ArticlePDF Available

End User Computing: The Dark Matter (and Dark Energy) of Corporate IT

Authors:

Abstract

End user computing (EUC) applications are like dark matter in physics. They are enormous in quantity and importance yet have been largely invisible to corporate IT departments, information systems researchers, and corporate management. EUC applications, especially spreadsheet applications, are also "dark" in the sense that they pose a number of overlooked risks for organizations, including errors, privacy violations, trade secret extrusions, and compliance violations. On the positive side, EUC applications are also like the dark energy of physics. They are bringing critical gains to decision making, operational systems, and other important processes to every corner of the firm. It is time to stop ignoring end user computing in general and spreadsheets in particular. One point to consider in particular is that we should only talk about development, regardless of whether the developer user a 3GL or 4GL.
... Consequently, nothing is learned, nothing is stored in long term memory, and no schemata are constructed, which leads to the intensive use of attention mode thinking, which is more prone to produce errors than automatic mode thinking. It is not surprising that some researchers find text and spreadsheet management low level, boring, routine activities [20] [21], in spite of the warnings that end-user computing should be taken seriously [22] [32]. This discrimination against end-user computing can also be explained by teachers' belief in the "fixed" nature of the subject and their own low-level efficiency [23]. ...
... Most teachers apply low mathability approaches to computer problem solving; teaching their students with a fixed belief in science -IT, ICT, CS and with low self-efficacy. These approaches mainly focus on interface navigation, and passing exams, without providing students opportunities to fully understand and appreciate science [23] and can lead to erroneous end-user activities [5] [22]. As mentioned above, effective enduser text management requires the cooperation of teachers of different subjects. ...
... Crowd sourcing would also help find IT professionals who at present, mostly ignore end-user computing [22] [43] and could recognize that High Mathability End-user Computing would be an effective introduction to serious computing. ...
... Shadow information technology (Shadow IT) is defined as "hidden" IT solutions (software, hardware, or IT service processes) autonomously deployed in and managed by business departments to support their processes without alignment with IT departments [1]. As a result, Shadow IT can have issues such as inefficient and non-professional implementation [1], security risks [9], compliance issues [13], and deviations from organizational standards and controls [10]. ...
... Shadow information technology (Shadow IT) is defined as "hidden" IT solutions (software, hardware, or IT service processes) autonomously deployed in and managed by business departments to support their processes without alignment with IT departments [1]. As a result, Shadow IT can have issues such as inefficient and non-professional implementation [1], security risks [9], compliance issues [13], and deviations from organizational standards and controls [10]. Moreover, most of the Shadow IT instances, even those involving mission-critical tasks, largely follow their own implementation of IT, out of formal IT processes and standards, which is a case concerning manager about possible risks and inefficiencies [7]. ...
... Shadow information technology (Shadow IT) is defined as IT solutions (software, hardware, or IT service processes) autonomously deployed in and managed by business departments to support their processes [1,2]. They are usually being regarded to "hidden" systems that are applied without alignment with IT departments [3,5]. ...
... Most of shadow IT applications, even those involving mission-critical activities, follow their own implementation of IT that are out of formal IT processes and standards, which is a case concerning managers with occurrence of high risks and inefficiencies [7,8]. Researchers report some shadow IT challenges posing inefficient and non-professional implementation [1], security risks [9], compliance issues [13], issues in data transmissions and storage of data outside of organizational standards and controls [10]. ...
Conference Paper
It is common to encounter formations of IT processes that locate in and are operated by business units, outside of IT units’ control, so called shadow IT. Although it has several advantages, it also brings us a grey area that needs to be controlled properly. Otherwise, it can lead to high risks, financial and reputational losses. In this paper, we present the development of an IT governance and management system including an accompanying control approach for shadow IT in Kuveyt Turk Participation Bank based on the two main projects experienced by the bank. After defining shadow IT for the bank, we deliver the problem with a risk aspect, then, elaborate on selected control approach with its reasoning, convey establishment of related governance model and processes and finally discuss on the topic with general terms, to further give insights to organizations in the similar context. Controlling shadow IT has largely been under-emphasized so far in the literature, especially for the finance sector. Hopefully, this study sheds light on both practitioners and researchers by filling this gap, a bit.
