The day has come. Your software vendor has sent you a letter requesting an audit of your software licensing position.
Some SAM professionals affectionately refer to these audit letters as “Love Letters,” – they are a friendly reminder of the loving,
but occasionally difficult, relationship we have with our software vendors.
You knew this day would come, but you were hoping for just a little more time to get prepared.
But you are under the spotlight now whether you like it or not. What do you do next?
1.Act fast. There might be some time to evaluate/change your current licensing position before the audit starts,
so use this time wisely to address any immediate concerns.
2. Consider postponing any major changes to deployed assets. Most of the time, the auditor will track back 90 days,
so major changes in deployed assets are not recommended.
In some cases, it is specifically written that no changes should be made once the audit starts.
Ask the vendor to confirm what is required.
3.Do not over-share. When replying to the auditor’s questions, make sure you only answer the questions being asked.
Your answers should be precise.
Give them the information they need and nothing more, Be helpful, but not overly informative.
4.Pay close attention to what is specifically being audited. It may not always be the whole environment,
For example, recently we have seen customers being audited for specific parts of their environment only,
such as SPLA. Do not make more work for you than is necessary.
5.Watch your language! Remember that your comments will appear in the ELP documentations,
so be careful about your statements, comments, claims etc. as they could be used as evidence against you.
6.Remember that an audit is a negotiation. Not everything that is found to be non-compliant will result in a bill.
Many vendors are willing to make concessions and be understanding of your situation,
but only if you are cooperative and helpful with the process. You must play your cards well.
7.Apply what you have learned to be better prepared next time. While hindsight is a wonderful thing, the best way to
respond to an audit is to pre-audit yourself beforehand. Having just been through an audit, use this experience to build a good
internal pre-audit process so you will be better prepared next time.
Ultimately, an audit is inevitable, so the best way to prepare for an audit is to conduct your own self-audits.
If you maintain good quality records and regularly test your own compliance,
then a real audit will be far less disruptive when it eventually comes.
If you have recently received an audit request, or would like help to better prepare yourself for the inevitable,