Justifications for the Implementation of Shadow IT Solutions by Functional Departments in an Organisation

Master Thesis

2019

Permanent link to this Item
Authors
Supervisors
Journal Title
Link to Journal
Journal ISSN
Volume Title
Publisher
Publisher
License
Series
Abstract
Background: The implementation of information technology (IT) solutions by end-users, while bypassing organisational laid-down IT acquisition and implementation processes and controls, poses a significant challenge for most organisations. This phenomenon, which is known as Shadow IT (SIT), has major financial, legal and security implications for the organisation. Studies indicate that even when organisations implement IT policy to minimise the implementation of SIT, end-users may still find innovative ways to bypass the IT department when implementing unsanctioned software. Purpose of the research: The objective of this study was to investigate how end-users (functional departments) who implement SIT in organisations justify their actions. The term Justification refers to the techniques employed by a social actor to indicate that their deviant behaviour is actually reasonable. Understanding justifications for SIT is essential for IT managers since they can understand them as justification and not confuse them with other phenomena and at the same time they can devise appropriate strategies to counter them. IT Managers who are not aware of the justifications for SIT may implement measures which may not be effective in curbing the phenomena. Design/Methodology/approach: The study adopted an interpretivist approach. The study was guided by the 'Neutralisation Theory’ from the social deviance discipline. The study examined whether an organisation had an IT policy which prevents end-users from implementing SIT, and also assessed the 'Neutralisation’ techniques employed by end-users to justify SIT. The study adopted a case study approach based on a South African office of a multinational organisation. The study collected data through (i) semi-structured interviews with end-users from different functional departments who were involved with implementation of SIT and (ii) documentation (IT policy and email correspondences). The study adopted the purposeful sampling (snowball) technique to target the employees who were involved with the implementation of SIT. A total of 13 respondents were interviewed. The data was analysed using thematic analysis approach. Findings: The organisation did not have an IT policy which prevented functional departments from implementing SIT. Instead, it had a policy which allowed functional departments to implement their own IT solutions as long as they inform the IT department to assess the software application for potential risks and compatibility with the existing landscape. Most respondents did not use Neutralisation techniques to justify the implementation of SIT due to the policy which allowed them to implement their own IT solutions. Nevertheless, the respondents who employed Neutralisation techniques mainly used Denial of responsibility, Denial of injury and Appeal to higher loyalties to justify SIT. Originality/contribution: The study contributed to the justifications of SIT literature when it explored the concept of SIT in a corporate company setting - as opposed to earlier studies that used quantitative methods and experiments when exploring the concept of SIT. The study also makes a further contribution to literature by investigating SIT in an environment where functional departments are allowed to implement their own IT solutions - this was not explored by previous studies on Justification of SIT. The study also contributes to the practice where there is a need by IT management to minimise SIT by providing awareness of Neutralisation techniques which may be employed by functional departments to justify SIT. Through the understanding of the Neutralisation techniques, IT managers could make sound decisions when implementing measures to minimise SIT
Description

Reference:

Collections