Latest Research

This content is currently locked.

Your current Info-Tech Research Group subscription does not include access to this content. Contact your account representative to gain access to Premium SoftwareReviews.

Contact Your Representative
Or Call Us:
1-888-670-8889 (US/CAN) or
+1-519-432-3550 (International)

Comprehensive software reviews to make better IT decisions

Select Tactical SaaS Vendors That Are Built to Last

Technology buyers and IT asset managers are frequently directed to procure and support new SaaS solutions from an increasing array of small to medium-sized vendors. These vendors often lack the cachet, solid performance track record, and financial and technical performance of their mega-vendor peers. How can the organization protect itself from the financial and performance risk of engaging with a smaller, unproven vendor base?

In many cases, the IT department is not even aware that new SaaS contracts have been executed directly by the business function until IT is informed that they need to support and manage the application! We are all aware of this phenomenon's inherent security risks, and it is one of many reasons to have an embedded ITAM function in your organization. Whether these SaaS applications are hidden in the shadows or presented as a demand to the IT procurement team, they must be dealt with and de-risked.

In this note, I present a lightweight framework for evaluating the financial risk aspects of emerging SaaS vendors. Selecting a SaaS vendor as a customer is not so different from choosing the same company as a financial investor; thus, this framework seeks to find relevant and readily available data points for a practical yet useful financial risk evaluation. We aim to answer the question, "Will my vendor be financially viable three to five years from today?"

Vendor Classification as a Funnel

The first step is to identify the vendors (both prospective and current) that fit the streamlined risk evaluation profile. We use Info-Tech Research Group's COST quadrant as the tool for the job.

The focus should be placed on those SaaS vendors that fall into the Tactical quadrant, as these are generally smaller in size and may bring niche capabilities into the fold. More information can be found on our Jump Start Your Vendor Management Initiative blueprint's overall COST framework.

A further description of key Tactical vendor characteristics include:

Tactical vendors have a nasty habit of sneaking into organizations under the radar. Zylo’s data indicates that "most organizations estimate they have approximately 200 to 300 SaaS apps; in fact, the average organization has more than 600." While your organization may not be in such dire straits as the average Zylo customer, you likely have some hidden SaaS spend in your environment.

Financial Viability Is a Real Risk in SaaS-Land

The reality is that SaaS companies are not any more immune to failing fast than any other startup business. Up to 92% of SaaS companies fail within three years. The primary reason for failure is an inferior product fit to the market. However, cash flow problems take down many companies with solid products as well. Perhaps the small SaaS company is overspending in marketing activities while underinvesting in core activities like design, development, product roadmaps, and the like. There are many reasons (poor management, high customer churn, focus on wrong metrics) these companies flail and ultimately fail; the takeaway here is that most do fail.

Many small SaaS companies are going public at a faster pace than ever before thanks to aggressive VC funding, private equity acquisitions, and most recently, the emergence of the SPAC vehicle. It takes nine years, on average, for a SaaS company to emerge from an initial round of funding to an IPO. In contrast, a hardware company's average time to make it to IPO is closer to eleven years.

A key reason to provide these statistics is that it is much easier to glean pertinent data points in your vendor risk evaluation from a publicly held company vs. a privately held company. In using the SaaS vendor risk framework presented here, it is critical to realize that additional efforts must be made to extract the core data elements from a private company. In many cases, privately held companies are not willing to release their financials. In and of itself, this is not a "red" flag; it just means you will have to work closely with them to obtain the critical data required to evaluate risk. In some cases, these companies will work directly with your treasury department so long as crucial data is not shared with Procurement.

Before we jump into the quantitative evaluation framework, let’s consider some qualitative aspects that can provide directional guidance in our viability assessment.

  • Do the SaaS category (CRM, ERP, HR, etc.) and target market have room for more competition?
    • Leverage management statements or third-party sources to size up the total addressable market (TAM).
    • Is there real potential for the company to either increase the TAM or secure a material market share?
    • Who is the competition?
    • Is there product differentiation present in the solution to grab TAM and displace competitors?
  • What is the company’s go-to-market strategy?
    • Is the solution platform/horizontally focused or targeted/vertically focused?
      • A platform strategy may make the company a future acquirer of companies to build out the platform.
      • A vertically integrated company may become the target of a tuck-in acquisition early on.
  • What is the company’s ideal customer profile (ICP)?
    • Do they target ERP, SMB, or something else? How does your company fit the ICP?
  • Customer Lifetime Value (CLTV) to Customer Acquisition Cost (CAC) Ratio (CLTV/CAC)
    • This ratio provides the “big picture” answer to whether a SaaS company is spending more on customer acquisition than it receives on the margin each customer provides over their lifetime.
    • Best in class >3; >1 is the minimum to confirm margin is greater than the cost to acquire customers.
    • Note: the data for this ratio may be hard to access. Consider this a great question to place to the vendor directly.

If your initial research raises any red flags at this point, make a note to revisit the underlying reasons for selecting this vendor in the first place. Meet with key stakeholders to ensure the rationale for continued investment into the SaaS product. Ensure that the licensing, administration, configuration, and overall implementation models and capabilities match the solution's expected lifespan. An example of mismatched expectations can sometimes take the form of buying the all-you-can-eat buffet when you needed an appetizer dish to satiate your hunger. These niche solutions can be useful in solving a unique business problem while longer-term solutions are explored. The key is to understand if the solution need is short or long term and evaluate it properly.

