📊 CYCLE · Case Study

How did a 110-person service company recover $220K in SaaS waste?

How a 110-person Canadian energy services operator recovered $220K in annual SaaS spend, cut their vendor count from 47 to 14, and tightened cyber posture in the same 90-day window.

Read Online Download PDF

For: Operators (80-150 people)

Case Study · Operators · $220K Recovered

Forty-seven vendors,
one overdue audit.

How a 110-person Canadian energy services operator recovered $220K in annual SaaS spend, cut their vendor count from 47 to 14, and tightened cyber posture in the same 90-day window.

Composite case study - This is a composite case study drawn from multiple actual Vencer Group engagements with Canadian oil and gas operators of similar profile. Names, specific identifying details, and exact metrics have been altered or generalized to protect client confidentiality. The patterns described, the work delivered, and the outcomes documented are representative of what Vencer has built across 19 years and 30+ M&A transactions in the Canadian energy mid-market.

FOR: Operators · 80–150 people · vendor sprawl + overdue cyber audit

Quick answer

A 110-person Canadian energy services operator was carrying 47 active SaaS vendors with overlapping capability and an overdue cyber audit. Over a 90-day window, Vencer ran the consolidation: 47 vendors down to 14, $220K CAD per year recovered in license waste, and the cyber posture tightened in the same pass. The audit cleared on schedule.

Operator type
Operators
Scale
110 people
Operational reality
Active acquirer
Engagement
Bundled · Premier
01
The Situation

Forty-seven vendors. Nobody knew it was forty-seven.

110 people across two basins. A services operator running mud logging, wireline, and completions support. Two bolt-on acquisitions in the prior 24 months. Nothing got sunset.

The CFO called the day the 2026 cyber renewal questionnaire landed. “I can’t answer half of these honestly because I don’t actually know what we have.” A reasonable answer. Across two bolt-on acquisitions completed in the prior 24 months, the operator had inherited every vendor relationship from both targets. Nothing got sunset. Each acquisition’s IT team had favorites. The CFO’s quarterly close was now reconciling output from three different accounting platforms that had different methodologies for the same line items.

The IT director’s estimate of active SaaS vendors: 15 to 25. The actual number, once we audited, was 47.

Annual SaaS spend was $620K and growing roughly 20% year over year, with no governance review in place. Per-user M365 licensing was sitting at 140 seats against 110 active users. Two EDR products were running on overlapping endpoint sets, neither one with clean coverage. Three cloud backup products. Two CRMs, neither fully utilized.

The cyber renewal underwriter wasn’t going to renew this without significant remediation, and the CFO had a quarter-end approaching with three weeks to clean it up.

02
The Challenge

Eight categories. Tool overlap in every one.

The IT-and-the-Cycle Assessment was scoped at five days. Day two was the structured vendor audit - two CFO/IT/operations principals, eight 90-minute sessions across the eight standard categories. By end of day, the full inventory was on paper:

  • Identity & Access. Microsoft Entra deployed, plus two separate MFA apps (Duo and Microsoft Authenticator) plus a password manager (1Password). Conditional Access configured inconsistently. Estimated waste: $14K/year.
  • Productivity. Microsoft 365 (everyone) plus Slack (one inherited team) plus Webex (the other) plus Zoom (sales). Four project management tools - Asana, Smartsheet, Monday, Microsoft Project. Two file-sharing tools beyond OneDrive. Estimated waste: $58K/year.
  • Accounting & Finance. Three production accounting platforms across the three legacy entities. Two AP automation tools. Two expense management platforms. Estimated waste: $42K/year before platform consolidation.
  • Communications. Two CRMs (Salesforce and HubSpot), neither fully utilized. One inherited email security tool layered on Microsoft Defender for Office 365 (paying for both). Estimated waste: $28K/year.
  • Security. Two EDR products on overlapping endpoint sets - SentinelOne at the parent, legacy Sophos at the acquired entities. Three cloud backup products. A SIEM trial that had become a full subscription nobody monitored. Estimated waste: $51K/year - and material cyber posture risk from tool overlap.
  • Infrastructure / OT / HR. Generally clean. Two field-app subscriptions paid for but unused; one old training platform that hadn’t been canceled. Estimated waste: $11K/year.
Total identified at end of Day 2
$204K/year in confirmed overlap and unused tooling.

Plus an additional $40K available from rationalizing M365 license counts (140 seats → 110 seats at renewal). Plus indirect savings from accounting platform consolidation, addressed as a separate Q3-Q4 project. The audit itself was 16 hours of structured work. The recovery was on the table within two days.

03
The Work

A CFO-owned project where Vencer’s fractional CIO facilitated.

The framing was deliberate: this isn’t a Vencer project. The CFO ran the steering. Each tool decision had a named internal owner. Vencer drafted the playbook, negotiation talking points, and migration checklists.

