Notifications
Clear all
Topic starter
12/06/2026 9:00 pm
TL;DR: Automated reporting can surface app usage, spend, ownership, and security signals across 22 report views to support IT, finance, procurement, and compliance decisions, according to Zluri. The deeper takeaway is that reporting only helps when it is tied to lifecycle governance, not just inventory visibility.
NHIMG editorial — based on content published by Zluri: Features Discover the Reports in Zluri’s SaaS Management Platform
Questions worth separating out
Q: How should teams use SaaS reports for identity governance?
A: Teams should use SaaS reports to trigger governance decisions, not just to observe activity.
Q: Why do unused SaaS apps matter to IAM and IGA teams?
A: Unused SaaS apps matter because they often indicate stale ownership, unreviewed entitlements, and wasted spend at the same time.
Q: What do security teams get wrong about SaaS reporting?
A: Security teams often treat reporting as a visibility outcome instead of a governance mechanism.
Practitioner guidance
- Map each report to a governance decision Assign every report to a specific action such as access review, app retirement, owner reassignment, or renewal approval so the output leads to a decision rather than a dashboard.
- Use inactivity and owner status together Cross-check inactive users with inactive owners and archived applications to find where accountability has disappeared across the application lifecycle.
- Combine spend and usage analysis Review license cost, average usage, and redundant app findings in one workflow to distinguish genuine business demand from entitlement sprawl.
What's in the full article
Zluri's full blog covers the operational detail this post intentionally leaves for the source:
- A complete breakdown of all 22 reports and the exact fields each report includes for SaaS governance work.
- Report-by-report operational descriptions for inactive users, restricted apps, archived users, and upcoming renewals.
- Practical examples of how to generate reports in the platform and schedule them for repeat use.
- Detailed spend and usage reporting views that support finance, procurement, and application rationalisation.
👉 Read Zluri’s breakdown of SaaS reports for spend, usage, and compliance →
SaaS reporting and identity governance: where do teams need to act?
Explore further
12/06/2026 10:48 pm
Automated SaaS reporting is only valuable when it supports identity lifecycle decisions. The article treats reporting as a productivity feature, but the real governance value is in turning app, user, and owner data into repeatable review and offboarding actions. That makes SaaS reporting a control enabler rather than a convenience layer. Practitioners should treat report design as part of lifecycle engineering, not just analytics.
A few things that frame the scale:
- 97% of NHIs carry excessive privileges, increasing unauthorised access and broadening the attack surface, according to Ultimate Guide to NHIs.
- Only 5.7% of organisations have full visibility into their service accounts, showing how often governance starts from partial evidence rather than complete identity context.
A question worth separating out:
Q: Who should own SaaS reporting outputs in an identity programme?
A: Ownership should sit across IAM, IGA, and SaaS operations, with finance and procurement involved where spend and renewals are in scope. That shared model matters because access, cost, and accountability are linked. The best programme assigns a decision owner for each report category.
👉 Read our full editorial: SaaS reporting for identity governance: what Zluri’s report set changes
