What to Expect when Expecting a Software Audit

Do you find yourself becoming easily agitated or frustrated? Are you feeling overwhelmed, like you are losing control or need to take control? Maybe you are having difficulty relaxing or quieting your mind. If you feel any or all of these symptoms, you may be experiencing stress as a result of an upcoming software audit.

Expect to be audited

A software audit isn’t personal; however, it is how software companies ensure that customers are paying for every license they have installed. Software audits can also generate revenue for software companies; therefore, auditors tend to target organizations that lack an understanding of their software licenses substantially more often than companies that understand and properly manage their software licenses. It is almost impossible for a company to not need software like CBX, due to the majority of companies relying on data management and technology in general. So if you haven’t had an audit yet, you may want to check when you are due for one to be able to prepare a little bit more.
Software audits used to be a rare event for an organization; however, some software companies are performing audits more frequently than in the past. In a report posted by cio.com, 58% of executives surveyed said they have been audited by Microsoft in the last 12 months. The report went on to say that audits from Microsoft have become more frequent in the past five years. “Most often we are seeing Microsoft approach customers via email to conduct a self-audit, but we also see the more invasive, third-party types of audit that will send a shiver down any CIO’s spine.”

It is no longer a question of ‘if’ you will face an audit, it is now a question of ‘when’. Organizations can avoid unexpected costs resulting from a software audit if they invest in tools that accurately report the software installations matched with their software entitlements. First, it is important to understand your software license agreement.

Expect the auditor to understand your software license agreement

A software license agreement can be very complex. One thing to expect from the auditor is that he/she has a thorough understanding of your software agreement. If you do not understand your agreement, you will have to rely on the findings of the auditor.

Endpoint software licenses agreements are not just a question of how many software installations you have versus how many you own, they are also about software entitlement. For example, a software license agreement might state that a license may allow a user to install the software on more than one device. This would be important information when calculating the software entitlement.

Software license agreements become more complex in the data center with software such as Oracle, Microsoft SQL, server virtualization, desktop virtualization, etc. These solutions often use per-processor licensing or multiplexing. It’s important to understand these solutions to understand which one you prefer and need; you can check out more information on oracle date format to understand what this solution provides, as well as break down the complexity.

For example, a Licensing Server Quick Reference Guide for SQL Server 2008 R2 explains the license as follows: For any virtual OSE, you can calculate the number of Per Processor Licenses required for the SQL Server edition that you are licensing by dividing data point A (number of virtual processors supporting the virtual OSE) by data point B (# of cores [if hyperthreading is turned off] or threads [if hyperthreading is turned on] per physical processor). If the result is not a whole number, round up to the next whole number.

The complexity as shown above has opened the door for mistakes. An article by Computer Weekly claims “Along with economic pressure, the survey of 92 senior decision makers reported that technological changes such as virtualization have also driven the increase in audits. The complexity of those technologies makes it harder for companies to be sure they are using them properly.”

Once you have a good understanding of your software license agreement, you will be able to apply your software asset management tools more effectively

Expect to pay if you are not properly tracking your software licenses

It is important to invest in tools and resources to track software licenses, software deployments, and software entitlements. Accurate reporting of software licenses is critical to avoiding unexpected software license costs resulting from an audit. IT departments need to have the ability to do a self-audit internally or by a third party.

Software auditors are aware of organizations that are not using tools to manage software licenses, and those organizations tend to be targeted for an audit more often. One report states “Respondents whose organizations have implemented IT asset management (ITAM) tools report a 32% lower audit rate within the last two years than organizations with no such tools.”

Software companies are aware of the high cost required to perform a software audit, just as they are aware of the revenue that can be generated by the audit. In an article posted by Martin Thompson on the ITAM Review, he states “Because audits are very expensive, a vendor doesn’t undertake them lightly and if you have received a request for an audit it is no longer about the deterrent value of an audit, but because the vendor has decided that there is a strong chance that an audit of your company will bring in more money than it will cost to carry out the audit.”

Expect to pay retroactive maintenance fees for unlicensed software

If a software audit reveals you are using more licenses than you own, expect to pay retroactive maintenance for those licenses. That’s right, you won’t just pay the cost of the license, expect to pay more. Think of it as a penalty similar to paying your taxes after the deadline.

An article published in PC World states, “If a customer is found to be out of compliance, IBM asks them to buy the right licenses and pay two years of retroactive maintenance fees.”


To reduce the stress and costs that result from a software audit, I recommend the following:

  • Understand your Software License Agreements
  • Track software installations with Software Asset Management tools
  • Enable your IT Departments to do self-audits or contract with a third party that can do it for you on a regular basis.
About Marcel Shaw 61 Articles
Marcel Shaw is a technology blogger focusing on ITSM, ITAM, and Endpoint Management at marcelshaw.com. Marcel has worked as technical consultant for more than 25 years for industry leading IT companies with a focus on United States government agencies. Marcel's experience also includes working as a legal expert witness for IT management. Marcel writes about industry technology trends and best practices. He incorporates his views and his many years of experience to provide unique technology advice for people that manage and support IT solutions. Marcel Shaw graduated from Brigham Young University in 1991. Marcel has worked in both pre-sales and post-sales roles for companies such as Softsolutions, Novell, Dell, Softricity, Gateway, Landesk, and Ivanti. Marcel’s expertise and experience include networking technologies (LAN, WAN), IP infrastructure. Internet Caching technology, Storage and Fibre technology (SAN), Security Standards and Technologies, Document Management, Directory Services (NDS, AD, LDAP), Federal Security Standards and Requirements (DIACAP, FDCC, USGCB), ITIL, Asset Management (ITAM), endpoint Management, and endpoint security. Marcel has worked extensively with United States federal agencies solving IT problems. These agencies include USDA, NIST, FDA, DEA, DHS, FBI, DHA, Whitehouse Communications, Army, Air Force, Navy, Joint Task Force, NIH, Social Security Administration, IRS, NOAA, and FAA among others. All of Marcel's posts are edited by Carrie Shaw (@carrieshaw). She is not only a very good editor, but a great wife. Thank You