Understanding Your License Entitlements for Software Audit Defense

Ah! Springtime!1  That magical time of year, when the birds sing their happiness, the flowers bloom, and the air smells of … audits?  Wait, what?  The publisher wants to audit our software usage?  Time to scramble to figure this whole thing out.  Let’s see – alright, the End User License Agreement (EULA) says they can audit us, now it’s all on to us to determine not only how much software we’re using, but also how much we are allowed to use.

Perhaps a bit dramatized, but still a scenario faced by many enterprises too many times.  The part on “how much are we using” will be left to another article. We’re going to focus on the aspect of “how much software are we allowed to use” – these two sides of the equation make up the basic tenet of software asset management (SAM), after all—determining your software license compliance position.

One of the main reasons why you must collect and review all of the following sets of data related to license entitlements is simply because of the possibility for human error.  All parties involved, the software vendor, the reseller and your own organization, may have inaccurate data on license entitlements that must be reconciled.

As you examine these different sets of data, you can visualize them as overlapping circles, a Venn diagram, which you’re attempting to converge into a single circle, your true and accurate license entitlement position.

Your first set of records that you need to examine should be the vendor identified license entitlements.  If they are going to audit you, they must have some idea of what you are entitled to use.  While they may target a subset of products for audit, you’ll want to make sure you receive a full set of entitlement data.  This will typically consist of a large set of information, much of which is unneeded, but better to have more data and eliminate unnecessary pieces, then be unaware of missing data.  This is your first circle.

Software License Entitlement Data Sources:

 

License Entitlement Data Diagram Dec16

 

The second set of records to examine is your reseller data.  Ensure that you can map between what the reseller says you have purchased and the entitlement records the vendor has provided.  There may be a set of PO numbers that allow you to do a fairly simple match, or it may be a more tedious exercise of determining which items contribute to a pool of entitlements if that’s the information provided by the publisher.  If a gap is revealed, where the vendor doesn’t show all of the licenses you’ve purchased, it’s time to do some detective work.  Does your organization name fully match in vendor records, or is there a typo or other variation in spelling that would have kept the vendor from matching your name to your entitlements?  At this point, you have two circles of data, ideally represented by a single circle.

Your third record set to examine is organizational changes.  The publisher says you have the license entitlements to use this software, you have the reseller records showing it was acquired, but you know for a fact that when you spun off Spinoff Corp last year, it was agreed that they would take some of this software with them.  What you have in this case is your SAM buddy at Spinoff Corp sweating because he received an audit letter too, and has no proof of entitlement to back up his software installations and usage.  Most publishers have a process and set of paperwork that needs to be followed to move entitlements from one company to another, and this is another possible source of error.  You’ll need to engage directly with the vendor, and the representatives of Spinoff Corp to ensure these entitlements are allocated to the right company.

The converse of the above case is when you’ve finally managed to complete the acquisition of Valuable IP Company.  Any entitlements owned by Valuable IP should transfer to your organization, to account for the merger of your infrastructures.  Also keep in mind that all of the steps above need to be completed for the entitlements associated with Valuable IP Company.  They may have the same issues, so it’s critical to do the detective work on their licenses too.

When this activity is finally complete, you should have a set of license entitlements that represent your software estate.  This admittedly could be a long road, especially if your organization doesn’t have mature software asset management processes in place. But when faced with software vendor audits, this is a crucial journey.  Understanding your own entitlement position, as well as your license compliance position, allows you to work with auditors from a position of strength.

To learn more, please visit our website or read our whitepaper: What Does it Take to Achieve Software License Optimization?

—————————————————————————————————-

  1. Editor's Note: Mika is based in the U.S. where we are, of course, in the early stages of winter, but hey its Springtime (or maybe summer by now) in Melbourne, Australia! Maybe I'm even further behind with blog posts than I thought. — John Emmitt

Leave a Reply

Your email address will not be published. Required fields are marked *