Login

REQUEST PRICING
TRY IT FREE

Steal This SaaS Vendor Management Process Guide

Table of Contents

With tens of thousands of different SaaS platforms on the market, a vendor management process is not a nice to have: it’s a core competence in successful organizations.

That’s because SaaS applications are powering your organization and you need to have a handle on them–what they are, their cost, and the value they provide. 

In this guide, we explain the different elements of a vendor management process and how to build your own.

What Is a Vendor Management Process?

Vendor management means having a view and control over the entire vendor lifecycle—from selection to implementation to renewal (if you decide to renew).

The hockey-stick growth of SaaS means that many companies are still in a “set it and forget it” mindset that’s more suitable for on-premise software. The rolling renewals and ongoing license management require more continuous attention. 

That’s why a vendor management process looks at the two following areas. The first area focuses on buying and renewing software:

  • Vendor selection: a clear and defined process for selecting new vendors.
  • Renewal: a process for deciding whether to renew or not.

The second is a more continuous process that focuses on the routine administrative tasks associated with your software ecosystem:

  • Spend: analyzing and understanding your SaaS spend as it relates to user management and usage.
  • Risk Management: developing a clear risk strategy and mitigation plan.

Breaking Down the Vendor Management Process

Here are the separate elements of the vendor management process.

Vendor Selection

The first step in software vendor selection is to clearly determine your company’s needs. This helps you match such needs with the features and functionality proposed or offered by potential vendors.

Depending on your business needs, some features will be “required,” and others will be “nice to have.” 

Distinguishing between your organization’s needs and wants will assist in narrowing down prospective vendors to a shortlist consisting only of vendors that offer your required features.

From there, a thorough examination of the differences between products will ensure you’re getting exactly what you need—no more, no less

There are other considerations such as training and support, ease of deployment, and pricing models. You’ll want to review each element of the offering against comparable platforms.

Once you’ve selected the platform, you’ll need a vendor approval process. This can be time-and-energy consuming if you don’t have a well-defined process in place.

The people who are generally burdened by having to approve are the ones that feel like they don’t actually need to be involved in the approval process. By defining exactly what you want each person to approve, like the budget, you can make it much smoother.

You’ll also want a compliance and security element of the approval process. Sometimes this involves sending prospective vendors a questionnaire they’re required to fill out.

  • Does the service provider provide any additional documentation that describes their IT security and compliance program?
  • Does the additional documentation (either publicly available or provided as part of the Procurement process) describe a reasonable information assurance program?
  • Does the service provider provide plain “yes” or “no” responses?
  • Do their responses seem plausible?

Once you’ve approved the vendor internally, it’s time to roll out your new platform. Depending on the nature of the app and its use, the internal owner of the app will be in charge of the roll-out. If the app is more integral to the overall organization, IT is likely to have a degree of involvement.

Renewals

Companies invest a massive amount of time in vendor selection. Yet often companies spend far less on renewals.

The worst thing you can do is let a platform that you’re unsure of renewing because you lacked the time to reevaluate your options.

Plus tracking SaaS license renewals can get tricky, especially since they happen at different points throughout the year. While some vendors are great about reminding you about subscription renewals, others just come and go with little fanfare. 

All of this points to the importance of a system that allows you to track renewal dates and provides reminders so that you can get ahead of the curve and potentially undertake a shortened vendor selection process.

Ongoing Management

The ongoing vendor management process involves reviewing your SaaS vendors to ensure that:

  • You don’t have multiple technologies with similar or the same functionalities.
  • There aren’t any time and cost-saving opportunities.
  • You train employees with the most SaaS exposure on risk mitigation practices.
  • You know your unused applications and can figure out if you still need that application.

How Augmentt Supports Your Vendor Management

With Augmentt you can quickly track users, usage, and spend associated with all of your SaaS subscriptions. It takes the guesswork out of vendor management so you can start saving money today.

If you’re interested in learning more about how we can help you, get in touch with us here.

Author
Gavin Garbutt
Co-Founder & Chairman of Augmentt

FAQ

Using our GDAP tool & Magic Link, setting up is easy! You can integrate with your CSP partner portal in minutes
Augmentt uses a combination of Microsoft Secure Score best practices as well as industry standards such as NIST & CIS. You can use the out of box templates to get started right away and even build your own custom templates to match your client requirements.
Out of box, Augmentt comes pre-configured to not be noisy. Very few Microsoft alerts are critical in nature so you will be receiving tickets for account breaches and not minor user log related events. That said, everything is customizable and you can turn alerts on & off to match your clients’ needs.
No. You can choose to schedule alerts to any stakeholder you want and at the frequency you want or manually download reports when you need them.
Regardless of how MFA is managed across your tenants, we have you covered. Augmentt supports Conditional Access Policies, Security Defaults, Entra ID per user (Legacy) MFA as well as 3rd party MFA services like DUO.
No. You can use Augmentt to monitor and manage all clients regardless of their licensing. For environments with no premium licensing you can still provide alerts and monitoring for account breaches and configure security best practices. For environments with premium licensing, you can leverage Microsoft’s premium alerts and premium security configurations such as Conditional Access Policies.
Augmentt is one of the few vendors SOC 2 Type II, and GDPR compliant.
Site licenses to make sure you can deliver standardized service across all clients very affordably.

SUBSCRIBE for more resources

Related Content

Policy Sprawl Is Killing MSP Efficiency
Policy sprawl is quietly draining your margins, creating security gaps, and eroding client trust. The good news? Standardization is the cure.
Read More
Does Microsoft Secure Score Tell the Whole Story?
Do you have a complete understanding of your security? See why MSPs need to understand the role licensing plays in Secure Score results.
Read More
Top 10 M365 Security Best Practices for MSPs
Here are the top M365 security best practices to help you enhance protection, ensure compliance, and stay ahead of emerging threats.
Read More