Buying the Cloud Is Easy.
Owning the Consequences Is Not.

Modern cloud and SaaS providers do not sell isolated services. They sell platforms whose value propositions are deliberately intertwined with dependencies. Native services, proprietary data models, and integrated pricing mechanics create speed and scale — but simultaneously make switching difficult. In many organizations, these effects are underestimated, particularly with PaaS services and business-critical SaaS platforms.

The central insight from practice: architecture decisions are always economic decisions. Those who commit early to specific technical paths implicitly define future cost structures, negotiation leverage, and exit options. Subsequent contract negotiations can rarely correct these choices.

Enterprise architects do not think in terms of negotiation leverage. Procurement teams do not think in terms of architecture dependencies. Yet both dimensions are inseparably linked. This disconnect — between technical design and commercial consequence — is at the root of most sourcing failures we encounter in practice.

A central misconception in tech sourcing is treating cloud and SaaS contracts as one-off deals. In reality, the decisive moment lies not in the initial contract but in the renewal. Many providers deliberately calculate with low entry prices, increasing usage, and growing dependency. Price adjustments are not understood as exceptions — they are an integral part of the business model.

Typical renewal cost increases range from 15–30 percent. CFOs are increasingly demanding ROI evidence before extending agreements, and the AI pilots launched in 2025 will create particularly critical renewal situations in 2026.

At the same time, true comparability is nearly impossible. Pricing models differ fundamentally across providers, service scopes are difficult to delineate, and lock-in effects often become visible only during operations. Seat-based pricing is declining — from 64 to 57 percent of contracts — while usage-based models are rising to 43 percent and hybrid approaches are becoming dominant. Without a pre-defined decision framework, vendors are selected rather than systematically evaluated. Procurement is often brought in too late to exercise its core strengths: market knowledge, structuring, and risk mitigation.

Successful organizations abandon the idea of a uniform sourcing logic for all technologies. Instead, they consciously differentiate between commodity services, business-critical enablers, strategic platforms, and experimental solutions. This segmentation creates clarity about where standardization is appropriate, where competition must be maintained, and where a deliberate lock-in can be accepted.

A practical framework applies the logic of the Kraljic purchasing portfolio matrix: mapping services along two axes — business criticality and substitutability. Strategic services (high criticality, low substitutability) require different governance than commodity services (low criticality, high substitutability). Leverage and bottleneck segments each demand their own approaches to negotiation, contract design, and vendor management.

From our perspective, this approach reduces not only cost risks but also internal friction. It creates a shared understanding between IT, business units, and procurement about which degrees of freedom exist and which guardrails apply. Governance is defined proactively rather than negotiated reactively.

The trend is accelerating: FinOps scope is expanding from cloud-only to encompass SaaS and data center spend. The share of FinOps teams managing SaaS has grown from 40 to 65 percent. In the EU context, digital sovereignty is emerging as an additional segmentation dimension — with the Sovereign Cloud market projected to triple from 6.7 to 23.1 billion USD by 2027.

The quality of tech sourcing decisions rises significantly when IT and Procurement work together rather than sequentially. In many organizations, handovers between architecture decisions and contract negotiations remain the norm. The result: solutions that are technically convincing but commercially uncontrollable — or vice versa.

Our experience shows that shared responsibility is decisive. When architecture expertise, market knowledge, and contract logic are brought together from the start, more robust decisions emerge. Roles and responsibilities remain clearly separated, but the evaluation of lock-in risks, cost trajectories, and strategic significance happens jointly and deliberately.

However, the traditional pairing of IT and Procurement is insufficient. Finance must be the third pillar. Without CFO-level involvement in evaluating total cost of ownership, ROI trajectories, and capital allocation implications, sourcing decisions lack the financial rigor they require. Beyond this triad, InfoSec, data protection, and enterprise architecture also need structured involvement — the convergence of FinOps and ITAM provides a practical path forward.

A further central pattern in many organizations is the confusion of transparency with control. While numerous tools exist today that make cloud and SaaS costs visible, visibility alone does not lead to better decisions. Only the integration of cost, usage, contract, and market data enables active steering.

