I am trying to put together a comprehensive list of risks/issues that arise from the following scenario - to identify as many issues/risks as possible to help quash this sort of practice. Corporate policy dictates IT equipment has to be purchased via our 3rd part outsourced IT contractor. A sub department of our company has taken it on themselves to purchase a number of iPad devices without doing this through the proper channels. What kind of issues or risks does this create? What does could purchasing equipment through your IT bring? How does the purchasing of IT kit work in your environment?