The Software Audit Defense Checklist-1E
-
Upload
tina-maurya -
Category
Documents
-
view
212 -
download
0
description
Transcript of The Software Audit Defense Checklist-1E
1E.COM
CHECKLIST
Share this
WHAT TO DO WHEN YOU’RE ABOUT TO BE AUDITED
THE SOFTWARE AUDIT DEFENSE CHECKLIST
1E.COM 2
THE SOFTWARE AUDIT DEFENSE CHECKLIST
So you’ve received a license audit letter from one of your software vendors. Two choices: you can sit back and let them have their way (which could cost you a fortune); or take action and come out ahead.
At 1E, we’re big believers in the active approach. We’ve helped lots of companies throw light on their software usage and discover some serious savings in licensing and maintenance.
1E.COM 3
THE SOFTWARE AUDIT DEFENSE CHECKLIST
1. Initial Contact
As soon as you’ve received an exploratory, “we want to help you” letter from the software auditor or vendor:
�Inform�your�legal�department�–�some�audit�letters�are�quite�specific�
and�not�to�be�ignored;�others�are�complete�fishing�expeditions.
�Based�on�legal�advice,�either�prepare�your�reply�or�carry�on�regardless.
�Get�an�immediate�picture�of�your�actual�software�usage.�
This�is�a�critical�step�–�and�guess�what�–�AppClarity�makes�it�easy.
Perform an initial SWOT analysis of the vendor’s software footprint within
your IT estate, noting any boundaries that the audit letter indicates
(this�could�play�to�your�advantage�if�a�“hot�spot”�is�out�of�scope).
2. First Response
After conducting the SWOT analysis:
Inform senior management of an impending audit, including
a�summary�of�your�SWOT.
�Contact�the�vendor�confirming�the�following�information:
The scope and products being audited
What constitutes proof of licence
What constitutes an install of the software under audit
A schedule for auditing – accept theirs if convenient;
if not, stipulate your own
Your agreement (if relevant) that the third party can
conduct�the�audit�on�behalf�of�the�vendor.
Here’s a quick checklist to help you negotiate your�next�audit.�You�might�even�think�about� it as the IT health check you need to get your software�estate�in�order.
1E.COM 4
THE SOFTWARE AUDIT DEFENSE CHECKLIST
3. Preparing for the Audit
As soon as you’ve received a reply from the vendor, take these steps:
Remove unused/ rarely used software – AppClarity will show you
exactly�where�it�is
Inform senior management of the precise audit schedule and scope;
aligning this to your initial SWOT
Start to collate all requisite proofs of entitlement relating to the vendor audit
Schedule the installation and running of any scripts – making sure they only
run�on�devices�specified�in�the�scope�of�the�audit
�Schedule�any�on-site�audit�(if�required).
4. Conducting the Audit
Chaperone your auditor or vendor. Now’s the time to get close!
Let the auditor conduct an on-site inspection (if required)
�Ensure�the�auditor�copies�you�on�the�findings�of�the�audit�
�Ensure�that�platform�usage�is�factored�into�audit�findings�
(e.g.�test/�development/�academic)
Ask the auditor to validate the licence metric and interpretation of any shortfalls
�Prepare�a�summary�report�for�senior�management�and�set�expectations�
of�potential�liability.
1E.COM 5
THE SOFTWARE AUDIT DEFENSE CHECKLIST
5. Negotiation Prep
Don’t ignore the small print:
�Become�a�subject�matter�expert�in�the�license�Terms�and�Conditions�
to�counter�any�potentially�outlandish�claims�by�the�auditor.
�Verify�that�the�auditor’s�server�core/�processor�specifications�are�accurate�
(some inventory systems won’t accurately pick up the core/ processor count
and�that�could�adversely�affect�your�license�position).
�Use�1E’s�licensing�expertise�(including�vendor-specific�knowledge)�to�review�
license and install data – we’re here to help!
6. Final Meeting
It’s time for negotiation
�Bring�in�1E�License�Negotiation�experts.�You�don’t�have�to�go�it�alone.
Offer feedback on the how the audit was conducted and how the audit
experience�was�for�you�–�remember,�you’re�the�customer.
�Come�to�an�agreement�on�any�fees�due�(if�any)�using�all�the�data�at�your�disposal.�
Remember:�this�is�a�negotiation;�make�a�strong�case�and�argue�it.
�Schedule�an�agreed�payment�plan.�Again:�you’re�the�customer,�so�negotiate�
on�terms�here�too.
And for the future…Prepare�yourself�for�your�next�biggest�
software vendor audit to come along
– the world of SAM is notoriously small,
and�if�you�got�stung�on�your�first�audit�
then word will undoubtedly get out that
you�might�have�weak�IT�controls�in�place.�
An�active�approach�always�pays�dividends.�
1E.COM© Copyright 2013 1E. All rights reserved. The information contained herein is subject to change without notice. 1E shall not be liable for technical or editorial errors or omissions contained herein.
About 1E
1E is the pioneer and global leader in
Efficient�IT�solutions.�1E’s�mission�is�to�
identify IT waste, help remove it and
optimize�everything�else.�1E�Efficient�IT�
solutions help reduce servers, network
bandwidth constraints, software licenses
and�energy�consumption.
Contact us
US: +1 866 592 4214
UK: +44 20 8326 3880
India: +91 120 402 4000
THE SOFTWARE AUDIT DEFENSE CHECKLIST
Share this
Software�audits�don’t�have�to�be�bad�news.�They can be a great catalyst for getting your estate in order, removing unused software and redeploying�licenses�where�they’re�needed.
Don’t bury your head in the sand – software vendors thrive on paralysis.
Don’t let the audit go beyond the agreed scope.
Fully understand what information is being relayed back to the vendor.
Understand the role of the platform (dev/ test/ production etc.) in your IT estate.
Don’t be afraid to ask for help at any time.
Longer term, think about what business as usual activity will make it easier produce
the�required�reconciliation�report�yourself�–�to�counter�the�next�vendor�audit.
For more help and advice, visit our Software Audit Defense site.
GOOD LUCK, AND DO GET IN TOUCH. WE CAN HELP.
THE BOTTOM LINE