Below is an excerpt from our Software Audit Risk Checklist, which is available as a free download for subscribers to our newsletter. This is the same checklist that we use in our primary assessment of client environments.
Software Audit Risk Checklist
Software audits are considered an unpleasant and inevitable factor of business. Once, it may have been possible for a company to remain compliant with their software vendors with only a few spreadsheets managed by someone extremely organized. Now, however, software deployments and contracts have become so complex that this is simply not practical.
As technology has evolved, the way that software is used and deployed has become more complicated. Software publishers themselves have not made it any easier with their perplexing software contracts that are convoluted and difficult to read. The temptation to skip over the entire document, agree to the terms and conditions, and move on with our days can be irresistible.
Despite how the software vendors may be stacking the situation in their favor, preparation is your greatest tool of defense. In this document we’ll discuss how you can prepare for a software audit.
Understanding the Risks of a Software Audit
Are You Inviting a Software Audit?
Some software vendors will send audit and Software Asset Management (SAM) review requests at random or on an annual basis; such events are unavoidable. While most software vendors will provide little to no criteria for initiating audits, the fact that there are different kinds of audits should be an indicator that not every audit is born from the same kind of evidence or circumstance.
Vendors have discovered that software audits are an excellent source of revenue, especially if their customer’s compliance gap is large enough to force them to cover the cost of the software audit. Software audits can have a high return on investment, making it well worth the software vendor’s time and money. It is towards these safe ROIs that the software vendors will turn their interest.
Therefore, if there are indicators that a company is out of compliance enough to yield a profit, they can risk their vendor initiating the audit. If you are concerned about your company’s exposure to a software audit, below are the risk factors that increase the likelihood of an audit occurring.