CHECKLIST
WHAT TO DO WHEN YOU’RE ABOUT TO BE AUDITED
THE SOFTWARE AUDIT DEFENSE CHECKLIST
Share this
1E.COM
THE SOFTWARE AUDIT DEFENSE CHECKLIST
So you’ve received a license audit letter from one of your software vendors. Two choices: you can sit back and let them have their way (which could cost you a fortune); or take action and come out ahead. At 1E, we’re big believers in the active approach. We’ve helped lots of companies throw light on their software usage and discover some serious savings in licensing and maintenance.
1E.COM
2
THE SOFTWARE AUDIT DEFENSE CHECKLIST
Here’s a quick checklist to help you negotiate your next audit. You might even think about it as the IT health check you need to get your software estate in order. 1. Initial Contact As soon as you’ve received an exploratory, “we want to help you” letter from the software auditor or vendor: I nform your legal department – some audit letters are quite specific and not to be ignored; others are complete fishing expeditions. Based on legal advice, either prepare your reply or carry on regardless. et an immediate picture of your actual software usage. G This is a critical step – and guess what – AppClarity makes it easy. erform an initial SWOT analysis of the vendor’s software footprint within P your IT estate, noting any boundaries that the audit letter indicates (this could play to your advantage if a “hot spot” is out of scope).
2. First Response After conducting the SWOT analysis: I nform senior management of an impending audit, including a summary of your SWOT. Contact the vendor confirming the following information: The scope and products being audited What constitutes proof of licence What constitutes an install of the software under audit schedule for auditing – accept theirs if convenient; A if not, stipulate your own our agreement (if relevant) that the third party can Y conduct the audit on behalf of the vendor.
1E.COM
3
THE SOFTWARE AUDIT DEFENSE CHECKLIST
3. Preparing for the Audit As soon as you’ve received a reply from the vendor, take these steps: emove unused/ rarely used software – AppClarity will show you R exactly where it is I nform senior management of the precise audit schedule and scope; aligning this to your initial SWOT Start to collate all requisite proofs of entitlement relating to the vendor audit chedule the installation and running of any scripts – making sure they only S run on devices specified in the scope of the audit Schedule any on-site audit (if required).
4. Conducting the Audit Chaperone your auditor or vendor. Now’s the time to get close! Let the auditor conduct an on-site inspection (if required) Ensure the auditor copies you on the findings of the audit nsure that platform usage is factored into audit findings E (e.g. test/ development/ academic) Ask the auditor to validate the licence metric and interpretation of any shortfalls repare a summary report for senior management and set expectations P of potential liability.
1E.COM
4
THE SOFTWARE AUDIT DEFENSE CHECKLIST
5. Negotiation Prep Don’t ignore the small print: ecome a subject matter expert in the license Terms and Conditions B to counter any potentially outlandish claims by the auditor. erify that the auditor’s server core/ processor specifications are accurate V (some inventory systems won’t accurately pick up the core/ processor count and that could adversely affect your license position). se 1E’s licensing expertise (including vendor-specific knowledge) to review U license and install data – we’re here to help!
6. Final Meeting It’s time for negotiation Bring in 1E License Negotiation experts. You don’t have to go it alone. ffer feedback on the how the audit was conducted and how the audit O experience was for you – remember, you’re the customer. ome to an agreement on any fees due (if any) using all the data at your disposal. C Remember: this is a negotiation; make a strong case and argue it. chedule an agreed payment plan. Again: you’re the customer, so negotiate S on terms here too.
And for the future… Prepare yourself for your next biggest software vendor audit to come along – the world of SAM is notoriously small, and if you got stung on your first audit then word will undoubtedly get out that you might have weak IT controls in place. An active approach always pays dividends.
1E.COM
5
THE SOFTWARE AUDIT DEFENSE CHECKLIST
THE BOTTOM LINE Software audits don’t have to be bad news. They can be a great catalyst for getting your estate in order, removing unused software and redeploying licenses where they’re needed. Don’t bury your head in the sand – software vendors thrive on paralysis. Don’t let the audit go beyond the agreed scope. Fully understand what information is being relayed back to the vendor. Understand the role of the platform (dev/ test/ production etc.) in your IT estate. Don’t be afraid to ask for help at any time. Longer term, think about what business as usual activity will make it easier produce the required reconciliation report yourself – to counter the next vendor audit.
For more help and advice, visit our Software Audit Defense site.
GOOD LUCK, AND DO GET IN TOUCH. WE CAN HELP.
Share this
1E.COM
About 1E 1E is the pioneer and global leader in Efficient IT solutions. 1E’s mission is to identify IT waste, help remove it and optimize everything else. 1E Efficient IT solutions help reduce servers, network bandwidth constraints, software licenses and energy consumption.
Contact us US: +1 866 592 4214 UK: +44 20 8326 3880 India: +91 120 402 4000 info@1e.com
© Copyright 2013 1E. All rights reserved. The information contained herein is subject to change without notice. 1E shall not be liable for technical or editorial errors or omissions contained herein.