SaaS operations management is becoming an identity governance problem

At a glance

What this is: This is a role and responsibility guide for SaaS operations managers, with the main finding that SaaS growth creates visibility, lifecycle, and access-governance gaps.

Why it matters: It matters because SaaS operations now intersects directly with IAM, offboarding, and access review disciplines that affect both human and non-human identity control.

By the numbers:

• 93% of CIOs indicate they’re already adopting or are soon planning to adopt SaaS solutions.
• Only 20% have formal processes for offboarding and revoking API keys, and even fewer have procedures for rotating them.
• NHIs outnumber human identities by 25x to 50x in modern enterprises.

👉 Read Zluri's guide to the SaaS operations manager role and responsibilities

Context

SaaS operations management is the governance layer that tries to keep app buying, provisioning, renewal, and offboarding from fragmenting across departments. In practice, the control problem is not software availability but who owns the inventory, the licence lifecycle, and the access lifecycle around each application, which is why the topic sits close to IAM and identity governance.

For identity teams, the important shift is that SaaS sprawl creates a parallel access estate outside traditional IT purchasing and review processes. That creates familiar problems for human users, but it also leaves behind service accounts, API keys, and integrations that are easy to miss without a lifecycle model such as the NHI Lifecycle Management Guide.

Key questions

Q: How should organisations govern SaaS offboarding to avoid access leakage?

A: Organisations should treat SaaS offboarding as a governed lifecycle event, not a ticket closure. The process needs to revoke user access, remove delegated permissions, preserve required data, and identify any connected service accounts or API keys that still depend on the departing user’s access path. The goal is to end the access relationship completely.

Q: Why do SaaS renewals belong in identity governance, not just procurement?

A: Because renewal decisions often preserve active entitlements, dormant accounts, and hidden integrations. If ownership, usage, and access are not reviewed together, the organisation keeps paying for tools that may no longer have a valid business purpose. Treating renewals as governance checkpoints helps prevent access legitimacy drift and redundant software sprawl.

Q: What breaks when SaaS inventory is managed manually in spreadsheets?

A: Manual inventory quickly becomes stale, which means no one can reliably see which apps exist, who owns them, or which identities depend on them. That breaks deprovisioning, renewals, audit evidence, and access reviews because the organisation is certifying against partial data rather than a live system of record.

Q: What is the difference between SaaS operations and SaaS security ownership?

A: SaaS operations focuses on lifecycle control, inventory, renewals, and business enablement, while SaaS security ownership focuses on access risk, data exposure, and governance. In mature programmes, the two overlap because app lifecycle decisions directly affect who has access, how long access lasts, and whether offboarding actually removes it.

Technical breakdown

Why SaaS sprawl turns into an identity inventory problem

When employees can acquire applications directly, the organisation loses the single procurement choke point that once defined software control. A SaaS system of record becomes the operational control plane for seeing what exists, who uses it, and what business function it supports. Without that inventory, every downstream task, from renewal planning to deprovisioning, becomes guesswork. The result is not just overspend. It is unmanaged access paths, duplicate entitlements, and hidden app relationships that sit outside review cycles and security monitoring.

Practical implication: build and maintain a live SaaS inventory before attempting renewal, access review, or offboarding optimisation.

SaaS offboarding as a lifecycle control, not an admin task

The article correctly treats offboarding as more than closing a subscription. When an employee leaves, the organisation must revoke access, preserve required data, and remove hidden app dependencies that were never visible to IT. That is a lifecycle problem, not a help desk task. In identity terms, the failure mode is orphaned access, where the identity relationship ends but the application permissions do not. For SaaS, that includes direct user accounts, delegated access, and any connected machine identities created to move data between apps.

Practical implication: tie offboarding to account revocation, data handoff, and integration cleanup in one governed workflow.

Why SaaS renewals need governance, not just budgeting

Renewal calendars matter because SaaS contracts often persist after the original business need has changed. If usage, ownership, and value are not reviewed together, the organisation keeps paying for dormant or redundant tools and may also keep access alive for systems no one actively manages. That is where SaaSOps overlaps with identity governance. Renewal decisions should reflect actual use, owner accountability, and whether the app still has a legitimate access model. Without that, financial waste and identity sprawl reinforce each other.

Practical implication: review usage, ownership, and access together before every renewal decision.

NHI Mgmt Group analysis

SaaS operations is now part of the identity governance surface. The article describes a function that sits between procurement, IT, and business teams, but the deeper issue is governance over who can create, keep, and remove access in a SaaS estate. That matters because app sprawl creates identity sprawl: human access, delegated access, and hidden machine access all expand together. Practitioners should treat SaaSOps as a control point in the broader identity programme, not as a back-office admin role.

