Continuous discovery of unauthorized tools, accounts, and commitments.
Shadow IT is discovered in retrospect, through the footprint it leaves in the financial system. Ring 5 converts that retrospective into a real-time feed.
▸All corporate-card transactions flow to the inventory system within 24 hours of posting.
▸SaaS MCC-code transactions trigger an automatic enrollment memo request (which Ring 6 §6.2 processes).
▸Unregistered SaaS use beyond 30 days escalates to the Security Reviewer for a decision to enroll, terminate, or exempt.
▸Personal-device, company-IP detections flow to the same inventory.
Study questions
Confirm your comprehension.
Question 1
Shadow IT is discovered through:
Question 2
An unregistered SaaS that lives 31 days escalates to: