Enterprise Communications

Combatting Software Audit Angst

By Special Guest
Su Kent, Product Marketing Manager at Snow Software
  |  May 05, 2017

When under the microscope, unprepared organizations can have their carefully planned budgets disrupted by punitive true-up fees and heavy fines incurred through lack of compliance, often unbeknownst to them. Like in any situation of appraisal, lack of preparedness quickly becomes evident during a vendor software audit, causing worry for many. It’s no wonder software and IT asset managers around the globe shudder at the thought of an audit request letter from Microsoft, Oracle (News - Alert), SAP and other like providers.

As you can imagine, these costs are not a preferred topic of conversation with business management. In fact, research indicates that having to explain such unplanned spend to management can generate serious anxiety for IT asset managers.

The good news is that software audits do not have to end detrimentally. There are steps IT managers can take to anticipate what is to come, and resolve compliance issues before they are discovered by the auditors.

Below are a few steps that, when followed, will strengthen your position before an audit review, and safeguard your organization for the future.

Acknowledge the audit request.

Acknowledge the audit request as soon as possible. The worst thing you can do in any vendor audit is ignore the initial letter. Contrary to your desires, the auditor will not go away, and avoidance will only cause ensuing problems. A prompt response within a few days of receiving the audit letter will make what follows much easier. Remember, the goal is to be compliant, and your auditor will appreciate it if you cooperate with them. It is time to consider the question: What is the role and responsibility of key stakeholders – including software asset management, IT asset management, service desk, procurement, security, and IT operational teams – when an audit letter has been received?

Do your research.

After you have acknowledged the request, discover as much as you can about the vendor you are being audited by. The best way you can prepare for an audit is to know what is required of you well in advance, and learn what the biggest compliance vulnerabilities are within your organization.

Perform an inventory audit.

Once your research is completed, it is time to perform a full inventory review to discover all assets including hardware configuration, software deployments, and usage. For this step, you will need to gather an extremely accurate count of licenses so you can infer next steps to take before the auditor takes hold. When performing an inventory, be sure that all connected network devices are accounted for, and identify any blind spots in the network. The data gathered will transform into actionable software asset management intelligence, which will inform critical decisions for stakeholders.

Create effective license positions for all vendors.

Lastly, it is time to compare the inventory against license entitlements. From here, you will have a clear view of usage metrics, which will give you an accurate compliance position so that you can work out your audit liability. What is your software consumption, and where can you optimize your licenses? Which software has your company been overusing, and which licenses can you afford to cut (and save on maintenance costs) or pool? Creating effective license positions for all vendors will set you up for success. Knowing ahead will save you money not only during a software audit but also when making future decisions on software purchasing.

When it comes to software audits, there is no escaping the process. If an organization fears an audit will end in monetary losses, it is a clear indicator that its software asset management intelligence is not up to date. When these steps are followed carefully, you will have peace of mind not only during an audit but in the day-to-day management of your software estate.

Su Kent is product marketing manager at Snow Software.




Edited by Alicia Young
blog comments powered by Disqus