As a CIO, you will discover business-driven projects are already underway and you or your team haven’t been included in them. How do you react to this?
You already have a full plate and the portfolio is stretched thin with obvious resource constraints. So what do you do? There are many options open but many of these choices are the wrong ones.
One approach is just to assume that these projects are not strategic or important, so you can just choose to ignore them. They’re out of sight and out of mind. You’re not personally accountable for delivery, so you’re safe to pretend it doesn’t matter.
My view is that this is not the right approach. Many shadow IT projects are just a time bomb waiting to detonate. Assuming that ignorance is a good defence will depend on the company that you work for. But the reality is that any unauthorised work is taking organisational bandwidth from the IT team or other business areas.
Clearly this bad so you’ll have to attack this directly and rout the attempt to circumvent your team and your authority. You could tell your direct reports that the team won’t accept this and bring every example to their attention, so that you can take this on and challenge the project.
The downside with this approach is that these projects are most probably sponsored and supported by your executive peers. This won’t be an easy fix and you will indeed have to go into battle. Be prepared to lose as there is no guarantee that your view will convince others.
Some CIOs will believe that the way to battle is to impose that extra governance of these initiatives. Yes, this may help to ensure that you have visibility however it won't mean that you will win.
Being able to achieve and deliver these projects, often when missing any real support from IT, mean they might be a great source of talent that you should bring your team. You may even find that the change agents that are working on ‘renegade IT’ are actually the very same ideal candidates that you should recruit.
Just think about the talented staff who are working on such digital or analytics projects that are better than your own full time equivalents.
So you can't beat them, so may as well join them. This seems to be taking the path of least resistance but it could be the way to address the situation.
I’ve seen countless shadow IT projects that are just about ready to ‘go live’, but no due diligence has been done on the risks related to things like hosting, coding or security.
By embracing shadow IT, you are able to ensure that the issues are addressed. It really won’t matter if you try to explain that a data breach is not your responsibility and that this is a user-driven project.
Shadow IT is here to stay and I suspect that this will be a greater risk as business partners get frustrated waiting for official support and they turn to ‘self-service’ solutions from various external cloud providers.
A learning opportunity
There will always be an incredible learning opportunity that comes with embracing shadow IT. As a CIO you will learn about your own demand management process and its shortcomings. It will also provide insights into the gaps that exist with your IT strategy and how you execute this with your business partners.
We can always learn from fast moving transformation. It is in the in-between lull that we can become complacent and assume that we are masters of the universe. As a CIO, it is always good to be grounded and understand your own team’s limitations.
By embracing this as a learning opportunity we can also ensure our own career longevity.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.