FREE RESOURCE — SAAS STACK AUDIT GUIDE

How to sort out your
SaaS integrations

A structured walkthrough for mapping your integrations, finding what's broken, and cutting what's dead. Below is an example of a completed audit so you can see exactly what to do and what to look for.

* 5 sections* 20–30 min to complete* No technical knowledge required* Built by Stakmap

// Tool Inventory

What are you actually paying for?

List every SaaS tool your company uses. Be thorough — check your credit card statement. Include anything that touches your product, data, or customers.

Tip: Check your company credit card for recurring charges. You'll almost certainly find something you forgot about.

Tool Name	Category	Monthly Cost	Who Owns It	Date Added	Still Active?	Notes
Stripe	Payments	$0/mo	Sarah K	03/2022	Active	Primary billing & subscription mgmt
HubSpot	CRM	$800/mo	Marketing	01/2023	Active	Contact & deal sync
Zapier	Automation	$149/mo	Alex M	06/2022	Unsure	Multiple flows, some may be stale
Intercom	Support	$74/mo	Support team	08/2022	Active	In-app chat & user messaging
Segment	Analytics	$120/mo	Data team	11/2022	Unsure	Event tracking, last checked months ago
Slack	Communication	$12/mo	Everyone	01/2021	Active	Alert pipeline for critical events
Mailchimp	Marketing/Email	$50/mo	Marketing	05/2021	Zombie	Replaced by HubSpot. Not cancelled yet.
Typeform	Other	$25/mo	Growth	09/2022	Active	Onboarding survey

// Connection Map

What's talking to what?

For each integration between tools, add a row. Think webhooks, Zapier flows, native syncs, and custom API calls. One row per connection, not per tool.

Tip: Start with your payment tool and trace every place it sends data. These are usually the most connected and the most risky.

From Tool	To Tool	What It Does (plain English)	Method	Last Known Working	Health
Stripe	Zapier	Payment success triggers onboarding sequence	Webhook	Unknown	Broken
Zapier	HubSpot	Creates a deal in CRM on payment	Native sync	Jan 2024	Unsure
Segment	Intercom	Sends user events for in-app targeting	Native sync	Feb 2024	Healthy
HubSpot	Mailchimp	Syncs contacts for newsletter campaigns	Zapier/Make	Aug 2023	Zombie
Stripe	Slack	Posts payment success alerts to #revenue	Webhook	Feb 2024	Healthy
Intercom	HubSpot	Syncs support tickets as CRM activities	Native sync	Feb 2024	Healthy

// Risk Checklist

Where are your blind spots?

Go through each item honestly. Unchecked boxes are your risks. Don't guess — only tick what you know for certain.

✓

I can name every tool currently sending or receiving data in my stack.

If you can't name them all, you can't protect them all.

HIGH

All API keys in active use have known expiry dates that are tracked somewhere.

Expired keys are the #1 cause of silent integration failures.

HIGH

No OAuth tokens belong to people who have left the company.

Ex-employee tokens often retain full access to live systems indefinitely.

HIGH

✓

I know exactly what would break if Stripe went down for 24 hours.

Your most critical tool almost certainly has the most undocumented dependencies.

HIGH

All webhooks have been tested and confirmed working in the last 30 days.

Webhooks fail silently. If you haven't tested it, assume it might be broken.

HIGH

✓

I know exactly where customer PII (names, emails, payment data) flows.

Required for GDPR compliance and SOC2 certification.

MED

✓

Every tool in my stack is owned by a named person still at the company.

Unowned tools don't get monitored, updated, or cancelled when no longer needed.

MED

✓

I could safely cancel any single tool without accidentally breaking something else.

If the answer is no for any tool, that's a dependency risk waiting to happen.

MED

There are no tools we're paying for that nobody actively uses.

The average company wastes $135k/year on unused SaaS subscriptions.

LOW

A new engineer could understand our full integration stack from documentation alone.

If it only lives in one person's head, it's one resignation away from being lost.

LOW

6 / 10 checked. 4 unchecked items are active risks — each one is a potential silent failure or security exposure. Address the HIGH items first.

// Action List

What needs fixing right now?

Based on sections 1–3, list every issue and assign it. Even if you don't fix it today, writing it down means it won't get lost.

Issue Found	Priority	Owner	Status	Due Date
Stripe webhook URL not updated after last deploy	Critical	Alex M	In progress	20/02/2024
Revoke ex-employee OAuth tokens in HubSpot + Segment	Critical	Sarah K	Not started	25/02/2024
Cancel Mailchimp subscription — zombie tool, $50/mo	High	Sarah K	Done	15/02/2024
Document all active Zapier flows in Notion	High	Alex M	Not started	01/03/2024
Track API key expiry dates in shared spreadsheet	Medium	Alex M	In progress	01/03/2024

// Review Cadence

How to stay on top of it.

A one-off audit decays fast. This is the minimum cadence to keep your stack visible and healthy without it becoming a full-time job.

// MONTHLY

Check for any new tools added without being logged
Review integrations marked 'Unsure' and resolve them
Confirm all active webhooks fired at least once
Check for API keys expiring in the next 60 days
Review zombie integrations — cancel or reactivate

// QUARTERLY

Full tool inventory review — anything to cut?
Audit all OAuth tokens — any ex-employees still connected?
Review tool ownership — anyone left the company?
Check API costs — anything scaling unexpectedly?
Test every critical integration end to end

// ANNUALLY

Full rebuild of this audit document from scratch
Negotiate or review all annual SaaS contracts
Review data flows for GDPR / SOC2 compliance
Document stack for any new team members
Assess build vs buy for any custom integrations

// Want this automatically?

Stop doing this manually.

Stakmap monitors your entire integration graph in real time — so you get alerted the moment something breaks, not days later when a customer tells you.

Join the waitlist →

How to sort out yourSaaS integrations

Stop doing this manually.

How to sort out your
SaaS integrations