Interested in a follow-up discussion? At Efficio, we have extensive experience helping businesses gain control over their SaaS ecosystems, optimizing both spend and functionality for maximum value.
Get in touch to find out how we can help.
- Title
-
SaaS management: CFOs, CIOs, and CPOs must align to control cost and risks
- Section
- Insight
- Summary
By Haroon Sheikh
As organizations continue to scale their third-party software requirements, their approach to SaaS management has become a significant – yet still frequently underestimated – divider between operational efficiency and uncontrolled cost and risk.
Without a structured approach, SaaS spending can quickly spiral out of control, leading to inflated costs, security risks, and resource inefficiencies. To make sure their businesses can derive maximum value from investments, Chief Information Officers (CIOs), Chief Financial Officers (CFOs), and Chief Procurement Officers (CPOs) must work together to build a structured, scalable SaaS management strategy.
1. Cost and resource inefficiencies
- New purchases often lead to software bloat and budget overruns. Different departments often unknowingly purchase similar tools, whereas ideally the business would derive maximum value from a consolidated solution.
- Decentralized purchasing diminishes Procurement’s negotiation leverage and increases vendors’ baseline ARR, further reducing leverage in future negotiations.
- A lack of structured renewal date tracking often results in surprise renewals – for instance, auto-renewals can start 60 days before expiration – locking teams into unneeded licenses.
- Vendors constantly update list pricing and product offerings, making it difficult for CFOs to forecast costs and budget accurately.
2. Security risks
- Signing up for applications on an individual or team basis can mean bypassing reviews by IT, Legal, or InfoSec, creating major compliance and security risks.
- Manually assigning and decommissioning user licenses create risks around permissions and access management.
3. Resource drain
- IT teams may have to allocate substantial time to manually assign and decommission user licenses based on new tooling and employee churn, diverting resources from value-generating activities.
- Similarly, SaaS mismanagement creates an unnecessary workload for finance teams, who must spend additional time tracking and reconciling SaaS spend.
SaaS management is more than “just” an IT or procurement concern – these inefficiencies and risks quickly add up, impacting the entire business. To tackle these challenges effectively, businesses must move from a reactive approach to a structured, scalable SaaS management strategy.
The most successful approach tends to be cross-functional, with CIOs, CPOs, and CFOs taking on distinct but inter-connected roles.
CIOs
Responsible for governance, security, and ensuring the business’s SaaS architecture aligns with the IT strategy.
CPOs
Oversee vendor negotiations and support contract optimization to ensure cost-effective SaaS procurement.
CFOs
Ensure centralized spend visibility and budget control. CFOs can also help secure C-suite support and action by framing SaaS governance as a financial imperative.
Taking your SaaS management to the next level
With organizations varying greatly in size, industry, and maturity, there is no universal solution to SaaS management. For instance, tech companies will likely have to deal with a large volume of applications, whereas manufacturing companies may only need to focus on managing a few high-cost, niche tools. Larger companies may have the resources for robust tooling or outsourced support, while smaller, less mature companies may rely more on in-house solutions. Approaches should be tailored to each organization’s specific needs.
It should be noted that, compared to other products, SaaS comes with an additional layer of complexity: inconsistent and frequently changing licensing models. Some vendors have unlimited licensing models, which are harder to evaluate for efficiency. Others constantly change their licensing models – for example, shifting from license-based to usage-based pricing, bundling SKUs, and discontinuing or rebranding offerings. As a result, any effective SaaS management approach must be flexible and will require consistent maintenance to adapt to these constant changes.
When evaluating solutions, the first step is understanding where your organization stands in terms of SaaS management maturity. SaaS management evolves in stages, from reactive processes to automated solutions that optimize cost and efficiency. Below, we’ve detailed the four levels of SaaS management maturity we commonly see in client organizations and actions that can take them to the next stage.
Maturity stages
Current approaches
At the “reactive” stage, there is little to no centralized oversight of SaaS applications, with departments independently purchasing tools – for instance, using corporate credit cards. Data is incomplete or unreliable, with minimal visibility into upcoming purchases or renewals. There is no formal intake process to review or approve new software requests. Provisioning and deprovisioning are done manually.
