Refine
Document Type
- Conference Proceeding (14)
- Article (11)
- Other Publications (2)
- Book (1)
- Part of a Book (1)
Keywords
- Adoption (1)
- Application Integration (1)
- Challenges (1)
- Citizen Development (1)
- Compliance (1)
- DSR (2)
- Decision Framework (1)
- Digitalisierung (1)
- Digitalization (1)
- ERP systems (1)
Institute
The IT unit is not the only provider of information technology (IT) used in business processes. Aiming for increased performance, many business workgroups autonomously implement IT resources not covered by their organizational IT service management. This is called shadow IT. Risks and inefficiencies associated with this phenomenon challenge organizations. Organizations need to decide how to deal with identified shadow IT and if the business or the IT unit should be responsible for corresponding tasks and components. This study proposes design principles for a method to control identified shadow IT following action design research in four organizational settings. The procedure results in an allocation of IT task responsibilities between the business workgroups and the IT unit following risk considerations and transaction cost economics, leading to an IT service governance. This contributes to governance research regarding adaptive and efficient arrangements with reduced risks for business-located IT activities.
Research on Shadow IT is facing a conceptual dilemma in cases where previously “covert” systems developed by business entities are integrated in the organizational IT management. These systems become visible, are thus not “in the shadows” anymore, and subsequently do not fit to existing definitions of Shadow IT. Practice shows that some information systems share characteristics of Shadow IT but are created openly in alignment with the IT organization. This paper proposes the term “Business-managed IT” to describe “overt” information systems developed or managed by business entities and distinguishes it from Shadow IT by illustrating case vignettes. Accordingly, our contribution is to suggest a concept and its delineation against other concepts. In this way, IS researchers interested in IT originated from or maintained by business entities can construct theories with a wider scope of application that are at the same time more specific to practical problems. In addition, the terminology allows to value potentially innovative developments by business entities more adequately.
Shadow IT risk
(2015)
Schatten-IT
(2015)
Schatten-IT
(2015)
The digital transformation of business processes and the integration of IT systems leads to opportunities and risks for small and medium-sized enterprises (SMEs). Risks that can result in a lack of IT Governance, Risk and Compliance (IT-GRC). The purpose of this paper is to present the current state of the research project. With this, the Design Science Research approach based on Hevner is using. Based on the phase of Problem Identification and Objectives, this paper will deal with the development of an artefact and thus present the draft of the Design phase. The artefact will be developed by selecting relevant existing frameworks and standards and the identification of SME-specific conditions.
Durch die zunehmende Vernetzung und den Anstieg von eingesetzter Hard- und Software hat sich die Komplexität der Unternehmensarchitektur von Unternehmen über die Jahre stetig erhöht. Das Aufkommen nutzerfreundlicher Informationstechnologie (IT)-Lösungen befähigt außerdem Fachbereiche, IT innovativ einzusetzen. Dies erhöht die Heterogenität und damit nochmals die Komplexität der Unternehmensarchitektur. Darüber hinaus treibt dieser IT-Einsatz die Digitalisierung in den Unternehmen maßgeblich voran. Dies wirft die Frage auf, ob Unternehmen überhaupt noch eine Relevanz in der Reduktion der Komplexität durch IT-Integration sehen oder ob dies vor dem Hintergrund der Digitalisierung schon ein alter Hut ist. Experteninterviews und eine qualitative Datenanalyse zeigen, dass IT-Integration und Digitalisierung keine disjunkten Phänomene sind, sondern sich gegenseitig beeinflussen. Die Ergebnisse betonen, wie unterschiedlich der Begriff aufgefasst werden kann und dass die einheitliche Nutzung damit essenziell ist. Darüber hinaus zeigen sie, dass Digitalisierung einerseits Treiber der IT-Integration ist, andererseits aber auch die Möglichkeiten zur Umsetzung verändert. Dabei ist die Integrationsentscheidung durch die Vielzahl an Vor- und Nachteile komplex. Fachbereichs-IT ist selten explizites Ziel von IT-Integrationsprojekten. Der Beitrag zeigt den wissenschaftlichen Forschungsbedarf in neuen technologischen Möglichkeiten zur IT-Integration und in der Balance von Flexibilität und IT-Integration in der Unternehmensarchitektur. Er beleuchtet, dass eine gemeinsame Sprache die Basis für IT-Integrationsprojekte ist und dass eine Kultur, in der Fachbereiche aktiv an IT-Integrationsentscheidungen teilhaben, das Ziel eines jeden Unternehmens sein sollte. Insgesamt zeigen die Analysen, dass IT-Integration noch lange kein alter Hut, sondern, im Gegenteil, brandaktuell ist.
In several organizations, business workgroups autonomously implement information technology (IT) outside the purview of the IT department. Shadow IT, evolving as a type of workaround from nontransparent and unapproved end-user computing (EUC), is a term used to refer to this phenomenon, which challenges norms relative to IT controllability. This report describes shadow IT based on case studies of three companies and investigates its management. In 62% of cases, companies decided to reengineer detected instances or reallocate related subtasks to their IT department. Considerations of risks and transaction cost economics with regard to specificity, uncertainty, and scope explain these actions and the resulting coordination of IT responsibilities between the business workgroups and IT departments. This turns shadow IT into controlled business-managed IT activities and enhances EUC management. The results contribute to the governance of IT task responsibilities and provide a way to formalize the role of workarounds in business workgroups.