What to Expect when Expecting a Software Audit

AuditDo you find yourself becoming easily agitated or frustrated? Are you feeling overwhelmed, like you are losing control or need to take control? Maybe you are having difficulty relaxing or quieting your mind. If you feel any or all of these symptoms, you may be experiencing stress as a result of an upcoming software audit.

Expect to be audited

A software audit isn’t personal; however, it is how software companies ensure that customers are paying for every license they have installed. Software audits can also generate revenue for software companies; therefore, auditors tend to target organizations that lack an understanding of their software licenses substantially more often than companies that understand and properly manage their software licenses.

Software audits used to be a rare event for an organization; however, some software companies are performing audits more frequently than in the past. In a report posted by cio.com, 58% of executives surveyed said they have been audited by Microsoft in the last 12 months. The report went on to say that audits from Microsoft have become more frequent in the past five years. “Most often we are seeing Microsoft approach customers via email to conduct a self-audit, but we also see the more invasive, third-party types of audit that will send a shiver down any CIO’s spine.”

It is no longer a question of ‘if’ you will face an audit, it is now a question of ‘when’. Organizations can avoid unexpected costs resulting from a software audit if they invest in tools that accurately report the software installations matched with their software entitlements. First, it is important to understand your software license agreement.

Expect the auditor to understand your software license agreement

A software license agreement can be very complex. One thing to expect from the auditor is that he/she has a thorough understanding of your software agreement. If you do not understand your agreement, you will have to rely on the findings of the auditor.

Endpoint software licenses agreements are not just a question of how many software installations you have versus how many you own, they are also about software entitlement. For example, a software license agreement might state that a license may allow a user to install the software on more than one device. This would be important information when calculating the software entitlement.

Software license agreements become more complex in the data center with software such as Oracle, Microsoft SQL, server virtualization, desktop virtualization, etc. These solutions often use per-processor licensing or multiplexing.

For example, a Licensing Server Quick Reference Guide for SQL Server 2008 R2 explains the license as follows: For any virtual OSE, you can calculate the number of Per Processor Licenses required for the SQL Server edition that you are licensing by dividing data point A (number of virtual processors supporting the virtual OSE) by data point B (# of cores [if hyperthreading is turned off] or threads [if hyperthreading is turned on] per physical processor). If the result is not a whole number, round up to the next whole number.

The complexity as shown above has opened the door for mistakes. An article by Computer Weekly claims “Along with economic pressure, the survey of 92 senior decision makers reported that technological changes such as virtualization have also driven the increase in audits. The complexity of those technologies makes it harder for companies to be sure they are using them properly.”

Once you have a good understanding of your software license agreement, you will be able to apply your software asset management tools more effectively

Expect to pay if you are not properly tracking your software licenses

It is important to invest in tools and resources to track software licenses, software deployments, and software entitlements. Accurate reporting of software licenses is critical to avoiding unexpected software license costs resulting from an audit. IT departments need to have the ability to do a self-audit internally or by a third party.

Software auditors are aware of organizations that are not using tools to manage software licenses, and those organizations tend to be targeted for an audit more often. One report states “Respondents whose organizations have implemented IT asset management (ITAM) tools report a 32% lower audit rate within the last two years than organizations with no such tools.”

Software companies are aware of the high cost required to perform a software audit, just as they are aware of the revenue that can be generated by the audit. In an article posted by Martin Thompson on the ITAM Review, he states “Because audits are very expensive, a vendor doesn’t undertake them lightly and if you have received a request for an audit it is no longer about the deterrent value of an audit, but because the vendor has decided that there is a strong chance that an audit of your company will bring in more money than it will cost to carry out the audit.”

Expect to pay retroactive maintenance fees for unlicensed software 

If a software audit reveals you are using more licenses than you own, expect to pay retroactive maintenance for those licenses. That’s right, you won’t just pay the cost of the license, expect to pay more. Think of it as a penalty similar to paying your taxes after the deadline.

An article published in PC World states, “If a customer is found to be out of compliance, IBM asks them to buy the right licenses and pay two years of retroactive maintenance fees.”

Summary

To reduce the stress and costs that result from a software audit, I recommend the following:

  • Understand your Software License Agreements
  • Track software installations with Software Asset Management tools
  • Enable your IT Departments to do self-audits or contract with a third party that can do it for you on a regular basis.

 

This article was origninally published on marcelshaw.com

  • Adeel Khero

    just wondering how about the audit of an audit management software itself. lol

  • Jason Stathom

    Well Your blog is very informative. This blog gives a very useful information. We also provides facilities to conduct software audit. For more information you can visit the link below:- https://www.binadox.com/