SaaS Architecture for AEC Firms: 96-App Sprawl Fix

Featured image for A 250-Person Civil Firm Found 37 Unmanaged SaaS Subscriptions

The 37-Subscription Discovery

The firm above is an illustrative composite— a representative scenario, not a named client. But the shape is real and the math holds at scale. Companies with 200-749 employees run an average of 96 SaaS applications1. When a firm believes it has twelve and finds thirty-seven, the gap isn't a discipline failure. It's an architecture vacuum.

Where do the extra subscriptions come from? They come from four predictable places:

  • Project-tool licenses purchased to satisfy a specific owner or sub on a specific job
  • Expense-reimbursed apps bought on personal cards for a single deadline
  • AI tools on personal cards— ChatGPT, Claude, Otter, Fathom— that nobody mapped to a category
  • Legacy auto-renewals from people who left two years ago

"Lines of business now drive 70% of SaaS procurement, which is why even careful firms end up with shadow inventories they never authorized."

That 70% figure is industry-wide2, not AEC-specific. But it tells you the same thing the audit tells you. This is structural. Project managers and design leads aren't bypassing governance. They're filling a gap governance left open.

If sprawl is the symptom, the absent diagnosis is architecture. So what does that word actually mean for a firm that buys software, rather than builds it?

SaaS Architecture, Reclaimed for Buyers

SaaS architecture, from a buyer's perspective, is the deliberate design of how your software portfolio is organized— which tools serve as systems of record, which support project work, which provide intelligence— along with named owners and integration patterns for each category. Every firm has a SaaS architecture. Most just didn't design it.

Search the term and you'll mostly find vendor-side content about multi-tenancy, microservices, and service buses— how SaaS companies build their products. That's a different conversation. The one operators need is about how the buyer organizes what they've already paid for.

DimensionVendor-Side SaaS ArchitectureBuyer-Side SaaS Architecture
Who it servesThe software companyThe firm running the software
What it designsMulti-tenancy, microservices, scalingPortfolio layers, owners, integrations
What success looks likeReliable product deliveryA stack you can govern, not a sprawl you can't

The parent discipline here is application portfolio management (APM)— the practice of governing and optimizing an organization's application landscape to support business objectives3. SaaS architecture is the shape that practice produces. Above APM sits IT governance proper, which ties to compliance regimes including SOC 2 and ISO 270014. For a 250-person AEC firm, you don't need the full enterprise apparatus. You do need vocabulary, and you need a model.

If every firm has one, the next question is why most architectures have drifted into sprawl— and why AEC firms are particularly exposed.

Why AEC Firms Are Especially Exposed

AEC firms accumulate SaaS sprawl faster than other mid-market industries because project-based work creates per-project tool buying, only 11% of firms are fully digital5, and cross-team collaboration spans dozens of vendors per project. The combination is a near-perfect sprawl engine.

Four drivers do most of the work:

  • Project-based buying. Every new project introduces tool needs— a sub uses one collaboration platform, an owner mandates another, a design lead prefers a third.
  • Digital fragmentation. 52% of AEC firms still use paper during design and 49% during planning5. New SaaS coexists with paper and legacy systems instead of replacing them.
  • Cross-team friction. Nearly 40% of AEC firms struggle managing cross-team collaboration across project phases6. Friction breeds new tools.
  • Line-of-business procurement. 34% of SaaS purchases happen outside IT7, on top of the broader 70% trend2.

The visible core in most mid-market AEC firms is some combination of Autodesk Construction Cloud, Bluebeam, Procore, and Microsoft 365. That's the part everyone agrees on. The other twenty-five subscriptions are the part nobody can list from memory. Even the vendors are racing to close the gap— Bluebeam and Procore expanded their partnership in 2025 with integrations designed to eliminate data silos across document workflows8.

When 70% of SaaS purchasing happens outside IT, project managers don't bypass governance. They fill a gap governance left open.

