Microsoft licensing

Microsoft Licensing

What Do Auditors Look For During a Microsoft Audit?

Microsoft Licensing – Audit

  • 16 November 2020
  • 4.5 minutes to read

Computer software must be treated as a tangible asset. Some individuals or organizations may be using software illegally without their intent or knowledge. This is not a valid excuse and does not absolve you of your legal obligations. Nor is it likely to lessen the penalty in case of an audit or prosecution. You may be tempted to install or access software on more systems than you have licensed, just because it is possible. However, doing so without a valid license for each instance is considered theft and will be treated as such in court.

When Can You Expect a Microsoft Audit?

For Microsoft Volume Licensing (VL) customers, the question is not if they will be audited, but when this will happen. The terms of VL Agreements gives Microsoft the right to perform an audit once every year, with a thirty days notice. Select, Open, and Enterprise Agreement customers should expect an audit at least every three years. This may either be a self-assessment or an onsite audit.

A Proper Software License Administration

The most valuable preparation is being well organized and having a complete and accurate administration. This can be difficult in large organizations where software and hardware are available through multiple sources. The auditee must provide proof of purchase for every copy of the software installed or accessed via invoices and receipts, Certificates of Authenticity (COAs), product keys, VL agreements, and any applicable purchase records.

If you perform an inventory of your installed and accessed software, do not forget that employees work remotely! When the software resides on a server you must ensure that every user or device accessing the product is licensed with appropriate user or device Client Access Licenses (CALs). Many users will use corporate assets on [HG1] personally owned devices such home PCs, tablets, and smartphones. A common violation is that virtual servers (primarily SQL) are being accessed remotely. Auditors know this, so they certainly will focus their attention on such areas.

A number of Software Asset Management (SAM) tools may help to partially automate the inventory process but manual research and documentation will be required as well. Most inventory tools for instance don’t account for CALs, nor do they adequately analyze virtual scenarios.

Once you have an accurate inventory of applicable software, devices, and users you’ll need to match the proof of purchase with each installation or instance of the software. If you cannot demonstrate that everything has been properly licensed and purchased, you will be out of compliance and subject to additional purchase and/or penalties.

What is the Cost of a Microsoft Audit?

Unlicensed usage of five percent or more of the purchased license value will leave a customer to pay the retail price for all unlicensed products plus the cost of the audit. If your organization purchases device CALs and fails to license personally owned devices accessing company resources, the fine will be two to four times the price of the CAL for each violation. There may be multiple violations on each device. Multiply that by the number of potential users and devices and it’s easy to see why you should pay attention!

Saving Money

Accurately managing software can benefit your company in more ways than just being able to timely respond to an audit request. It is not uncommon to discover that you have paid (or are paying) for more licenses than needed. Maybe because you have fewer employees, a reduction in business, changes in technology, decommissioned equipment, or otherwise.

Knowing exactly what your company has licensed and how the software is used may well save a substantial amount of money during your next true-up or license renewal. Gathering and interpreting the license and usage situation is a daunting task since the rules governing software licensing are very complex and always evolving. That’s why many companies are hiring licensing experts to assist them. These experts not only will assist your company in becoming compliant, they also can ensure that you are using the most cost effective software licenses for your business needs.

Regardless of whether you are being audited or not, the discipline and administration for ensuring software license compliance needs to be a core business practice. Ignorance is not a valid excuse from a legal perspective while knowingly being out of compliance constitutes a civil and potentially criminal offense.

Don’t be Overly Afraid!

Thinking of worst case scenarios is very common, but in reality prosecution will occur only in the most severe cases. Usually, when Microsoft has reason to suspect that a customer is significantly out of compliance, the company involved is asked to perform a self audit and report the results. If you cooperate and agree to pay for additional licenses to become compliant, then there won’t be any further consequences.


If your company would ignore a self-audit request or refuse to comply, the case may be turned over to the Business Software Alliance (officially BSA | The Software Alliance). If the BSA takes action and a company is found to be non-compliant, the fine is often two to four times the license cost for each instance. In addition, the offender will be required to purchase valid licenses or remove the software from their systems.

Looking for Advise?

If you are in need of extra expertise, and a structured license administration and management approach, feel free to contact us. We will help you make software compliance an exciting opportunity to improve your business!

Meet our Microsoft experts

Comment on this article

Leave a comment to let us know what you think about this topic!

Leave a comment

Related Articles

Understanding What the Oracle Microsoft Partnership Means to You
  • 03 August 2022
  • Blog Editorial Team
  • Publisher Advisory
  • Oracle, Microsoft, Azure, Cloud, Application Modernization

What the Oracle Microsoft Partnership Means to You

When two software behemoths make a joint announcement, it’s worth taking the time to understand what the implications may be for you. Gordon Davey and Richard Spithoven share their insights on the Oracle Database Services for Microsoft Azure.

It insight july

IT Insights, July

The tech world is such a rapidly developing field that it July sometimes be hard to stay up to date. With our monthly IT insights, you’ll stay in the know. Read about the latest vendor news and trending topics.

It Insight

IT Insights, June

The tech world is such a rapidly developing field that it June sometimes be hard to stay up to date. With our monthly IT insights, you’ll stay in the know. Read about the latest vendor news and trending topics.