop, Christopher A1 - Felden, Carsten T1 - Toward a Conceptual Framework for Shadow IT Integration T2 - 24th Americas Conference on Information Systems, AMCIS 2018, New Orleans, LA, USA, August 16-18 N2 - Business units are increasingly able to fuel the transformation that digitalization demands of organizations. Thereby, they implement Shadow IT (SIT) to create flexible and innovative solutions. However, the individual implementation of SIT leads to high complexities and redundancies. Integration suggests itself to meet these challenges but can also eliminate the described benefits. In this emergent research, we develop propositions for a conceptual decision framework, that balances the benefits and drawbacks of an integration of SIT using a literature review as well as a multiple-case study. We thereby integrate the perspective of the overall organization as well as the specific business unit. We then pose six propositions regarding SIT integration that will serve to evaluate our conceptual framework in future research. KW - Integration KW - Shadow IT KW - Decision Framework KW - IT Architecture KW - Digitalization Y1 - 2018 ER - TY - JOUR A1 - Rentrop, Christopher A1 - Zimmermann, Stephan A1 - Huber, Melanie T1 - Ausprägungen, Relevanz und Qualität von Schatten-IT Systemen (Teil 1) BT - Ergebnisse aus Fallstudien JF - PRev Revisionspraxis N2 - Das Thema Schatten-IT hat erst in den letzten Jahren in Wissenschaft und Praxis erheblich an Bedeutung gewonnen.1 Unter dem Begriff Schatten-IT werden dabei Systeme verstanden, welche die Fachbereiche in Eigenregie beschaffen oder erstellen und die nicht in das IT-Servicemanagement des Unternehmens eingebunden sind.2 Das Thema Schatten-IT ist dabei weder neu noch selten. Trotz dieser langen Geschichte war über die Verbreitung der Schatten-IT wenig Genaues bekannt. Im einem Beitrag in dieser Zeitschrift im Jahr 2011 haben wir die Risiken der Schatten-IT beschrieben und damit die Notwendigkeit für die Auseinandersetzung mit dem Thema Schatten-IT hergeleitet.3 Im Forschungsprojekt Schatten-IT des Konstanzer Instituts für Prozesssteuerung wurde dann in den vergangenen Jahren eine Methode zum Management der Schatten-IT entwickelt und in verschiedenen Fallstudien evaluiert. Ziel dieses Beitrages ist es, die empirischen Ergebnisse aus den Fallstudien vorzustellen.4 Die Datenbasis bilden dabei die Fallstudien in vier Unternehmen, in denen insgesamt 386 Schatten-IT Systeme gefunden wurden. Zwei der Unternehmen stammen aus der Finanz- und Versicherungsbranche, die beiden anderen aus der Fertigungsindustrie. Je ein Abteilungsbereich wurde für die Untersuchung herangezogen. Aus diesen Fallstudien stellt der Beitrag im zweiten Kapitel die Ausprägungen der aufgedeckten Schatten-IT vor. Im dritten Kapitel folgt dann die Beschreibung der geschäftlichen Relevanz der Schatten-IT. Im vierten Abschnitt gehen wir auf die Qualität der Schatten-IT Systeme ein. In der Fortsetzung des Artikels werden in einem weiteren Beitrag die möglichen Prüfungsansätze beschrieben. Y1 - 2017 SN - 1862-9032 VL - 2017 IS - 01 SP - 16 EP - 21 PB - Boorberg ER - TY - CHAP A1 - Huber, Melanie A1 - Zimmermann, Stephan A1 - Rentrop, Christopher A1 - Felden, Carsten T1 - Integration of shadow IT systems with enterprise systems BT - a literature review T2 - 21th Pacific-Asia Conference on Information Systems (PACIS 2017), 16-20 July 2017, Langkawi Island, Malaysia N2 - Organizations deploy a plethora of information technology (IT) systems. Various types of enterprise systems (ES) may coexist with the shadow IT systems (SITS) implemented by individual business units without the involvement of the IT department. The associated redundancy of SITS and ES suggests their integration. After integration, however, organization may find it challenging to retain the flexibility and innovation that the development of SITS offers the business. In this study, we conduct a literature review on IT systems integration. This review and the specific characteristics of SITS then serve to define SITS integration, derive guidelines for the integration decision, the phases preceding and following integration, and the integration process itself. SITS and ES integration can profit from existing knowledge of integration benefits, costs, and of the available technologies. Our study offers IT decision makers an insight into the specifics of SITS integration, and