Understand the risks associated with a software audit

By Linda R. Cohen

Gartner Inc.

A software audit can have a major impact on your organization. Know whether your software licenses are in compliance, or face fines and productivity losses.

Many enterprises are not aware of the impact that a software vendor audit can have on their organization – financially and in terms of time consumed. Because enterprises do not condone software installations unless they are properly licensed, most enterprises believe that they do not need to be concerned about the results of software audits. However, an enterprise may be out of compliance with its license agreement for many reasons, and it may not even be aware of it.

The number of software vendor audits is increasing. Enterprises need to develop audit principles and processes to ensure that they stay in compliance with their license agreements, and that they know their audit responsibilities and rights. Audits are not pleasant. Normal work is disrupted as purchasing records, license agreements and other documentation are researched. Because many contracts are vague in their usage rights and subject to reinterpretation, there can be significant management time involved in discussing and resolving issues related to these rights. As far as the audit results are concerned, at best, an enterprise is within compliance and only time is involved. At worse, the audit will prove that the enterprise is out of compliance and, with negotiation leverage at its lowest, the costs can be significant.

Software compliance is often not a priority in an enterprise until there is a perceived risk of an audit. To determine if an enterprise has the staff and processes in place to maintain accurate license compliance, consider these questions:

– How long has it been since a meeting was held on contract compliance and asset management?

– Does the CIO know who is responsible for IT asset management?

– Are personnel trained in software license negotiation managing the technology contracts?

– Is there centralized technology procurement within the enterprise?

– How long has it been since a desktop audit was performed?

– Are asset management projects funded?

– Does the enterprise have written procedures on software procurement processes?

– Does the enterprise have written policies on software licenses that are not legally procured?

If the answer to any of these questions is “no,” the enterprise has a high risk of noncompliance.

The following research focuses on software audits from a contract viewpoint and the areas of risk to enterprises.

Featured Research

“Clearly Define Software License Usage Rights” – Don’t overlook software license usage rights in software licensing negotiations. By Jane Disbrow

“Ensure Software License Compliance Prior to an Audit” – Use this checklist to ensure software license compliance. By Jane Disbrow

“Surviving a Software Vendor Audit” – Develop audit principles and processes internally to ensure that these audits are managed effectively. By Jane Disbrow

“Don’t Be Surprised by Software Vendor Audits” – Expect increased audits by software vendors and include audit protections in your software licensing agreements. By Jane Disbrow

Entire contents