Collaborative IT strategy: a comprehensive guide


In this guide, we’ll take a deeper look at how SaaS technology is evolving today and what it will take to balance these competing desires for creative license and centralized control in a way that is beneficial for everyone involved.

Vendr | Collaborative IT
Written by
Vendr Team
Published on
December 17, 2018
Read Time

Vendr | TwitterFacebook iconVendr | LinkedIn

SaaS technology is spreading like wildfire within organizations across industries, sizes, and types today. While the rate of growth is beginning to slow down (largely due to saturation), the sheer amount of budget that companies plan to spend on SaaS products is expected to steadily increase year over year.

Vendr | SaaS Spending Growth

Moreover, the “app explosion” has taken root across all areas of the business. No longer is it just the techies who are investing heavily in tech. Every department and group in the modern business—from HR to sales to finance—realizes that SaaS products offer the ability to:

  • Automate rote tasks
  • Deepen meaningful analysis
  • Supercharge a wide range of business goals
Vendr | Blissfully SaaS trends

SaaS usage has exploded across all departments

What’s not to like?

Well, if you’re the IT team—tasked with managing this intense SaaS proliferation—it can certainly be overwhelming. There’s a natural tension between the desire to invest in SaaS as a means for growth and productivity and the equally important desire to maintain visibility and control.

In this guide, we’ll take a deeper look at how SaaS technology is evolving today and what it will take to balance these competing desires for creative license and centralized control in a way that is beneficial for everyone involved.

The evolution of IT management

There was a time when IT was a naturally centralized function. Information technology experts made decisions about everything from the phone on your desk to the screensaver on your computer. They controlled budgets, conducted troubleshooting, and served as the “buck stops here” department for all things tech.

If you work at a modern business today, you know this is rarely the case anymore.

Shifting sands: where IT and business lines meet on SaaS

Software as a service (SaaS), by its nature, has yanked control out from underneath IT teams. Now, anyone can download a new piece of software or open a web app and get to work. This “off-the-books” tech acquisition is known as “Shadow IT.” If a developer wants to try a new infrastructure tool or a sales associate needs a more robust method to manage customer contacts, there’s a plethora of options out there, and employees can make their own choices based on their unique, ever-shifting needs. This often means that better tools are being chosen because the people who actually use them are making the decisions. But it also means that IT team members (along with other departments like HR and finance, who also have an important stake in this game) have less visibility into what is going on.

At larger organizations, the tendency has been to continually try to centralize and recentralize IT functions. This can mean:

  • Dictating which apps and technologies are permitted
  • Tightly controlling budgets
  • Gatekeeping access and permissions

The problem is that doing this can feel like trying to pull your feet out of quicksand. In many ways, it’s a losing battle. Bring your own device policies (BYOD) and shadow IT make it easy for employees to subvert and work around the rules. Even when IT manages to successfully control SaaS usage across a business, it often results in resentment and lowered productivity.

Vendr | Changing Perceptions of IT

Of course, there are many benefits to IT centralization—including better security, compliance, and budgetary control. However, overly centralized and authoritarian IT practices can handicap your team’s ability to be competitive and successful in today’s fast-paced climate.

As CIO Magazine recently put it, “Long-standing perceptions of IT as mired in the technical weeds, disconnected from core business objectives, and a bottleneck for speedy deployments, cast a shadow on the relationship, with lines of business (LOB) often taking a view of IT as an obstacle, not an enabler, for strategic innovation.”

For this reason, increasingly, it is business leaders who take the reins on SaaS decision-making.

Vendr | Team Leaders

In fact, Donna Fitzgerald of Gartner explains, “In the new digital economy, the reality is that most organizations will support technology devices, software and services outside the ownership or control of IT organizations. The only solution to this problem is to improve the ongoing collaboration and communication between IT and the business so that the possibility of a surprise is minimized.”

In other words, it’s important to be realistic about who can most effectively make SaaS decisions, while still offering IT and other key roles as much visibility and input as they need to keep the business running smoothly.

What does this look like in practice? More than 70% of respondents to CIO Magazine’s 2018 State of the CIO survey said that when lines of business or departments purchase technology products or services with their own budgets, IT typically plays an advisory role or shares oversight. In only 16% of such projects does IT have complete oversight. We think this is a good sign, and the direction most businesses should be moving.

