Take a risk-based approach
Conducting risk assessments on your applications will reveal which are most critical to your business operations. This helps you determine where controls need to be in place, which areas of your BCP should be reinforced and which processes and procedures need to be enhanced to account for the varying levels of criticality.
Maintain a centralized repository
Having a centralized repository of applications should be a central aspect of any IT Governance program. This enables your organization to standardize the oversight process and understand the exact benefits and costs of each and every application, in addition to any potential risks associated with it.
Identify dependencies & increase efficiencies
Having one list of applications makes it easier to identify which applications are truly critical to operations and which your company perhaps just forgot to cancel a contract on. Are teams using duplicative or similar tools? Can aspects be consolidated? This is all much easier to view when working in one area with consistent fields of information.