Lack of Governance
Reading Time: 6 minutes

There is a surge in global spending on digital transformation initiatives (it is slated to reach $2.3 trillion by 2023). Customer expectations are rising for quick, on-the-go access to information and services. COVID-19 has further accelerated this digital acceleration. At an enterprise level though, such initiatives are leading to complex digital processes and programs that are falling short of their goals. These are the times of aggressive innovation but these are also the times of unprecedented challenges.

By encouraging business users to learn no-code development and become citizen developers, (a part of the workforce that is non-technical but can build bespoke applications using no-code platforms) organizations can:

  • Build a versatile workforce that is well-versed with business and programming logic and can quickly respond to product iterations – something that is a must have to achieve rapid innovation goals.
  • Democratize software development, where business users can build priority-specific applications on their own, by following guidelines from IT teams.

What’s the catch?

As no-code empowers business users and makes them self-sufficient, there is a risk of IT being neglected, which may lead to shadow IT and limit the adoption of no-code technologies across the organization. A no-code solution not vetted or approved by IT may backfire big time, for both internal and external users.

Just by adopting a no-code platform and having a bunch of business users who know the basics of no-code development, you can’t guarantee to deliver safe, compliant, scalable applications. This is the gap that prevents no-code development from being fully accepted and harnessed in organizations. There need to be rigorous training, allowing only those who pass their tests and obtain a license to use the platform. There need to be standards, best practices, methodology, and certifications to give organizations the confidence to establish and scale citizen development.

This is where a well-established governance model can enable business users to work in tandem with IT teams and contribute equally towards innovation. Having governance guardrails can enable business users to align their work with the organization’s IT standards and bypass risks. These guardrails need to be clearly communicated and understood. In the end, you want to harness the benefits of no-code development to address your biggest pain points and business problems without losing out on your IT team’s experience and expertise which it has acquired over many years.

A governance model can ensure:

  • No-code developers don’t harm the organization’s processes, systems, and security.
  • IT collaborates appropriately to drive successful business outcomes.

It can serve as the backbone of any citizen development program by addressing the following questions:

  • Who are your citizen developers?
  • In which departments will citizen developers operate?
  • What types of apps will citizen developers build?
  • How can citizen developers contribute to application delivery?
  • What requirements must be met before deployment?
  • What quality control standards must be met?

Under the umbrella of a governance model, IT teams can help citizen developers in:

  • Choosing the right no-code platform
  • Establishing the operational, tactical, and strategic teams
  • Defining the roles and responsibilities throughout software development lifecycle
  • Understanding the technical aspects of no-code platforms, to seamlessly integrate third party services.
  • Monitoring and maintaining no-code applications

Also read: Making Shadow IT a Frenemy

A proper governance structure can curb “shadow IT” in an organization

CEOs and CIOs often bring up “shadow IT” when arguing against no-code platforms. They argue that no-code platforms allow citizen developers or at least give them an opportunity to independently build applications, without any intervention from IT – and there is a risk associated with it. What’s the risk?

Citizen developers may end up building half-baked applications and the IT team may not be aware of it. Such incompetent applications may float across different departments and hamper the organization’s innovation goals. In other words, no-code platforms potentially allow business users to form a “secret society of application development”. This secret society is what we call Shadow IT.

The downside of shadow IT

  1. Shadow IT can derail your entire innovation program by making no-code development unaccountable in your organization.
  2. Shadow IT creates a false impression that no-code platforms don’t require any prior training and anyone can jump in and start building applications – which is not the case.
  3. Shadow IT creates unmonitored, unmaintained pockets of data-sharing and reporting within an organization, something that can put proprietary data and key assets at risk.
  4. Shadow creates systems that may not be interoperable with other internal programs.

A well-established IT governance model can bring that much-needed accountability and make no-code development collaborative and successful.

How to create a governance structure?

Under citizen development, business users have the freedom to leverage no-code platforms, but at the same time, their roles, responsibilities, and permissions need to be defined, so that the creation of shadow IT can be avoided. This can be achieved through a governance model which defines the scope of work at multiple levels.

