Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

CIO Insights: Dealing with shadow IT

Three Australian IT leaders share their advice

Businesses used to rely on experts to provide advice about which technology to buy. Now, users can purchase a service in no time with only a browser and a credit card, allowing them to bypass IT.

In this third installment of CIO Insights, we talk to three leading Australian technologists about how to deal with shadow IT and become a strategic business partner as opposed to the ‘police department’.

Scenario: The CIO suddenly finds out that the chief marketing officer has purchased a software-as-a-service product for a marketing initiative. The CIO now needs to think about how the company’s data will be secure and how the new product will integrate with other systems and infrastructure without having the opportunity to do any careful planning beforehand. The CIO is frustrated that the CMO didn’t consult with IT on this initiative early in the process. The CMO feels that IT doesn’t understand the tight deadlines of marketing.

What would you do in this situation?

Alex Jones, CIO at Synergy

Marketing obviously has an underlying view that they are going to get what they want more effectively without you. So the question that you have to ask yourself is: ‘Why do they think I’m more of a barrier than an enabler?’

CIOs are famous for having personal inclinations towards mitigating as much risk as possible. The clear message here is that the CIO’s desire to mitigate risk can be inconsistent with the objectives of the organisation.

It’s actually not an effective way of mitigating those risks to just say ‘no’ when people come up to you. If the CIO tries to set up such tight rules where the business units are truly inhibited then that just generates a lot of frustration. Just saying ‘no’ when people ask them for something doesn’t mitigate the risk because then they do it anyway – the CIO is failing to mitigate risk and add value.

Read: Gone are the days when CIOs simply said ‘no’.

You have to be seen to be adding value to the process, rather than getting in the way. The CIO is worried about data security, integration and wants careful planning – that’s what makes IT perceived as being the barrier. Others think ‘as soon as I come and ask you for something that’s going to cost me $10, you are going to give me 1,000 reasons why I can’t have it’.

There are now increasing numbers of opportunities for people to get their needs met with all of the software-as-a-service options; they have more options to get these things independently than they had before. Effectively, the bar is higher for IT because, relatively speaking, if there are more alternatives to what you have to offer, then you have to be better.

It’s also possible in the scenario that marketing didn’t even realise IT could help them and just assumed they couldn’t. So it’s having people in your team dedicated to being there with the different stakeholders, knowing where the business is going and offering these options. That way you become part of the solution, not part of the problem.

IT has to dedicate itself, real resources to work with the different stakeholders around the business so that they can anticipate needs, make constructive suggestions early, and become one of the 'options'.

Business partnering is not just about having an open door policy and hoping people will walk in and talk to them every time they want something. It’s about having dedicated professionals within the IT organisation whose entire job it is to get out there and find out. It’s like account management.

Inevitably, the CIO will have to make a decision where to use resources because no one ever really gets more money than they had before. It’s not a no brainer, because effectively what you are doing is you are asking the organisation to invest in this capability and the organisation is often not going to be well disposed towards investing in what you might call 'internal account management'. They are not going to see the value.

They are going to say, ‘If you can afford taking three people off normal operational work to do that, then why don’t you just cut three headcount out of your team altogether and then just don’t do it at all?’ So you are going to have to have that debate. Just getting the license to put those people on board is hard. And if you do it, they then have to show their value.

But if you don’t have those people, how can you expect you are going to be able to collaborate effectively and actually add value on the team? I think it is the most strategic investment that an IT organisation can make internally.

Johan Sulaiman, head of IT – Asia Pacific at LEK Consulting

This situation most likely happens when the CIO or IT director is not responsive to the business needs, is not engaging him or herself into the business, and is still having that mentality of ‘this is my domain, you come to me if you need anything’.

If they come to you with an idea and you keep saying to them ‘let me come back to you in a month after we evaluate this thing’, then they’ll think the IT team and leadership is not on top of the game.

They might think, ‘if I share this project with IT, they’ll make it a slow process, they put a lot more roadblocks, so let me do it myself’.

Read: Virtualization could save businesses $6b in costs by 2020: IDC.

Join the CIO newsletter!

Error: Please check your email address.

Tags shadow ITRob Livingstonebusiness partnersCIO InsightsAlex JonesCIO-CMO relationshipJohan Sulaiman

More about IDC AustraliaLEK ConsultingRob LivingstoneSynergy

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

Computerworld
ARN
Techworld
CMO