In the previous post, we discussed the recent spike in software license audits, which have uncovered costly violations of vendor license agreements. The frequency of audits is up, and the true-up costs due to noncompliance are increasing dramatically. In addition to the hard costs of noncompliance, the time required to respond to audits is draining IT resources. Many organizations are also paying for software that is either unused or underused, sometimes just to avoid the consequences of noncompliance.
Unfortunately, software audits are virtually inevitable. At some point, a software vendor will come calling and ask that you prove all software currently in use is properly licensed. But that doesn’t mean the vendor gets to call the shots and force you to accept the results of the audit.
The first thing you should do when you receive an audit request is get your attorney involved. Let your attorney explain your contractual rights and obligations and manage the audit process. Your attorney should work with the auditor to determine the scope and schedule. In addition, your attorney should issue requests and draft and review reports and documents, including a non-disclosure agreement to protect any proprietary information that may be exposed to auditors.
While your attorney is finalizing the scope and schedule of the audit, have IT conduct an internal software license compliance assessment. Of course, the software vendor will want to conduct its own audit. If the audit reveals noncompliance, the vendor will typically ask you to pay the current list price for any instance of unlicensed software. However, your company should reserve the right to review the findings of the third-party audit and possibly refute claims of noncompliance.
Many organizations make the mistake of allowing software license audits to drive their software licensing strategy. Instead of making decisions and investments based on business operations and objectives, they focus on surviving the next audit. The better approach is to implement a software license compliance strategy that minimizes the risk of noncompliance and expedites audits so you can get back to business as soon as possible.
Increasingly complex IT environments have made it extremely difficult to track software usage. In many cases, licensing models and software usage outgrow dated agreements. The first step to developing a software license compliance strategy is to take stock of the software you have.
Collect and examine all proof of ownership documents. Do you really need each application in use? If so, is that application properly licensed? Avoid wasted money and reduce audit complexity by removing any unnecessary applications and licenses. Also, consider Software-as-a-Service license models that allow you to pay for cloud-based services on a subscription basis. Finally, document a formal policy for purchasing, managing and using software, and make sure employees follow your policy to avoid noncompliance, whether intentional or unintentional.
Audits may be unavoidable, but that doesn’t mean you have to roll over for the vendor and let audits dictate your IT strategy. Instead, be proactive. Create a software license compliance strategy and policy that make audits less of a headache.
In the next post, we’ll discuss the benefits of effective software asset management.