Blog
Admin GuideMay 2026 · 7 min read

What's Inside a SpendReady Audit Report — and What to Do With It

Every section, every number, every recommendation — explained. This is the page you bookmark before your renewal call.

TL;DR: The SpendReady audit report has five sections: severity stats, seat usage trend, signal-availability disclosure, findings list, and feedback. Each section answers a different question and points at a different action. Most admins look at the findings list and miss the trend chart, which is the part that actually moves renewal negotiations. Here's how to read all of it.

Section 1 — The four stat cards

At the top of every report: Critical · Warnings · Informational · Estimated Monthly Savings. They look like vanity metrics. They're not.

  • Critical = inactive users (90+ days), users who have never logged in (and weren't provisioned in the last 30 days), and PSL assignments to inactive accounts. These need action before renewal.
  • Warnings = under-utilized license pools (e.g. 50% of purchased seats used), integration-user risk, stale OAuth tokens unused for 60+ days. Action recommended, not urgent.
  • Informational = recently-provisioned users who haven't logged in yet (probably onboarding, not waste), and meta-findings like “you didn't supply renewal metadata so savings estimates use defaults.”
  • Estimated Monthly Savings = sum of estimatedSavingsMonthly across all non-snoozed findings. If you didn't supply your negotiated per-seat rate, we use the public Salesforce Enterprise list price ($165/seat/month, post-Aug 2025 hike). Provide your actual rate in settings for accurate numbers.

What to do: if Critical is 0 and you've been running audits weekly for at least a quarter, your org is in good shape and the value of SpendReady is now in the trend chart, not the findings.

Section 2 — Seat usage trend chart

This is the section most admins miss on a first read. It only renders if you have at least two completed runs — so it's blank on the first audit, sparse for the first month, and then it becomes the most important thing on the page.

The chart plots active user count over time, with min, average, and max called out as numeric stats. The current run is highlighted in white. The average is drawn as a dashed line across the chart.

The stats serve specific purposes:

StatWhat it meansWhen you use it
MinLowest active count over your recorded historyYour renewal negotiating floor
AvgMean active count across runsThe realistic number to budget against
MaxHighest active count over historyThe number Salesforce reps will quote (so know it cold)
CurrentThis week's numberSanity-check against the trend — sudden drops mean someone left or got deprovisioned

What to do: if your Max is much higher than your Average, dig in — it's probably a one-week spike from a sales push or a new-hire onboarding wave. If your Min is much lower than your Average, that's a deprovisioning opportunity. The gap between Max and your purchased seat count is the size of the conversation to have with your AE at renewal.

Section 3 — “Signals unavailable in this org”

An amber callout that lists any audit signals we couldn't pull. Common reasons:

  • Your Connected App doesn't have the OAuth scope to read OAuthToken (would show staleTokens as unavailable)
  • Your profile doesn't have API Enabled on the User object (would block everything — usually you wouldn't see any findings at all in this case)
  • You're running against a Sandbox that doesn't have the parent org's LoginHistory mirrored (LoginHistory in Sandboxes is a known gap)

What to do: the callout names exactly which signals failed. If integrationUserRisk is unavailable but you care about service-account hygiene, that's a conversation with whoever owns Connected App OAuth policy in your org. Other findings are still valid — unavailable signals are silent gaps, not corrupt data.

Section 4 — The findings list

This is the longest section and the part most readers focus on. Three things to know about how it's organized:

Sort order

Critical first, then Warnings, then Info. We don't group by category because that hides severity — putting all license findings together would let you skim past a critical “inactive user” in favor of a warning-level pool under-utilization. Severity-first means you see what hurts most first.

Each finding has four parts

  • Title in white, Manrope semibold — “Inactive user: Jane Doe.”
  • Description with the entity (username, email) highlighted in indigo monospace — so when you have 25 inactive-user findings, you can scan email addresses without re-reading the prefix.
  • Recommendation in an inset dark panel — the specific action you should take, plus the dollar savings if you act.
  • Meta row at the bottom: confidence (measured vs inferred), category (license, permission, integration, etc.), and the dollar amount.

The confidence label matters

  • high — measured directly. The user's LoginHistory contains records. This is verifiable evidence.
  • low — inferred. The user has no LoginHistory at all. Could be inactive, could be a brand-new user, could be an org with API-only login activity. Cross-check before deactivating.

What to do: always sort actions by Critical-high-confidence first. Those are the slam-dunks — users you can deactivate today without political risk. Critical-low-confidence findings need a conversation with the user's manager. Warnings can usually wait for renewal-prep week.

Section 5 — Feedback panel

At the bottom of every completed audit, a 5-star rating with an optional comment box. Three reasons we put it there:

  1. Every report sent to a customer should ask whether it landed.
  2. The findings we ship today are based on rules we wrote — we don't know what's missing for your specific Salesforce setup until you tell us.
  3. Brutal feedback is more valuable than polite five-stars. If a rule mis-categorized a user as inactive when they're on parental leave, we want to know.

The feedback goes to a real human at SpendReady. Reply will land in your inbox usually within a day.

What's coming to the report next

A few things we're working on for the next iterations:

  • Trend chart with manual annotations — “Spike here was the BD team onboarding. Drop here was the Q3 contract that lapsed.” Context turns trend data into negotiation evidence.
  • CFO-targeted view toggle — same data, reframed for non-Salesforce-admin readers. Dollar amounts up top, technical details collapsed.
  • Exemption / snooze interface — flag users you've already reviewed so they stop showing up in subsequent audits.
  • Findings export — CSV download for the renewal-prep deck. Findings table → spreadsheet → CFO talking points.

The actual workflow

For most admins, the report is something you skim weekly and act on quarterly. The weekly skim takes 90 seconds — check the stat cards for new criticals, glance at the trend chart for anomalies, scroll the findings for new entries. The quarterly action session is when you batch-deactivate or batch-snooze the accumulated findings.

The compounding value is in the trend chart you're building, not in any single week's findings. The findings tell you what to fix today; the trend tells you what to argue at renewal.

See your own report

One read-only OAuth connection. First audit runs in about 90 seconds. Weekly automated audits start immediately on monitoring tier — your trend chart begins populating from day one.

Get your first audit free →
All articlesGet your first audit →
SpendReady
For CFOsFor AdminsPricingBlogTermsPrivacy
© 2026 Fix Your Cloud LLC

Salesforce, Sales Cloud, Service Cloud, AppExchange, and Dreamforce are trademarks of Salesforce, Inc. SpendReady and Fix Your Cloud LLC are independent and are not affiliated with, endorsed by, or sponsored by Salesforce, Inc.