SaaS Governance + Shadow IT Checklist

A practical checklist to reduce app sprawl, unmanaged subscriptions, weak ownership, and hidden access risk.

Governance SaaS Shadow IT Cost Control

Goal
Keep SaaS use predictable and supportable by tracking what tools exist, who owns them, how they are approved, and what happens when people leave.

1) Quick review questions

Question	What good looks like	Status / notes
Do we know our top business-critical SaaS tools?	A simple register exists and has owners.
Can staff sign up for tools without approval?	There is a lightweight approval path for new apps.
Do leavers lose access quickly?	Licence removal and account disable happen within 24–48 hours.
Do duplicate tools exist?	Overlap is identified and reduced over time.
Do we know where business data sits?	High-value apps are known and owned.

2) SaaS register template

App / service	Owner	Purpose	Who approves it?	Paid seats	Active seats	Renewal date	Action
							Keep / review / reduce / retire
							Keep / review / reduce / retire

3) Shadow IT controls

New paid tools require a named owner and basic approval.
Staff should know where to request a new tool rather than buy one ad hoc.
Top 10 subscriptions reviewed monthly or quarterly.
Leaver cleanup includes SaaS licences and external portal access.

4) What good looks like

Every important tool has an owner
Renewals are visible before they happen
Duplicate tools are actively reduced
Leaver cleanup is part of the normal process

5) Common gotchas

Apps bought on company cards with no central record.
One team pays for a tool another team already has.
Data ends up in apps no one formally owns.
Renewals roll over silently because nobody was assigned.

Note: This document is general operational guidance and does not replace legal advice. It helps you establish a practical baseline and reduce common privacy risks.

👉 Free 30-minute consultation

No hard sell - just clarity and practical next steps.

hello@virtusgroup.biz
virtusgroup.co.nz
0800 847 887 (VIRTUS)

Book now