Mastering software audits with these essential 7 data layers

Every company faces a software audit at some point. You'll get a letter from Microsoft, IBM, VMware, or another vendor requesting license purchasing and software usage data. They’ll inspect this data to see if you’re complying with contract terms. Audit requests bring unplanned work. Analyzing the data is time-consuming, requires full-time resources, and the process can last for months. Often, the vendor finds under-licensing or non-compliance, leading to negotiations and potentially big bills. The article provides tips and best practices how to prepare and respond to an software audit using essential SAM data. 

Determining your compliance

The goal of an audit is for the vendor to uncover non-compliance to collect licensing fees. Audits are a lucrative revenue source, so vendors pursue them rigorously. The audit process starts with gathering software usage data, analyzing it, accurately reporting usage and installations, and reconciling that data against your entitlements and contracts. A Software Asset Management (SAM) tool can automate this, creating a single source of truth.

Pulling data from inventory sources into a SAM tool provides accurate reports on deployment, configuration, licensing, and usage. This data is your secret weapon at the negotiating table when your vendor presents its compliance data. To defend against the vendor’s data, you need accurate data from your own estate. But it’s more than just gathering information and hoping something sticks. You need relevant data that will stand up to the audit.

7 Layers of essential data to beat the audit

Your audit-ready data comes in seven layers, revealing the secrets of your software licenses and giving you an edge in your audit response.

1. Commercial data

This is about the licenses your company purchased: when, how many, and which business unit owns what. Procurement tools can gather this, but just counting licenses isn’t enough. You need to read the contracts, note licenses and metrics, and record Product Use Rights, maintenance terms and dates, and license transfers. Getting commercial data is just the start.

2. Effective licenses

To understand compliance, find your effective license position, which is the licenses needed based on actual usage. Answer these questions about a license:

• Is it a base license, update license, or pure maintenance license?
• Does the base or update license entitle you to maintenance?
• What do the Product Use Rights allow?
• What is the license metric?

Discovery is not the same as inventory. Discovery is when your SAM tool finds installed and running software from all devices. Inventory uses discovery information to count software and hardware on devices. Don’t submit raw discovery data—it’s more information than necessary and may lead to discrepancies in the vendor’s report. Submit inventory reports instead, organized and sorted by a SAM tool to ensure you give only what’s needed.

4. IT architecture data

This data is about where your software runs, which can get murky from a compliance perspective. You should ask:

• Who owns the machines running the software?
• How is the hardware configured?
• How is the IT architecture designed?
• Is the software on a hard-partitioned virtual server or in a cluster?
• On which platform is the software running?
• How is the software used?
• Which applications are running on top of what server software?

In "Serverland," licensing can get complicated and costly. But this information is relevant for Product Use Rights and certain metric calculations. Use your SAM tool to be thorough.

5. Metrics & effective demand data

Know the actual contents of the licenses because they define the metric and the vendor’s calculation. Use the metric to calculate licenses needed for your software usage: That’s your Effective Demand. Serverland software license metrics are complex, involving hardware details, configuration, platform, virtualization, and more. There might be alternative metrics, with some favoring the vendor.

For example, Oracle’s metrics require data like database instance name, server status, installed software, processor model, and more. Manual calculations are time-consuming and error prone. A SAM tool simplifies this.

6. Applying license data

Assign update and maintenance licenses to base licenses and apply Product Use Rights. This ensures your license position is accurate and your license demand isn’t exaggerated. Auditors may consider "holes" in the update or maintenance chain as non-compliance. Use a SAM tool to plug these "holes" and save on license costs.

7. Compliance balance

The core layer is applying the Effective License Position (Layer 2) to the Effective Demand (Layer 5)—what you truly have versus what you need. This comparison results in your company’s compliance balance. These data requirements can be fulfilled with a SAM tool, which gathers and processes high-quality data for your audit advantage.

Conclusion

SAM makes your next audit less of a slog. It’s crucial to prepare and respond to an audit using your essential SAM data. Collect all needed license data beforehand with the right people, processes, and tools, such as USU Software Asset Management. Use this data effectively in an audit to reclaim budget and maximize savings. Effective SAM ensures you’re buying the right number of licenses while remaining compliant. Whether on-premises or in the cloud, using top-notch data smartly means you can handle your next audit with ease.

E-Book

How to Prepare for Software Audits with Ease

Essential guide to achieve software compliance and savings with solid SAM data

Download now

Learn more about USU Software Asset Management and schedule a free consultation.