How to Deal with a Software Licensing Audit and Prevent Noncompliance

In a previous post, I discussed how the combination of software-focused IT environments and an inability to properly track and manage the use of software has led to widespread usage of unlicensed software. This not only presents an increased security risk, but has also led leading software publishers, always looking for new revenue streams, to conduct software licensing audits with both large enterprises and small-to-midsize businesses (SMBs).

Resource-strapped SMBs in particular struggle to respond to these audits and are often forced to pay fines and licensing costs in the six-figure range. Because of the increased likelihood of a software licensing audit, organizations need to be understand what to expect and how to respond to an audit. They should also develop a software license compliance strategy that prevents unlicensed software usage and makes audits as painless as possible.

While you never want to ignore an audit request, you shouldn’t let the auditor dictate the terms and process. It’s always a good idea to consult with an attorney who can explain your legal rights and obligations and manage the software license audit process. An attorney can control the scope and timeline of the audit, draft documents and reports, issue requests, and protect your proprietary information with a non-disclosure agreement.

Your IT manager will need to conduct an internal compliance audit to determine if unlicensed software is being used, whether that software resides in-house or is delivered through an IT solution provider. That’s why we recommend working with an attorney who has experience dealing with solution providers and drafting and reviewing contracts between providers and their customers.

If your internal audit reveals non-compliant use of software, turn over these findings to your attorney for review. Your attorney will disclose any instances of noncompliance and negotiate a settlement with the software publisher or auditor, who will typically seek a fine and the current list price for each instance of unlicensed software. When the audit is being conducted by a third party, your attorney should reserve the right to review the auditor’s findings before they are shared with the software publisher.

Audits sound like a major headache, and they certainly can be. But many organizations make the mistake of buying additional, unnecessary licenses due to fear of noncompliance or as an overreaction to an audit. The better approach is to implement a software license compliance strategy that allows you to properly track software usage across your organization.

We recommend gathering proof-of-ownership documents for all software licenses currently in use, including purchase orders, invoices, contracts and license certificates. Determine if all software meets license requirements, and get rid of licenses that aren’t being used. Develop and implement formal processes for software asset management to prevent intentional and unintentional use of unlicensed software, and make sure employees understand the consequences of noncompliance. An attorney who understands technology law and the relationships between organizations, software publishers and solution providers can be an invaluable ally in this process.