Where Should I Begin...
I think I will begin by mentioning that I wish IW would default their Comments editor to a font that I can actually see without a microscope. So I apologize for any typos but I literally cannot see the individual letters in this (6 pt?) font. (Maybe I should write it in Word and paste it here? Next time...) It would also be nice if I could see the original post while commenting, which I can do on numerous other sites where I sometimes post comments.
What this post sounds like to me is about 8 parts laundry list of ways to make IT review, procurement and development more efficient, and 2 parts despair at the fact that today's iPad is more powerful than some older mainframes. Making the IT review process more efficient is a good thing in and of itself, as is a more pro-active IT shop, keeping up with the latest greatest technology, and other suggestions. None of this has much to do with the issue of Shadow IT, which is going to come about for various reasons (egos, pressure, ignorance, etc.) no matter whether you are a CMM Level 1 or Level 5 organization.
Buried in your recommendations and generally liberal attitude towards the phenomenon you are allegedly recommending solutions to are a number of false assumptions, all of which tell me that you don't really understand why the problem is a problem in the first place.
The first assumption is see is that "shadow IT" projects stand more than a remote chance of being successful. My long experience in a large IT shop tells me that that is a critical mistake. THe vast majority of such projects entail an enormous waste of money and human resources as amateur, self-styled IT directors try to convince themselves that they actually know how to run an IT project. Many of them never even get off the ground, and the ones that do are usually kludgey at best.
The second assumption is that such projects, even when they are semi-successful, are well validated approaches to getting the functionality that the users want. The inability of individual departments to reasonably evaluate the possible approaches to a problem and choose the best one means that they are more than likely to choose something that is neither cost efficient, nor optimal from many other points of view (integration, security, support, etc.). They can be sold a bill of goods by a vendor or a consultant because they have no real experience doing this sort of thing and then they are locked in.
The third and possiobly biggest and worst assumption is that the "shadow IT" project remains a shadow IT project. On the contrary, the one or two developers who were hired move on, the vendor disappears, or the COTS product fails to keep up with changes in the corporate IT infrastructure, etc. etc. etc. and before you know it you get a call from the department - "Hey, we've got this mission critical applicattion and nobody to support it, can you do it?" (Sure we can do it - just give us the headcount and funding stream you were using to pay for it outside the IT budget and we'll be happy to oblige!)
This leads to a fourth assumption (I guess I'll stop after this, though I could go on at length) which is that shadow IT department, trying to sneak around the IT portfolio and project management and review process, has even bothered to consider whether their plunge into some rogue project is in the best interests of the organization as a whole in terms of (a) project prioritzation (b) allocation of corporate IT resources (c) network security (d) systems integration or (e) many other things such as privacy, compliance with corporate or government regulations, etc. Not that the department is even in a position to consider these global corporate (or agency-wide) issues if they had an iota of concern about them.
Well I said I would stop but... fifth, since you seem to be concerned with the efficientcy of the IT process, what sort of efficiency is implied when you have developers and/or consultants working in a finance or personnel or marketing department, isolated from the body of expertise and access to resources gathered in the IT shop, which may include not only multiple types of application development strategies, but server and db management methods, imaging systems, scanning and QA procedures, file transfer methods, print pools, and mobile device management strategies? The answer is zero efficiency, and in fact, potential risk to the entire organization.
So, sorry Andrew, but I think your ideas and attitudes about this are very wrongheaded. They suggest you do not have enough experience managing IT for a major institution to make the judgments you are presenting here. No doubt there are isolated instances in which a shadow IT group comes up with a good idea and carries it out successfully in a way that does not negatively impact the organization, integrates well with corporate infrastructure and remains an asset rather than becoming a future burden to IT, which could not have done it better and with fewer resources had they been approached. Did I say no doubt? Well, some doubt.... but even if there are such cases, they are the small minority and do not make any argument for embracing shadow IT projects in the way you recommend. As I said, a more efficient IT review process is a good thing in itself, but it will most likely mean that the vast majority of those shadow projects are rejected as ill-conceived in the first place.