Establishing Service-Level Agreements For Shadow IT

A Service-Level Agreement (SLA) is a part of a service contract where the service is formally defined. It includes certain aspects of the service, such as scope, quality and responsibilities. Common features include the contracted delivery time, definition or services, and termination agreement.

SLAs by nature are output based, meaning the result of the service received by the customer is the subject of the agreement. After the service provider demonstrates their value in what they have to offer, the customer agrees to the terms and the contract begins.

All of this works well when a company’s IT team is involved in the decision-making process, and hand selects the services they are willing to bring on board. Yet every IT team knows employees don’t operate solely with pre-approved services. If a job needs to be performed, an employee will find the best way to accomplish it, even if it means selecting another service to do so. They agree to whatever SLA is in place, and use the program with all of its risks as a part of the business process.

The risks of shadow IT have always been a concern for IT departments. And in most cases, these informal IT relationships are springing up even more than IT leaders realize. A report in 2015 by Cisco indicated that unauthorized use of cloud-based applications was 10 to 15 times greater than what the CIO estimated.

Shutting down this growing trend of shadow IT operations isn’t an option. Instead, IT leaders can take a different track that embraces the culture of finding applications that meet immediate needs, eliminating risks by wrapping formal standards around its delivery. When you recognize it’s happening and the benefits associated with it, it’s easier to make sure all procedures are handled in a beneficial way.

One way to do that is to take the same approach as companies providing SLAs. Building an SLA framework for services selected can help measure and report on their performance.

Start by defining the framework for shadow IT

Ignoring it won’t make the issue go away. Instead, take the time to quantify and qualify how it will be introduced and assessed within the organization. When employees select a program to meet their needs, not only should they have guidelines to follow to make sure it meets company requirements, but also have tools to assess how well it meets needs as it’s being used. Measurements can help both the employee and the IT team evaluate whether a program is a good fit to get the work done.

Incorporate shadow IT into all phases of management

IT clearly defines standards and policies around all forms of technology used within the organization. Those same policies should be used when establishing a shadow IT plan. Every request, problem, incident, and event should be clearly recorded for further analysis and measure down the road.

Establish SLAs for shadow IT

By clearly defining delivery capabilities, you begin creating operating level standards. It helps align overall goals and targets, and can help create 100 percent compliance with company procedures.

Align performance reporting to ensure shadow IT is effective for the organization

This will help the IT department show transparency in the delivery of all services throughout the organization. With increased visibility, it’s easier to use scorecards and work performance statistics to show what’s working, what’s not. It increases recognition of the value of outside services, and where improvements can be made to the business as a whole.

 

Are you worried how shadow IT is impacting your workplace?