Why Modern Enterprises Need a Software Review Board

Table of Contents

Ungoverned SaaS purchasing is the root of many evils. Shadow IT, SaaS sprawl, runaway costs, and security and compliance risks, to name a few. It’s a problem that impacts everyone from Procurement to IT and Software Asset Management. There are many SaaS governance best practices you can follow to address these evils. Today, we want to talk about one such practice: software review boards.

A software review board is a committee of cross-functional team members – including IT, Procurement, Software Asset Management, Security, and Legal – organized to vet new software before the business purchases it. It’s a component of SaaS governance, and a pretty integral one, at that.

Four Key Reasons You Need a Software Review Board

As we mentioned, ungoverned SaaS purchasing causes a ton of issues. Let’s break down how software review boards not only tackle those problems and help you make more intelligent purchasing decisions.

Reason #1: Align New Software with Business Needs

We all have our reasons for wanting to buy SaaS. A software review board serves as a gut-check to make sure the purchase is a good decision.

The committee works with the line of business or individual to make sure the software aligns to a specific business need. They’ll want to understand what problem the new tool will help solve and how it will impact the business.

Often, this can be an opportunity to create awareness of tools you already have that serve a similar purpose. If a functionally similar tool already exists in your stack, your IT, SAM, or Procurement team may recommend adopting it instead.

With this pre-check, you can avoid introducing redundancy into your stack, a leading driver of software bloat and unnecessary spending.

Evolving Your SaaS Governance Framework for the Digital Workplace

Learn More

Reason #2: Approve Costs

These days, CFOs have become key stakeholders in the software acquisition process. That’s due to increased scrutiny on containing and reducing operating expenses over the last 18-24 months.

Spoiler alert: one of the key benefits of good SaaS governance is reducing OpEx. And, like any good strategy, a software review board can have an incredible impact on identifying and trimming unnecessary costs.

Software review boards examine how new software aligns with budgets and identify the expected value they will bring to the business.

On average, organizations spend $45 million annually on SaaS, and $18M of it is wasted on unused licenses. Getting this committee involved allows you to do your due diligence to avoid that waste.

Whether you’re trying to secure a budget for a SaaS Management Platform, sales enablement tool, or contract management system, you’ll need to deliver a solid business case. Make sure it addresses costs and value, and why this tool will be a valuable investment.

Reason #3: Obtain Favorable Terms and Understand Contractual Obligations

Engaging your Legal team when it comes to reviewing the contract, master service agreement, and other documentation before you sign can save you a lot of trouble down the line. This step in the review process ensures things like payment terms, price protection, and renewal terms make sense for your organization.

Plus, it provides clarification around the expectations of your partnership with the SaaS provider. What is your obligation in the relationship? How will the provider serve your team?

By creating a software review board with Legal’s involvement, ensures you start with the company’s best interests in mind.

Reason #4: Ensure Software Meets Security and Compliance Requirements

Protecting your organization’s and customers’ data is critical to running effective operations and maintaining trust. Yet, software is one of the biggest sources of risk. Our data finds that IT only has visibility into 17% of a company’s applications.

On top of that, the expensed applications (shadow IT) IT does not know about carry more significant security risks. In fact, 65% of expensed software have a “Poor” or “Low” risks score.

In the event of a data breach or noncompliance, your company could incur astronomical costs from fines, lost business, and/or reputational damage. In the US, the average cost of a data breach is $9.45 million, including mitigation efforts and lost business.

Having apps pass muster with your IT and Security teams is critical – already a key focus for many organizations in 2024. They’ll investigate the provider’s compliance certifications, whether it’s had any data breaches, and how it aligns to your security posture, among others. Skipping the security review when purchasing SaaS is out of the question.

How Software Review Boards Work

Now that you’re thoroughly convinced a software review board is important and necessary to good SaaS governance, let’s break down how they work.

Lines of business or individuals submit a request to purchase a SaaS application, presenting its specific use case and benefits.
Board members review the potential purchase from their respective angles – Finance, Legal, IT, SAM, Security, and Procurement. Often, the first stakeholder to review the purchase is your Security team, as it’s helpful for them to be engaged as early as possible in the procurement process.
The software review board approves or denies the purchase request.

It’s as simple as that. Software review boards plug into your normal purchase request process. It combines all the disparate stakeholders into a single pipeline, and streamline the whole process for all parties involved.

Achieve Visibility and Collaboration with Zylo

The road to effective SaaS governance can be a complicated one. Implementing a software review board is one practice you can start today to make more intelligent purchasing decisions.

GrubHub’s head of procurement, Brett Bartolai, helped implement a software review board to help control sprawling applications and costs. “First we started a business review committee to stem the tide of new software requests going forward… We focused on only allowing new applications that have a really strong ROI that makes sense in terms of the integration portion as well.”

If you’re planning to implement a software review board, make sure you have centralized visibility for all stakeholders. Zylo’s SaaS Management Platform makes that possible. Learn more here.

For insights on pinpointing the right governance strategy for your organization, check out our ebook Evolving Your SaaS Governance Framework for the Digital Workplace.

SaaS Governance, SaaS Governance Strategy, Software Review Board

ABOUT THE AUTHOR

Zylo

Zylo is the leading enterprise SaaS management platform that transforms how companies manage and optimize the vast and accelerating number of cloud-based applications organizations rely on today. The platform provides one system of record for all cloud-based software purchased across a company, enabling customers to discover, manage, measure and optimize cloud investments with real-time insights into spend, utilization and feedback data.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.