Notifications
Clear all
Topic starter
12/06/2026 8:56 pm
TL;DR: Most organisations still buy SaaS through a fragmented process that obscures renewals, licensing, approvals, and duplication, according to Zluri. The governance problem is not just cost control, but identity and access sprawl across the applications, contracts, and stakeholders that procurement now has to reconcile.
NHIMG editorial — based on content published by Zluri: Procurement 7 Software Procurement Services for Better SaaS Negotiation Team
By the numbers:
- Zluri says its platform discovers 100% of the SaaS apps in an organisation across five discovery methods.
Questions worth separating out
Q: How should security teams govern SaaS sprawl created by shadow IT?
A: Security teams should treat SaaS sprawl as an inventory and ownership problem first.
Q: Why do SaaS renewals often create identity governance problems?
A: SaaS renewals preserve whatever access, licence allocation, and administrative structure already exists unless they are tied to review.
Q: What do organisations get wrong about SaaS procurement and access control?
A: They treat procurement, finance, and security as separate processes when SaaS buying actually defines the access model for the app.
Practitioner guidance
- Map procurement to identity ownership Require each SaaS request to name a business owner, an access owner, and a renewal owner before approval moves forward.
- Join renewal review to entitlement review Block contract renewal until teams confirm active use, licence fit, and whether any accounts or integrations should be removed.
- Rationalise duplicate applications before expansion Use discovery data to compare overlapping tools and retire redundant apps before approving new subscriptions that increase administrative sprawl.
What's in the full article
Zluri's full article covers the operational detail this post intentionally leaves for the source:
- Vendor-by-vendor service descriptions and procurement positioning for each SaaS buying service
- Case study claims on savings and hours reduced during procurement engagements
- Zluri's discovery workflow across SSO, finance data, APIs, and browser or desktop agents
- Commercial claims about renewal savings and procurement process checkpoints
👉 Read Zluri's article on software procurement services and SaaS negotiation →
Shadow IT and SaaS procurement: what governance teams miss?
Explore further
12/06/2026 10:39 pm
Shadow IT becomes an identity governance issue once procurement cannot see the full SaaS estate. The article’s core problem is not merely vendor comparison or negotiation friction. It is that incomplete application visibility makes it impossible to know where access exists, who owns it, or when it should be removed. Practitioners should treat SaaS discovery as a prerequisite for entitlement control, not a separate procurement task.
A few things that frame the scale:
- 79% of organisations have experienced secrets leaks, with 77% of these incidents resulting in tangible damage, according to Ultimate Guide to NHIs.
- Only 5.7% of organisations have full visibility into their service accounts, showing how often identity inventory remains incomplete even before procurement starts.
A question worth separating out:
Q: How can teams reduce risk when multiple SaaS tools overlap?
A: Teams should use overlap as a trigger to rationalise the stack, not just negotiate price. Redundant applications usually mean redundant admin consoles, duplicate entitlements, and more places for access to drift. Consolidation should therefore include identity review, licence reclamation, and a decision on which tool owns the business process.
👉 Read our full editorial: SaaS procurement services show the governance gap in shadow IT
