If your application or user accounts are members of the sysadmin role, then it's like having a house full of kids and then leaving the gun cabinette unlocked.

However, most organizations should trust their in-house database administrator with xp_cmdshell.

The exception to this would be outsourced DBAs or 3rd party hosted environments where the organization owning the SQL Server instance doesn't want to entrust the DBA beyond allowing them to perform standard "inside the box" tasks.