It’s not a matter of one side or the other having all the power, but about collaborating in a way that enables both creativity and control.

The big SaaS bugaboos: security and compliance

Of course, there are some major challenges that crop up when navigating this dynamic of shared control. Issues like security and compliance stand out as significant areas of concern for most businesses.

Vendr | SaaS Risks

While ideally your employees should have plenty of freedom to choose how they work, including which applications they use, “Consider who can share information and how it is shared [with SaaS applications],” says Jeffrey Ton, Executive Vice President of Product and Service Development for Bluelock. “Especially if your organization is under a regulatory framework, be careful that such actions don’t risk a breach of compliance.”

In other words, you need to balance the flexibility you give your employees with reducing your risk profile. This includes monitoring for and protecting against both malicious and accidental insider threats. Whether it’s a well-meaning employee using a weak password (oops) or a disgruntled team member exfiltrating data (uh-oh), insiders often pose the biggest threats to a business. This is part of why SaaS security matters so much today.

One way this may look is described by Lori Witzell, senior product marketing manager for Spanning: “The organization still owns responsibility for their users of the app,” she says, “and they own application configuration and application integration. They also share data responsibility with the SaaS application provider.” In other words, don’t rely entirely on your SaaS vendors to take care of security. You need to have visibility into how team members are using apps (and the data within them), as well as a comprehensive system around permissions and access.

A note on “shadow IT”

In our view, one of the best ways to more effectively manage IT in the SaaS-first world is to invert the typical attitude toward Shadow IT. In other words, rather than focusing on its negative effects, businesses should recognize the many benefits Shadow IT can actually bring to bear:

  • Experimentation and innovation
  • New (and better) product discoveries
  • Quicker organization-wide adoption of new tools
  • Happier, more productive employees
  • Ability to leverage knowledge and intelligence of the entire organization

To reap these benefits, we suggest that you start out by offering permission and then restrict if and when needed, rather than starting with restriction and approving in a centralized process. Don’t just blanket blacklist unknown apps; start with a whitelist and narrow it down if you need to.

This is a great way to encourage bottom-up innovation and technological adoption in an organization. It’s also a better strategic approach to minimize risk by actually seeing everything (no more hiding!), and reducing blind spots.

What is the right IT strategy for your business?

Given the trends outlined above, it’s clear that many businesses have some work to do to achieve a an IT management system that works for them—one that balances choice and oversight. To move forward, you will need to assess where you are on the IT continuum today, scrutinize your current practices, and determine a plan of action to achieve a more successful, integrated IT program at your business.

Today, there are two poles that many businesses trend towards: Informal IT or Command and Control IT.

Vendr | IT strategy approach

Informal IT

At many young and/or small businesses, informal IT still reigns. Many times, when an organization is small by nature or in its early growth stages, IT is handled on an ad-hoc basis. Need a new tool? Boom, here’s the company credit card. Want to add a team member to an existing tool? No problem, let’s do it!

On the plus side, this means the leadership team can have relatively high visibility into every application in use, especially when the number of applications is under a dozen or so. But this rapidly starts to get out of control as you near the 20-app mark and beyond…

As far as spending goes, growth-stage companies tend to spend more on SaaS applications, relative to their overall operating budgets. They’re often willing to purchase more tools to help their teams perform at the highest level. However, organizations of this size also tend to be more cost sensitive, and must keep a close eye on app spending through individual expense accounts or informal budgeting. So they may have a sense of how much is being spent and where, but they often don’t have a sophisticated or automated system for keeping track, and things can easily slip through the cracks.

Onboarding and offboarding (as they relate to technology access) are also still relatively easy to track and conduct in an informal way at smaller and growth-stage organizations. In many cases, there aren’t so many team members that these processes truly require a complex system. However, it’s often the case that when team members come and go, no one person is in charge of turning access on or off, which can lead to productivity losses and security risks.

As far as who is in charge of IT, companies at this maturity level may or may not have made an IT hire, but they likely have finance and HR teams in play. Between finance, HR, and executive leadership, the IT baton is often passed around willy-nilly. There are benefits here, to be sure, but plenty of drawbacks as well—including security risks, inefficiency, and disorganization.

