ITAM KPIs and SaaS sprawl: what identity teams should track

TL;DR: IT asset management metrics help organisations measure utilisation, compliance, and lifecycle control across hardware and software, while highlighting how shadow IT and unused licences undermine governance, according to Zluri. The real test is whether ITAM data is wired into identity, onboarding, offboarding, and renewal decisions rather than treated as a reporting exercise.

NHIMG editorial — based on content published by Zluri: IT Teams Key Metrics Every IT Asset Manager Should Track (ITAM KPIs)

Questions worth separating out

Q: How should teams use ITAM metrics to improve identity governance?

A: Teams should connect asset utilisation, ownership, and renewal data to access decisions so that dormant software, devices, and cloud resources are challenged before they become control gaps.

Q: What breaks when software inventory is not tied to lifecycle management?

A: When inventory is disconnected from lifecycle management, organisations lose the ability to reclaim unused licences, remove stale assignments, and prove that offboarding actually closed access.

Q: How do you know if SaaS compliance reporting is actually working?

A: SaaS compliance reporting is working when it can show active licences, expired licences, unauthorized software, and renewal decisions in one record that owners can act on.

Practitioner guidance

• Link asset records to identity ownership Require every software, device, and cloud asset to carry a business owner, technical owner, and review date so inactive items can be challenged during access and renewal cycles.
• Measure lifecycle closure, not just inventory size Track onboarding completion, offboarding closure, renewal exceptions, and reclaim time as control metrics, then review them alongside utilisation and compliance reports.
• Consolidate SaaS and access data into one governance view Use a single control set to compare licences in use, duplicate applications, and active user assignments so finance, IT, and IAM teams act from the same record.

What's in the full article

Zluri's full post covers the operational detail this post intentionally leaves for the source:

• Detailed breakdowns of each ITAM KPI and how to calculate it in practice.
• Examples of software licence compliance checks across entitlements, renewals, and expired applications.
• Operational guidance on using SaaS discovery data for budgeting and vendor lifecycle management.
• Feature-level explanation of Zluri's onboarding and offboarding automation workflow.

👉 Read Zluri's ITAM KPI guidance for software, hardware, and SaaS lifecycle control →

ITAM KPIs and SaaS sprawl: what identity teams should track?

Explore further

View Full Forum →  |  NHI Foundation Course →