provides a basis for future SITS research. Y1 - 2017 SP - 1 EP - 12 ER - TY - THES A1 - Zimmermann, Stephan T1 - Der Umgang mit Schatten-IT in Unternehmen BT - eine Methode zum Management intransparenter Informationstechnologie in den Geschäftsprozessen der Fachbereiche Y1 - 2016 ER - TY - JOUR A1 - Kopper, Andreas A1 - Fürstenau, Daniel A1 - Zimmermann, Stephan A1 - Klotz, Stefan A1 - Rentrop, Christopher A1 - Rothe, Hannes A1 - Strahringer, Susanne A1 - Westner, Markus T1 - Shadow IT and Business-Managed IT: A Conceptual Framework and Empirical Illustration JF - International Journal of IT/Business Alignment and Governance (IJITBAG) N2 - Research on Shadow IT is facing a conceptual dilemma in cases where previously “covert” systems developed by business entities are integrated in the organizational IT management. These systems become visible, are thus not “in the shadows” anymore, and subsequently do not fit to existing definitions of Shadow IT. Practice shows that some information systems share characteristics of Shadow IT but are created openly in alignment with the IT organization. This paper proposes the term “Business-managed IT” to describe “overt” information systems developed or managed by business entities and distinguishes it from Shadow IT by illustrating case vignettes. Accordingly, our contribution is to suggest a concept and its delineation against other concepts. In this way, IS researchers interested in IT originated from or maintained by business entities can construct theories with a wider scope of application that are at the same time more specific to practical problems. In addition, the terminology allows to value potentially innovative developments by business entities more adequately. Y1 - 2018 UR - https://www.igi-global.com/article/shadow-it-and-business-managed-it/220440 U6 - http://dx.doi.org/10.4018/IJITBAG.2018070104 SN - 1947-9611 SN - 1947-962X VL - 9 IS - 2 SP - 53 EP - 71 ER - TY - CHAP A1 - Rentrop, Christopher A1 - Zimmermann, Stephan A1 - Huber, Melanie T1 - Schatten-IT – ein unterschätztes Risiko? T2 - D-A-CH Security 2015 : Bestandsaufnahme - Konzepte - Anwendungen - Perspektiven, St. Augustin bei Bonn, 08.-09. September 2015 N2 - Der Begriff Schatten-IT beschreibt Systeme, die außerhalb des Verantwortungsbereiches der IT durch die Fachabteilung eigenständig entwickelt und betrieben werden. Obwohl dieses Phänomen weit verbreitet ist, blieb diese Schatten-IT in Wissenschaft und in Praxis lange unbeachtet. Seit einiger Zeit ist eine verstärkte Auseinandersetzung mit dem Phänomen erkennbar. Jedoch gibt es bisher nur wenige empirisch gestützte Erkenntnisse über die Schatten-IT. Diese Lücke wird in dem vorliegenden Beitrag angegangen. Auf Basis von vier Fallstudien werden die Verbreitung, Verwendung und die Qualität der Schatten-IT ermittelt. Dabei zeigt sich, dass die Schatten-IT mit durchaus erheblichen Risiken verbunden sein kann. Demgegenüber bleibt die Qualität jedoch merklich zurück. Erkennbar ist dabei auch, dass die Schatten-IT nicht im Blickfeld der Kontrollsysteme der Unternehmen erscheint. Durch Maßnahmen wie die Steigerung der Awareness der Schatten-IT im Unternehmen sowie eine Entwicklung der Schatten-IT hin zu einer gesteuerten Fachbereichs-IT lassen sich die Risiken wirksam reduzieren. Zudem sind die Kontrollsysteme der Unternehmen so anzupassen, dass auch die Schatten-IT in diesen sichtbar wird. Y1 - 2015 SN - 978-3-00-049965-4 SP - 291 EP - 300 PB - Syssex CY - Frechen ER - TY - JOUR A1 - Rentrop, Christopher A1 - Zimmermann, Stephan T1 - Schatten-IT JF - Informatik-Spektrum N2 - In diesem Beitrag wird der aktuelle Stand der Diskussion anhand dreier Leitfragen aufbereitet: ,,Was ist Schatten-IT?“, ,,Welche Folgen hat Schatten-IT?“ und ,,Wie soll mit Schatten-IT umgegangen werden?