Notifications
Clear all
Topic starter
11/06/2026 11:43 pm
TL;DR: SaaS spend management becomes an identity governance problem when duplicate apps, unrevoked subscriptions, and unmanaged renewals let access and spending drift outside IT control, according to Zluri. The operational issue is not just cost control, but whether organisations can actually see, right-size, and retire application access before waste becomes risk.
NHIMG editorial — based on content published by Zluri: SaaS Management SaaS Spend Management: Win the Battle Against SaaS Overspending
Questions worth separating out
Q: How should security teams handle SaaS applications that are bought outside IT?
A: They should bring those apps into a managed inventory, assign business ownership, and require renewal review before the contract continues.
Q: Why do abandoned SaaS licenses matter to IAM teams?
A: Abandoned licenses matter because they show that access and spend are no longer tied to a current business need.
Q: When should organisations prioritise renewal governance over retrospective spend reporting?
A: They should prioritise renewal governance before the contract rolls over, because that is the point where cost and access are still reversible.
Practitioner guidance
- Centralise SaaS ownership and renewal data Create a single inventory that maps app name, business owner, contract date, renewal date, user count, and billing cadence so no subscription sits outside review.
- Tie app usage evidence to renewal decisions Require current usage metrics before any auto-renewal is approved, and cancel apps that show duplication, inactivity, or weak feature adoption.
- Route shadow IT into approval workflows Use intake and reconciliation processes to surface unsanctioned tools early, then assign ownership before they become unmanaged entitlements.
What's in the full article
Zluri's full blog post covers the operational detail this post intentionally leaves for the source:
- A deeper breakdown of SaaS spend categories, including where duplicate apps, inactive licences, and unmanaged renewals typically appear.
- The article's own examples of how teams can centralise subscription discovery and contract tracking across departments.
- More detail on user engagement metrics and how they can be used to justify app retirement or consolidation decisions.
- Practical discussion of auto-renewal handling and where budgeting conversations intersect with procurement and ownership.
👉 Read Zluri's analysis of SaaS spend management and overspending →
SaaS spend management: what IAM teams are missing?
Explore further
12/06/2026 8:31 am
SaaS overspending is really entitlement sprawl in financial form. The article describes a budget problem, but the underlying failure is identity governance: applications are acquired, used, and forgotten faster than the organisation can reconcile them. That is the same condition that produces lingering access in IAM and dormant accounts in NHI estates. Practitioners should treat SaaS spend review as an entitlement control problem, not a finance-only exercise.
A few things that frame the scale:
- 72% of organisations have experienced or suspect they have experienced a breach of non-human identities, with 46% confirmed and 26% suspected, according to The 2024 ESG Report: Managing Non-Human Identities.
- Enterprises that have experienced a compromised NHI averaged 2.7 separate incidents in the past 12 months, according to The 2024 ESG Report: Managing Non-Human Identities.
A question worth separating out:
Q: How can teams reduce SaaS waste without creating more manual work?
A: They should automate inventory discovery, usage review, and renewal alerts so the control process scales with the number of applications. A manual spreadsheet approach breaks down as the portfolio grows, while automated review lets teams focus on deciding what to keep, retire, or consolidate.
👉 Read our full editorial: SaaS spend management exposes the identity governance gap