Ten Key Indicators for Success – The Framework

This SaaS Vendor Risk Evaluation Framework for Financial Viability is targeted towards small to medium-size SaaS providers. This subset of companies may not carry the large market capitalization size or possess large-scale revenue streams to enable financial comparisons under traditional evaluation models.

The “Bickley 10” Evaluation Criterion


Target Value


Rule of 40


A combined measure of revenue growth rate and free cash flow margin of 40% or higher is a positive indicator. This indicator allows smaller companies to offset initially small profit measures by demonstrating the high growth rates seen in the SaaS sector.

Remaining Performance Obligation (RPO) Trend


RPO is the aggregate growth rate of deferred revenue and backlog orders. This metric provides a view into the future business prospects and trends for revenue growth or decay. If available, use cRPO to identify the deferred revenue/backlog for the next 12 months.

Retention Rate


Successful SaaS companies with an enterprise focus will have a churn rate no higher than 5-7%, yielding an annual renewal rate of subscriptions ranging between 92% and 95%.

CEO Approval – Glassdoor


Outstanding management is arguably the most critical attribute contributing to a company's long-term success and viability.

Dollar Retention Rate


The percent of revenue from existing customers retained from the previous year, after accounting for upgrades, downgrades, and churn.

Cash Flow


Positive cash flow is positively correlated with vibrant financial health. While net profitability is frequently years in the making for SaaS companies, a positive cash flow indicates sufficient funds for operating and growing the business.

R&D Investment Level (% of revenue)

Range 20-30%

R&D investment levels below 20% should be a red flag that the company is spending too much on sales and marketing vs. product development.

Insider Holdings


When management owns a significant amount of the company, the commitment level is high, and it shows that the founders and employees believe in the company. High levels of insider ownership are positively correlated with long-term company success.

Revenue Source – SaaS subscription


SaaS companies with a reliable service offering will not depend on significant revenues from professional services. The vast majority of revenues should derive from the service subscription fees, indicating a vibrant standalone offering not dependent on ongoing consulting services.

Net Profit Margin


Net profit generated as a percentage of revenue. The ultimate metric as it demonstrates the company has moved into a position of self-sufficiency after all costs are considered.

SaaS Evaluation Example

In this section, we take a sample company in the SaaS space, Okta, to see how it matches up against our evaluation criteria. Okta is a publicly traded SaaS company specializing in the area of identity and access management. Okta’s software is used by companies to "…manage and secure user authentication into applications, and for developers to build identity controls into applications, website web services, and devices."






Rule of 40


Remaining Performance Obligation (RPO) Trend

$743M +46%

Customer Renewal Rate

Not Available


CEO Approval – Glassdoor


Dollar Retention Rate

123% (Up 600bps)

Positive Cash Flow


R&D Investment Level (% of revenue)


Insider Holdings



Revenue Source – SaaS subscription

95% SaaS

Net Profit Margin



Source: OKTA Earnings Q3 FY20; Yahoo Finance

Pass/Fail Criteria

Minimum Score >50% = Vendor Pass

Score >=70% = Vendor Preferred

A minimum acceptable range for a tactical SaaS vendor to pass this screening test would be a 50% threshold. Any company scoring 70% or higher passes the threshold level and can be classified as low financial risk. OKTA clears this threshold in the example above with seven out of ten checkmarks. The Customer Renewal Rate criteria may or may not be a pass as well; however, due to lack of data on this metric, we deem it a fail.

The purpose of this evaluation mechanism is not to be a single tool for screening small-medium SaaS companies for financial health; one of many tactics to build a vast tapestry of indicators. Traditional screens of credit checks, customer references, company presentations, review sites (, direct financial disclosures from the company, and the quality of interactions with the company's account team are requisite components of a thorough evaluation.


  • Classify your SaaS vendors to identify Tactical vendors. Not all SaaS vendors are the same. Many are tech behemoths that are clearly financially viable entities that do not require second-level analysis. However, it is more likely than ever that your organization evaluates smaller, less transparent, less stable vendors with a limited track record.
  • Emerging SaaS vendors require a unique evaluation method. Emerging SaaS vendors are likely unprofitable in their early years and do not have a long track record of performance to call upon by Sourcing/Procurement staff. Assessing these vendors with a set of indicators that historically drive success is vital.
  • Don't underestimate the failure risk for emerging SaaS companies – it is real. Engaging a tactical SaaS vendor is a moderate-to-high risk proposition. Monitor these emerging SaaS companies regularly (not just for initial qualification) to ensure long-term stability and overall risk management.

Bottom Line

The migration to the cloud has reached escape velocity and shows no signs of slowing down. As organizations develop and execute on their cloud journeys, there will inevitably be smaller, niche SaaS applications brought into the fold along the way. As the SaaS ecosystem is exploding with innovative new solution offerings, the need for proactive due diligence has become an indispensable part of the IT vendor selection process.

Want to Know More?

Negotiate SaaS Agreements That Are Built to Last

Manage Your Vendors Before They Manage You

Cut Cost Through Effective IT Category Planning

Implement a Proactive and Consistent Vendor Selection Process

Visit our Exponential IT Research Center
Over 100 analysts waiting to take your call right now: 1-519-432-3550 x2019