... One might argue that there is no need for remembering the function names since wizards, tips, helps, etc. would guide end-users in finding the correct function(s). However, this is not so, because browsing the interfaces and looking for ideas requires slow thinking [64], whose processes are proved erroneous, leading to serious spreadsheet errors [39,82,89,90]. Instead, with a reasonable cognitive load [29,30,76], the names, the arguments, and the semantics of the functions must be memorized to allow end-users to activate fast thinking, which would lessen spreadsheet errors. ...
... The surface approach methods-focusing on the teaching of how the user interface works, typing spreadsheet tables, browsing wizards and help, coursebooks introducing as many functions as possible, and softwares offering newer and newer functions and features-do not support schema construction. Without schemata built up in the long-term memory, fast and slow thinking [64] cannot be applied effectively [83], which leads to erroneous spreadsheet documents [83,89], and ultimately to serious financial losses, both in human and machine resources [90]. ...
Article
Previous research proved that teaching spreadsheeting from a programming perspective is much more effective than the widely accepted tool-centered surface approach methods. Spreadsheeting as an introductory programming approach allows students to build up schemata leading to contextualized, concept-based problem-solving. Furthermore, it provides tools for real-world problem-solving in other disciplines, and supports knowledge-transfer to database management and “serious” programming. The present study provides the details of a nationwide testing of Grades 7–10 students on how they evaluate their spreadsheet knowledge, which classroom activities form their self-assessment values, and the results of three spreadsheet tasks evaluated by the SOLO categories of understanding. The comparison reveals that most students’ spreadsheet knowledge is pre-structural. On the other hand, they assess themselves much higher, which is primarily based on the number of activities carried out in classes. Traces of conscious problem-solving and knowledge-transfer within the scope of spreadsheeting are hardly detectable, while knowledge brought from mathematics is recognizable. In general, we found proof that the pieces of knowledge remain unconnected, not allowing students to reach the relational level of understanding and build up long-lasting knowledge.
... According to results obtained by Baker et al. (2006aBaker et al. ( , 2006bBaker et al. ( , 2006c, the lack of users' awareness of spreadsheet risks is significant: only 54.2% users were somewhat aware of spreadsheet risks, while more than a quarter (26.3%) of respondents were completely unaware of them. Users' overconfidence, which is a common cause of underestimation of spreadsheet risks (Panko, 2007(Panko, , 2009, often produces errors with serious financial and reputation-related consequences (Aurigemma and Panko, 2014;Caulkins et al., 2007a;Dunn, 2010;Panko, 1998Panko, , 2013Panko and Port, 2013;Panko and Sprague, 1998;Powell et al., 2008bTeo and Tan, 1999). Spreadsheet risks are documented in public reports available on EuSpRIG (European Spreadsheet Risk Interest Group) website. ...
... caused by a spreadsheet error, reputation loss over a €100 million spreadsheet error, regulatory sanctions due to a spreadsheet error which caused equity value to be overstated by $100 million, loss of credibility due to a spreadsheet error exaggerating oil production, data leakage caused by emailed spreadsheet containing private data in 'hidden' columns, etc. (EuSpRIG, 2019) Studies suggest that the occurrence of spreadsheet errors is on the rise, and that between 44% and 100% of spreadsheets contain errors (Evans, 2012;Grant et al., 2009as cited in Sakal et al., 2015. The situation is further worsened by the fact that a vast number of errors remain undiscovered, or even get concealed in attempts to maintain reputation, which is the reason that Panko and Port (2013) refer to them as "The Dark Matter (and Dark Energy) of Corporate IT". ...
Article
Motivated both by reports on devastating financial and reputation-related consequences of spreadsheet errors and the results of previous studies suggesting a significant lack of users’ awareness of spreadsheet risks, this paper provides insight into factors that influence users’ perception of risks associated with creating and using spreadsheets. The survey was conducted on a sample of 161 spreadsheet users, whose attitudes were analyzed in accordance with 17 attributes. Statistically significant differences were detected among groups with different levels of self-estimated proficiency in spreadsheets, groups of users that spend different amount of time working with spreadsheets during a typical workday, groups of users who attribute greater subjective significance to spreadsheets in the tasks they perform, as well as groups of users from different management levels. Results of the statistical analysis also suggest that the perception of risks associated with spreadsheets is influenced by existence of standards and rules for spreadsheet development and uses within an organization. Results of the research presented in this paper, which point to an alarmingly low rate of use of spreadsheet features useful for risk mitigation, as well as to a prevalent lack of standards and rules for development and use of spreadsheets among the surveyed organizations, may stimulate managers to introduce such initiatives.
