© 2026 Procr
The average mid-market company now spends $4,830 per employee annually on SaaS, a figure that rose 21.9% year-over-year in 2025 according to Zylo's 2025 SaaS Management Index. For a 200-person company, that is close to $1 million a year in software subscriptions, before counting the tools employees expensed or signed up for independently. This guide lays out a practical 90-day framework for getting that number under control and keeping it there.
The core problem is visibility, not intent. IT departments now control just 26% of SaaS spend at the average organization, per Zylo's 2025 data. The remaining 74% is driven by business units, department heads, and individual employees buying tools without central oversight.
This creates a compounding problem. Zylo's research shows the average mid-sized company runs 275 SaaS applications, with roughly one-third deployed without IT approval. Torii's 2025 SaaS Benchmark Report found that only about 15% of discovered applications are fully sanctioned. The rest range from actively used but ungoverned tools to abandoned licenses that keep billing.
The financial cost is concrete. Zylo estimates average unused license waste at $135,000 per organization annually, based on 2025 data showing that only 54% of purchased seats were actively used, meaning 46% of purchased capacity sits idle. Expensed SaaS, tools that individuals put on corporate cards or expense reports, adds nearly $2 million in costs per company per year on average, per Torii's 2025 benchmarks.
Auto-renewal risk compounds the waste. Auto-price-uplift clauses appear in 89% of SaaS contracts, with average requested increases running around 11.5%, according to SeatCompress's 2025 analysis of enterprise SaaS agreements. Miss the cancellation notice window on a $180,000 contract and you are locked in for another full term at the vendor's chosen price.
The structural features that cause this problem, decentralized purchasing and automatic renewals, also mean there is almost always significant spend to recover quickly once you have a complete picture.
The first 30 days are for discovery. Most finance leaders find the real picture is significantly different from the documented one.
Run four discovery sources in parallel:
Credit card and banking statements. Pull 12 months of statements from every company card and corporate account and filter for recurring charges. This captures tools finance knows about but may have lost track of.
Expense reports. Run a keyword search across your expense management system for "software," "subscription," and "SaaS." Individually expensed tools are the fastest-growing source of ungoverned spend and rarely appear in any vendor list.
SSO and identity provider logs. If your company uses Okta, Azure AD, or a similar identity provider, your IT team can pull every application authenticated against the SSO directory. This is the most comprehensive source for tools used at scale.
Department head interviews. Survey each department lead directly. Ask what tools their team uses, who approved them, and what would break if they disappeared. This surfaces tools that bypass SSO entirely, particularly older vertical SaaS applications.
Expect to uncover 30% to 40% more applications than finance was previously tracking. The average first audit surfaces at least 20 tools the team did not know about. Build a central inventory with these fields for every subscription found:
The most common mistake at this stage is delegating the inventory build to someone without access to all four data sources. A partial inventory produces partial savings.
With a complete inventory, the second 30 days focus on two actions: removing spend that produces no value, and identifying every renewal that could lock you in at an unapproved price.
Cutting waste:
Flag any tool where active usage is below 70% of purchased seats. For each flagged tool, take one of three actions before its next renewal: right-size the seat count to match actual usage, consolidate it with an overlapping tool already in the stack, or cancel it entirely.
Consolidation is where mid-market teams most consistently leave money. Most stacks contain multiple tools covering the same function, acquired by different teams at different times: two project management platforms, three communication tools, four analytics subscriptions. Each consolidation saves the cancelled license cost plus the ongoing overhead of managing two vendor contracts instead of one.
Fixing renewal risk:
Build a renewals calendar that flags every contract 90 days before its expiration date. The optimal first engagement for a mid-market contract is 60 to 90 days before expiry, which gives your team enough time to run a usage review, open a negotiation conversation, and reach a decision before the vendor's notice deadline forces the issue.
Pay close attention to contracts with 30-day notice windows, which have become more common as vendors have tightened renewal terms. A contract expiring October 1 with a 30-day notice requirement means your decision deadline is September 1. Add a week of internal buffer and the real working deadline is late August.
Tag every contract with its effective notice window. Expiry date and notice date are different numbers, and confusing them is one of the most common causes of unintended auto-renewals in mid-market procurement.
The first two months recover money already lost. The third month prevents the same losses from recurring.
Procurement policy with three tiers:
Enforce this policy from the first week it goes live. The largest threat to governance is exceptions. Every "we'll track it later" decision creates a gap in the inventory that will cost money at the next renewal.
Showback reporting by department:
Showback means presenting each department with a monthly breakdown of their software spend. It does not require chargebacks to be effective. Teams that see their own spend line tend to initiate right-sizing conversations themselves, without finance having to push.
Central intake for new purchase requests:
Create a simple intake process, a shared inbox or a request form, where all new SaaS purchase requests land before approval. Even this basic step eliminates a significant percentage of shadow IT by creating deliberate review before a tool enters the stack. Most requests that come through intake get approved quickly. The ones that get declined are usually duplicates of tools the requesting team did not know already existed.
Organizations that complete this process consistently recover 25% to 35% of their SaaS spend within the first 90 days, according to CloudEagle's analysis of mid-market implementations. First-wave savings, from license right-sizing and cancellations, typically represent 5% to 10% of annual SaaS spend in the first 30 days.
For a company spending $1 million annually on SaaS, a 25% recovery is $250,000 in identified savings. Not all of it materializes immediately if some contracts are locked until renewal, but the renewals calendar built in days 31 to 60 ensures those savings arrive at contract expiry rather than rolling over at the vendor's terms.
The more durable outcome is the governance framework itself. Companies that sustain the procurement policy and showback reporting past the 90-day mark typically see shadow IT volume drop by 40% to 50% within six months, as new purchases start routing through a visible approval process rather than a corporate card.
Most mid-market teams find they can recover 25% to 35% of current SaaS spend through a combination of right-sizing licenses, cancelling unused tools, and consolidating overlapping subscriptions. For a company spending $2 million per year on SaaS, that is $500,000 to $700,000 in potential annual savings. Not all of it becomes immediate cash if contracts are locked in, but it flows through at renewal.
The discovery phase, pulling statements, expense reports, SSO logs, and department interviews, typically takes two to three weeks when run thoroughly. Most teams surface 30% to 40% more applications than finance was tracking and uncover at least 20 previously unknown tools. The inventory reaches a working baseline within 30 days and continues to improve from there.
The biggest risk is cancelling a tool a team actively depends on without a migration plan. Before removing any subscription with meaningful active users, confirm with the department owner that there is a plan for the workflows those users run. Cost savings that force a team to rebuild a process mid-quarter are not worth the speed.
Most SaaS contracts auto-renew by default, and 89% include price escalation clauses averaging 11.5%. The trap is that most contracts require written notice of cancellation 30 to 60 days before the renewal date, which is often different from the contract expiry date. Miss the notice window by 48 hours and you are locked in for another full term at the vendor's updated price, with no ability to negotiate until the following year.
Focus on two things: building the inventory and flagging every contract renewing in the next 90 days. The inventory gives you the complete picture; the near-term renewal list gives you the immediate lever. Any contract renewing within three months where you cannot confirm active usage and an approved price should be reviewed before its notice window closes.
Procr
See what Procr does with your real vendor portfolio.