Since the beginning of information technology systems, there have been informal systems developed by users to compensate for shortcomings in the official systems. This presentation will examine the cause of informal business systems; how they can be identified in the IT environment; and how they can be properly evaluated as asset or threat. The discussion will include drivers and causes of shadow and rogue IT, and how organizations are modifying their governance structures to take advantage of the user-driven innovation often represented by these DIY systems. Ultimately, participants will understand how to evaluate user-derived IT solutions for their potential and risk, encouraging innovation while meeting regulatory and data protection obligations.
Understand the forces that result in unsanctioned IT systems operating in the business environment.
Discuss how to identify, through audit and inquiry, when and where shadow IT systems are being used.
Implement changes in governance that will enable the organization to realize the benefits from user-driven IT innovation while still controlling the risk and costs related to the unmanaged use and development if unsanctioned IT systems.
MSc, CCFP, C|CISO,CISM,CRISC,