Crucial Insights: Understanding Microsoft Audit Triggers and Strategies for Minimizing Your Risk
Has it happened to you yet? You know, that terribly uncomfortable experience known as the Microsoft Audit or Software Asset Management (SAM). If you have been through an Audit before, you know they’re no fun. The entire process monopolizes a great deal of time and valuable resources. On top of that, they can be down-right expensive. Have you ever asked yourself “what triggers an audit”? The truth is that organizations are almost never told the reason(s) they are selected for and Audit/SAM. Make no mistake, there are things you can do to help you reduce your chances of appearing on Microsoft’s Audit radar. Let me break down a few key triggers for you;
1) Your Account Team Audits often start and end with your account teams, despite what they may tell you. It’s important to understand what motivates them and why they would approve an engagement. The account team can trigger an audit for a variety of reasons ranging from ignorance of your environment to self-interest. You need to bear in mind that all software account teams have an aggressive growth number to which they are accountable to drive in terms of sales to their accounts. At a most basic level your account team may just be lazy and in my experience the less your account team knows about your organization the more likely you are to be audited/SAMed.
2) The Vendor’s internal Audit/SAM team has flagged you based on Analytics Often the software vendor’s audit/SAM team will approach the account team to ask if they can audit a specific account. The SAM team will present a case for why the account should be audited and it will be up to the account team to make the final decision. Often this can all come down to how well your account team understands their client. If the account team understands how their client uses their technology they may see obvious gaps in the SAM team’s logic and deny the request. An example of this is a SAM team that wants to audit a company based on lower than expected purchases of Windows Servers. However, if the account team knows that the client is an industrial manufacturer who has an environment which is largely UNIX based (which accounts for the low Windows footprint) they may deny the audit. They may also see a situation in your license statements in which they see a relationship between server and Client Access License(CAL) purchases which may make it appear that you are out of compliance.
3) Merger and Acquisition Behavior Beyond your account team, merger and acquisition behavior is one of the biggest audit triggers we see. If you have recently been involved in this sort of activity, it will often cause you to pop to the top of the audit/SAM list for many software vendors. The rational is in the aftermath of a merger/acquisition there is a period of confusion as systems are rationalized and some institutional knowledge may be lost. In addition, inevitably both organizations will frequently have different levels of Asset Management maturity and there is the possibility that they have very different levels of software standards. Publicly traded companies should know that their account teams are likely reading through their annual reports carefully. They will be looking for signs of rapid growth in terms of revenue and head counts. They will then be looking to see if these organization growth numbers correspond to the sales numbers they are seeing from the company.
4) They Truly Do Suspect that Your Organization is out of Compliance Sometimes your organization is flagged for an Audit/SAM engagement because the software vendor truly believes that you are non-compliant. These are often the result of conversations between the vendor and your staff from various departments. Usually it’s an innocent conversation but something was said (usually inadvertently) which made the vendor suspicious. It can also be the result of possible festering ill will from something that happened in the past.
5) Zero Sum True Ups If you have a Microsoft Enterprise Agreement (EA) you are required to go through a True Up exercise on an annual basis. The purpose of this is to account for growth that occurred during the previous twelve months. If you have no growth, then you submit a form to Microsoft called a Zero Sum True Up form which indicates that no purchases need to be made. The issue is that it appears that the submission of a Zero Sum True Up will quickly cause your organization to be examined and there is a high likelihood that you will receive a letter or a call requesting an audit/SAM engagement.
6) Audits are a huge revenue generating tool for Microsoft It’s all comes down to dollars and cents. You may have done all your due diligence and still get hit with an Audit letter. Audits drive huge revenue for software vendors, and they know it. It has become common place to see a company get audited at least once during their Enterprise Agreement. In fact, you can count on it. As you can see, there are some common triggers for an Audit. You may also be selected for Audit for reasons outside your control. When the time does come for you to be Audited (the time IS coming), make sure you have a team of Licensing Experts on your side to help navigate the difficult process, reduce any potential gaps and ultimately drive down your licensing spend. If you’re being Audited, let MetrixData360 be your ace in the hole.
Find out more at www.metrixdata360.com. CLICK HERE TO BOOK A FREE CONSULTATION