I heard a new term this week from an experienced CIO running a good operation, well matched to the enterprises business aims, etc. He reckoned that ‘Shadow IT’ is fast becoming the order of the day as the Users, individually or in groups, enact something locally. His problem was he didn’t know if this was a good thing or a bad thing from the perspective of the business, though he certainly wasn’t too comfortable about it from a personal or professional CIO view. The more we discussed it the less sure both of us became what this really meant; on one hand based on centralised IT funded and managed on behalf of the business to ensure support for its operations, deeply concerning for its ability to unwittingly produce problems; and on the other its directly showing new business value coming from IT in the most important operational areas of the business. At first glance this seems to be a centralised versus de-centralised debate, but that’s not what we concluded it really is. Our conclusion was it represents the personalisation of working activity, what Microsoft calls ‘role based’ IT, versus the need for enterprise consistency of transaction outcomes. How did we reach this conclusion? Firstly, the last few big technology changes have all been user adopted before there was enterprise recognition of the value and subsequent adoption; this started with the PC, moved on to the cell phone, then to the PDA, but most of all it was the Internet and Web. Taken together all of these technologies have resulted in a new generation of users that think different and can use technology to support what they are thinking with out needing professional help. In fact outside work this generation will probably have access to and use the latest products to support their interactions, information and lifestyle. Why settle for less in work? The term ‘Shadow IT’ really refers not to duplicating the role of existing IT department, but to complementing it with a different type of communication, collaboration and content driven working enabled by some basic shifts in the understanding of how to use this beneficially by a generation aged say 35 and down. The question for the CIO is how to allow this probably inevitable change within the ability to maintain, and improve control, of the enterprises business transactions IT services. The improved control aspect is not just a technology issue for the IT department it is a corporate governance aspect of managing people who are working in a new way. A friend in the car industry, top German car franchise, couldn’t see the problem, he pointed out that all mechanics provide their own tools; the garage provides the specialised tools for particular specialised service functions, the training and the management to ensure the work is done as laid down by the car manufacturer. Where’s the difference he wanted to know? Put that way, and using an open mind, it’s hard not to think that ‘Shadow IT’, or more correctly ‘User / Role’ based IT, isn’t going to have to become an accepted part of a knowledge working environment.