Software can be a tricky, time-consuming and costly business. After all, software licensing costs make up a large proportion of an organisation’s IT budget. These costs not only stem from the initial capital expenditure, but also from the operational costs of effectively managing the environment to gain maximum business benefit and licence, or asset, management. This includes keeping on top of Software contractual agreements and ensuring continuous vendor compliance – no mean feat if priorities have slipped and an audit is due, planned or unplanned.
Recent reports suggest that Software Vendors are auditing organisations more frequently. Data from surveys carried out at Gartner IT Financial, Procurement and Asset Management Summits between 2005 and 2012 shows that the percentage of respondents subjected to vendor software audits increased from 30% to 62% during this period.* Although many of these audits will be genuine routine audits, some will not. Software Vendors struggling to find new revenue streams in hard times have other audit objectives. For example, the vendor may be pursuing areas of non-compliance where they can apply charges and possibly sell in a new product. They may request a self-audit (where the customer supplies the data remotely) and use this data to justify a formal contractual audit, effectively being audited twice. These activities can surprise an organisation and consume an already stretched workforce.
To alleviate the burden of an audit, good practice in software asset management is critical. Putting in place carefully selected tools to underpin strict processes will go a long way to achieving this, the processes being key to making the best or worst tool work effectively. The tools collate the comprehensive data necessary to understand the current licence status and to identify any cost or operational improvements that can be achieved in a cost-effective and compliant way. The organisation’s compliance position will ultimately be very clear, and any necessary corrections can be made well before the vendor is on-site, keeping the organisation in control. Proactive compliance management is definitely recommended.
Additionally organisations need to properly understand the Software Vendors contracts they are tied into…It’s not just a matter of reading over the small print, it’s about knowing what is negotiable and whether the clauses are relevant and when and how an audit will be executed. Understanding or ideally creating tailored, concession rich contracts enables organisations to reduce cost by ensuring that the contract is tightly aligned to meet current and future business goals and IT strategy needs.
Given that a vendor audit can take up a lot of time and manpower, Gartner recommends that software asset managers should be aware all compliance-related activities have a significant resource overhead so plan carefully to avoid knock-on effects on operational activity and consider using third parties to supplement existing capabilities and expertise *. A third party with the right skills and expertise can take the tricky and the time-consuming out of software management, and make good housekeeping second nature. One organisation, Bodycote, did this to help them make sense of their software licence situation and saved £411,000.
Bodycote had a very complex environment resulting from years of acquisitions and swift growth. They are not unlike many large organisations today, which are also grappling with the management of a growth in mobile employees, cloud and virtualisation, all of which have considerable risks and opportunities for software licensing requirements. Working with a partner will provide peace of mind that a high level of licence transparency is maintained – not just at audit time, but at any time.
Trustmarque recommends that customers conduct a self-audit proactively to ensure that there are no hidden surprises and unexpected costs. Optimisation of the estate can avoid significant costs from a licensing perspective, but this is often not a course of action that vendors will allow if they have initiated the audit. A number of vendors offer self-certification programs, and Trustmarque is able to ensure that the data captured is sufficient to pass these certifications, providing a route to eliminate the risk of audit. If the vendor has already contacted you, then Trustmarque provides services around the mitigation of risks through advisory services around vendor management in such a situation,.
*Source: Gartner report G00249117: Surviving a Software Audit, published 20 March 2013. Analyst, Victoria Barber