Command and Control IT

On the other side of the coin, larger, more mature organizations usually manage SaaS apps via a central IT team (or a combination of IT and security teams). There are usually several hires in place, with a well-defined IT organization that has centralized authority.

The roles and responsibilities usually include: employee onboarding and offboarding workflows, spend management and vendor procurement, ensuring security and compliance, and day-to-day technology management.

In a Command and Control IT system, it’s pretty clear who is in charge of deciding whether an app will be purchased or not, and it’s usually not team leaders. It can be cumbersome to request a new app, get budgets approved, and implement apps, even when they are greenlit. This can slow down productivity and frustrate team members, leading to either Shadow IT attempts or just inefficiency and annoyance (occasionally even employee attrition). Command and Control IT is fertile soil for a combative relationship between lines of business and IT.

As far as visibility, Command and Control IT systems usually provide a high level of visibility because systems in use are dictated from on high. If Shadow IT takes root, however, IT will not know about it, because employees will be careful to keep it secret. Additionally, we find that many Command and Control IT organizations still don’t use automated or sufficiently sophisticated IT management tools. So while they may have good visibility, it also may take a lot of hands-on work to maintain that status.

Onboarding and offboarding are usually handled in a fairly rigid manner, which is good from a security and compliance standpoint, but may lead to delays in getting new employees up and running. Overall, Command and Control IT tends to result in better security and organization, but less creativity and productivity.

The ideal: Collaborative IT

Part of the argument for SaaS in the first place is the convenience of allowing teams to easily buy and use the tools they want. While Informal and Command and Control IT programs naturally develop at many organizations, we believe that the ideal SaaS management system is what can be described as “Collaborative IT.”

What does this mean? It means that team leaders and all budget stakeholders share responsibility for SaaS IT decisions.

Collaborative IT is when business leaders and individual team members have license to choose the tools that work best for them while:

  • Staying within budget
  • Meeting security and compliance goals
  • Maintaining business-level visibility into usage and spend
  • Offering oversight to leaders and stakeholders who need it

With a Collaborative IT approach, the IT, finance, and HR teams have all the visibility they need and the ability to set limits and guardrails as needed. Meanwhile, departmental team leaders have the control and power they need to choose the right tools for meeting business goals and maximizing productivity (not to mention employee satisfaction).

The ultimate goal is to have a single source of record all team members share to manage SaaS across the board. Teams should have the freedom to make decisions in most cases, but there should be oversight, visibility, and transparency.

The Benefits of Collaborative IT

  • Increased visibility: The entire team of stakeholders gets visibility into all activity in the SaaS technology stack, allowing them to strategically make crucial decisions around technology adoption in the organization.
  • Financial wins: Budget stakeholders can gain much needed visibility into SaaS usage and spending, identifying any points of waste or opportunity in the system. Budgets are respected and resources used wisely.
  • Increased security: Appropriate security best-practices are implemented and followed across the board, with every team member in the organization bought in to the value of security.
  • Compliance by default: Compliance becomes default. Collaborative IT gives a single system of record for documentation. It helps the organization manage risk by establishing processes and offering visibility into how SaaS apps are being used across the organization.
  • Efficient and effective employees: Employees are happy and productive, because they’re allowed to have input into which apps will help them best do their jobs.
  • Tight feedback loop: Finance, HR, and IT have more awareness around which technologies work best for teams across the organization, so budgets and spend align.

Sounds pretty ideal, right? Let’s take a look at what it takes to achieve this SaaS nirvana.

Vendr | Blissfully Strategic Approach

How to achieve Collaborative IT

Whether you are on the formal or informal end of the IT spectrum, if you are interested in moving toward a more collaborative model, it will take some strategic effort. Below, we share a straightforward three-step process to make it happen at your organization.

A three-step process for achieving Collaborative IT

Step one: know your stakeholders

When you get started building a Collaborative IT program at your organization, you want to make sure that you understand everyone who is involved in the process of SaaS management and how. For many organizations it will look something like this:

Vendr | SaaS Roles + Responsibilities

We suggest you sit down with team leaders from each of your departments and examine where this chart applies to your organization and where you differ, then put together your own chart that clearly outlines the roles and responsibilities with respect to SaaS—both today and in an ideal future state. If certain roles do not exist yet at your company, decide who will own various SaaS responsibilities until your organization grows.

