Yeah, this is textbook "shadow IT" that could easily lead to something going seriously wrong. It's a fun example, but not something to aspire to.
Ultimately the problem is that in a lot of big corps, IT is basically unaccountable for setting things up wrong. Their only KPI is tickets closed, not the quality or success rate of their fixes.
I've always felt that if business types can get over their fetish for trying to measure absolutely everything, we wouldn't have problems like these that stem from poorly thought out KPIs.
They default to tickets closed, uptime, SLA adherence as KPIs because you can't effectively measure "is it set up correctly?" and because the business absolutely must measure everything, they come up with bullshit KPIs so they can have a pretty dashboard and pretend like they're actually managing.
Glad I'm no longer in huge corps, but still an IT manager. Shadow IT is a direct symptom of IT not providing the right tools or having poor processes. But responsibility still lies higher up in the chain. If we weren't forced to quantify all activity, these issues wouldn't exist.
Ticket closing and KPI chasing is alive and well in small companies too. I have a client (less than 100 folks) that has a JIRA reporting process on par (and as bad as) as F500 company.
Seems to geared towards tracking work and increasing accountable behavior.
But then the consultant overseeing it (not me) sent a Claude generated report with some sort of JIRA ticket dump as input. All the tickets closed were in fact not done or not relevant. But they were “closed” in JIRA. Same thing with completed tickets.
Embarrassing work product and embarrassment for the company.
Ultimately the problem is that in a lot of big corps, IT is basically unaccountable for setting things up wrong. Their only KPI is tickets closed, not the quality or success rate of their fixes.