Getting Ready for Software Audits With SoftwareONE
Getting Ready for Software Audits With SoftwareONE
01 November 2019
Software audits are becoming increasingly frequent and can keep entire departments busy for months – time and resources that could certainly be used to better effect elsewhere. What is the purpose behind an audit? How can you protect yourself? Maximilian Hoppe provides some background information on the trends in license audits.
Vendors like Microsoft, VMware or Adobe use audits as an effective method to check that companies only use software for which they actually possess a license, i.e. have paid for. That is understandable and entirely legitimate. But audits are rarely accompanied by a general sense of jubilation in the companies affected, as each license audit means more work and higher costs. A good reason to take a closer look at license audits.
Why exactly do software vendors conduct audits? How does this practice affect the use of software? The British non-profit organization Campaign for Clear Licensing focuses on these issues. It was set up back in 2012 with the aim of shedding light on the complex license policies in software environments while at the same time offering an independent alternative to BSA (The Software Alliance), the lobby group representing the leading software companies.
Audit Defense: Substantial Waste of Time Instead of Innovation
Is there anything to this claim? The survey of 170 license managers revealed that IT departments spend an average of 194 hours to manage an audit – spread over seven months. So companies invest immense amounts of time in ‘defending’ themselves against audits. Increasingly complex licensing rules and more frequent audits cause license managers and software admins to make larger numbers of accidental mistakes. But things that could actually bring added value, for instance strategic management of the software portfolio, tend to languish unexploited in the corner. The processing of audit inquiries takes up so much time that there’s none left for a more profitable, strategic license management.
Too Many Audits Hurt Business
Asked which vendors proof least helpful in cases of audits, the respondents named Oracle, IBM and Attachmate (Microfocus) most frequently. A 2010 study produced similar findings.
The respondents reasoned their statements not only on how the audit proceeds, but also on how frequently they occur. Here, the small print in license agreements tends to state merely that vendors have the right to audit sufficient licensing of their software. But it fails to mention how often they will actually enforce this entitlement.
So theoretically, software vendors can turn up for an audit as often as they like and whenever they choose. But this would harm business in extreme cases. It is essential in these situations to obtain detailed information on the legal provisions applicable in the respective country. In Germany, for instance, Section 307 of the Civil Code (BGB) would apply. It states that terms and conditions are void if they place the contractual partner at an unreasonable disadvantage. Does this automatically mean that audit notices are unlawful? No, but it does entitle the audited party to review what level of effort is purposeful in an audit.
Restricted Ability to Switch Vendors
If an audit reveals insufficient licensing, the software vendor and the company in question need to agree on ‘compensatory’ measures. In most cases this will involve buying the ‘missing’ licenses. But the Campaign for Clear Licensing has shown that the trend now points in a new direction. Microsoft is mentioned as an example. The vendor is willing to forgive minor license infringements, provided the company decides to purchase Microsoft’s strategic products like Office 365 or Microsoft Azure.
This looks like a good compromise at first glance. But it does restrict the company’s ability to switch vendors and take a different approach. Essentially it puts an end to the option of using a similar, but far cheaper software. What’s more, the purchase doesn’t solve the actual problem of insufficient transparency in software licenses. And so the next ‘audit scare’ is certain to crop up again soon enough.
Using Proactive SAM to Counter Software Audits
The solution is not new. We have been spreading the word for years! To free themselves from the endless loop of continuous software audits, companies have no other choice than to actively and sustainably address the issue of managing their software licenses. Here, absolute transparency needs to be the top priority. Companies must know at any time which software they are using, which contractual terms apply, and what they mean. This is the only way to approach an audit and negotiations with software vendors in a confident frame of mind. But the effort certainly pays off in the long term. The processes you need to initiate for this to happen, and whether you can do it yourself or require managed services, will depend entirely on your objectives. We are delighted to help you find the right solution.