{"title":"控制影子IT:以一家土耳其银行为例","authors":"N. Ozkan, Kübra Bulut, M. Gök, G. Özer","doi":"10.1109/UBMK52708.2021.9558944","DOIUrl":null,"url":null,"abstract":"it is common to encounter formations of IT processes that locate in and are operated by business units, outside of IT units’ control, so called shadow IT. Although it has several advantages, it also brings us a grey area that needs to be controlled properly. Otherwise, it can lead to high risks, financial and reputational losses. In this paper, we present the development of an IT governance and management system including an accompanying control approach for shadow IT in Kuveyt Turk Participation Bank based on the two main projects experienced by the bank. After defining shadow IT for the bank, we deliver the problem with a risk aspect, then, elaborate on selected control approach with its reasoning, convey establishment of related governance model and processes and finally discuss on the topic with general terms, to further give insights to organizations in the similar context. Controlling shadow IT has largely been under-emphasized so far in the literature, especially for the finance sector. Hopefully, this study sheds light on both practitioners and researchers by filling this gap, a bit.","PeriodicalId":106516,"journal":{"name":"2021 6th International Conference on Computer Science and Engineering (UBMK)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2021-09-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Controlling Shadow IT: Case Study from a Turkish Bank\",\"authors\":\"N. Ozkan, Kübra Bulut, M. Gök, G. Özer\",\"doi\":\"10.1109/UBMK52708.2021.9558944\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"it is common to encounter formations of IT processes that locate in and are operated by business units, outside of IT units’ control, so called shadow IT. Although it has several advantages, it also brings us a grey area that needs to be controlled properly. Otherwise, it can lead to high risks, financial and reputational losses. In this paper, we present the development of an IT governance and management system including an accompanying control approach for shadow IT in Kuveyt Turk Participation Bank based on the two main projects experienced by the bank. After defining shadow IT for the bank, we deliver the problem with a risk aspect, then, elaborate on selected control approach with its reasoning, convey establishment of related governance model and processes and finally discuss on the topic with general terms, to further give insights to organizations in the similar context. Controlling shadow IT has largely been under-emphasized so far in the literature, especially for the finance sector. Hopefully, this study sheds light on both practitioners and researchers by filling this gap, a bit.\",\"PeriodicalId\":106516,\"journal\":{\"name\":\"2021 6th International Conference on Computer Science and Engineering (UBMK)\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-09-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 6th International Conference on Computer Science and Engineering (UBMK)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/UBMK52708.2021.9558944\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 6th International Conference on Computer Science and Engineering (UBMK)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/UBMK52708.2021.9558944","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Controlling Shadow IT: Case Study from a Turkish Bank
it is common to encounter formations of IT processes that locate in and are operated by business units, outside of IT units’ control, so called shadow IT. Although it has several advantages, it also brings us a grey area that needs to be controlled properly. Otherwise, it can lead to high risks, financial and reputational losses. In this paper, we present the development of an IT governance and management system including an accompanying control approach for shadow IT in Kuveyt Turk Participation Bank based on the two main projects experienced by the bank. After defining shadow IT for the bank, we deliver the problem with a risk aspect, then, elaborate on selected control approach with its reasoning, convey establishment of related governance model and processes and finally discuss on the topic with general terms, to further give insights to organizations in the similar context. Controlling shadow IT has largely been under-emphasized so far in the literature, especially for the finance sector. Hopefully, this study sheds light on both practitioners and researchers by filling this gap, a bit.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
