Oracle Compliance - Know Your Audit Risk Profile

Oracle Compliance

Know Your Audit Risk Profile

Oracle Compliance - Know Your Audit Risk Profile

Like most large software publishers, Oracle routinely audits its customers to ensure software compliance and to generate incremental revenue. While Oracle auditors may characterize the customer under audit as having been randomly selected, the reality is that most audits come about either as a submission directly from Oracle sales or as a generated target from Oracle’s audit department itself. Oracle audits are infamously long, resource-intensive, and, all too often, are financially costly for customers.

The question any Oracle customer should ask is: “Am I at risk for an Oracle audit?”

When were You Last by Oracle?

Given their tens of thousands of global customers, Oracle does not have the bandwidth to audit each customer every year. While the standard audit clause in Oracle’s license agreements allows for frequent audits, Oracle will likely not audit the same company within 3 years of a past audit. All things being constant, a customer who’s last audit was 5 or more years ago is at a greater risk, and we believe customers that have never previously been audited are at greater risk still.

Has Your Company Made Any Acquisitions?

One of the most common activities that trigger Oracle audits are acquisitions. Oracle often assumes that when one company acquires another, the parent company’s software needs increase because of additional headcount, operational size, etc. When an acquisition occurs and the acquiring company does not swiftly buy more Oracle software on their own, Oracle may smell an opportunity for an audit. Likewise, if your company has recently grown through acquisitions, you may be at greater risk of an audit.

Are You Still Licensed by Legacy Metrics?

Oracle has licensed their software by many different metrics over the years., and some customers remain licensed by those retired metrics. In some cases, an old metric may be outdated when compared to current hardware standards. Examples of this are the Named User Multi Server and Named User Single Server metrics, which had minimum license requirements tied to the number of MHz of a server. While the metric may have served the customer’s purposes 15 years ago, state-of-the-art hardware may be creating a compliance violation by inflating the minimum number of licenses required.

Many Oracle customers are licensed by a concurrent metric. While there are advantages to remaining on concurrent licenses, Oracle knows all too well that adherence to concurrency as it has historically been defined by Oracle is difficult.

Some old metrics did not include the allowance for automatic batching that customers enjoy today through the Named User Plus metric. For customers using these old metrics, they must license the front-end user population for any third party database that batches to Oracle. Oracle knows this presents a compliance pitfall for customers as well.

For these reasons, customers that remain licensed with legacy metrics may be at greater risk of audit.

Do You Use E-business Suite or Other Oracle Applications?

Many of Oracle’s applications run on Oracle middleware and database programs. If Oracle believes that you do not have enough licensing of the technology stack to support your application use, they may be incented to audit. If your applications-spend far outpaces your spend on technology programs, that could raise a red flag to Oracle.

Have You Given Oracle the Cloud Shoulder?

Generally, your Oracle salesperson would rather do business with you directly than submit you for an audit. Many customers who won’t pick up the phone for Oracle, therefore, have subsequently received the dreaded audit letter shortly thereafter. Right or wrong, going dark on persistent Oracle salespeople may increase the likelihood of an audit.

Know Your Risk Profile … And Be Ready

Our message to customers is not that they avoid any of the above behaviors that could potentially incite Oracle to audit. Rather, our advice is to be aware of what Oracle views to be a promising audit target and to be ready by ensuring compliance with Oracle’s licensing policies BEFORE any formal audit takes place.

Find Out More

If you feel you’re at risk for an Oracle audit and would like to discuss with a SoftwareONE expert contact us and a Software Asset Management specialist will reach out to you shortly.

Meet the Oracle Team

Comment on this article

Leave a comment to let us know what you think about this topic!

Leave a comment


Brian Lowinger

SAM Oracle Compliance Consultant

Publisher Advisory | Oracle

Related Articles

Office 365 AI & You - Teams Customized Background

Microsoft 365 AI & You - Teams Customized Background

An update to Microsoft Teams AI is making your videoconferencing more professional. It ensures that you remain the center of attention – and not the cluttered background.


Windows 7 Extended Support: Now Is the Time to Take Action!

Microsoft ended support for Windows 7. Find out which far-reaching impact this will have on your environment.

Using Microsoft Teams to Stay Connected in a Changing World

Using Microsoft Teams to Stay Connected in a Changing World

The world’s social, political, and economic climate is changing – and this change brings disruption. Learn how working from home helps, and how you can stay connected with Microsoft Teams.