Doing so will help you identify areas where there may be blockages or disconnects between teams and where you may be able to make choices that ultimately lead your organization to become more collaborative when it comes to IT management. You can annotate what responsibilities each role owns today and how that will change as you implement a more collaborative approach to IT.

Vendr | Roles and responsibilities within a SaaS company

Step two: adopt the right technology

For many organizations, the biggest thing standing between them and Collaborative IT is a lack of tools that facilitate this change. That’s why we built Blissfully. Our goal is twofold: to provide more visibility into SaaS usage (from spend to security and beyond) and to facilitate seamless SaaS workflows across different roles within the organization.


Often, IT teams do not have data about app spend unless they go to the finance team to ask for a report, or, at smaller organizations, check in with every single team member about what is in play. With a tool like Blissfully, information about app spend, as just one example, is readily available at their fingertips. This way, IT doesn’t need access to the tools that finance uses to track budget—they get visibility through a shared dashboard that provides ample context. This applies to all areas of IT management and ensures that teams who do not share department-specific tools can still see what the rest of the organization is up to.

Shared workflows

Collaborative workflows enable stakeholders to work together on IT-related projects like onboarding/offboarding, security, and budgets. Having a single place that IT tasks can be routed through makes it possible for different team members to pick up the baton when it is their turn without needing to provide a bunch of cross-departmental logins or training on role-specific tools. Shared workflows are the key to making IT a truly collaborative endeavor.

Bye-bye spreadsheets: SaaS management is the key to Collaborative IT

Because a robust SaaS management tool enables visibility and shared workflows, it is the backbone of a successful Collaborative IT program. Choosing the right technology will make it possible to adopt Collaborative IT, not just in spirit, but in a very literal and direct way within your organization.

Step three: implement cultural changes

Finally, once you have determined your ideal breakdown of SaaS roles and responsibilities and adopted the appropriate technology, it’s time to implement the cultural changes that will make Collaborative IT a reality at your organization.
If you haven’t already, it’s time to get buy-in across the organization. Use your matrix to show team leaders how this will work, and make sure they understand the benefits of Collaborative IT (you may want to share the “Benefits” table with them) Then, bring in individual team members across the entire business. A brown-bag lunch could be a good time to sit them down and explain that this new process will give them the creative license they need to choose tools they love to use while still allowing leadership to understand what is going on in the organization.

Next, use your SaaS management tool to develop and implement key IT processes. These should be led by people and supported by technology. Processes you will likely need to integrate include: onboarding and offboarding, vendor contracts and approvals, budgeting, security workflows, and establishing a compliance system of record.

Finally, hold regular check-ins to make sure your Collaborative IT efforts are achieving the intended goals. We suggest holding these on a quarterly basis, and including the team leaders identified in your stakeholders map so that they can represent the needs and interests of their own teams.

Like many aspects of running a business, a Collaborative IT program should be a continual process of testing and refinement. Always, your end goal should be to empower employees to get work done the way that best suits them while maintaining the security, visibility, and oversight your organization needs to succeed.

Vendr Team
Vendr's team of SaaS and negotiation experts provide their curated insights into the latest trends in software, tool capabilities, and modern procurement strategies.

Similar posts

Learn more about finding, buying and managing your SaaS stack with resources from our experts.

Built-in vs 3rd Party AI: How to Approach Adding Generative AI to Your Software Stack

David Porter

SaaS Buying
Compliance and Security
Built-in vs 3rd Party AI: How to Approach Adding Generative AI to Your Software Stack

The odds are extremely high that your team has already used the ChatGPT in their work. If that speeds up their work and reduces repetitive busy work, that’s a win for your team’s productivity. If that comes at the expense of data security, though, or opens up your company to potential copyright lawsuits, the benefits might not be worth the risk.

Read post
IT vendor management: A guide to managing and scaling SaaS

Emily Regenold

IT vendor management: A guide to managing and scaling SaaS

Discover the ultimate guide to IT vendor management and SaaS optimization. Learn how to streamline operations, enhance security, and maximize efficiency in your organization.

Read post
The IT procurement process explained in nine steps

Vendr Team

The IT procurement process explained in nine steps

Discover the nine most important steps in an IT procurement process and learn how to use them in your company to drive compliance and improve purchasing ROI.

Read post