TL;DR: The real issue is not only cost control but whether identity and access programmes can see, rationalize, and lifecycle-manage SaaS entitlements well enough to prevent sprawl, according to Zluri. ROSS, or Return on SaaS Stack, is a framework for judging SaaS value through pricing, latent value, and future roadmap fit, while warning that unused subscriptions, hidden costs, and weak app interoperability waste spend and erode governance.
NHIMG editorial — based on content published by Zluri: SaaS Management Software License Optimization: How to Maximize Your ROSS
By the numbers:
- 38% of all subscriptions in any business are wasted.
- Some of the most wasted subscriptions in the industry include apps like Camtasia Studio (67%).
Questions worth separating out
Q: How should organisations evaluate SaaS subscriptions before renewal?
A: They should compare actual usage, business ownership, and workflow fit against the subscription tier being renewed.
Q: Why do SaaS stacks create governance problems for IAM teams?
A: Because the same sprawl that inflates cost also obscures who should have access, which apps are still needed, and when access should be retired.
Q: How do you know if SaaS license optimization is working?
A: You should see fewer duplicate applications, lower spend on unused seats, clearer application ownership, and cleaner recertification outcomes.
Practitioner guidance
- Map SaaS entitlements to business owners Assign a named owner for each application, subscription tier, and high-value integration so renewal decisions have a clear accountability path.
- Combine usage telemetry with access reviews Compare active usage, feature adoption, and last access dates against entitlement records, then remove or downgrade subscriptions that no longer support a live business process.
- Rationalise duplicate apps by workflow purpose Group applications by the business job they perform, then identify overlapping tools that create migration friction and collaboration issues.
What's in the full article
Zluri's full blog post covers the operational detail this post intentionally leaves for the source:
- The article expands the ROSS framework into the pricing, latent value, and future roadmap dimensions used to compare SaaS apps.
- It includes the Slack example used to explain why monetary value alone misses collaboration and workflow value.
- It discusses wasted subscription patterns, including duplicate app usage and hidden costs that are not captured in simple spend reports.
- It sketches how organisations can think about vendor lock-in and future capability fit when evaluating their SaaS stack.
👉 Read Zluri's analysis of SaaS license optimisation and ROSS →
SaaS stack value: what IAM and governance teams should measure?
Explore further
SaaS license optimization is an identity governance problem, not a finance exercise. The article treats ROSS as a value framework, but the underlying control issue is whether organisations can maintain accurate ownership, usage, and entitlement records across their SaaS estate. That is classic governance territory, because over-provisioned applications and forgotten subscriptions are both signs that lifecycle discipline is weak. The practitioner conclusion is that software spend, access sprawl, and governance maturity move together.
A few things that frame the scale:
- 72% of organisations have experienced or suspect they have experienced a breach of non-human identities, according to The 2024 ESG Report: Managing Non-Human Identities.
- Enterprises that have experienced a compromised NHI averaged 2.7 separate incidents in the past 12 months, according to The 2024 ESG Report: Managing Non-Human Identities.
A question worth separating out:
Q: Who should own SaaS entitlement cleanup and offboarding?
A: Ownership should sit with application owners and identity governance teams together, because license cleanup affects both budget and access risk. Finance can flag waste, but only the business and IAM functions can confirm whether an entitlement still serves a real process. Shared accountability prevents unused access from lingering indefinitely.
👉 Read our full editorial: Software license optimization exposes the SaaS governance gap