The Dreaded Audit Request

Best practice

The Dreaded Audit Request

This article has been contributed by Sandi Conrad of Conrad & Associates.

Sandi is the author of the “SAM Starter Kit” published by The ITAM Review.

So, you’ve just received a call from your software publisher that went something like this:

“Hi. I’m the software asset management rep from Microsoft, and I’d just like to chat with you for a few moments about your software asset management processes. I’m looking at a report of your purchases from the past few years and would like to know how many desktops your company has right now.”

Immediately, your stomach does a flip, you check your calendar to see if you can clear your schedule over the next month and you wonder at what point of non-compliance they send CIOs to prison.

Will you be lucky enough to be in with the rock stars and CFOs or will you be in with the general population?

Don’t Panic!

First: in the words of the great and wonderful Douglas Adams “Don’t Panic.”

Think Positive

Secondly: in almost all cases, they do actually want to work with you, not against you. Of course, it will help their bottom line if you need to fill a gap in your license inventory, but in reality they are looking at ways to solidify the relationship, ensure that you are comfortable with the information you have on how to license the products and keep you from being so far out of compliance that you can’t find budget to fix it. They want their customers to be happy and continue to use their product, but use it according to the end user agreements too. After all, they’ve spent a ton on research and development to make your employees more productive.

I’ve worked with clients who have had internal audit requests from vendors, who have called me in a panic and we’ve been able to resolve most of the issues very quickly, without need for legal representation. Here’s some advice to help you should this call happen to you.

1. Be friendly and co-operative. If they think you are trying to hide something they will be more likely to pursue the information aggressively. No one wants to be the bad guy and they are not necessarily targeting you for any particular reason. It may just be that they have finally hit your company name on their alphabetical list of clients. If you don’t know the answers, ask them for a few days to check into the finer details and call them back.
2. Ask your software publisher and vendor for help. You should be able to get reports from both that you can compare to each other and that you can compare to your inventory. This is especially important if you are looking at a combination of purchasing options such as license, subscription, retail boxes and OEM. The publisher most likely will only have license or subscription on file.
3. Review your internal processes and see where there is room for improvement. Do you have a corporate anti-piracy policy? Do you have employee communication and sign off? Do you have a controlled software distribution process? Do you have appropriate SAM tools in place? (How quickly can you get these in place?)
4. If your software really is out of control, contact a SAM partner to assist. They know what to look for and the fastest way to find it. They will know the questions to ask about how you are using the software to decide if you are licensed appropriately. They will also be focused on your issues without other “regular, day-to-day, work” getting in the way, like what your IT staff might be facing. Plus they can act as liaison between you and your publisher on the sketchier issues.
5. Communicate fully with the software publisher. If they know that you have put strong policies in place and that you are getting assistance from someone in the field, or have someone dedicated for XX amount of time, they will most likely back off and give you some space to determine your compliance situation. They will be less likely to impose unrealistic deadlines, fines and retroactive charges if they know you are taking the license issues seriously.

This article has been contributed by Sandi Conrad of Conrad & Associates.  Sandi is the author of the “SAM Starter Kit” published by The ITAM Review.

Sandi has been in the software business since 1991 and was one of the first Software Contract Administrators in Canada.

She has been providing consulting services since 1996, helping hundreds of clients to understand their obligations and rights under a myriad of contracts, and comparing licensing programs to find the most advantageous options for her clients.

Can’t find what you’re looking for?