How to Avoid a Costly Software Audit

Software licensing agreements can get complicated. In most scenarios there are multiple license types involved, and in many cases add-on licenses or features as well.  With the introduction of new features and capabilities these license types change often. Each license provides different capabilities, and at a different cost.

Licencing is further complicated by the fact that new software versions are released almost every quarter with new features available for some licenses, which is difficult for organizations to manage. If your license agreements are negotiated annually, or every two or three years, the licensing landscape also changes. This adds up to an enormous amount of complexity and becomes a nuisance problem for IT departments.

Additionally, with employees regularly onboarding, internally changing jobs or duties, or leaving the company, frequent user changes are required by IT to ensure that only the necessary people have access to the software they need.

One of the primary reasons organizations have difficulty tracking software usage is the lack of a centralized, trusted source of information about who’s using what. Without an automated process to optimize access control and license management, IT administrators must rely on tedious, repetitive manual work to track who has access to what data and software.

These are processes that take too much time, are prone to error, lack transparency, and can’t be easily audited or validated.

Organizations sometimes even try to create their own systems but seldom are these in-house develops properly implemented or fully adopted, leaving the organization just as exposed to unplanned audit compliance or true-up costs. 

So, you can see why many organizations unintentionally use more licenses than what they’re paying for. 

The Dreaded Software Audit

The hidden cost of not tracking software licenses is the possibility, or inevitability, of a software audit. When you buy software, you’re accountable for accurate license usage.

Realistically, audits will be around for a long time and the process will become more detailed. There are no grey areas for the vendor demanding an audit. Plus, the regularity of software audits is increasing, making it more of a concern for many organizations. Big software companies need to enforce compliance, and it’s only a matter of time before it’s your turn for scrutiny. While this scrutiny is private, it can have a severe financial impact. That’s because you never really know what to expect from an audit, including when it will happen, what the results will be, how much time it will take, the number of valuable resources that must be put aside to support the audit process, and the size of the final bill. Much of this is dependent on the auditors. When you get that audit letter, you’re already behind the curve because the clock is ticking. It’s too late to go back and tidy up your licenses.

If your company is using more licenses than it’s paying for, or using licenses for other than the purpose or functionality they are authorized for, the results of an audit can include a big invoice not only for the extra licenses, but also for penalties. This can be a huge unbudgeted expense and the audit process can be time consuming, especially if you can’t easily produce the documentation required to support it. Many companies simply write off audit expenses as a cost of doing business. Other companies may overbuy software licenses as a hedge against an audit. Either way, organizations are incurring high costs and risk by not having a trusted source of information around license compliance.

Minimize Software Audit Charges and Penalties

The only way to minimize these mounting risks is to manage the problem head-on with a technology solution that automates license tracking precisely and transparently to ensure that only the right people have access to data and applications.

While it seems like a simple proposition to build a tool in-house to manage licensing and security, attempts to do so almost always fail because development and maintenance of such a tool is much more difficult than organizations appreciate. It’s especially disheartening when businesses invest in homegrown tracking and compliance tools only to end up with an expensive audit because the tool didn’t deliver on its promise.

Attain Insight Security 4X provides an automated process to optimize access control and license management for IBM Cognos Analytics. With detailed reports at administrators’ fingertips, audits are fast and pain-free, resulting in few, if any, charges and penalties. And with more granular access controls, organizations can better secure their IBM Cognos Analytics data, and also easily and accurately monitor their security posture for Cognos Analytics.

To learn more about how Attain Insight Security 4X can help your organization track your license compliance and minimize your risk for IBM Analytics software audits, contact us for an interactive demonstration.


Leave a Reply

Your email address will not be published. Required fields are marked *