Days 1-10 · Renegotiate before terminating
Five vendors received a structured “we’re consolidating; reduce 30-40% or we’re moving away” outreach. Three accepted the reduction (saving migration friction). Two declined and went on the termination list. Vencer’s fractional CIO handled the calls because the vendor relationships had history with the client.
Days 11-20 · Execute clean terminations
Twelve vendors terminated cleanly. Notice periods honored. Data exports completed. Credentials revoked. Documentation captured. The cyber posture improvement started here - every tool retired closed a potential monitoring or access gap.
Days 21-30 · Migrate users to surviving platforms
Twenty-one users moved from Asana/Monday/Project consolidation into Smartsheet. Slack and Webex users moved into Teams. CRM consolidation moved Salesforce users into HubSpot (smaller migration, less disruption to active pipelines). Change management ran through team leads, not centrally.
Day 30 → quarterly · Install governance
One-hour quarterly review installed on the CFO’s operating calendar. CFO + IT director. Review the vendor inventory. Flag new additions. Identify upcoming renewals. This is the discipline that prevents the sprawl from returning.
04
The Outcome

$220K recovered. 47 vendors down to 14. Cyber posture improved.

Annual SaaS spend
$620K → $400K
35% reduction. $220K recovered in 90 days. Plus an additional $40K from M365 license rationalization at next renewal.
Vendor count
47 → 14
Active SaaS vendor count after consolidation. Quarterly governance discipline installed to prevent recurrence.
Cyber posture
34 → 41
Composite cyber posture score. Tool overlap closures eliminated monitoring gaps. Cyber insurance renewed at flat premium vs. expected 18-25% increase.

Before and after.

Before (Q1 2026)
47 active SaaS vendors. $620K annual SaaS spend growing 20% YoY. M365 over-licensed. Two EDR products in overlap. No quarterly governance. CFO couldn’t complete cyber renewal questionnaire honestly.
After (Q2 2026)
14 active vendors. $400K annual spend. License count rationalized. Single EDR (SentinelOne). Quarterly governance in CFO operating rhythm. Cyber renewal closed at flat.

The moment it mattered.

The audit was uncomfortable. Three managers had favorite tools that got cut. The IT director defended decisions in two team meetings. One manager left within 90 days, partly over the consolidation decisions. That’s an honest outcome we’d flag again.

But: $220K of annual budget came back. The cyber renewal closed at flat - which by itself paid for the consolidation work three times over. The quarterly governance now catches new sprawl before it accumulates. And the cyber posture got materially better because the tool overlap had been creating monitoring gaps where neither tool quite covered.

What this generalizes to
The vendor stack audit nobody wants to run surfaces 15-30% of SaaS spend that shouldn’t be there.

The work is two days of audit plus thirty days of execution. The discipline that prevents recurrence is one hour per quarter. The economics are unambiguous; the friction is real but bounded. Operators who run this annually catch sprawl before it compounds. Operators who don’t pay for it through inflated SaaS budgets, cyber renewal pricing pressure, and tool-overlap monitoring gaps.

Next step

Does this story sound familiar?

The pattern in this case study has played out across dozens of Canadian oil and gas operators in the mid-market range. If you recognize parts of it in your own operation - or you suspect you might - the next step is a structured conversation with a Vencer engineer.

The IT-and-the-Cycle Assessment is a 3 to 5 day structured review of your specific operational situation. We pressure-test where your IT stands today, where it needs to be for what you intend to become, and what one bad day looks like at current state. You leave with a written report, a 90-day plan, and named owners. No hype. No vendor pitch. Just the truth about where you are and what to do next.

For a faster diagnostic, three free tools at vencergroup.com cover the same territory in less time: the Hidden IT Cost Calculator, the Cyber Risk Self-Score, and the IT Myth-Buster sheet.

Vencer operates from Calgary headquarters with delivery teams across four continents. For Canadian-headquartered operators with international exposure, the cross-border operational capability is built in, not bolted on.

In Business
19 years
Through two oil and gas cycle turns. Calgary-headquartered. Built for the Canadian energy mid-market.
M&A Transactions
30+ deals
IT integration delivered on 30+ acquisitions representing over $12B CAD in transaction value.
Managed Security
Zero breaches
Across 11 years of managed security operations. Four continents of delivery.
Office
700 4 Ave SW #1680
Calgary, AB T2P 3J4
Phone · Email
+1 (888) 271-6230
insights@vencergroup.com
Web
vencergroup.com
Their story. Not yours.

One operator's outcome. Your situation has different variables. These numbers are real; the applicability to your operation requires conversation. The 30-min review is where that starts.

→ Book the 30-min review
Download PDF

Next Step

Take it from here - three ways.

Self-Score · 2 min

Hidden IT Cost Calculator

The IT costs that don't show up on your invoice.

Take it →

eBook · PDF

The Operating System

Run IT through the cycle.

Read it →

30-Min Review

Talk to a sitting CIO about vendor governance.

Schedule a call. No pitch, no proposal. Wherever and whenever it works for you.

Book the call →
More from the CYCLE pillar
View all CYCLE articles →