“ Zum Abschluss wird ein kurzer Ausblick auf mögliche weitere Entwicklungen gegeben. Y1 - 2015 U6 - http://dx.doi.org/10.1007/s00287-015-0921-x SN - 0170-6012 SN - 1432-122X VL - 38 IS - 6 SP - 564 EP - 567 ER - TY - CHAP A1 - Huber, Melanie A1 - Zimmermann, Stephan A1 - Rentrop, Christopher A1 - Felden, Carsten T1 - The influence of shadow IT systems on enterprise architecture management concerns T2 - Information Systems : 14th European, Mediterranean, and Middle Eastern Conference, EMCIS 2017, Coimbra, Portugal, September 7-8, 2017, Proceedings N2 - Shadow information technology systems (SITS) coexist with formal enterprise systems in organisations. SITS pose risks but also increase flexibility of business units. Practice shows that SITS emerge, despite that Enterprise Architecture Management (EAM) aims at controling all IT systems in an organization. Studies acknowledge this problem in general. However, they neither show the specific influencing areas of SITS nor provide approaches to address them. To close this gap, we use a literature review to analyse examples of practical SITS and their interference with EAM concerns. Thus, we find that they hinder especially transparency, reduction of EA complexity and governance. Research has focused on achieving transparency, governing the evolution of the EA but lacks strategies for reducing complexity. This study contributes to research and practice by uncovering the main influencing areas of SITS on EAM, as well as by laying a foundation for future research on this topic. KW - Shadow IT systems KW - Shadow IT KW - Enterprise architecture Y1 - 2017 SN - 978-3-319-65929-9 SN - 978-3-319-65930-5 U6 - http://dx.doi.org/10.1007/978-3-319-65930-5_37 SP - 461 EP - 477 PB - Springer CY - Cham ER - TY - JOUR A1 - Rentrop, Christopher A1 - Zimmermann, Stephan A1 - Huber, Melanie T1 - Schatten-IT (Teil 2) BT - Prüfungsmaßstäbe und Prüfungshandlungen JF - PRev Revisionspraxis Y1 - 2017 SN - 1862-9032 VL - 2017 IS - 3 SP - 140 EP - 145 PB - Boorberg ER - TY - JOUR A1 - Huber, Melanie A1 - Zimmermann, Stephan A1 - Rentrop, Christopher A1 - Felden, Carsten T1 - The Relation of Shadow Systems and ERP Systems BT - Insights from a Multiple-Case Study JF - Systems : open access journal N2 - ERP systems integrate a major part of all business processes and organizations include them in their IT service management. Besides these formal systems, there are additional systems that are rather stand-alone and not included in the IT management tasks. These so-called ‘shadow systems’ also support business processes but hinder a high enterprise integration. Shadow systems appear during their explicit detection or during software maintenance projects such as enhancements or release changes of enterprise systems. Organizations then have to decide if and to what extent they integrate the identified shadow systems into their ERP systems. For this decision, organizations have to compare the capabilities of each identified shadow system with their ERP systems. Based on multiple-case studies, we provide a dependency approach to enable their comparison. We derive categories for different stages of the dependency and base insights into integration possibilities on these stages. Our results show that 64% of the shadow systems in our case studies are related to ERP systems. This means that they share parts or all of their data and/or functionality with the ERP system. Our research contributes to the field of integration as well as to the discussion about shadow systems. KW - Shadow systems KW - Shadow IT KW - ERP systems KW - Enterprise systems KW - Relation Y1 - 2016 U6 - http://dx.doi.org/10.3390/systems4010011 SN - 2079-8954 VL - 4 IS - 1 ER - TY - JOUR A1 - Zimmermann, Stephan A1 - Rentrop, Christopher A1 - Felden, Carsten T1 - A multiple case study on the nature and management of shadow information technology JF - Journal of Information Systems N2 - In several organizations, business workgroups autonomously implement information technology (IT) outside the purview of the IT department. Shadow IT, evolving as a type of workaround from nontransparent and unapproved end-user computing (EUC), is a term used to refer to this phenomenon, which challenges norms relative to IT controllability. This report describes shadow IT based on case studies of three companies and investigates its management. In 62% of cases, companies decided to reengineer detected instances or reallocate related subtasks to their IT department. Considerations of risks and transaction cost economics with regard to specificity, uncertainty, and scope explain these actions and the resulting coordination of IT responsibilities between the business workgroups and IT departments. This turns shadow IT into controlled business-managed IT activities and enhances EUC management. The results contribute to the governance of IT task responsibilities and provide a way to formalize the role of workarounds in business workgroups. KW - Shadow IT KW - End-user computing KW - Workarounds KW - IT governance KW - Transaction cost economics KW - IT task responsibility Y1 - 2017 SN - 0888-7985 N1 - Volltextzugriff für Angehörige der Hochschule Konstanz möglich VL - 31 IS - 1 SP - 79 EP - 101 ER - TY - JOUR A1 - Huber, Melanie A1 - Zimmermann, Stephan A1 - Rentrop, Christopher A1 - Felden, Carsten T1 - Conceptualizing Shadow IT Integration Drawbacks from a Systemic Viewpoint JF - Systems : open access journal - Special Issue "Systems Thinking" Paper 42 N2 - Business units are increasingly able to fuel the transformation that digitalization demands of organizations. Thereby, they can implement Shadow IT (SIT) without involving a central IT department to create flexible and innovative solutions. Self-reinforcing effects lead to an intertwinement of SIT with the organization. As a result, high complexities, redundancies, and sometimes even lock-ins occur. IT Integration suggests itself to meet these challenges. However, it can also eliminate the benefits that SIT presents. To help organizations in this area of conflict, we are conducting a literature review including a systematic search and an analysis from a systemic viewpoint using path dependency and switching costs. Our resulting conceptual framework for SIT integration drawbacks classifies the drawbacks into three dimensions. The first dimension consists of switching costs that account for the financial, procedural, and emotional drawbacks and the drawbacks from a loss of SIT benefits. The second dimension includes organizational, technical, and level-spanning criteria. The third dimension classifies the drawbacks into the global level, the local level, and the interaction between them. We contribute to the scientific discussion by introducing a systemic viewpoint to the research on shadow IT. Practitioners can use the presented criteria to collect evidence to reach an IT integration decision. KW - Shadow IT KW - IT Integration KW - IT Integration Drawbacks KW - Application Integration KW - Path Dependency Y1 - 2018 UR - https://www.mdpi.com/2079-8954/6/4/42/pdf U6 - http://dx.doi.org/10.3390/systems6040042 SN - 2079-8954 VL - 6 IS - 4 SP - 1 EP - 14 ER - TY - JOUR A1 - Huber, Melanie A1 - Rentrop, Christopher A1 - Zimmermann, Stephan T1 - IT-Integration in Zeiten von Digitalisierung – (k)ein alter Hut? JF - HMD Praxis der Wirtschaftsinformatik N2 - Durch die zunehmende Vernetzung und den Anstieg von eingesetzter Hard- und Software hat sich die Komplexität der Unternehmensarchitektur von Unternehmen über die Jahre stetig erhöht. Das Aufkommen nutzerfreundlicher Informationstechnologie (IT)-Lösungen befähigt außerdem Fachbereiche, IT innovativ einzusetzen. Dies erhöht die Heterogenität und damit nochmals die Komplexität der Unternehmensarchitektur. Darüber hinaus treibt dieser IT-Einsatz die Digitalisierung in den Unternehmen maßgeblich voran. Dies wirft die Frage auf, ob Unternehmen überhaupt noch eine Relevanz in der Reduktion der Komplexität durch IT-Integration sehen oder ob dies vor dem Hintergrund der Digitalisierung schon ein alter Hut ist. Experteninterviews und eine qualitative Datenanalyse zeigen, dass IT-Integration und Digitalisierung keine disjunkten Phänomene sind, sondern sich gegenseitig beeinflussen. Die Ergebnisse betonen, wie unterschiedlich der Begriff aufgefasst werden kann und dass die einheitliche Nutzung damit essenziell ist. Darüber hinaus zeigen sie, dass Digitalisierung einerseits Treiber der IT-Integration ist, andererseits aber auch die Möglichkeiten zur Umsetzung verändert. Dabei ist die Integrationsentscheidung durch die Vielzahl an Vor- und Nachteile komplex. Fachbereichs-IT ist selten explizites Ziel von IT-Integrationsprojekten. Der Beitrag zeigt den wissenschaftlichen Forschungsbedarf in neuen technologischen Möglichkeiten zur IT-Integration und in der Balance von Flexibilität und IT-Integration in der Unternehmensarchitektur. Er beleuchtet, dass eine gemeinsame Sprache die Basis für IT-Integrationsprojekte ist und dass eine Kultur, in der Fachbereiche aktiv an IT-Integrationsentscheidungen teilhaben, das Ziel eines jeden Unternehmens sein sollte. Insgesamt zeigen die Analysen, dass IT-Integration noch lange kein alter Hut, sondern, im Gegenteil, brandaktuell ist. KW - IT-Integration KW - Digitalisierung KW - Experteninterview Y1 - 2020 U6 - http://dx.doi.org/10.1365/s40702-020-00622-x SN - 1436-3011 SN - 2198-2775 ER -