A Cost & Spend Control Tower follows precisely this logic. It does not merely reveal what is being spent — it creates the foundation for forward-looking decisions. Renewals are no longer negotiated under time pressure but prepared well in advance. Dependencies become quantifiable rather than merely felt. Tech sourcing becomes a continuous management process instead of a point-in-time procurement activity.

The decisive question for executives today is no longer which cloud or SaaS vendor is the right one. It is: how much dependency should be consciously accepted — and how will that dependency be governed? Organizations that procure technology in isolation gradually lose control over costs, architecture, and strategic optionality.

The geopolitical dimension intensifies this. AWS is investing 7.8 billion EUR in a sovereign cloud region in Brandenburg. Google opened the world's first Sovereign Cloud Hub in Munich in November 2025. The EU is channeling 180 million EUR into sovereign procurement frameworks. These are not IT decisions — they are strategic positioning choices with implications for compliance, data residency, and long-term vendor portfolios.

Yet a critical caveat applies: if everything is declared a leadership responsibility, nothing is. What organizations need are clear escalation criteria. Which technology sourcing decisions genuinely require C-level involvement? Which do not? Without this differentiation, the "leadership responsibility" thesis risks becoming rhetorical rather than operational.

Organizations that understand tech sourcing as an integral part of their corporate management create agency. They connect technological excellence with economic clarity and operational control. This is precisely the difference between organizations that use the cloud — and those that truly master it.

The execution does not happen overnight in a single move. It follows a sequenced logic — starting with what can be done within existing structures and contracts, progressing to organizational changes that require cross-functional alignment, and culminating in the strategic repositioning of tech sourcing as a governance discipline at the highest level of the organization.

The immediate priority is to close the most expensive gaps with the tools already available. FinOps capabilities, where they exist, must be expanded beyond cloud infrastructure to encompass SaaS and data center spend as a single, unified cost surface. Renewal pipelines need to be built now — not as calendar reminders, but as structured preparation processes backed by usage analytics and ROI evidence, so that every upcoming contract negotiation begins from a position of informed leverage rather than reactive time pressure. For AI specifically, organizations cannot afford to wait: the fundamentally different cost dynamics of consumption-based, token-level pricing require a dedicated sourcing approach that most procurement functions have not yet developed. And in parallel, safeguards must be embedded into contracts that are being signed or renewed today — price caps, benchmarking clauses, and escalation mechanisms that prevent the kind of unchecked cost drift the data makes so visible.

Over the next six to twelve months, the focus shifts from tactical fixes to structural alignment. This is where the organizational model must change. The stakeholder triangle of IT, Procurement, and Finance needs to be formalized with explicit decision rights — not as a committee that meets quarterly, but as a standing operating model that governs how technology is evaluated, contracted, and managed across its lifecycle. Sovereignty criteria must be defined for cloud sourcing decisions, particularly in regulated industries and for organizations operating under European data residency requirements — these cannot remain implicit preferences; they must become codified evaluation dimensions. A segmentation framework should map the entire technology portfolio by business criticality and substitutability, creating the shared language between architecture, business units, and procurement that most organizations lack. And the data infrastructure must catch up: connecting cost, usage, contract, and market data into a unified control capability is the prerequisite for every other governance ambition. Without integrated data, even the best-designed processes produce fragmented decisions.

Beyond twelve months, the strategic horizon is about embedding tech sourcing into corporate governance permanently. This means conducting an honest multi-cloud reality check — auditing actual controllability rather than accepting aspirational architecture diagrams as evidence of flexibility. It means performing architecture reviews that attach explicit economic valuations to technical choices, quantifying the lock-in cost of every major platform dependency. It means establishing board-level tech sourcing reporting as a recurring governance element, ensuring that technology spending and vendor risk receive the same executive attention as capital expenditure or headcount planning. And it means defining clear escalation criteria — determining which sourcing decisions genuinely require C-level involvement and which can be safely delegated — so that the "leadership responsibility" thesis becomes operational rather than rhetorical.