(no title)

1. many of these grassroots apps are a mess, filled with bugs and security flaws.

2. often they don't align with standard platforms and technologies that are in use. this includes source control, CI, unit testing standards, SSO, etc, not just the code itself)

3. no one put together a business case, so no budget or justification exists for support and maintenance costs, and no planning has been done to execute on that.

4. the application was not built in compliance with internal processes. this can mean it will never pass an audit (because the org is operating under ISO 9001 or something). at a minimum, some valuable and time-constrained people may have to analyze it carefully to figure out what the risks are

for an IT org, there are usually a lot more good ideas than there is capacity for supporting, maintaining, testing, and managing applications. further, maintenance costs dwarf initial build costs. "here, I built you this" doesn't really solve the whole picture. it feels more like an annoying effort to skip the line and hand off a white elephant that has to be babysat for ever.

Note that this is not a justification for the stonewalling or cold shoulder. in this type of org, i'd expect IT to help write the business case and make it easy to do things according to policy