Via quantitative analyses of large IT-portfolio databases, we detected unique data patterns pointing to certain IT-governance rules and styles, plus their sometimes nonintuitive and negative side-effects. We grouped the most important patterns in seven categories and highlighted them separately. These patterns relate to the five fundamental parameters for IT-governance: data, control, time, cost and functionality. We revealed patterns of overperfect and heterogeneous data signifying reporting anomalies or ambiguous IT-governance rules, respectively. We also detected patterns of overregulation and underregulation, portending bloated control or no IT-control at all, both with negative side-effects: productivity loss, and too costly IT-development. Uniform management on time, cost or functionality showed clear patterns in the time and cost case, and more diffuse combined patterns for functionality. For these in total seven types of patterns, it was possible to take corrective measures to reduce unwanted side-effects, and/or amplify the intended purpose of the underlying IT-governance rules. These modifications ranged from refinements and additions, to eradications of IT-governance rules. For each of the seven patterns we provided lessons learned and recommendations on how to recognize and remove unwanted effects. Some effects were dangerous, and addressing them led to significant risk reduction and cost savings. © 2007 Elsevier B.V. All rights reserved.