Software License Audit

How to handle a software license audit

If you’re anticipating a software license audit – and, let’s face it, you should be – you’re most likely concerned with non-compliance: the fear of uncovering that the number of licenses purchased differs greatly from the number of people accessing software. Being under-licensed can bring with it hefty costs as well as even heftier fines, while being over-licensed suggests precious IT budget has been wasted.

A robust SAM process and dedicated SAM Manager should help mitigate these sorts of risks in an ideal world however, for many organizations, a SAM solution is considered a luxury rather than a necessity. The reality is that IT departments scarcely have the time and resource to properly track and optimize software licenses, causing a knee-jerk reaction when the inevitable software licensing audit letter is delivered.

The impact of an audit on a business can be vast in terms of the time taken away from business as usual activities, which ultimatley effects an organization’s capability in dealing with its own customers. A vendor audit can realistically last any time from three to six months, in some cases this can be much longer.

The benefits of an internal software license audit

Optimization and prevention are the two main benefits of running an internal audit. As part of software asset management, an internal license audit will help establish that the organization is adequately licensed, therefore preventing non-compliance and avoiding unexpected fines. In terms of business management, an internal audit will reveal how software is being used through the company and whether licenses can be removed or re-harvested, therefore saving money.

Your organization is ever-changing. Employees come and go, and when a new recruit arrives, their software permissions may simply be copied from another employee with a similar role. This blanket coverage approach awards this new employee access to software they may not need, nor ever use. On the other hand, when an employee leaves, their access may not be revoked, which means the assigned license sits dormant, never used.

Software license audit preparation

Typically, when the audit letter arrives from your software vendor, you’ll be given a notice period – for an Oracle software license audit, this is typically around 45 days, for example, and for a Microsoft audit, it’s just 30 days’ notice – not nearly enough time to completely prepare for a full audit. Ideally, you’ll need to have started proceedings much earlier in anticipation.

Preparing for, or conducting an internal software license audit isn’t easy, but you do have options to make it easier:

Automate data detection from numerous sources

You can make the process of building an accurate and reliable software license repository as painless as possible with an automated solution, cutting out the manual effort. Bulk uploads and import wizards as well as automated licensing metrics such as upgrade and downgrade rights cut out manual spreadsheet based processes.

Understanding what your organization is entitled to use is step one in software asset management, and will be invaluable when it comes to that software license audit request.

Full visibility of deployed applications

Tracking and auditing all devices and servers across your organization’s IT network will produce both hardware and software audit data. Again, understanding what your organization is actually using, and how and where, is a huge part of managing software licenses effectively.

Dashboard Discovery reveals what is deployed across your network. Data Navigator then takes this wealth of information and normalizes the data, creating a super data set and optimizing the strategic technology investment. Data Navigator and License Manager are both discovery tool agnostic and can integrate with any existing discovery technology deployed on an organization’s network.

This data is also essential in making informed business decisions around IT investments, not just in surviving a software license audit.

Robust request and deploy procedures

Working with HR, the IT department can create, maintain, update, and remove users or permissions, but that doesn’t stop employees from downloading and deploying software themselves. Defining and communicating a policy for requesting a piece of software, or access to an existing application will help prevent IT being kept in the dark.

License Dashboard Portal offers a customizable view of what’s in use.

Keeping on top of your organization’s software usage in real-time helps distribute software entitlement to see if further licenses are needed. It will also ensure a faster response time, with less necessary resource, in a vendor audit situation.

Handling the software license audit itself

Hindsight is 20/20, and it’s easy to say that software asset management is the best solution in avoiding a stressful software license audit and fines as a result of non-compliance… but if your vendor has already called on you, and you don’t have your organization’s Effective Licence Position (ELP) prepared, don’t panic. Although notice should certainly be taken seriously, it’s essential to take stock and consider how best to approach it with careful thought and planning. Finance and IT are both likely to have received this notification of an audit, but it is best to also involve the legal department so they can offer advice on responding to the request without divulging unnecessary, but potentially incriminating, information in an effort to cooperate with auditors.

Really, you’d be safest to assign a team to establish responsibilities, including who will be the single point of contact for the auditor. This person can issue a Non-Disclosure Agreement to protect data (if necessary) and agree timelines for delivery depending on resources.

The next task is where it perhaps gets more challenging: Gathering software licenses. This information may or may not be held in a central repository, depending on the maturity (or existence) of your organization’s software asset management, but that central repository is essential in answering any software license audit request from any vendor. Software license data then must be reconciled against actual usage, and if your IT team weren’t already feeling the pressure, this is where resources could really be stretched. Again, with an established software license management solution, this task is easier, otherwise it is likely to be a time-consuming manual task.

A software asset management solution will greatly assist with this process, but remember that licensing expertise is essential to completing the solution. All SAM tools require a human element and this can be delivered either by the organization in-house, or by utilizing consultancy and managed service options from a software asset management provider.

Remember: It may take a couple of attempts before your organization is ready to hand over the results of your audit. Be careful – an impulsive response to under- or over-compliance could lead to costly mistakes.

SAM is the best defence against a software license audit

A software license audit can cause serious disruption and takes time and resource away from business as usual. It’s unrealistic to believe you can avoid being audited altogether (it’s revenue generation for software vendors, after all) but preparation and planning can mean you’ll come out of your audit relatively pain free.

Reliable, up-to-date information at your fingertips through effective software asset management is that preparation. And not only will SAM prevent fines for being under-licensed, it will help you make informed, cost-effective business decisions and guide IT spend.

Ben Eagling

Ben Eagling

Leave a Reply