Demystifying the Audit Process

By Daryl Curtis

The Quest for a More Meaningful and Value-Driven Audit Experience

It’s easy to understand why license management never stands still. First there’s the technology itself, and an ever-expanding array of options for how customers procure and deploy products. Then there are the changes in customer expectations, and the demand for software assets that support a more dynamic and responsive ecosystem of capabilities. Finally there are the continued efforts of vendors to improve their audit processes: to refine them, optimize them, and to ensure they truly do put the customer first.

But what does this actually mean in practice? More importantly, how does it translate into an audit process performed by a major vendor? And finally, what can you do to stay better prepared for an audit, so that when the event happens it can be completed as fast and efficiently as possible?

Let’s find out.

Building (and Maintaining) an Audit-Ready Position

Starting with the last point first, what can you be doing to stay ahead of the game? Or put another way, what recommendations are there for maintaining an ‘audit ready’ position? Well to provide an answer is to first talk software asset management, as I believe it’s essential that any audit process should coincide with efforts conducted under the SAM umbrella – and enjoy shared goals, processes, and outcomes.

Hence why recommendations for helping customers prepare for an audit activity draws heavily from established SAM protocols:

  1. Know your licensing terms and entitlements – through regular communications with vendors and internal stakeholders
  2. Monitor the distribution of licenses – to know who’s using what and where
  3. Maintain a complete list of programs and hardware environments – including hardware definitions and the restrictions in play
  4. Track the lifecycle of users – from initial access to the time they leave the business
  5. Closely define ownership for the above – and conduct regular reviews of your deployment
Putting the Emphasis on Value

A last point I’d like to touch upon is the final outcomes of an audit. The activity itself can take up precious time and resources, so what does an organization have to show for it once completed? Ask that question even five years ago and the likely answer would be little more than “nothing”. But that’s not enough anymore. Not when an ever-growing amount of funding is going into SAM activities as businesses recognize the fundamental role IT plays in their future prospects. Hence why there’s a shifting emphasis toward categorizing the business value being derived from any audit engagement.

Exploring such value brings us back to the topic of SAM best practice, and finishing an audit with a trusted and up-to-date snapshot of your inventory. In addition, you’ll have a definitive view of existing entitlements. Armed with such data, you’ll be in the enviable position of knowing with certainty where you stand – and have the ability to use this comprehensive view moving forward.

Better still, you’ll have the insights needed to get smart with your license management. For example, you’ll have a clear perspective of any spare capacity, alongside the ability to put this ‘shelfware’ to work rather than buying new. Other insights include:

  • A clear understanding of how a vendor measures and assesses license usage
  • More in-depth insights into specific licensing arrangements and best practices
  • A detailed picture of actual usage on which to base future investment decisions
Summing it All Up

The journey toward more meaningful, transparent, and value-driven license audits has certainly gathered pace in recent years. Partly this is due to the recognition that long-term business relationships between vendors and customers demand fair, professional, and agenda-free audit processes. But equally there is the consolidation of industry and SAM best practice for audit organizations to respect and accommodate. To build on the great work performed by institutions like IAITAM, and to promote the benefits of continued SAM investment.

Get this right and we’ll be well on our way to guaranteeing consistency of approach and consistency of output: a demystified licensing landscape that supports better decision-making while reducing any compliance risks. In fact I’d suggest, based on my own experiences that we’re already there.

About the Author

Daryl Curtis is the Director of Oracle North America License Management Services