Shadow AI and Organizational Information Security: Risks, Challenges, and Governance Strategies
Şu kitabın bölümü: Sinap, V. (ed.) 2026. Yönetim Bilişim Sistemleri Alanında Yenilikçi Çözümler ve Güncel Yaklaşımlar – IV.

Vahid Sinap
Ufuk Üniversitesi

Özet

The rapid diffusion of generative and agentic artificial intelligence has enabled employees to use powerful AI tools outside formal organizational oversight. This phenomenon, known as shadow AI, can improve productivity, creativity, and problem-solving while creating significant risks for information security, privacy, intellectual property, regulatory compliance, and decision quality. This chapter examines the conceptual foundations, organizational drivers, and security implications of shadow AI from a management information systems perspective. It explains how technological accessibility, task–technology misfit, work pressure, inadequate organizational tools, and unclear policies encourage unauthorized AI use. The chapter also discusses risks related to data leakage, unreliable outputs, prompt injection, excessive agency, undocumented integrations, and weak accountability. A risk-based governance approach is proposed, combining clear policies, approved AI tools, technical controls, employee training, human oversight, monitoring, and adaptive authorization mechanisms. The chapter concludes that effective shadow AI management depends on visibility, proportionality, accountability, and employee enablement.

Kaynakça Gösterimi

Sinap, V. (2026). Shadow AI and Organizational Information Security: Risks, Challenges, and Governance Strategies. In: Sinap, V. (ed.), Yönetim Bilişim Sistemleri Alanında Yenilikçi Çözümler ve Güncel Yaklaşımlar – IV. Özgür Yayınları. DOI: https://doi.org/10.58830/ozgur.pub1366.c5528

Lisans

Yayın Tarihi

30 June 2026

DOI

Kategoriler