Lifecycle failure is the real risk, not app adoption itself. SaaS adoption becomes dangerous when inventory, renewal, and offboarding are handled by different teams with different records. That is the same governance pattern that creates orphaned accounts and stale entitlements in IAM programmes. The implication is that SaaS controls must be designed as one lifecycle chain from request to revocation, rather than as disconnected tasks owned by procurement or IT alone.

Shadow SaaS creates shadow identity, and shadow identity creates audit blind spots. If employees can buy and use software outside central control, the organisation cannot reliably prove who had access to what at any point in time. That weakens review, incident response, and compliance evidence. The practitioner conclusion is straightforward: identity visibility has to extend to the application layer, not stop at directory records or SSO coverage.

Renewal management is a governance decision about access legitimacy. When teams renew software without confirming current usage and ownership, they preserve both cost and privilege. The important concept here is access legitimacy drift, where an application remains active after the business need has faded. Identity programmes should treat renewal as a certification event for the application’s continued right to exist and continue to hold access.

The same discipline used for human lifecycle management should be applied to SaaS-connected identities. SaaSOps may be framed as software administration, but the practical outcome is access stewardship across users and integrations. Where an application has service accounts, API keys, or automated workflows, those identities need the same lifecycle scrutiny as any other non-human account. Practitioners should align SaaSOps with NHI governance rather than leaving it isolated in procurement or asset management.

From our research:

• Only 20% have formal processes for offboarding and revoking API keys, and even fewer have procedures for rotating them, according to Ultimate Guide to NHIs.
• 97% of NHIs carry excessive privileges, increasing unauthorised access and broadening the attack surface.
• NHI Lifecycle Management Guide shows how lifecycle governance closes the gap between access grant and access removal.

What this signals

SaaS sprawl is increasingly an identity governance issue, not just a software asset issue. The organisations that struggle most are the ones that separate procurement, access management, and offboarding into different workflows, because that fragmentation makes it impossible to prove who still has legitimate access at any point in time.

Access legitimacy drift: this is the state where an application, entitlement, or integration remains active after the business justification has faded. Once that happens, renewal and offboarding become the same control problem from opposite directions, and both need a shared record of ownership, use, and dependency.

For practitioners, the next step is to extend identity visibility beyond directory records and SSO into the application layer itself. Where SaaS tools create service accounts or API-enabled integrations, those identities should be governed with the same rigor used for workload identity and lifecycle control.

For practitioners

• Create a single SaaS system of record Centralise application ownership, usage, renewal dates, and business purpose so that procurement, IT, and security work from the same inventory.
• Bind offboarding to access revocation Make employee exit workflows remove app access, delegated permissions, and connected account relationships in the same approval path.
• Review renewals as access certifications Require business owners to confirm current use, data sensitivity, and access legitimacy before any SaaS contract is renewed.
• Map machine identities inside SaaS workflows Identify service accounts, API keys, and integrations attached to SaaS tools so they can be governed alongside human entitlements.

Key takeaways

• SaaS operations becomes an identity control problem once app buying, access, and offboarding are distributed across the business.
• Manual inventory and fragmented renewals create stale access, hidden integrations, and audit gaps that procurement alone cannot solve.
• The practical fix is to run SaaS lifecycle decisions as governed identity events, with ownership, usage, and revocation tied together.

Key terms

• SaaS operations management: SaaS operations management is the discipline of controlling how software subscriptions are acquired, owned, renewed, and removed across the organisation. In identity terms, it is also a lifecycle function because every application decision affects who or what still has access and whether that access remains legitimate.
• System of record: A system of record is the authoritative source for a business process or asset class. For SaaS, it should show which applications exist, who owns them, what they cost, and which identities or integrations depend on them so that review and offboarding are based on current data.
• Access legitimacy drift: Access legitimacy drift happens when an entitlement, account, or integration remains active after the original business need has changed or disappeared. It is a governance failure because the access may still work technically while no longer being justified operationally or contractually.
• SaaS offboarding: SaaS offboarding is the controlled removal of user access, delegated permissions, and dependent account relationships when a person leaves or a tool is retired. It must also account for retained data and any non-human identities attached to the application so that access does not outlive ownership.

Deepen your knowledge

NHI governance, agentic AI identity, and machine identity security are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are responsible for identity security strategy or NHI governance in your organisation, it is worth exploring.

This post draws on content published by Zluri: Career Role and Responsibilities of SaaSOps Manager (With JD). Read the original.