IT Said 11. The Expense Reports Said 43. Inside a Shadow AI Audit
Shadow AI is any AI tool employees use without IT’s approval or oversight. It’s the AI version of shadow IT, and more dangerous, because these tools ingest your data — contracts, code, customer records — which then leaves your control. The real count is always higher than IT’s official number, and you can’t ban your way out; you bring it into the light with an inventory and a governed path.
Key takeaways
- Shadow AI is any AI tool used without IT approval or oversight — the AI version of shadow IT.
- The real count is always higher than IT’s number: freemium tools, browser extensions, AI embedded in SaaS, and personal accounts don’t show up in procurement.
- It’s riskier than shadow IT because these tools are fed your data, which then leaves your control with no audit trail.
- Banning drives it deeper. The fix is a governed path that’s genuinely better than the shadow one.
- Start with an inventory that finds every tool, contract, and deployment — then govern and consolidate.
The CISO asked one question in the meeting: how many AI tools are running in this company right now? IT gave the number they were confident in — eleven. Sanctioned, reviewed, on the list. Then someone pulled the expense reports.
Forty-three. And that was just the ones that left a paper trail. Nobody in the room could say what data those tools had seen, what they’d sent where, or what any of it cost. Eleven was the number IT governed. Forty-three was the number that existed. The gap between those two is shadow AI, and almost every enterprise has it.
What is shadow AI?
Shadow AI is any AI tool employees use for work without IT’s approval or oversight. It’s the direct descendant of shadow IT — the unsanctioned apps that crept into every company a decade ago — and it spreads the same way: because it’s useful, it’s a click away, and no one has to ask permission. The difference is what’s at stake when it does.
Why the real count is always higher
IT’s number counts the tools IT knows about. The rest hide in plain sight, in categories procurement never sees.
- Freemium tools. No purchase order, no approval — just a login and a task that got easier.
- Browser extensions. Summarizers, writers, and assistants installed one person at a time, invisible to procurement.
- AI inside SaaS you already own. Features switched on inside tools you already pay for, governed by nobody in particular.
- Personal accounts. The most invisible of all — work done in a personal chatbot account on a personal device.
Add those up and the official eleven becomes forty-three, then more. The count isn’t high because people are reckless. It’s high because the tools are good and the friction to adopt them is zero.
Why shadow AI is worse than shadow IT
Shadow IT was a security problem: unmanaged software, unpatched, outside the perimeter. Shadow AI is a data problem, and that’s a different order of risk. These tools don’t just run outside your control — they’re fed from inside it. A contract pasted in for a summary. A block of source code dropped in for a fix. A customer list uploaded to “clean it up.” That content leaves your walls, may be retained, and there’s no record of what went where. The convenience is real; so is the exposure, and a regulation like the EU AI Act assumes you can account for all of it.
You can’t ban your way out
The instinct is to ban it, and banning is exactly what makes it worse. Tell people they can’t use AI and they don’t stop — they move to personal devices and personal accounts, where you have no visibility at all. You’ve traded a problem you could see for one you can’t. Prohibition doesn’t remove shadow AI; it removes your view of it.
The reason shadow AI exists is that it helps people do their jobs. So the durable fix isn’t a ban — it’s a governed path that’s genuinely better than the shadow one. When the sanctioned option is faster, safer, and knows the company’s own knowledge, the incentive to go around it disappears.
How to bring it into the light
Three steps, in order. Inventory — find every tool, contract, and deployment by cross-referencing expenses, SaaS spend, and logs, not by asking IT for their list. Govern — route AI through a plane that enforces policy in the request path, so what data goes where is controlled and logged. Consolidate — move usage onto the governed path and retire the overlap, which usually pays for the whole exercise.
This is also the counterintuitive road to shipping more AI, not less. The companies that get their shadow AI under control are the same ones that deploy the most of it safely — the governance paradox in practice. The first move is always the same: replace “eleven” with the real number.
Frequently asked questions
What is shadow AI?
Why is shadow AI more dangerous than shadow IT?
How do you find shadow AI in an organization?
Should you ban shadow AI?
Find the 43 before your auditor does.
The AI Spend Diagnostic inventories every AI tool, contract, and shadow deployment in your organization — then attributes cost and risk and lays out a governed consolidation plan. Fixed scope, two weeks.