Improving the Audit Experience

By Chris Sullivan

“I am a rock, I am an island,” sang Simon and Garfunkel. Obviously they never got to work in IT audit. No, being a licensing professional today is very much about collaborative endeavor, and supporting business practices and strategies aimed at placing technology at the very center of the enterprise.

Hence why we hear the word ‘transformation’ being bandied about with such frequency. This is understandable given the fact that IT has evolved from being a distinct back office function within a business, to becoming the business – and being the unique enabler for every core process and service under the sun.

And of course transformation means change, which is constant in terms of both its scale and impact on technology infrastructures. Change that in turn is challenging the license management operations of software vendors to keep up; to ensure the audit experience they offer remains relevant and able to deliver practical, transparent, and constructive outcomes.

The Importance of Alignment

Herein lies the opportunity: the chance for IT vendors to reassess the quality and effectiveness of their audit process, as well as the relevance of the overall engagement model. A moment of self-reflection aimed at ensuring their policies and procedures remain closely aligned to current and emerging deployment practices.

Yet equally it’s about ensuring the process remains aligned to evolving customer expectations. It’s about being receptive to a growing demand for audit experiences that are deemed more professional, constructive, open, and ultimately fair for all concerned.

An Honest Appraisal

We hear this word ‘experience’ a lot in the digital era, relating as it does to concerns such as how well a process ‘flows’, how efficient and personalized it is, and how it makes the people going through it feel, think, and act. Just as importantly, experience is also intimately associated with the ‘ideal’, and to evolving industry best practice.

Determining this ideal requires vendors to honestly appraise their current approach to audits, and to factor in market dynamics and changing deployment behaviors etc. – a review that, if it’s to have any real authenticity, must be conducted from a customer’s perspective:

  • What do they like and dislike; what’s working and what’s not?
  • What are they looking for from an audit?
  • What can be done to enhance each critical touchpoint?

These are the questions that must be considered as vendors look to become respected and recognized providers of ‘customer first’ audit experiences.

Putting the Customer Front and Center

Each vendor will have their own take on the answers to these questions. It’s necessary to introduce a fundamental re-evaluation of how the audit process unfolds. From initial contact through to closure, it’s important to actively talk with customers to find ways to drive improvements – and to give them a more proactive voice in helping shape the audit future.

In effect it’s the commitment to changing the type of conversations being held across the audit process. To turn the discussion away from concerns about a mechanical and dispassionate assessment of a deployed estate – toward gaining the context for any given customer’s licensing situation, and understanding the extenuating circumstances behind any compliance issue. It’s about recognizing intent, and differentiating the response offered to those companies adopting an ‘ignorance is bliss’ methodology versus those who have made every attempt to put in place effective controls – but who’ve been undone by user behavior or shifting business demand.

Building on Trust

At the same time, it’s also important to make the process as open and transparent as possible. Obviously trust has to go both ways, but for IT vendors, we should look to achieve this by being very upfront about our objectives; by providing the details of specific contracts and agreements whenever needed; and by highlighting known and potential areas of exposure. To this can be added the need to educate, to explain the ‘why’ behind the ‘what’ and to help in translating the results of an audit, as well as guiding customers in using the findings to improve their SAM capabilities.

But What do Customers Want? 

What should customers be asking for from their major suppliers to help inspire a fresh approach to licensing audits? Or put another way, what can be done to make audits easier and faster to complete? To me, the emphasis here should be on considering the audit process beyond the immediate tasks that need to be completed – and taking a more holistic view of cause and effect.

Insight-led Engagement

This requires context to be gained for each customer and for each separate operating environment. Detailed insights into the journey an organization is on, and the factors that have helped shape their deployments. Knowing this is to better appreciate the types of controls put in place – and the extent of their coverage.

It also enables the audit process to begin with an assessment of the control mechanism itself, and then basing future conversations around these findings.

Incentivizing Excellence

Such an approach is heavily centered on prevention and education, and supporting self-empowered customers who are fully informed on all aspects of their Oracle estate. From a behavioral perspective, it is also an important development for incentivizing companies to invest in the right controls and SAM capabilities at the strategic level. Yes, the headline can be about helping customers avoid any unwanted surprises in the future, but from a ‘customer first’ point of view I think it’s tremendously important to recognize good SAM controls – and to recognize and value best practice.

This to me is the journey all customers and vendors need to make to truly transform the audit experience, and ultimately improve the audit experience.

About the Author

Chris Sullivan is the Chief of Staff, License Management Services (LMS) for Oracle