Software Asset Management Professional Practice Exam

The selection of compliance risks due to unapproved software usage as a risk associated with shadow IT is accurate because shadow IT refers to the use of software and systems within an organization without explicit approval or oversight from the IT department. This can create significant compliance challenges, as employees may utilize unmonitored applications that do not meet regulatory requirements or organizational security policies. Such usage can lead to substantial legal and financial consequences if sensitive data is mishandled or if the organization fails to comply with relevant data protection laws.

In organizations, the lack of control and visibility over these unauthorized applications can result in the exposure of confidential information, increased vulnerabilities to cyber threats, and difficulties in data management. Additionally, as regulatory environments become more stringent, the need for rigorous compliance measures is heightened, making the risks involved with shadow IT even more critical to consider.

In contrast, the other options focus on aspects that could be seen as positive outcomes of shadow IT, such as collaboration and reduced costs, but these benefits do not outweigh the inherent risks to compliance and security that unapproved software poses.