Before you can architect anything, you need to see what you actually have. That starts with discovery— and you can run a usable version this week without buying SaaS-management software.

Diagnose Your Own: A Self-Audit You Can Run This Week

A first-pass SaaS audit takes about a week with three inputs: 90 days of credit card statements, expense report data, and SSO/IdP application logs. Cross-reference them, and the gap between what IT manages and what the firm actually runs becomes visible. This is the work AI strategy work for founder-led firms tends to start with— inventory before architecture.

Run it in three steps:

  1. Pull the three data sources. 90-day card statements, expense report exports, SSO/IdP app logs. De-duplicate by vendor name.
  2. Categorize each app. System of record, system of work, system of intelligence, or integration utility. Mark anything you can't categorize— that's a signal.
  3. Tag ownership and usage. Contract owner, license count, last 30-day usage if available, renewal date.
AppCategoryContract OwnerLicense CountLast 30-Day UsageRenewal Date
(Procore)System of Record(Ops Director)(250)(90%)(Q3)
(Random expensed app)UnknownNone1UnknownAuto

Two stats to set the stakes. Shadow IT accounts for about 4% of SaaS spend but 34% of the SaaS portfolio9— the spend signal understates the surface area. And roughly one-fifth of employees have purchased SaaS via expense reimbursement at an average cost of about $600 each10. Small dollars. Big inventory. The average organization wastes about $21M a year on unused or underutilized licenses11.

There's a reason most firms haven't run this audit themselves. You can't read the label from inside the bottle. Outside review or peer challenge speeds it up dramatically— but you can absolutely start internally. The audit gives you the inventory. The architecture is what you do with it.

A Layered SaaS Architecture for a 250-Person Firm

A workable SaaS architecture for a 250-person AEC firm has five layers: System of Record, System of Work, System of Intelligence, Integration Layer, and Governance Overlay. Each layer needs a named owner, a review cadence, and a clear boundary against the others. This is the model— sketch it on a whiteboard, populate it with your tools, and you're most of the way to AI implementation guidance for your specific firm.

Architecture is a thinking exercise, not a procurement exercise. The deliverable is a model the founder can hold, not a tool the firm buys.

LayerExamples for AECOwnerReview CadenceKey Question
System of RecordProcore, ERP, HRISOps Director / CFOAnnualWhat is the source of truth?
System of WorkBluebeam, Microsoft 365, Autodesk Construction CloudDiscipline LeadsQuarterlyWhere does daily work happen?
System of IntelligenceBI/analytics, AI-augmented toolsOperations LeadQuarterlyWhere do we synthesize and decide?
Integration LayerNative connectors, middleware, APIsNamed owner (often vacant)QuarterlyHow does data move between layers?
Governance OverlayApproval path, sunset criteria, license reviewsCOO / IT Director / Fractional CIOQuarterlyWho decides what stays and what goes?

A few things this model is doing on purpose. The System of Record is your source of truth— project data, financials, people. Get this layer wrong and every other layer compounds the error. The System of Intelligence is where shadow AI normally lives. Naming the layer is the first step to governing what's already there. The Integration Layer is the silent killer. Most architectures die there, usually because no one was named to own it.

The integration layer is where most architectures die— usually because no one was named to own it.

The Governance Overlay grounds the model in IT governance practice (SOC 2, ISO 27001 if you ever pursue them4) without requiring you to adopt the full apparatus on day one. Every category needs a named human owner. Tools don't govern themselves.

Once the layers exist, you can decide what to keep, what to kill, and where consolidation actually serves the architecture— versus where it would break a workflow that's earning its keep.

Keep, Kill, Consolidate— and the Shadow AI Question

Decisions about which apps to keep, kill, or consolidate should run through three filters: does it sit in a defined architecture layer, does it have a named owner, and is its workflow value greater than the integration cost? Tool count is a vanity metric. Architectural fit is the real one.