... Several concepts have been discussed in the past in a related context: "Enduser Computing" (Panko and Port 2012) historically describes independent usage of IT systems by end-users, not including the creation of new sophisticated IT artifacts, but of small and simple solutions developed with end-user tools such as spreadsheet applications. Furthermore, its focus is on individual users rather than whole BUs. ...
Article
Full-text available
Shadow IT describes covert/hidden IT systems that are managed by business entities themselves. Additionally, there are also overt forms in practice, so-called Business- managed IT, which share most of the characteristics of Shadow IT. To better understand this phenomenon, we interviewed 29 executive IT managers about positive and negative cases of Shadow IT and Business-managed IT. By applying qualitative comparative analysis (QCA), we derived four conditions that characterize these cases: Aligned, local, simple, and volatile. The results show that there are three sufficient configurations of conditions that lead to a positive outcome; one of them even encompasses Shadow IT. The most important solution indicates that IT systems managed by business entities are viewed as being positive if they are aligned with the IT department and limited to local requirements. This allows to balance local responsiveness to changing requirements and global standardization. In contrast, IT systems that are not aligned and permanent (and either organization-wide or simple) are consistently considered as negative. Our study is the first empirical quantitative– qualitative study to shed light on the success and failure of Shadow IT and Business-managed IT.
Preprint
Full-text available
This paper explores the impacts of spreadsheets on business operations in a water utility parastatal in Malawi, Sub-Saharan Africa. The organisation is a typical example of a semi-government body operating in a technologically underdeveloped country. The study focused on spreadsheet scope of use and life cycle as well as organisational policy and governance. The results will help define future spreadsheet usage by influencing new approaches for managing potential risks associated with spreadsheets in the organization. Generally, findings indicate that the proliferation of spreadsheets in the organization has provided an enabling environment for business automation. The paper also highlights management, technological and human factor issues contributing to high risks associated with the pervasive spreadsheet use. The conclusions drawn from the research confirms that there is ample room for improvement in many areas such as implementation of comprehensive policies and regulations governing spreadsheet development processes and adoption.
Conference Paper
Full-text available
This paper explores the impacts of spreadsheets on business operations in a water utility parastatal in Malawi, Sub-Saharan Africa. The organisation is a typical example of a semi-government organisation operating in a technologically underdeveloped country. The study focused on spreadsheet scope of use and life cycle as well as organisation policy and governance. The results will help define future spreadsheet usage by influencing new approaches for managing potential risks associated with spreadsheets in the organization. Generally, findings indicate that the proliferation of spreadsheets in the organization has provided an enabling environment for business automation. The paper also highlights management, technological and human factor issues contributing to high risks associated with the pervasive spreadsheet use. The conclusions drawn from the research confirms that there is ample room for improvement in many areas such as implementation of comprehensive policies and regulations governing spreadsheet development processes and adoption.
Article
Full-text available
In the last few years, several organizations have been looking for strategies to meet the needs of users of Information Technology (IT). The decentralization of IT and the empowerment of nonprofessional users have been a viable option among these strategies. This study aimed to identify the End-User Development (EUD) strategies adopted by organizations. A systematic mapping was performed in order to provide for a structured body of knowledge and find potential research gaps. The results show that EUD methods and techniques are the most common strategies addressed in the literature. Also, most of the EUD strategies identified a focus either on EUD managerial issues, such as risk management, or on more technical elements, such as the implementation of components for EUD applications. The benefits and barriers to the adoption of EUD by organizations are also presented in this study. In general, defining EUD processes is a common gap in EUD surveys. We reinforce the need to carry out more research on the adoption of EUD in organizations, with a high level of evidence to validate the results.
Chapter
User experience determines the quality of an interaction being used by an actor in order to achieve a specific outcome. The actor can have varying roles and evolving needs, thus reviewing and predicting experiences are important. As an actor uses and gains feedback, the feedback guides individual and group behavior, thus becoming pertinent to how interactions occur. This chapter questions how artefacts are designed to promote such interactions and what processes should be incorporated to ensure successful interpretation, use, (physical) reaction, and conation. This chapter discusses the effects of user experiences today based on societal needs and expectations. It shows how the field is delineated into numerous sub-topics, all of which can stand on their own yet still draw from each other. The discussions will include fields such as cognitive science, human-computer interaction, learning sciences, and even ergonomics to show how design and subsequently interactions can assist in having successful user experiences.
