Few topics have the potential to provoke as much debate in the CIO community as shadow IT and business leadership around technology. Shadow IT now accounts for a large part of organisations' technology spend. In fact, our research indicates that technology spending controlled directly by business partners constitutes another 40% on top of the corporate IT budget.

Although much has been written aboust shadow IT, three big misconceptions prevail:

1. Shadow IT is a problem to be solved

For good historical reason, IT's first response is to control and limit shadow IT spending in the organisation. Although many CIOs concede that much of today's business-led IT is "healthier" than what they have seen in the past years, it is still treated as an activity that can be controlled by timely and effective IT intervention – either by introducing policies or education to curtail it, or upping the ante on innovation in IT to try to pre-empt business leaders from going it alone.

In our opinion, this approach is inherently flawed. Instead of trying to control business-sourced technology, CIOs should look to it as an additional source of innovation funding.In fact, we would argue that the absence of shadow IT signals that your business partners are not thinking creatively enough about their problems.

2. Shadow IT (mostly) puts organisation at risk

If you were to play the word-association game with a CIO, the phrase 'shadow IT' would invariably be paired with 'risk.' While it's true that some areas of the technology portfolio should be off-limits to business partners (like core infrastructure and enterprise systems, for example), many others offer a fertile ground for business-led innovation, with low technology risks and high business benefits. Examples include collaboration, analytics, and customer experience investments. However, even in these areas, IT's cumbersome and elaborate risk assessment processes can slow the delivery of new capabilities. Organisations should redesign their risk processes to support business partners' need for agility and faster time-to-market, and make it easier for business leaders to take on responsibility for the risk decisions they make by themselves.

3. Shadow IT exists because IT is too slow

This misconception is the hardest one to dispel. We've heard from many IT teams that business leaders are taking on more responsibility for technology because IT's own demand sensing and delivery processes are ineffective. This assumption has led many a CIO to focus on improving demand planning, perfecting delivery processes, and increasing IT throughout as techniques to control shadow IT, only to find that business partners spending has remained the same. Business leaders are spending on technology, not because IT is too slow to respond, but because they are being told by their bosses to make their teams more productive or to solve customer problems and they see technology as an indispensable part of the solutions. In other words, they see experimenting with technology as a core part of their jobs.

CIOs should stop trying to deter business-led IT or control it. Instead, they need to build a new model for engaging with business partners – providing consulting, advice, and a flexible delivery process – that improves the success of business partners' technology investments. CIOs should also work to change the organizational climate in IT so that frontline IT employees feel comfortable assisting with business-led IT efforts rather than see them as a risk.

Failing to recognise the extent to which tech-driven projects are happening outside of the IT department can be a real worry, but trying to keep too tight control is also a step in the wrong direction. By getting this balance right, CIOs can help the business to be more flexible, identify potential cost savings and ultimately implement change and innovation more easily.

By CEB managing director Andrew Horne and CEB researcher Abhinav Srivastava