Meet the help desk that knows your IT from day one.

AssetSonar Blog Poor Offboarding Unused Software Licenses

Poor Offboarding Is One of the Biggest Sources of Unused Software Licenses

Poor Offboarding Is One of the Biggest Sources of Unused Software Licenses

If your company is bleeding money from unused software licenses and other forms of software sprawl, I’d bet you’re trying to fix the problem by tightening your IT procurement process. After all, if you know exactly what’s entering your IT estate, you can’t be caught off guard by it, right? Wrong. Because the leak probably didn’t start in procurement. Chances are much greater that it started the last time someone left the company. Offboarding is the single most predictable event in the employee lifecycle, and it’s still the moment most companies lose track of what they’re paying for.

The moment offboarding breaks down

I still remember the meeting where our Finance lead pulled up a software spend report and asked, half-joking, “Why are we still paying for a design tool for someone who left the company months ago?” Nobody in the room had a good answer. HR had processed the termination. IT had disabled the laptop. Nobody had touched the twelve SaaS seats tied to that person’s name.

I’ve seen this same pattern repeat itself at nearly every company I’ve worked for: offboarding is treated as an HR checklist and an IT checklist running in parallel, but the two remain disconnected processes. HR closes the employee record. IT marks the devices as returned. The actual software licenses sit in a third system nobody owns, silently renewing itself after each cycle.

When I first noticed this, I started keeping an informal list of every “ghost license” we found during quarterly audits. By the third quarter, the list had over 40 names. It included people who hadn’t worked at the company in months, some over a year.

What the data says about software waste

If you’re embarrassed about how your organization has failed to catch these leaks time and again, I do have some good news: you’re far from alone. According to Zylo’s 2026 SaaS Management Index, 46% of applications at the average company go underutilized or unused. This amounts to roughly $19.8 million in losses per organization each year. Other industry estimates have put the number even higher.

If you think this is a problem that only affects other companies, I’d push back on that instinct. I did too, until an audit of our own stack turned up exactly the kind of waste these numbers describe. None of this is really about bad software or careless people. It’s about a handoff between HR and IT that nobody owns, which is exactly what the next section gets into.

Why HR owns more of this problem than it thinks

It’s easy for HR leaders to write this issue off as an IT or Finance problem. After all, our department has been clearing its offboarding checklist every time someone leaves, so how is this our problem? I used to think this way too, until one reframe changed how I run offboarding: HR is the only team that knows the exit is happening before it happens. We set the last day. We know the termination date, the resignation notice period, and the layoff list. IT and Finance are reacting to information HR already has.

That means if HR doesn’t treat the exit date as a trigger for a license review, nobody downstream has a reason to move quickly. At one company I worked with, we didn’t fully fix this until HR started sending a structured “exit packet”, and not just to IT, but to whoever owned the software budget. The packet was sent on the same day a resignation was accepted, not the employee’s last day. Just moving the trigger earlier meant licenses that used to take weeks to reclaim were getting reclaimed in a matter of days.

If you’re the IT leader this piece got forwarded to: this isn’t an argument for taking offboarding off your plate. It’s an argument for a cleaner handoff. One where you’re not the last line of defense against a process nobody upstream is accountable for starting on time.

The real cost isn’t just the subscription fee

It’s easy to think of a departed employee’s old licenses renewing themselves as just a minor budget leak. But the risk is bigger than that. Login credentials that outlive their job are a real security risk. 

A 2022 Beyond Identity survey found that 83% of former employees still had access to at least one account from their previous employer after leaving. To size up how exposed that leaves most companies: OneLogin’s 2017 “Curse of the Ex-Employee” research found that one in five businesses had already been breached by a former employee, and among that group, nearly half said more than a tenth of all their breaches traced back to people who’d already left.

I’m not sharing these numbers to be an alarmist. What I’m trying to do is reframe the problem. Unused SaaS licenses belonging to former employees aren’t just wasted seats; they’re unlocked doors. The danger posed by a forgotten software license isn’t just about a department losing money. It’s a login that still works, for someone who no longer has any reason to use it and no obligation to tell you they still can.

What a good offboarding-to-license handoff looks like

After several attempts to figure out an exit process that doesn’t introduce new vulnerabilities for the company, my team landed on a sequence that works every time, whether it’s a resignation, termination, or layoff. This is what it actually looks like when HR treats the exit date as the trigger, instead of waiting for IT to catch up:

  • HR logs the termination date as soon as it’s confirmed. Not the last working day, not the day before. It’s logged the moment it’s known.
  • That date automatically triggers an alert. No manual emails, no in-person reminders, no relying on someone remembering.
  • A full inventory pull happens immediately. The alert triggers data extraction for every license, seat, and piece of hardware associated with the departing employee’s name.
  • Access is revoked on a defined schedule. Some seats can be filled the same day; others remain open until the final working day, depending on sensitivity and job requirements.
  • Reclaimed licenses are logged as available in whatever system tracks seats, so they’re reassigned or canceled before the next renewal rather than being silently rebilled.
  • Every step gets a timestamp, so if an auditor asks “when was this access removed,” there’s an answer that isn’t “we think pretty quickly.”

This process doesn’t hold up when run manually. Manual offboarding processes are simply too time-consuming and prone to human error. This is exactly where AssetSonar’s IT Graph earns its keep: it’s the connected layer that already maps a departing employee to their assigned hardware, software licenses, and access records, so the reclamation step isn’t dependent on someone remembering to check a spreadsheet.

Conclusion

I don’t think unused software licenses are such a problem because companies and their employees lack discipline. Most businesses simply haven’t connected the dots between “someone left” and “something’s still being paid for.” If you haven’t looked at your own offboarding-to-license handoff recently, it’s worth an hour of someone’s time to check. It’s most likely you’ll be surprised by what’s still active. If you want to see what a fully connected version of this looks like, AssetSonar’s offboarding workflows are a reasonable place to start.

Was this helpful?

Thanks for your feedback!
Picture of Moeen Alam
Moeen Alam
Director HR, EZO
Lahore
Moeen Alam is the Director of HR at EZO. He writes about how modern HR teams can build accountable employee lifecycle systems across people, assets, software, access, and compliance. His work focuses on people strategy, HR systems, offboarding, workforce accountability, and the cross-functional workflows that shape employee experience.

Frequently Asked Questions

  • Why do unused software licenses build up after employees leave?

    Unused licenses build up because offboarding often closes the HR record and device return, but does not always trigger a full review of SaaS seats, software entitlements, browser apps, and paid access. If licenses are not reclaimed during the exit workflow, they can stay assigned until the next audit or renewal.
  • Who should be responsible for reclaiming software licenses during offboarding?

    HR should trigger the process because HR usually knows the exit date first. IT or the software owner should execute access removal and license reclamation. Finance may need visibility before renewal. The real issue is not which team owns everything, but whether the handoff is clear, timed, and trackable.
  • What should an offboarding checklist include for software licenses?

    A software offboarding checklist should include the employee’s exit date; assigned applications, SaaS accounts, and paid licenses; device records; admin privileges; shared files; ownership transfers; access revocation timing; license reclamation status; and confirmation that each seat was reassigned, canceled, or marked available.
  • How can IT find licenses assigned to former employees?

    IT can compare HR termination records against identity systems, SaaS admin consoles, MDM records, SSO logs, browser app discovery, finance invoices, and software asset records. A connected ITAM or SAM platform should make this easier by mapping users to assigned software and surfacing inactive or orphaned licenses.
  • Why is offboarding a software spend problem?

    Offboarding is a software spend problem because every unreclaimed license can continue renewing after the employee leaves. Over time, these ghost licenses turn into avoidable SaaS spend, especially when teams renew based on seat counts rather than actual active usage.
  • Are unused licenses from former employees a security risk?

    Yes. An unused license tied to a former employee can also mean access that still works. If credentials, SaaS accounts, or shared permissions are not properly revoked, the company may face security risks, data exposure, and compliance risks, not just wasted spend.
  • How often should companies audit licenses for former employees?

    Companies should continuously check for licenses associated with former employees through automated offboarding workflows. At minimum, they should audit before major renewals, quarterly budget reviews, and after layoffs, restructures, or periods of high turnover.
  • How does ITAM help prevent unused licenses after offboarding?

    ITAM helps by connecting employee records, hardware assignments, software licenses, SaaS accounts, tickets, and lifecycle activity. When an employee leaves, the system can show what they had, what must be returned, which licenses should be reclaimed, and whether each step was completed.
  • Can SSO solve unused license problems by itself?

    SSO can help identify and revoke access, but it may not fully eliminate license waste on its own. Some tools may not be connected to SSO, some licenses may remain billable even after access is disabled, and some applications may require separate license removal or contract adjustment.
  • What is a ghost license?

    A ghost license is a paid software license that remains assigned to someone who no longer needs it, often a former employee, an inactive user, a contractor, or a transferred team member. Ghost licenses are hard to spot when HR, IT, identity, and SaaS billing records are disconnected.
  • How can companies reduce SaaS waste during offboarding?

    Companies can reduce SaaS waste by triggering license reviews as soon as an exit date is confirmed, automatically pulling assigned software, revoking access on a defined schedule, reclaiming or canceling seats, and documenting each step before the next billing or renewal cycle.
  • What is the difference between access removal and license reclamation?

    Access removal disables the user’s ability to log in or use an application. License reclamation frees the paid seat so it can be reassigned, downgraded, canceled, or removed from the next renewal. A company can remove access but still keep paying if the license is not reclaimed.
  • Why do manual offboarding processes fail?

    Manual offboarding fails because it relies on people remembering every system, license, device, and exception associated with a departing employee. As SaaS stacks grow, one checklist rarely captures every application, especially tools bought by departments or used outside IT’s direct visibility.
  • What reports help identify offboarding-related license waste?

    Useful reports include licenses assigned to inactive users, former employees with active accounts, SaaS users with no recent activity, paid seats without login activity, licenses by department, orphaned accounts, upcoming renewals, and offboarding tasks that remain incomplete.
  • When should license reclamation happen during employee offboarding?

    License reclamation should begin as soon as the departure is confirmed, not after the employee’s last day. Some access may remain active until the final working day, but IT should know in advance which licenses need to be removed, reassigned, or canceled to prevent waste into the next renewal cycle.

Powerful IT Asset Management Tool - at your fingertips

Empower your teams, streamline IT operations, and consolidate all your IT asset management needs through one platform.
capterra
software-advice-2026
Leader
High Performer Mid market