You can follow a top-down approach when building your IT governance model, starting from a single authority that governs your entire citizen development program, where each program may have multiple projects and initiatives. This office can be housed within your IT department and can be headed by your CTO.

The office can establish the best practices for no-code development and implement them across the organization so that all teams (technical and non-technical) are on the same page. Other responsibilities can include:

  • Selecting the best no-code platform for the entire organization.
  • Maintaining the citizen development policy and guidelines.
  • Aggregating and providing resources.
  • Organizing workshops, hackathons, and community events for citizen developers.
  • To identify and prioritize high-value no-code projects. For example – building no-code applications to automate critical workflows when there is a time crunch.
  • Cataloging and publishing a list of relevant data services and APIs.
  • Reporting on the status of various no-code projects to internal and external stakeholders.

At the platform level, you can have a tactical team to manage roles, permissions, and authorizations on the platform. This way you can give controlled freedom to citizen developers and ensure adherence to privacy and security requirements.

You must have clear, concise, and well-articulated policies and processes in place but at the same time, try to remain flexible. According to Forrester, insufficient governance jeopardizes coherence and security – but excessive governance impedes operational agility. Therefore, always leave room for changes and enhancements.

Organizations can use the Center of Excellence (CoE) model to govern their citizen development program. You can build your CoE team comprising a C-level executive, solutions architect, application specialist, project manager, no-code lead, and UX designer. The team can supervise citizen development activities across the organizations, define best practices, and provide ongoing support to all no-code implementations.

Different models to establish CoE

Different models to establish CoE

a. Centralized Model

As the name suggests, in this model a core team (single point of contact) handles CoE functions and distributes the role and responsibilities across the organization. The scaling of no-code development is easier in a centralized model but the quality of the core team is highly critical, otherwise, the entire project may get rigged with bottlenecks.

b. Decentralized Model

In this model, the CoE is bifurcated into business units, with each unit having its own set of capabilities, guidelines, team structures, and mission-critical priorities. Teams can build custom applications with no-code platforms, for their respective processes. With no single point or a common reference point, different versions of truth and expectations may exist regarding no-code development. Therefore, it may be challenging for an organization to scale and move in one direction.

c. Hybrid Model

Centralized and federated CoEs have both benefits and shortcomings, and therefore, organizations can opt for a blended or hybrid model, where a core team can support operations and delivery, whereas the business units can stick to their own MCPs, team structure, and governance.

Standard principles of governance

  • IT is in charge of security not no-code developers, including the security of information, access and permissions, processes and system integrity.
  • IT takes the sole responsibility of creating a secure space for no-code developers.
  • Setting of rules should be a joint initiative of IT and no-code developers, and should be supervised by CTO.
  • Competency center is the primary point of reference for no-code development projects rather than IT.
  • There should be constant communication between no-code developers, IT, and the competency center.

Also read: Digital Leadership in a New Era and How Workplace Culture Matters More Than Ever


Adopting, promoting, and scaling no-code is an enterprise-wide responsibility, but the major responsibility for managing no-code development falls on department managers since most of the resulting systems are at that level. Department managers should educate themselves on how the technology works, what tools the organization supports, and the desired relationship between citizen developers and the IT organization. They should also educate their department members regarding the opportunities and responsibilities of citizen development. Internal digital portals (or “storefronts”) should be created to help citizen developers, coders and leaders collaborate, learn, and encounter roadblocks. As no-code systems scale and create their own datasets around business processes, organizations should invest more into analytics and infrastructure to support governance.

Related Post

Inline Feedbacks
View all comments

Recent Posts

Steps to effective Human Resource planning
Become a Citizen Developer
No-code for business departments
Great Place To Work
Low-Code No-Code App Development

Ace your innovation game with Citizen Development

Driving Rapid Enterprise Innovation with Citizen Developers

Find out everything about citizen development and ways to govern it

No, I dont want to learn

Quixy Ranks in ICONIQ Growth Report for 2022