Jun 28, 2017
Rowan O'Donoghue
Rowan O'Donoghue
Rowan O'Donoghue

Software, license and audit – three simple words that on their own mean almost nothing. String them together though – software license audit - and you create a phrase that terrifies every IT asset manager.

A lack of understanding from the rest of the business means that we can ignore license count issues for a while. Audits are not as common as we fear, but they do happen to everyone eventually. Your nightmare is actually a case of “when” not “if”.

So it pays to plan the correct response in advance. Here are our 5 top tips to surviving a software audit.

Get your records in order

The best way to survive a software audit is to be fully prepared in advance. That means auditing assets yourself in advance. It also means keeping records up-to-date at all times.

Audits are time consuming and resource intensive (part of the reason vendors go all out to identify breaches). But using an automated discovery and cataloguing tool, you can significantly reduce the manpower required. The same tool can then be used to regularly re-scan and update your records.

When an auditor does appear on site, you will have done half their job for them already. And you will know that you have the correct number of licenses in place too.

Get your legal department involved

Software licensing is typically viewed as an IT-only function. But because there are legal ramifications attached to an audit you should act accordingly. The complexity of the topic as well as the possible consequences make it advisable to get specialised expertise for help.

It is only with the assistance of an experienced specialist that you can be sure the audit will be conducted fairly, that the process is conducted and that you are not unfairly blocked from accessing f you have specialized and experienced support it is assured that you can act on a level playing field. Imagine trying to navigate For comparison only: if you get a tax audit without the assistance of a specialist you would not work this without a tax accountant - to do so would be madness.

If necessary it is advisable to hire an external lawyer who specialises in audits and understands the terminology used by auditors and their legal team. Otherwise, your consultants should connect you with suitably qualified lawyers who can assist you.

Don’t panic buy extra licenses

If you suspect that there will be a shortfall, the temptation is to panic buy additional licenses for applications you suspect may be non-compliant. But this could be a major mistake.

First, there’s a good chance you will purchase too many licenses, wasting your valuable budget. Second, without an accurate understanding of current license coverage, it’s almost inevitable that something will be missed in your panic.

Finally, panic buying lets the auditor know that your business was non-compliant at the point the audit was announced. This not only proves corporate “guilt”, but provides the incentive needed to dig deeper into your coverage, extending the audit process and the likelihood of a fine.

Don’t delete software or shred files

The other way to handle potential licensing shortfalls is to begin uninstalling software. If your business has unused software installed, you should have been doing this regularly already. But if you don’t, removing software early adds to your workload and deprives employees of access to tools they need.

You may also be tempted to destroy records and files that show historical non-compliance. There’s a good chance that auditors will discover what’s happened, causing them to mistrust what you say throughout the rest of the audit. Even if you are telling the truth.

Know your strengths.

It is important that you participate actively in an audit, but this does not mean that you are at the mercy of the auditor. Audits do not take place in a relationship of command and obedience. Audits are very time and resource intensive. It is your time and resources that must be allocated, and you bear all the costs.

To ensure you don’t lose all control of the audit process, there are a few simple rules you need to follow:

Once you receive notice of an impending audit you should take control of the process moving forward. You should set the schedule and the agenda for meetings moving forward.


Never release personal data of clients or employees to the auditor - doing so is a clear breach of data protection laws.Never run any third party scripts supplied by the auditor until you have a written compensation agreement in place, covering any damage caused to your systems.

A software licensing audit can be stressful, particularly if you’re not properly prepared. But by staying calm, and seeking legal advice early, you can take a lot of pain out of the process – not least because you are sharing the workload.

To learn more about how to nail down your software licensing, contact Origina to discuss our Software Asset Readiness Assessment (S.A.R.A.) service or the services and tools of many of our SAM partners. S.A.R.A. or our partners will take you through the audit process.. Just contact us!

Recent Posts

Gartner’s Market Guide for Independent Third-Party Maintenance for IBM, Oracle and SAP Software
On September 10th, Gartner published their first Market Guide for Independent Third-Party Software Maintenance (TPSM) for IBM, Oracle and SAP Software.
Understanding the changing role of the SAM
Within the IT department, software asset management is easily overlooked. Which means that SAMs rarely get the recognition, support or resources, they deserve (and need).
IBM/HCL - Breaking News
From the 1st of January 2020, IBM will no longer own or continuing to support Appscan, BigFix, Unica, Commerce, Portal, Lotus Notes & Domino and Connections as they have sold 7 of their legacy software systems to Indian based company, HCL.


Neue Rollen, neue Aufgaben – das Profil des SAM ändert sich.
Innerhalb der IT-Abteilung wird der Bereich Software Asset Management gern mal links liegengelassen. Das heißt, der SAM erhält nicht immer die Anerkennung, Unterstützung oder Ressourcen, die er verdient (und dringend benötigt).
IBM/HCL - Aktueller Stand
Mit dem 1. Juli 2019 hat IBM den Support für Appscan, BigFix, Unica, Commerce, Portal, Lotus Notes & Domino sowie Connections eingestellt, da das Unternehmen diese Softwarelösungen an die indische Hindustan Computers Limited (HCL) verkauft hat.
IBM/HCL - Was passiert jetzt?
Am Dienstag, den 28. Mai, veranstalteten der Origina CEO, Tomás O’Leary, und Martin Thompson vom ITAM Review ein Webinar, das den Verkauf großer Teile des bestehenden IBM-Softwareportfolios an HCL zum Thema hatte.


Comprendre l’évolution du rôle des SAM
Dans les services informatiques des entreprises, la gestion des actifs logiciels (Software Asset Management) passe facilement au second plan. Les responsables SAM bénéficient donc rarement de la reconnaissance, du soutien ou des ressources qu’ils méritent - et dont ils ont besoin.
IBM/HCL - Dernières actualités
Depuis le 1er juillet 2019, IBM ne possède plus les logiciels Appscan, BigFix, Unica, Commerce, Portal, Lotus Notes & Domino et Connections et n’en assure plus le support, puisque la société a cédé 7 de ses anciens logiciels à son homologue indien, Hindustan Computers Limited (HCL).
IBM/HCL - Que se passe-t-il maintenant ?
Le mardi 28 mai, Tomas O’Leary, PDG d’Origina et Martin Thompson du magazine The ITAM Review ont participé à un webinaire portant sur le rachat d’une grande partie des anciens logiciels d’IBM par HCL.