From Shadow IT to Business-managed IT: a qualitative comparative analysis to determine configurations for successful man
- PDF / 968,310 Bytes
- 49 Pages / 439.37 x 666.142 pts Page_size
- 33 Downloads / 135 Views
From Shadow IT to Business‑managed IT: a qualitative comparative analysis to determine configurations for successful management of IT by business entities Andreas Kopper1 · Markus Westner2 · Susanne Strahringer1 Received: 23 June 2019 / Revised: 14 May 2020 / Accepted: 28 June 2020 © The Author(s) 2020
Abstract Shadow IT describes covert/hidden IT systems that are managed by business entities themselves. Additionally, there are also overt forms in practice, so-called Businessmanaged IT, which share most of the characteristics of Shadow IT. To better understand this phenomenon, we interviewed 29 executive IT managers about positive and negative cases of Shadow IT and Business-managed IT. By applying qualitative comparative analysis (QCA), we derived four conditions that characterize these cases: Aligned, local, simple, and volatile. The results show that there are three sufficient configurations of conditions that lead to a positive outcome; one of them even encompasses Shadow IT. The most important solution indicates that IT systems managed by business entities are viewed as being positive if they are aligned with the IT department and limited to local requirements. This allows to balance local responsiveness to changing requirements and global standardization. In contrast, IT systems that are not aligned and permanent (and either organization-wide or simple) are consistently considered as negative. Our study is the first empirical quantitative– qualitative study to shed light on the success and failure of Shadow IT and Businessmanaged IT. Keywords Business-managed IT · Shadow IT · IT governance · Qualitative comparative analysis (QCA)
Electronic supplementary material The online version of this article (https://doi.org/10.1007/s1025 7-020-00472-6) contains supplementary material, which is available to authorized users. * Susanne Strahringer susanne.strahringer@tu‑dresden.de 1
TU Dresden, Helmholtzstr. 10, 01069 Dresden, Germany
2
OTH Regensburg, Pruefeninger Str. 58, 93049 Regensburg, Germany
13
Vol.:(0123456789)
A. Kopper et al.
1 Introduction Many businesses today use information technology (IT) systems that are “in the shadows” for the IT department which is expected to be aware of them. Kopper et al. (2018b), for example, report on an event management system sourced by marketing staff because of an upcoming exhibition and the need to manage participants. Because the marketing department knew the IT department would not be able to provide a suitable system as quickly as needed, marketing simply sourced a software as service (SaaS) solution, adapted it, and used spreadsheets for data transfer. Only later, IT managers became aware of the system. They only had moderate levels of concerns about the system’s covert usage but still planned to address the situation to mitigate potential risks (Kopper et al. 2018b; Zimmermann et al. 2017). The mentioned event management system which was hidden from IT is an example for the phenomenon called Shadow IT. Shadow IT is defined as all software (inc
Data Loading...
