Audits

3 customer examples of increased Oracle audit activity in 2022

12 January 2023
5 minute read
Guest Contributor
Audits

3 customer examples of increased Oracle audit activity in 2022

12 January 2023
5 minute read
Guest Contributor

Evan Boyd, Vice President of Business Development at Software Licensing Consultants discusses the increased Oracle audit activity they saw last year.

In the face of inflation and economic slowdown, Oracle has been trying to pad its bottom line throughout 2022 by laying off thousands of employees and raising customer fees at unprecedented levels – in some cases, as much as 9%.

The tech behemoth has never been shy about instigating audits, but in recent months we’ve witnessed a whole new level of aggression in audit activity. The audits were so aggressive last year, in fact, that even when presented with information that shows their findings to be incorrect, the Oracle audit teams have been unwilling to back down.

3 client audit examples of increased Oracle audit activity in 2022:

Client A: Oracle claimed incorrect hard partitioning configurations on Oracle configured hardware, which inflated false findings by $3 million. The partitions were limited to the cores they were assigned to and there was no way to use more than was assigned. Oracle stated that even though it was only using a limited number of cores, since they didn’t execute one simple command that did not change how many cores were being used, Oracle still counted the entire machine. This was shown to be incorrect, but rather than correct the report, the audit team told the client to “work it out with sales.” The state of “compliance” is truly controlled by the sales department.

Client B: Oracle tried to claim additional Middleware use with their E-Business Suite, which in the past has been on a different platform and required a WebLogic license and an Internet Application Server license. However, starting with version 12.2, the E-Business Suite is built on the WebLogic platform and it comes with a licensed version of WebLogic Basic. Oracle only backed down on this finding after we showed them their own documentation, but once again would not correct the report and told the client to “work it out with sales.”

Client C: Oracle is now trying to claim usage for a schema database with version 19 of their database product. In the past, a client would create the database specifically for the application it is supporting, and only options and packs in use with that database were counted. Now each database install creates a CBD~ROOT database meant to collect schema information. However, if you enable any option or management pack – even for a split second – it also turns that into the schema database. This client would clone production databases into a non-production environment, then using Oracle knowledge base articles would remove the options and packs from the cloned database in non-production as they are not needed. Oracle does not tell clients that you must go into the schema database as well and remove the options – even though it’s not the database supporting your application.

If you’re having similar experiences with Oracle right now, you’re not alone – these are just a few examples of the tactics and gotchas we’ve been seeing from Oracle for months. And this more aggressive audit posture is a good reason to urgently ensure you’re in compliance with your Oracle agreements.

What you can do when facing an Oracle audit

Here are four tips for dealing with Oracle that are always applicable, especially in the current environment of increased Oracle audit activity:

  1. If sales calls you and wants to discuss your compliance, you have the right to decline that call or meeting. They are trying to get information from you so they can determine how to force you into purchasing additional licenses.
  2. If sales suggests that they bring in their license management services group, that is the same as an audit but without following their contractual obligation of giving official 45-day notice.
  3. If you do receive audit notice, per your contract you have 45 days to begin the process. Oracle will seek to start the process immediately and ignore your contractual agreement.
  4. Never accept a finding that Oracle provides. They will cite cloned data, historical data or even inaccurate information. Know your entitlements, your usage and your rights.

———————

About the Author

Evan Boyd is vice president of Software Licensing Consultants and has more than 25 years of IT executive management, licensing and consulting experience. He began his career in healthcare and has served as a CIO, director of information systems, network administrator, consultant and HIPAA compliance officer.

Further reading

Attack vs Defence: How to Avoid Conceding an Oracle Audit Compliance Penalty

Oracle & Microsoft: Financial year-end analysis (free webinar)

3 considerations before a move to Oracle Cloud

Can’t find what you’re looking for?

More from ITAM News & Analysis

  • ITAMantics - April 2024

    Welcome to the April 2024 edition of ITAMantics, our monthly news podcast where we discuss the biggest ITAM stories from the last month. George is joined this month by AJ Witt and Ryan Stefani. Stories tackled ...

  • Broadcom is removing expired VMware licences from its portal - take action now!

    Hot on the heels of Broadcom’s announcement of the end of perpetual licences for VMware it has given customers barely a week to download any keys for licenses from its portal with expired support. This is ...

  • Who Loses When Broadcom Wins?

    News of a new Broadcom deal rarely arrives with great fanfare. The November 2023 VMware acquisition provoked open worry online and in business circles, with many critics wondering whether the former Hewlett-Packard spinoff’s reputation would prove ...

Podcast

No time to read? Want to stay up to date on the move? Subscribe to the ITAM Review podcast.
Subscribe

ITAM training

On-demand and live training for ITAM, SAM and Software Licensing professionals.
Visit LISA