Updated 25th April 2014 – The first version of the Code of Conduct is now live here:
https://www.clearlicensing.org/audit-code-conduct/
This code of conduct from the Campaign for Clear Licensing is a first draft. Please leave your comments or contact me to discuss any suggested edits or feedback. Thanks in advance for your help. ~ Martin
Thanks to Rory Canavan, Glenn Thompson, Martin Chalkley, David Foxen and Kylie Fowler for helping put together this first draft.
Software publishers audit their customers to examine if software is being used within agreed terms. This code of conduct defines a set of acceptable practices for behaviour during such audits.
This code of conduct covers types of audit, defining scope, the introduction of third parties, agreeing objectives and discussing results and outcomes.
Guiding principles:
Any audit activity should state the type of audit as outlined below; is it voluntary, contractual or legal?
The table below summarizes the most common types of audit:
Type of Audit |
When Initiated |
Commonly known in the market as… |
Obligation to participate |
Voluntary Audit | Adhoc or speculative, during sales process | Audit, Review, SAM Review, Assessment, Self-Audit, Friendly Audit | Voluntary |
Contractual Audit | Contract event or during sales process | Audit / True-up | Contractual |
Legal Audit | Breach of intellectual property | Audit | Legal |
Notes:
All audit communications should be routed through normal account management channels with appropriate escalation as appropriate.
Initial audit communications should cite:
Agreed Measurement Criteria
The software publisher shall publish clear guidance on what constitutes entitlement, installation and usage:
Third parties (companies involved in the audit but not the customer or software publisher) should declare all commercial interests (either customer side or vendor side) before audit work commences.
Commercial interests may include:
Both parties will agree on a date by when the audit will commence and complete.
If any install inspections are to be conducted by the software vendors or a nominated third party, then the processes and timing to complete such information capture are to be agreed by all parties.
The third party conducting the audit on behalf of the software vendors is to liaise with the client to confirm the operational aspects of the audit. This might include (but is not exclusive to):
All information captured or created as a result of the audit is to be classed as commercial-in-confidence and not relayed beyond the software vendor, the third party auditor and the client, without the express permission of all parties.
If a third party does conduct any on-site data capture on behalf of a software vendor, then such data capture is copied to the company being audited. 100% Disclosure between Software Vendor and Client is essential, so that both parties understand what data is being used to derive any potential fees owed.
Dispute resolution
The software vendor is to confirm the calculation of any licence fees owed, including how final figures were arrived at. A summary figure here is not fit for purpose, as it fails to account for a comparison to existing market prices, or pre-arranged contract prices that might be in force but forgotten about.
Note: Detailed transparency regarding shortfalls can also help organizations with root cause analysis – preventing such short falls in the future, benefiting all parties.
Audit results / closure / recommendations
Both parties reserve the right to dispute the figures arrived at; and take recourse via mediation with the CCL, arbitration with an agreed arbitrator to be agreed and appointed by both sides, and legal proceedings. It is important that an escalation route exists in the event of any dispute arising over the any fees felt due.
The Auditor / Publisher or Third party should explain any discrepancies, the likely root causes of any discrepancies and what steps the organization might take and best practices the organization reference to prevent the same issue happening again in the future. Audit results and recommendations should be delivered in plain english with minimal technical or licensing jargon so that the key messages can be understood and acted upon across the organization.
The Campaign for Clear Licensing will consider all complaints against organizations that have not followed the code with a view to stamping out unprofessional behaviour and raising standards. Contact us in confidence to discuss breaches of this code.
This code of conduct from the Campaign for Clear Licensing is a first draft. Please leave your comments or contact me to discuss any suggested edits or feedback. Thanks in advance for your help. ~ Martin
Thanks to Rory Canavan, Glenn Thompson, Martin Chalkley, David Foxen and Kylie Fowler for helping put together this first draft.