Suggested actions
To move beyond the “reactive” stage, organizations should start by introducing basic renewal tracking, using spreadsheets and a contract repository. The focus should initially be on compliance, with a review at renewal to deprovision any unused licenses. While this approach won’t allow for maximum cost optimization, it provides a foundation for more advanced processes.
Current approaches
In the “basic” stage, some processes begin to take shape, but they are still largely manual and reactive. Tracking is often decentralized, perhaps maintained in individual spreadsheets, and primarily focuses on compliance rather than cost optimization. “Standard licenses” are often assigned to everyone in a department, regardless of their role. Provisioning and deprovisioning accounts are done manually, and the intake process for new software purchases is typically informal, relying on emails to the procurement team, for instance. Departments may review unused licenses during renewals, but the overall approach is still reactive and labor-intensive.
Suggested actions
Organizations at the “basic” stage should create a fully centralized view of all apps, using tools such as spreadsheets, with vendors categorized by functionality and business owners.
Regular license reviews – either manual or using tools such as SSO connectors or SAM tools – should be introduced, and software usage should be proactively monitored using automated low utilization alerts and deprovisioning.
Establish a more formalized, but lightweight, intake process for new software purchases or large increases in users.
Current approaches
At the “intermediate” stage, organizations have established a centralized view of their SaaS landscape, with pipeline visibility of what tools are being used, what’s being evaluated, and what is coming up for renewal. To support this, companies have typically established a simple intake process for new SaaS requests, such as a Google Form. Basic automation may also be in place, and some form of regularly recurring reporting will identify underutilized licenses. Optimization efforts are still relatively app-specific rather than driven by a holistic strategy – but the foundations for proactive SaaS management are in place.
Suggested actions
At the “intermediate” stage, organizations should consider introducing more advanced automation – for instance, ensure leavers are removed automatically from high-spend applications.
Licensing should be determined by roles and requirements. This might look like running in-depth, app-specific analytics, with “full user licenses” shifted to “viewer licenses” if they are not creating objects.
Procurement, Finance, IT, and business teams should align on tech stack requirements, and an IT review board should be set up to evaluate new purchases for any existing, overlapping technologies.
Teams can also seek third-party services to benchmark contract unit pricing and gain market insight into recommended technology shifts.
Current approaches
Organizations at this level of maturity have centralized SaaS management platforms that provide real-time visibility across their entire application portfolio, creating a solid foundation for data-driven decision-making. Underpinning this is a robust intake process, where all new software requests follow a standardized evaluation methodology. With more advanced automation in place, businesses will have SaaS management platforms that regularly flag underutilized accounts and recommend corrective actions, such as downgrading accounts with low activity levels.
Suggested actions
At the “mature” stage, organizations should use advanced analytics to optimize license allocations. This might look like leveraging revenue forecasts, headcount forecasts, and historic usage data to shape provisioning decisions and budgeting.
Build a clear technology roadmap and system architecture for each core system, such as ERP, sales, and security. This should be periodically reviewed with Procurement, Finance, IT, and business leadership, to help ensure SaaS decisions support business goals.
Finally, securing executive buy-in for technology changes, such as the proactive consolidation of tools, will drive greater organization-wide efficiency and cost control.
Automation is key to streamlining operations, but its full potential is only realized when combined with collaboration and strategic input from business, IT, finance, and procurement teams. Robust backing from leadership is also crucial to successfully implement and sustain these improvements, as it can help secure resources, align priorities, and drive change.
Your SaaS management choices are business choices
Inefficient SaaS management isn’t just an IT issue. CIOs, CPOs, and CFOs must make strengthening SaaS management a business priority. CIOs will generally take the lead in building a structured SaaS strategy, but success also heavily depends on strong collaboration with CFOs and CPOs.
Left unmanaged, the very tools intended to increase your teams’ productivity can erode your business’s profitability and security. Strengthening SaaS governance across the business won’t be easy, but waiting will only make it harder, eventually allowing costs and security risks to spiral out of control.
By moving from reactive processes to proactive governance, organizations can free up budget to invest in their growth, protect their reputation and customer trust through data security, and free up talent to focus on strategic, value-add projects instead of administrative work.