Broad and Vague Audit Clauses may be Unenforceable

21 Jun 2016

Do you understand all the audit clauses? Do you find these broad and vague?


Leading UK law firm, Pennington Manches, recently carried out an analysis of the case of 118 Data Resource Limited v IDS Data Services Limited & others. This case covered audit clauses in a database license agreement, but has implications for any software vendor audit clause in an agreement as Pennington Manches reckon that broad and vague audit clauses may very well be unenforceable.

The judgement reiterated the requirement for software vendors to clearly set out in their licensing agreements the terms, in this case in relation to audits, as vague terms may well not be enforceable.


What Should your Software Audit Clauses State?


According to Pennington Manches, in order to be effective, and to adequately protect the software vendor’s rights to check that the licensee is not breaching the agreement and that the licensee’s rights are adequately protected, an audit clause needs to be drafted with sufficient particularity to the individual circumstances of the agreement in question.

In particular they recommend that the audit clause should specifically state:

  • The purpose for which the audit may be carried out
  • What information may be inspected
  • What information may not be inspected. Access should not be allowed to commercially sensitive information and legally privileged information
  • What consequences should flow if a breach is discovered by the audit
  • Should data be delivered up, if a breach is discovered
  • What use can be made of information obtained as a result of the audit
  • Who may carry out the audit- the other party or an independent third party
  • Where may the audit be carried out
  • The frequency with which audits may be carried out
  • The time at which audits should be carried so as to minimise the disruption to the business
  • Who should bear the cost of the audit

All of which means it may be well worth dusting down your license agreement and examining the audit clauses carefully to see how they have been phrased. As the likes of IBM, Oracle, SAP and Microsoft will employ an army of legal people, they will in all likelihood have covered this. But, you would have thought that for 118 data, and they fell foul of the courts in this area.

So, check your license agreement now before the next audit letter lands on your desk.

Looking for support ahead of your next software audit? Get in touch with Certero who can provide SAM services, including vendor audit response.

Ready to Speak to the Team that Makes Our Customers So Happy?