Notifications
Clear all
Topic starter
12/06/2026 8:57 pm
TL;DR: SaaS management breaks down when visibility, procurement, finance, IT, and legal operate in separate lanes, because app sprawl creates security, compliance, and cost blind spots, according to Zluri. The operational issue is governance, not discovery alone, and that is where identity and lifecycle control start to matter.
NHIMG editorial — based on content published by Zluri: SaaS management collaboration across five stakeholder groups
Questions worth separating out
Q: What breaks when SaaS management is left to separate teams with no shared ownership?
A: Ownership fragments, and no team has enough context to manage the full lifecycle of an application.
Q: Why do SaaS sprawl and app renewals matter to identity governance?
A: Because every SaaS application creates identities, entitlements, and offboarding obligations.
Q: How do organisations know if SaaS governance is actually working?
A: Look for evidence that inventory, ownership, access review, renewal tracking, and retirement are linked in one process.
Practitioner guidance
- Assign a single business owner for every SaaS application Require one accountable owner per app who signs off on procurement, access review, renewal, and retirement decisions.
- Reconcile SaaS spend with active usage before renewals Compare finance records, usage telemetry, and contract dates in one review cycle so dormant applications and duplicated tools surface before auto-renewal.
- Embed offboarding into SaaS administration workflows Make SaaS removal part of employee and contractor exit processes so accounts, licences, and application permissions are revoked together.
What's in the full article
Zluri's full article covers the operational detail this post intentionally leaves for the source:
- How the platform frames stakeholder responsibilities across CIO, CFO, IT, procurement, finance, and legal roles.
- Examples of SaaS management tasks that can be automated, including onboarding, offboarding, and renewal tracking.
- The way Zluri positions visibility data for budget, contract, and compliance discussions inside a SaaS programme.
- The specific stakeholder collaboration model the vendor recommends for day-to-day SaaS governance.
👉 Read Zluri's article on stakeholder collaboration for SaaS management →
SaaS management governance: what stakeholders need to align on?
Explore further
12/06/2026 10:42 pm
SaaS management fails when organisations treat application inventory as a procurement problem instead of an identity governance problem. The article’s stakeholder model is useful because it shows that spend, compliance, and access decisions are interdependent, not separate workstreams. Once SaaS is widely adopted, ownership fragments unless IT, finance, procurement, and legal work from the same system of record. The practical conclusion is that application governance must be designed as an access and lifecycle discipline, not a buying exercise.
A few things that frame the scale:
- 91.6% of secrets remain valid five days after the targeted organisation is notified, showing a critical gap in remediation procedures, according to Ultimate Guide to NHIs.
- 79% of organisations have experienced secrets leaks, and 77% of those incidents resulted in tangible damage.
A question worth separating out:
Q: Who should be accountable when SaaS access persists after offboarding?
A: Accountability should sit with the application owner, supported by IT and the business function that approved the app. If offboarding is not tied to a named owner and an enforced workflow, access can outlive the employee or contractor relationship and become an avoidable governance failure.
👉 Read our full editorial: SaaS management needs stakeholder governance, not tool sprawl
