mrc's Cup of Joe Blog

Join us in exploring the world of modern development, evolving technologies, and the art of future-proof software

Citizen Development 101: Understanding the Basics

EducationSummary: Application development has long been a problem facing both the IT department and the business units. The IT department gets overwhelmed with new application requests. They can’t possibly complete every project when the business wants it done. Meanwhile, the business users get tired of waiting, and start bypassing the IT department altogether. Today, we explore the concept of “citizen development”, and explain how it helps address this problem.

photo credit: PublicDomainPictures via pixabay cc
photo credit: PublicDomainPictures via pixabay cc

In a recent post, we explored a common problem: The development bottleneck. Application development efforts can’t keep up with business demands. As a result, business users get stuck waiting around for the applications they need.

What creates this bottleneck? While we covered 5 issues in that article, I’d like to focus this article on the last point: Over-reliance on a single department.

It happens in businesses across the globe. Development efforts go through the IT department. Before they know it, the IT department is facing a backlog of requests. The business users are stuck waiting for their applications.

Now, this problem sounds bad enough as it is. IT is overworked. Business users can’t get the solutions they need. Productivity suffers. But, the problems don’t stop there.

When business users can’t get the solutions they need from IT, they often take matters into their own hands. More and more, they’re going behind IT’s back and using unauthorized, third-party tools–a practice known as “Shadow IT.”

Obviously, Shadow IT can create major problems for any business. When IT doesn’t know a tool exists in the business, how can they make sure it’s secure? How can they secure and control the data?

So, what’s the answer? How can the IT department defend against Shadow IT, even if their development efforts can’t keep up with business demand? How can the business eliminate the development bottleneck, and give the users the solutions they need (when they need them)?

Today, let’s explore a growing trend aimed at solving both of these issues: Citizen development.

What is Citizen Development?

As defined by Gartner, “A citizen developer is a user who creates new business applications for consumption by others using development and runtime environments sanctioned by corporate IT.”

Basically, the IT department provides some business users with no-code/low-code development tools. These users can then create the applications they need, without bothering the IT department. Meanwhile, the IT department can still control data and user access.

Essentially, citizen development provides the best of both worlds. It greatly reduces the development bottleneck on IT, and lets users create their own applications immediately.

How does it help you?

Why should your business care about citizen development? What advantages does it provide? Here are a few:

Efficiency: Most importantly, citizen development helps your business move more efficiently. The IT department isn’t stuck with a backlog of development requests. The end users aren’t stuck waiting weeks for new applications.

Business Improvement: Because IT isn’t stuck with a backlog of development requests, they’re free to handle mission-critical tasks. This opens the door to technological improvements, as IT can finally focus on areas that can push the business forward.

Control: Because the development tools are sanctioned by IT, they can still control data and user access. This avoids the issues created by Shadow IT.

What types of applications does a citizen developer create?

Now, citizen development is not for all types of applications. For instance, a citizen developer shouldn’t build your accounting system. They shouldn’t build complex systems that will run your business, or that will create major problems if they fail.

However, citizen development is great for things like reporting, converting spreadsheets to web applications, workflow applications, etc… These are applications that won’t make or break the business, but solve problems and improve productivity for the users.

What makes a citizen developer?

photo credit: geralt via pixabay cc
photo credit: geralt via pixabay cc

Should you license a development platform, and give it to all users? Probably not. The fact is, many users still don’t have the technical skills to put an application together–even without coding. Other users have no interest in doing it themselves.

Ideally, you need users who are technically inclined and understand the business. For instance, Business Analysts make prime candidates for citizen development.

But, it doesn’t stop there. Any user with even moderate technical skills and the desire to create their own solutions is a good choice.

What should you watch out for?

Of course, citizen development is not without risks. That being said, these risks are easily managed with the right tools and strategy. Here are a few areas to watch out for when using a citizen development approach:

Application security: Citizen development platforms typically come with security features baked in. However, citizen developers may not always know how to use these security measures within their applications.

How can you avoid these issues? First, involve the IT department in the application review process. Now, I’m not saying that every single application needs close scrutiny from IT. For instance, simple reports or data lookup applications are generally fine. However, if the users are creating applications with write-back capabilities, mission-critical applications, or applications available outside of the office, IT review is necessary.

Second, closely examine the security options before licensing any development tool. The IT department should have control over data and user access, and set security defaults for all applications generated by users.

User privileges: A novice user with broad privileges is the biggest risk to your citizen development efforts. Make sure that you give each user only the capabilities they need, and nothing more. For instance, a user who needs the tool for simple reporting tasks shouldn’t have the ability to create database management applications.

Data: Your data lies at the foundation of any successful development efforts. Besides the obvious need for data integrity, there are two other important factors to address:

  • Access: Users should only have access to the data they need. Again, this is another step towards limiting the risk of your citizen development efforts.
  • Knowledge: Users should understand their data, and table structure. If the users don’t understand how their data is organized within the database, they cannot successfully build applications.


Already a growing trend, citizen development is set to explode in the coming years. For those who take advantage of this trend, it provides the best of both worlds. Business users get the solutions they need, and the IT department doesn’t need to worry about users going behind their backs and licensing third party solutions.

What do you think? If you would like to add anything to this article, I’d love to hear it. Feel free to share in the comments.