The three filters:

  • Layer fit. If you can't place an app in one of the five layers, it's either redundant or pointing to a layer you haven't named yet.
  • Named owner. No owner, no defense. Apps without owners drift toward cancellation— sometimes correctly, sometimes not.
  • Value > integration cost. Some apps cost more to integrate than they're worth. Some are unsanctioned but solving a real problem. Both are true.

About 30% of SaaS licenses in the average organization go unused12. That's your kill criteria for the long tail. But aggressive consolidation can break workflows that were quietly earning their keep. The goal is architecture, not minimum app count.

Then there's shadow AI. Spending on AI-native applications surged 75.2% year-over-year11 — shadow AI isn't a future category, it's a budget line your firm is already paying. Eight of the top 50 most-expensed apps in 2025 were AI-native9, and two-thirds of IT leaders reported unexpected charges from consumption-based pricing11. Translation: the line item is growing, the pricing is volatile, and most ops leaders find out after the bill clears.

Shadow AI: don't ban, govern. 1. Amnesty. Surface every personal-card AI subscription with no consequence. 2. Approved list. Decide which tools the firm will pay for and standardize on them. 3. Category owner. Name a human who owns the System of Intelligence layer, including AI tools.

Banning AI tools at a 250-person firm in 2026 doesn't reduce shadow AI. It just pushes it back to personal cards. Both are true: shadow AI is a problem and a signal— your people are reaching for tools faster than your governance is keeping up.

All of this assumes someone is holding the pen. In firms where SaaS architecture exists, it's because a specific person made it their problem. In firms where it doesn't, no one was named— and that's usually the actual first move.

FAQ

What is SaaS architecture for a buyer (not a vendor)?

SaaS architecture, from a buyer's perspective, is the deliberate organization of a company's software portfolio into named categories— systems of record, work, and intelligence— with assigned owners, integration patterns, and review cadences. It's distinct from vendor-side SaaS architecture, which describes multi-tenancy and microservices inside a SaaS product. The buyer-side discipline sits underneath application portfolio management3.

How many SaaS apps does a 250-person firm typically run?

Companies with 200-749 employees average 96 active SaaS applications1. The total portfolio counting shadow IT is often 30-40% larger, since shadow IT alone accounts for roughly 34% of the SaaS portfolio while only 4% of spend9. A firm that thinks it runs twelve apps and finds thirty-seven on audit is normal, not exceptional.

How much SaaS spend is wasted?

Approximately 30% of SaaS licenses in the average organization go unused12. The Zylo 2025 SaaS Management Index puts the average organizational waste at about $21M annually, a 14.2% increase year-over-year11. Waste compounds when no one owns license review.

What is shadow AI and how is it different from shadow IT?

Shadow AI is AI tools purchased outside sanctioned channels— typically on personal cards or via expense reimbursement. It's a subset of shadow IT, but it's growing faster: AI-native spending surged 75.2% year-over-year and 16% of the top 50 most-expensed apps are now AI-native911. The pricing volatility (consumption-based, token-based) also makes it harder to forecast than traditional shadow IT.

Who should own SaaS architecture in a mid-market firm?

A named human— typically a COO, IT director, ops lead, or fractional CIO. Tools don't govern themselves; the most common cause of sprawl is the absence of a named owner, not the absence of a framework. In firms under 500 employees, the role is usually part-time work that doesn't justify a full-time hire.

If you've made it this far, you're already past the first hurdle— you've named the problem. The harder hurdle is naming the person who owns the answer.

Architecture Needs Someone Holding the Pen

Mid-market AEC firms rarely fail at SaaS architecture for lack of frameworks. They fail because no one is named to own it. The first move isn't a software purchase— it's a person.

