The word “audit” is up there with “root canal” in its ability to inflict instant stress.
IT audits are increasingly used by software vendors that want to make sure your company is in compliance with its software licenses. In recent years, as software companies have struggled to keep revenues healthy, they have discovered that assessing fines to businesses in violation of software licenses can be a lucrative way of bringing in money they wouldn’t see otherwise.
Though there’s no doubt your company would never run afoul of a software license, let’s suppose that a hypothetical company did have problems and discovered it was about to be audited. Here are some questions that hypothetical company may have.
What Is an IT Audit?
In the typical software audit, your system administrators will be asked to show that software is not illegally loaded onto machines it shouldn’t be on, that the number of licenses matches up with the number of users or, if you purchased a bulk license, that you don’t exceed the bounds of that license. One thing you definitely don’t want to happen is for an auditor to find that an employee has brought a home version of a software package and installed it on his or her work computer.
What Do Auditors Want?
In short, software auditors want to know that companies are following the rules with regard to software licenses. How much slack they’ll give you if they find a minor violation depends on several factors. If you can show your company makes a good-faith effort to stay on top of all software license requirements, it could act in your favor.
What Should We Do to Prepare for an IT Audit?
If you have a strong IT asset management program in place, preparation for an audit is far less stressful. When you can easily create reports showing the number of copies installed, the number of licenses, license expiration dates, and hardware where the software is installed, you can create those reports in advance and look for potential problems. If you notice discrepancies, you can take steps to correct them before the auditors arrive.
How Can We Do a Self-Audit Beforehand?
Performing periodic self-audits is not just busywork, but could potentially save your company a lot of money and embarrassment. The three main steps in a self-audit are: reading the vendor’s contract, gathering purchase information, and getting an accurate count of how many licenses are deployed:
- Read the Contract – Understand license types and models, including maintenance requirements. Learn if there are limitations on where the software can or cannot be used. For example, are you allowed to use it on laptops that travel outside the US?
- Gather Purchase Information – Know where to get your hands on purchase data. If you purchased from a reseller, make sure that reseller passed on your purchase information to the vendor.
- Get an Accurate License Deployment Count – If your company has a solid IT asset management program, this shouldn’t be a challenge. Otherwise you’ll need to manually locate receipts and serial numbers and match them up to the machines where the software is deployed.
The self-audit is much easier to do when you don’t have an actual audit staring you in the face.
Software audits are becoming more commonplace. According to this TechRepublic article, Gartner survey found that more than 61% of respondents had at least one software audit in the preceding year, while Constellation Research reported a 32% increase in software audits since the beginning of 2008. You simply cannot afford to be complacent about the possibility of a software audit.
Leading IT service management software Samanage not only provides powerful IT service management and asset management software that can help you pass software audits, it also contains an instant IT audit feature that allows you to perform a self-audit at any time. You can easily tell if a computer was added to the network, whether the hardware configuration was altered, and what software was installed or removed. With Samanage underlying your IT asset management program, you have the power to stay on top of software licenses at all times, and better still, spoil all the auditor’s fun when they come calling.
About Laura Miller
Laura Miller is the Senior Director of Sales Operations, ITSM at SolarWinds. She works one-on-one with customers ranging from SMB to Fortune 500, providing them with a modern way to look at service management. Laura's ITIL experience and ITIL v3 Foundations certification provides her with a unique understanding of the service management industry. Her guilty pleasures are anything chocolate, ice coffee, and reality TV.
Read more articles by Laura