According to Flexera, 63% of organizations have been audited by at least one of their software vendors in the last two years. Microsoft is among the most active in auditing companies’ use of its software, so if you’ve been in business for long, there’s a good chance you’ve faced a Microsoft audit or will be facing one soon.
The most common types of audit are the self-audit request and the SAM (Software Asset Management) Review. For the most organized and prepared companies, these audits can be a hassle, but don’t present many risks. For companies that don’t have an organized way of documenting their purchase, licensure and deployment of Microsoft software, these audits can be very time consuming and will likely lead to the discovery of many employees using software you haven’t purchased. You’ll need to pay for that software, of course, but as long as you’re demonstrating a good-faith effort to purchase what you’re already using, Microsoft is likely to work with you rather than against you.
If you’re facing a software audit, here are some of the most important things to gather:
Receipts: Microsoft will want proof that you’ve purchased all of the software you’re using. This doesn’t necessarily come from having a license key attached to the software – it comes from the actual receipt showing that you purchased it. Gathering these receipts is one of the most difficult things to do after the fact, but anything you can do to show proof of purchase for the software you’re using will be helpful during the audit.
Deployments: Take an inventory of all the software that’s currently deployed. You’ll need to match this up against the receipts you’ve gathered, to demonstrate that you’ve paid for the software you currently have deployed.
Don’t forget Access Licenses! Many times, companies find they’ve paid for all of the client-installed software they’re using, such as Windows and Office programs. But they have more users accessing server applications such as Windows Server or Exchange than they are properly licensed for. Make sure to document how many people are accessing server-based software that uses per-user licensing!
Despite the hassle, don’t ignore these requests! If you refuse to engage in the SAM process, Microsoft may issue an LCC (Legal Contracts and Compliance audit), which typically involves the Business Software Alliance and may require the assistance of a lawyer.
Even if you don’t have an impending audit, now would be a great time to start gathering all of this information in one place. Then you will be well prepared when you get called for the inevitable audit.
If you’re interested in help on a software audit from a Managed Service provider, please call us at 919.779.0954 or contact us online.