You have three real options:

  • Name an internal owner. Often the COO, IT director, or operations lead. Best when the person already has the political capital and bandwidth.
  • Bring in fractional leadership. A fractional CIO or fractional AI strategy lead— part-time work for a 250-person firm, full-time work spread across two or three firms.
  • Accept the sprawl. Defensible only if you genuinely don't believe the architecture is costing you. At $4,830 per employee per year and growing, that math gets harder every quarter.

Architecture is a leadership exercise. If no one is holding the pen, that absence is the first thing to fix. Tools don't govern themselves. People are the answer, even— especially— when the question is about software.

Tools don't govern themselves. People are the answer, even— especially— when the question is about software.

That move from sprawl-you-can't-see to a stack-you-can-govern is the drowning-to-flying transition for ops leaders. Dan Cumberland Labs helps operators navigate exactly these decisions, specifically with working with founder-led businesses in the $20M-$100M band. If you don't have someone holding the pen on SaaS architecture, that absence is usually the first hire to make— and for many mid-market firms, the answer is fractional rather than full-time. Learn more at dancumberlandlabs.com.

References

  1. BetterCloud, "The Big List of 2026 SaaS Statistics" (2025) — https://www.bettercloud.com/monitor/saas-statistics/
  2. Zylo, "2025 SaaS Management Index Reveals First Increase in Average SaaS Spend in Three Years" (2025) — https://zylo.com/news/2025-saas-management-index/
  3. Zylo, "The Definitive Guide to Application Portfolio Management for SaaS" (2025) — https://zylo.com/blog/application-portfolio-management/
  4. Scytale, "IT Governance in 2026: What SaaS Organizations Need to Know" (2026) — https://scytale.ai/center/grc/it-governance/
  5. Bluebeam (Nemetschek), "Building the Future: Bluebeam AEC Technology Outlook 2026" (2025) — https://press.bluebeam.com/2025/10/new-bluebeam-report-shows-early-ai-adopters-in-aec-seeing-significant-roi-despite-uneven-adoption/
  6. Bluebeam (Nemetschek), "Building the Future: Bluebeam AEC Technology Outlook 2026" — cross-team collaboration finding (2025) — https://press.bluebeam.com/2025/10/new-bluebeam-report-shows-early-ai-adopters-in-aec-seeing-significant-roi-despite-uneven-adoption/
  7. Productiv, "Controlling SaaS Spend: What Has Companies Wasting Up to $40M Annually" (2024) — https://productiv.com/blog/control-your-saas-spend-what-has-companies-wasting-up-to-40m-annually/
  8. Bluebeam (Nemetschek), "Bluebeam Expands Procore Partnership for Construction Collaboration with Two Powerful Integrations" (2025) — https://press.bluebeam.com/2025/09/bluebeam-expands-procore-partnership-for-construction-collaboration-with-two-powerful-integrations/
  9. Zylo, "3 Common SaaS Sources of Shadow IT" (2025) — https://zylo.com/blog/3-common-saas-sources-of-shadow-it/
  10. Zylo, "3 Common SaaS Sources of Shadow IT" — expensed apps finding (2025) — https://zylo.com/blog/3-common-saas-sources-of-shadow-it/
  11. Zylo, "2025 SaaS Management Index" (2025) — https://zylo.com/news/2025-saas-management-index/
  12. Zylo, "175+ Unmissable SaaS Statistics for 2026" (2025) — https://zylo.com/blog/saas-statistics
Dan Cumberland

Dan Cumberland

Dan Cumberland has spent his career at the intersection of technology and human behavior. With an MA in psychology, a background in software development, and six companies built (two exits), he was building AI systems years before ChatGPT made them mainstream. Through Dan Cumberland Labs, he helps engineering firms, construction companies, and professional services leaders implement AI that makes their teams more effective—not less necessary. Through his newsletter and other writings, he is read by millions, including leaders at firms like Google, Microsoft, and Amazon.

AI Strategy

Our blog

Latest blog posts

Tool and strategies modern teams need to help their companies grow.

View all posts