12 days of ITAM: Day 1 - Audits
25 December 2022
5 minute read
Over the next 12 days, the ITAM Review is going to treat you to some daily ITAM insights to carry you through the festive season. Our very own “12 days of ITAM” kicks off with everyone’s favourite topic; audits.
The following article was provided by Adrian Mulligan, founder of Enterprise Licence Solutions
Times are tough – are you ready to deal with the inevitable software vendor audits?
It’s tough out there for your software vendor sales people in the current economic climate – the cloud wars are continuing with Microsoft, Amazon, IBM, Oracle, Google Cloud, SAP, Salesforce, ServiceNow and new players all vying for supremacy.
It’s a fight to the death where revenue growth is everything and you, the
hostage customer must provide it. There’s always the use of carrot strategies to convince you to make substantial, long term cloud commitments, but it is still proving very effective to spike the carrot with a stick – the ever-trustworthy audit stick.
Software audits will come in many thinly veiled guises – a SAM review, a Software Licence Review, help with Licence Optimisation, presales consultancy, “just having a look to see how we can help….”
But make no mistake, if it looks, smells and sounds like and audit… it’s an audit.
Your software vendors will want predictable things from an audit:
- Create a substantial (breath taking) financial case against you
- Extract a significant one-off payment (new Porsches don’t grow on trees)
- Lock in ongoing annual revenue
- Upsell product bundles you don’t really need or want
- Convert your commitments from on-premises perpetual licences + maintenance to cloud based subscriptions
- Report you as cloud revenue
- Seed the perfect conditions for the next audit
At ELS, we typically see three entry points with our customers for audit assistance:
- Strategic preparation – this is where customers can lock in the best long-term outcomes before any audit notices from software vendors.
- After the letter – this is where we can get involved after you have received an audit notification letter but before any information has been shared with the vendor.
- Saving the furniture – this is where we assist customers in distress – wherein they have, in good faith, provided data to the vendor outside of a managed process and… been slammed with an eye-watering invoice.
You may be told that the auditing departments of the major software vendors operate entirely independently from sales and are simply ensuring customer compliance with their easily understood licencing rules.
In reality auditing teams are a wing of the sales organisation.
“Random” software vendor audits will be triggered by three revenue-maximising forces:
- The vendor has detected new opportunities to expand their revenue base in your organisation
- The vendor has detected that their current revenue base in your organisation is shrinking
- The vendor has detected that their revenue base in your sector is not hitting targets – and you will be required to cough up more despite still being a good customer.
Some of the potent licencing problems which will be leveraged by your auditor are also the most common – some typical areas are outlined below:
- Virtualisation – this is a favourite technique to vastly amplify the licenceable estate base for server, client and application footprints.
- Multiplexing – also known as indirect access is a favourite feeding ground. This is triggered when a customer is liable for additional licence costs for users or devices who can potentially access upstream systems via third party applications – e.g. users of salesforce can potentially access data that was originally held in an upstream ERP.
- Editions, versions and access levels – has the correct edition/version been deployed (or activated) and/or have users been given (or are using) the correct access levels?
- Non-production licencing – are you really correctly licenced for your dev/test, pre-prod, failover and DR environments?
- Runtime licences – are you compliant with the usage rules for bundled technology licences?
- Vague licence definitions
A comprehensive compliance readiness and management framework is essential to ensure enterprises are in control of their costs and software procurement destiny.