Leaving the Shadow: A Configurational Approach to Explain Post-identification Outcomes of Shadow IT Systems

Abstract

With the advent of end-user and cloud computing, business users can implement information systems for work practices on their own – either from scratch or as extensions to existing systems. The resulting information systems, however, often remain hidden from managers and official IT units, and are therefore called “shadow IT systems”. When a shadow IT system is identified, the organization has to decide on the future of this system. The study uses a configurational perspective to explain outcomes of shadow IT system identification, as well as the mechanisms and contextual conditions which bring them about. For this purpose, 27 profiles of shadow IT systems were compiled by conducting 35 interviews with respondents from different positions and industries. The analysis gives insight into six distinct context-mechanism-outcome configurations explaining four outcomes that occur after shadow IT system identification, namely phase-out, replacement, continuing as IT-managed system, and continuing as business-managed system. These results contribute to the shadow IT literature and, more broadly, IS architecture and governance streams of the IS literature. They inform IT managers when these weigh decision options for identified shadow IT systems given different contextual conditions.