Here are a few do’s and don’ts when facing a software audit
Do’s
- Discuss with a legal specialist, there are many defense options –Get confidentiality agreements in place.
- Locate receipts and PO’s – SAM tool makes this so much easier.
- Consider where the alert come from, e.g. aggrieved employee or whistleblower. But it can be helpful to think about who the informant is, what they knew, and what they may have reported. In some cases the accusations and allegations are false and slanderous / defamatory. If an employee, did they install it before they left, on purpose?
- Run an internal audit (analyze risk) to check on exposure –License files and serial numbers, number of installations, computer names, etc. Some purchase information may have been lost due to M&A (this is not a crime).
Don’ts
- Ignore the Audit letters.
- Panic –Start a hunt for the whistleblower. Try and negotiate with vendor immediately.
- Uninstall non-compliant software.
- Rush to buy more licenses.
All of these issues will be found during an audit or could confirm that you are infringing on your contract.
Check out our post on Types of Software Audits and stay tuned for more resources on software audits.
2 thoughts on “Do’s & Don’ts of Software Audits for Engineering”