Blind No More
Sure, "ghost IT" isn't a new phenomenon. During better economic times, says Chell Smith, vice president of technology services for Cap Gemini Ernst & Young, CIOs could occasionally afford to turn a blind eye to such rogue projects. In the healthcare and pharmaceutical industries, for example, where rule-breaking is thought to increase the odds of innovative breakthroughs, IT executives have often been known to look the other way.
But those days are over. In these cost conscious times, ghost IT is being forced out of the shadowsincreasingly viewed as more of an absolute no-no rather than a tolerable exercise in well-intentioned ambition. Indeed, in many companies, ghost IT is being seen as a symptom of poor technology management and a sign of chronic communication problems between IT and business units. Worst of all, some company executives interpret ghost IT as a sign the CIO has lost control of costs and technology projects. "CEOs are very dependent on the CIO to manage and explain costs, and make them transparent," says David Mark, principal and leader of McKinsey & Co.'s North American IT management practice. Adds Bill Zollars, CEO of the Overland Park, Kan.-based freight company, Yellow Corp.: "IT decisions are strategic decisions, central to the business strategy. 'Rogue IT' is a sign that all is not right in the IT department, and, maybe, out of whack a bit throughout the company."
Indeed, some CIOs are finding themselves stuck between a rock and a hard place, with too few resources to meet too many demands, and without sufficient input from higher-ups, in some cases, to make the tough trade-offs required.
The result? Some CIOs tend to make high-impact decisions in a vacuum, triggering credibility problems that can snowball. "In extreme belt-tightening situations, where there is an unrealistic expectation to contain the overall cost of IT, a CIO can feel as if he or she has no choice but to effectively say 'yes' to everything a business unit wantsand that sets up business units to be disappointed because [there aren't enough] IT resources to do all projects well," says Bob Gold, a vice president and practice leader for strategic information technology management at Balanced Scorecard Collaborative Inc., a technology strategy consulting group. "The next time, a disappointed business unit is going to be more tempted to go it alone."
And yet it's precisely in skittish economic times that ghost IT threatens to haunt CIOs' cost-cutting efforts the most, says Gold and others. In some cases, business units turn to rogue projects in desperation; "it's a survival move," Gold says. Adds Gartner EXP group vice president Ellen Kitzis: "The argument for ghost or guerrilla development is that some business units can't wait for the big technology decisions to get made. Their markets are changing very rapidly, competitors are making really significant moves fastand IT has to keep up in order to serve them better."
To be sure, rogue IT can't benor, some say, should bestamped out completely. But how much is too much? Gartner's Kitzis suggests CIOs work to keep such projects to a minimum if they want to keep their jobs. "You can't let [ghost IT] happen too often. If everything becomes guerrilla development, you get anarchy. That's where good IT governance has to come in." Rogue IT, says Harvard Business School professor Richard Nolan, "makes the need for IT and business to cooperate on strategy more important than ever."
How pervasive is rogue IT? Off-the-book spending on technology projects could amount to the equivalent of as much as 5 to 15 percent of a company's total IT budget, estimates Bobby Cameron, principal analyst at Forrester Research Inc. Even the best-run companies, he says, spend the equivalent of between 5 and 10 percent of their total IT budget on ghost IT projects. And it can get worse than that. "An auto industry OEM, for example, can run about 30 percent shadow spending," Cameron says. BSC's Gold adds that doesn't include the cost of failed rogue projects that end up in the lap of the CIO "to untangle the mess."
Giga Information Group Inc. vice president Marc Cecere, who has studied 150 IT operations, says between 100 and 150 IT people with "half again as many business people" work in the typical rogue shop at a large corporation. "That's already a few million dollars of waste right there," he says. But that's not all. Unless rogue IT projects are able to scale, they're all but useless.
Consider the insurance industry. After cutting costs, integrating data is an insurer's second-highest IT priority, Cecere says. Without data integration, "the company cannot present its customers with a single face." When rogue IT shops generate bad data, "bad in format and bad in truth value, it can't be rolled up and collected," Cecere says. Rogue IT may cost a company its ability to leverage whatever knowledge the rogue systems gather, and damage its relationship with customers.