Last verified April 2026
Category 1: Observable spend
Observable Spend: Measuring Shadow IT License Waste
The most quantifiable bucket of shadow IT cost. Every unauthorized subscription leaves a financial trail. Three complementary methods, vendor-published benchmarks cited honestly, a worked range for a typical mid-market organization.
Definition
Observable spend is the direct subscription cost of SaaS applications, cloud services, and digital tools that are in use by employees but have not been catalogued in the approved application inventory and have not been through formal procurement. The category covers paid subscriptions that leave a financial trail. Free-tier apps, which create compliance and breach exposure without subscription cost, are counted in categories 2 and 3.
The three measurement methods
Expense audit (pull 12 months of expense reports and corporate card data, filter for SaaS merchants using MCC codes and keyword matches, de-duplicate by merchant, sum annual spend). This is the primary method for organizations without a SaaS management platform.
SSO gap analysis (export federated and OAuth app lists from your identity provider, compare against approved catalog, the gap is authenticated-but-not-catalogued apps). This method captures use but not spend directly; you reconcile it against the expense audit to attach dollar values.
SaaS management platform deployment (Zylo, Torii, BetterCloud, Productiv, CloudEagle, Nudge Security). A SaaS management platform continuously ingests expense, SSO, and contract data to produce an ongoing observable-spend inventory. The tools overview page covers when the spend is justified.
Benchmark data and how to read it
Productiv publishes an annual State of SaaS report Productiv State of SaaS Apps Report (2024) Measures: Average and median number of SaaS applications per surveyed customer organization, departmental SaaS adoption patterns, and licence usage rates. Methodology: Vendor-published. Aggregated telemetry from Productiv platform customer base; not a representative sample of all enterprises. Sample size and methodology self-disclosed in the report. Trust: Vendor-published, methodology self-disclosedProductiv
Zylo publishes an annual SaaS Management Index Zylo Annual SaaS Management Index (2024) Measures: SaaS spending and application portfolio benchmarks across Zylo customer base, including spend by employee band and by category. Methodology: Vendor-published. Aggregated Zylo platform telemetry from a self-selecting customer set. Sample size and methodology self-disclosed. Trust: Vendor-published, methodology self-disclosed BetterCloud State of SaaSOps (2024) Measures: SaaS adoption growth, IT versus non-IT app procurement, and SaaSOps practices. Methodology: Vendor-published. Practitioner survey conducted by BetterCloud. Sample size and respondent profile self-disclosed. Trust: Vendor-published, methodology self-disclosedZylo
BetterCloud
The widely-cited Gartner 30 to 40 percent figure Gartner CIO Agenda research, analyst estimate of business-led IT spending (2019/2022) Measures: Estimated share of enterprise technology spending occurring outside the formal IT organization in large enterprises. Methodology: Analyst estimate derived from Gartner's CIO survey panel and analyst forecasting models. Not a primary measurement of any single organization. Range commonly cited as 30 to 40 percent of large-enterprise technology spending. Trust: Analyst estimate, methodology partially disclosedGartner
Worked range for a 1,000-employee mid-market organization
Inputs: 1,000 employees, partial SaaS management maturity, general mid-market industry. Assumptions: 1.5 to 3 shadow apps per employee (maturity-adjusted range), $15 to $45 per app per month.
Calculation: 1,000 employees x 1.5 to 3 apps x $15 to $45 per month x 12 months. Low bound: 1,000 x 1.5 x $15 x 12 = $270,000. High bound: 1,000 x 3 x $45 x 12 = $1,620,000. Expected value (geometric mean): approximately $660,000. The interactive estimator lets you adjust all inputs and see the range update.
The variance of that range (roughly 6x between low and high) is normal and communicates the inherent uncertainty of estimating before measurement. Running the expense audit and SSO gap will tighten the range substantially, often to within a 2x ratio of low to high.
How to present this on a board deck
Lead with the single expected figure from your actual expense audit if complete, or from the estimator if you have not yet measured. Show the low and high range adjacent. List the top five apps by spend, top five consolidation candidates (same tool, multiple subscriptions), and top five apps with unknown owners. Close with the next-step commitment: complete expense audit within 30 days, complete SSO gap within 45 days, return with a refined number. The board will rarely object to the expected figure when the methodology is disclosed.
Related measurement
Observable spend feeds directly into the governance ROI calculation. The 'reduction' side of that calculation uses the expected-reduction benchmark, which is labelled honestly on /statistics as a vendor marketing range (60 to 70 percent) that should be applied conservatively (20 to 40 percent) for a defensible business case.
Category 2
Breach risk ->
Category 3
Compliance ->
Category 4
Operational ->