Managing SaaS Subscriptions: Cost and Shadow IT Control

An SME owner reviewing the year-end financial report sees the "software subscriptions" line: TRY 480,000 in 2026. The question "what services is this money going to?" gets no clear answer from IT. Marketing uses Canva, Mailchimp, HubSpot; sales bought Pipedrive; design uses Figma + Adobe; HR uses Workable; accounting software, ERP, Zendesk... most bought on different cards, at different times, with different permissions. This is the typical state of SaaS management in SMEs — uncontrolled growth, joint inadequacy, shadow IT. This guide shows the practical path to managing SaaS subscriptions with a FinOps approach.

What Is Shadow IT, and Why Is It a Problem?

Shadow IT describes software/services that departments buy on their own without approval or visibility from the IT department. Common SME examples:

• The marketing manager subscribes to Canva Pro on a personal card
• The sales team buys a WhatsApp Business CRM add-on
• The design unit upgrades its Figma plan
• An engineer opens an Anthropic API account
• A call-center manager pays for an annual Calendly subscription

Each of these may be useful; the problem is:

• Data security: Customer data is uploaded to unapproved services; KVKK breach risk.
• Uncontrolled cost: 3 different services do the same job; total cost is 3x.
• Business continuity: An ex-employee's account is not closed; subscriptions tied to that person cannot be changed or taken over.
• Audit problem: A mix of personal accounts + corporate cards is not clean from an accounting and legal-audit perspective.

Building the SaaS Inventory — 5 Steps

A practical discovery method:

1. Gather Invoices

Combine accounting + managers' personal cards + the corporate card report. Every row of type "Software Subscription" is listed. A typical SME has 25-40 different SaaS services.

2. Scan Bank/Card Transactions

Foreign-currency charges (USD, EUR) on the corporate card are usually SaaS subscriptions. Identify services with unfamiliar names.

3. Ask the Employees

Ask department managers "which software/services does your department use?" The answers expose shadow IT.

4. Review SSO and Domain Data

The "Enterprise Apps" list in Microsoft 365 / Google Workspace shows all SSO-connected applications. The number there averages 15-25. Additional SaaS services not tied to SSO are shadow IT.

5. The Monthly Billing Table

The result is an Excel/Notion table: service name, department using it, user count, monthly cost, annual cost, contract renewal date, owner (responsible person).

The FinOps Approach: 4-Step Cost Optimization

1. Inform — Visibility

The inventory table above. Share the same table with senior management; the "TRY 480,000 annual SaaS budget" becomes visible. This step is missing in most SMEs.

2. Optimize — Consolidate Overlapping Services

You will see in the table: 3 different file-sharing services (Dropbox, Google Drive, OneDrive), 2 screen-recording tools, 4 note-taking apps, 2 messaging apps. Identify overlaps and standardize:

• File sharing: OneDrive included in Microsoft 365 (no additional cost)
• Messaging: Microsoft Teams (included in Microsoft 365)
• Notes: Microsoft OneNote or Notion as the single standard

3. Operate — Automation and Authorization

• Make SSO mandatory: every new SaaS subscription must log in through Microsoft 365 / Google Workspace
• Approval process for new subscriptions: every service over $50/month must pass IT/finance approval
• Annual review calendar: every Q1, review all SaaS subscriptions and cancel those unused

4. Govern — Policy

A written SaaS policy:

• Unauthorized SaaS use is forbidden
• Subscriptions bought on personal cards must be moved to the corporate card
• Every subscription must have an owner (responsible person); a departed employee's account must be transferred/canceled within 30 days
• An annual SaaS budget must be set; exceeding it requires approval

SaaS Management Tools

Manual Excel tracking becomes insufficient beyond 20 services. Practical tools:

• BetterCloud: SaaS management platform, automatic discovery + per-user access control. $5/user/month.
• Torii / Productiv / Zylo: SaaS spend management, usage analysis. May be expensive for SMEs.
• Notion / Airtable: DIY solution for manual tracking. Low cost but requires discipline.
• Microsoft 365 Cost Management: Manages Microsoft subscriptions; does not cover all SaaS.

At SME scale, Notion + a 1-hour monthly manual review is enough to start. Once the service count exceeds 50, a professional SaaS management tool can be considered.

Typical Savings Scenarios

Typical savings we have observed in the field with a FinOps approach:

• Cleaning up overlaps: Consolidating 3 file-sharing tools to 1 → TRY 80,000 annual saving
• Unused subscriptions: 30 licenses bought, 18 people active — cancel 12 licenses → TRY 50,000 annually
• Plan downgrading: Premium plan bought but Standard is enough → TRY 30,000 annually
• Annual vs monthly: Switching monthly subscriptions to annual → TRY 30,000 annually
• Unused SaaS: Subscriptions bought 2 years ago and forgotten → TRY 60,000-100,000 annually

A typical SME recovers 20-40% of its annual SaaS cost within the first year with the FinOps approach.

Common Mistakes

• Assuming "we have no shadow IT": It only appears when you go look. Without an inventory, the claim is meaningless.
• Punishing the person who set it up: Shadow IT is usually well-intentioned — there was a need, IT was slow, the department solved it themselves. Instead of punishment, simplify the approval process.
• Looking only at cost: Some expensive subscriptions deliver real value; canceling them is not a saving but a loss. Use usage metrics + business impact analysis.
• Forgetting the annual review: A one-time cleanup is not enough; SaaS continues to leak in. Schedule the annual review.
• Not tracking renewal dates: Forgetting to cancel an auto-renewing subscription is the most expensive mistake.

Frequently Asked Questions