What Triggers a Software Vendor Audit?

Software audits can feel like they occur at the worst possible time. To a degree, this is logical as often there is a pattern preceding the audit that can easily trigger the concern of the software vendor. In this blog, we’ll look at the common triggers that can cause a software vendor to evoke their right to request a formal software audit:

1. A Change in Spend

Software vendors want to increase or at least maintain predictable revenues. Therefore, any indication that you may be moving away from a vendor and decreasing spending is a red flag. This can include: 

• Reducing the volume of licenses under active support and maintenance 
• Moving Support and Maintenance to a 3rd party 
• Moving to a different licensing model 

Before making any major decisions around decreasing your software spend, we advise you to understand your software license compliance position. Should the software vendor request an audit, you will know you are compliant and have nothing to worry about. 

2. Mergers or Acquisitions

Mergers, Acquisitions and Divestures (MAD) activity can be chaotic. One of the elements often overlooked is software licensing and the compliance status of the legal entities at play. Therefore, MAD activity can be a trigger for vendors to audit you and it’s usually not good news. Ideally, understanding software license compliance should be part of the due diligence processes ahead of MAD activity, and can be achieved using an efficient, tactical SAM ELP & Optimization service or by an in-house team if you have software licensing experts on hand for all of your major vendors. 

3. Contract Schedules, Renewals and ‘Assessment Reviews’ – the ‘3-year rule’

It may sound obvious, but one of the logical questions that occur when contract negotiations begin is – “are you correctly licensed?”. This is a softer-touch approach than a formal audit scenario, but it’s important to consider that any time you’re giving information to a vendor, you will be liable for the software you’re declaring. 

When contracts are due to renew, vendor sales teams and resellers will make efforts to court you and share their latest and greatest options, but whether it’s an ‘assessment review’ or a look at ‘where you are’, be mindful about the information you give away. 

The best way to avoid giving information away is to state Information Security Management guidelines that prevent you sharing company confidential information. 

Being found under-licensed immediately compromises your negotiating position, so make sure you go into discussions in the best possible shape with your licensing, or be prepared to spend more. 

Generally, with perpetual licensing for on-premises software, contract renegotiations and major investments with software vendors come in 3-year cycles. This is the reoccurring frequency at which the vendor is expecting to make their money. So be mindful that if you haven’t renewed or heard from your account manager for a while – they will be driven to get back in touch. 

4. Infrastructure Changes

New investments in infrastructure can have a massive impact upon your licensing – spinning up backup servers for your Disaster Recovery strategy for example and any changes to servers within virtualized environments. Consider software products licensed per CPU core (or defined as core factors) where attributes of the physical server hosts can multiply your license requirement instantly, causing costs to spiral out of control if licensing concerns are not properly accommodated. 

Though a software publisher’s visibility of such changes may be limited, be mindful that account managers will keep an eye on what’s happening as much as possible and will have conversations with colleagues in the industry who may be aware of what you’re buying. 

Changing infrastructure without carefully considering software licensing requirements presents an opportunity for software vendors, so always ensure that any changes you make are controlled – a mature SAM team should be able to advise on the cost implications and risks at the planning stage, not after the fact. 

5. Growth!

As businesses gets bigger it’s well-publicized – perpetual growth is a sign of success. But it’s also logical that as headcount increases, these new people are being provisioned with technology and usually that additional consumption needs accounting for with additional software licenses… be prepared to proactively increase your numbers, or expect an audit request. 

6. Disgruntled Employees

Being found to be under-licensed and therefore using software illegally, causes reputational damage to businesses and it impacts employees too, who may feel the urge to do the right thing and actively report a lack of corrective action to a software vendor or reseller. 

It is essential that senior leaders take SAM seriously and foster an honest and conscientious environment in which governance processes like SAM are respected and valued. 

7. Historic Proof of Entitlement (PoE) Requests

Requesting a statement of your historic PoE from a vendor has been known to trigger interest that’s lead to an audit. Ironically, gathering entitlement data is an essential step in the SAM process, which will give you control over licensing. So the request to audit can often be easily resolved by virtue of the fact that SAM exercise will proactively inform you on your licensing position and enable the business to progress an optimal licensing strategy – eliminating the potential risk of an audit. 

It is therefore important that you keep an accurate record of entitlement that can be accessed by all of the relevant people. SAM solutions that have a central repository make this quick and easy. 

8. External Business Factors 

Completely beyond your influence and control, it is possible that at some point, software vendors will be acquired by an investor or will merge with another major player in the industry. Investors want returns, which can mean short-term tactics to increase revenues and tradeable value or in this case… software vendor audits. 

9. Other Software Vendor Audits

The patterns of poor control above are enough to trigger one audit, and so another is likely to happen once word gets out. 

Bear in mind that sales teams from software vendors talk to their army of channel partners and resellers, and so it’s always best to be as discrete as possible when navigating an audit process, and take steps to prepare your organization against the next audit risk. 

10. Your Reseller Recommended You for Audit

It’s prudent to remember who gains from software vendor audits. Close to the top of the tree are of course the resellers who transact license purchases and profit for these sales. The reseller’s relationship with the software vendor will always be their primary driver, and so information can be shared between the two at many levels. 

Controlling Software Audit Risks 

The best way to avoid the financial and reputational risks that can come to a head during an audit, is to already be in control of your software licensing. 

Certero can help you to gain control and to stay in control, in a way that works for you: 

Full-spectrum, ITAM & SAM Solutions, Unified – Already have a skilled SAM team in-house? – Then check out the Certero Platform for clarity overall IT hardware and software assets. 

Software Audit Defense – Need help navigating the process and limiting your exposure to a software vendor audit? This package is an ideal, timely response that provides everything you need in one – and can be used before, during or even after an audit to achieve your best possible outcome. 

SAM Skills on-demand – Need additional expertise or resources? Certero have subject matter experts for all the major vendors and can complement your team to deliver fast results. 

Take care of SAM for me – Certero SAM Managed Service provide everything you need to gain clarity over your licensing and optimize costs. Delivered using Certero’s unique Technology-Led Services approach, this is an end-to-end service that provides the world’s most advanced SAM technology, expertise and industry-leading best practices in harmony. Find out more.