Article
Full-text available
The Theory of Planned Behaviour (TPB), the Health Belief Model (HBM), and a modified HBM including intention were compared in their ability to predict dieting and fasting. Female university students (n = 373) completed a survey assessing variables from the TPB and the HBM. Three months later, a subsample reported subsequent weight loss behaviours. The TPB predictor model explained 35% of the variance in follow-up dieting and 67% in intention. The HBM model explained 29% of the variance in follow-up dieting and the modified HBM model explained 38% of the variance in follow-up dieting and 57% in intention.. The TPB model for fasting explained 14.5% of the variance in follow-up fasting and 58% in intention. The modified HBM model explained 19% of the variance in follow-up fasting and 41% in intention. Results show all models were able to predict a significant portion in the variance of dieting and fasting follow-up behaviour; however the variance explained in follow-up fasting increased when intention was added to the HBM model. Attitude measures were the strongest predictors of behavioural intention and intention was the strongest predictor of follow-up dieting and fasting in the TPB and modified HBM models. Theoretical and clinical implications are discussed.
Article
Full-text available
This study investigated which intention-based model, namely: (1) the technology acceptance model (TAM; Model 1); (2) the theory of planned behavior (TPB; Model 2); and (3) the decomposed TPB (DTPB; Model 3) is best for predicting and explaining employees’ behavioral intention to use hotel information system (HIS). Data were obtained from employees of 13 upscale hotels in Jeju, South Korea, and structural equation modeling (SEM) was employed to examine and compare the three competing theoretical models (CTMs) in terms of overall model fit, explanatory power, and paths significance. The findings of this study revealed that if the key objective is to predict behavioral intention to use HIS, the TAM is preferable. However, if the key objective is to explain behavioral intention to use HIS, the DTPB is preferable.
Article
Full-text available
This paper summarizes the results of published studies that have applied the theories of reasoned action and planned behavior to the prediction of exercising intentions and behavior. In particular, the paper illustrates the knowledge we have gained from the application of thesetheoriesand how these theoretical frameworks could be used to guide the development of exercise promotion programs. Finally, research are noted.
Article
This study addresses the issue of risks and controls in end-user development. It analyzes two questions related to the design and construction of spreadsheet applications by end-users. The first question focuses on the types of controls and the levels of risk associated with the applications themselves. The second question pertains to the extent to which control mechanisms are used to minimize the risk factors in development and use of spreadsheet data. In other words, a basic auditing premise was tested: If managers are aware of the risk factors in the spreadsheets they develop, do they apply controls in design and implementation to assure that these risks are effectively controlled? Purchase this article to continue reading all 8 pages >
Article
This article describes a reasonable scenario for information technology, and its use within a major organization in the year 1990. The scenario is based upon a model used at Xerox to portray the use of Information Systems (IS) internally within the corporation in the year 1990. Assumptions are made about the technology and economics, and by coupling these with observed trend lines from historical data, predictions about the 1990 IS organization, technology, investment requirements, and support structure are drawn. Estimates are developed for the extent of distributed processing at four levels of the organizational hierarchy. Finally, a number of conclusions which deal with the changing nature of the IS technology and role of IS management are described.
Article
Ten discretionary users were asked to recount their experiences with spreadsheets and to explain how one of their own sheets worked. The transcripts of the interviews are summarized to reveal the key strengths and weaknesses of the spreadsheet model. There are significant discrepancies between these findings and the opinions of experts expressed in the HCI literature, which have tended to emphasize the strengths of spreadsheets and to overlook the weaknesses. In general, the strengths are such as allow quick gratification of immediate needs, while the weaknesses are such as make subsequent debugging and interpretation difficult, suggesting a situated view of spreadsheet usage in which present needs outweigh future needs. We conclude with an attempt to characterize three extreme positions in the design space of information systems: the incremental addition system, the explanation system and the transcription system. The spreadsheet partakes of the first two. We discuss how to improve its explanation facilities.