Uptrend Labs Logo
Back

Software Audits – TECH DUE DILIGENCE & VALUE CREATION

Stuart Griffin659 viewsReading Time: 4 minutes
Apr 26, 2023

In both Business as Usual (BAU) operations and Mergers & Acquisition (M&A) activity, knowing your software licensing position and obligations with your Vendors is critical.

With the current recessionary forces across the globe, in BAU your Vendors will be looking closely at entitlements and compliance, just as you will be looking at excesses, true-up and offloading shelfware.

Audits also happen when a Vendor gets wind of M&A – and the financial and operational risks of being out of compliance with your licensing can hit hard into your Valuation AND make post-deal integration more complex and take longer.

It is very typical for Software as a Service agreements to run for 3 – 5 years – and you should expect at least one audit per contract cycle unless it’s a ‘special’ one-off for M&A.

Don’t be misled – Software audits can be lucrative for the Vendor if you’re not well prepared with a robust approach and processes to co-ordinate a response. I have personally been involved in audits claiming up to 800% overages vs contracted allocation – mitigating that big bill can be a challenge unless everyone lines up in reply.

Think hard about your organization, skills, and capabilities – it may be better to work with a partner that does more of this that you ever will, with automated tooling, specific expertise, and direct and robust Vendor relationships.

So – how will it start?

You’ll normally be notified according to the contract, so as a start point always ensure you keep your contract, and contact points, up to date for potentially either a true-up confirmation, a verification audit or an entitlement review.

It’s then important to structure a proper response rather than a knee-jerk reaction – You need to stop, think, alert, plan, and then respond as a business. If you are the recipient of the audit request, here are 10 key steps to follow that can guide you through the process.

Key Steps –

  • Find and tell all your stakeholders what is going on – IT/Tech leadership, Service Desk, Software Asset Management team, Finance, Legal, Procurement all have a part to play. Set up a review group to manage the process, and get a Comms plan in place. Do a rough-cut risk assessment and scale/size the problem
  • Freeze what you can – no new deployments, uninstalls or decommissioning if you can help it. Don’t download anything from the Vendor or run any tooling until the Team and process is ready
  • Document Check – find Purchase Orders, contracts, order forms, Non-Disclosure Agreements, copies of previous audit docs. Dig out anything that might describe what you have bought and deployed – and start to check it all over. Are the NDA’s sufficient, what’s the right of audit in the contract, what did you buy – line it all up and review.
  • Formalise the Team – decide who is in the audit Team, and who does what role. Agree leadership, formalise lines of communication. If the risk/scale is particularly large – look to 3rd party support, specialists in mitigating impact for the major Vendors exist and can be a risk-efficient investment.
  • Confirm readiness – you can now engage the Vendor. Reply, confirming your view on scope, products, locations etc, the devil is in the detail. Ensure nothing progresses until NDA’s are updated and clear lines of communication are in place. The Vendor might be using a 3rd Party – ensure all the legal documents include and cover for accidental information release in all scenarios.
  • Take a degree of control – own the kick off meeting, the process and the expectations. Own the meeting minutes, the outputs and actions. It might feel overbearing, but everything needs to be agreed, confirmed and authorised. Don’t misunderstand – negotiation on any resolution has already started.
  • Scope, Methodology and Validation – start now. Pressure the Vendor to confirm their view on your licensing entitlement, it’s not unknown for the Vendor to be wrong. Fix the scope – down to entity level, product, version, entitlement. Fix the methodology – processes, scripts, tools, timescales, data, 3rd parties, validity/updates/limitation vs previous audit. Do not allow the audit to progress until the scope and methodology are signed off by your business stakeholders.
  • Commence the process you’ve negotiated into place (I said we were already negotiating). Everything now is a negotiation – even if you’ve discovered more licenses that you think and want to offload a few!!

a.   Firstly, don’t panic – whatever you find. Unless there’s a fundamental breakdown, you’re still the Customer and they are still the Vendor. Do you want to go nuclear and exit, or work it all out?

b.   Review the products deployed and the products you don’t deploy that they have. There’s always a deal to be done – think about swaps, downgrades, upgrades, ceases – plan your cost scenarios

c.   Review your Vendor’s financial year, think when they need revenue or to close the process – or even when bonuses are paid. Use the gems that you find to time the resolution if you can

d.   Think about the contract, the audit, the terms – you might want to try to use the opportunity to change the contract a bit.

  • Get a Closing Agreement drafted – use the Team to ensure that the audit findings fit to your need. Draft and agree the contractual changes, T&C’s prices, entitlements. Save the right versions to the right places. Tell everyone where they are.
  • Conduct an after-action-review – at audit level, at SAM level, at Operational Control level. What worked, what got you (if you were) in a hole, what got you out of the hole. Write up and learn from the process because it’s coming again.

So you survived…the entitlements were reset, or the fine paid, or the M&A deal still happened??
To paraphrase from John Wick – to have peace, prepare for War. This will happen again. And again.

Organisations can prepare, administer, process, run and review themselves, or they can hand off to an expert 3rd party. Think of the risk of both approaches and choose wisely – as not all 3rd Parties are created equal.

At Uptrend labs we often find that the first step to readiness is running our Fast Track pre-audit. We use our up-to-date tooling and in-depth expertise to investigate and identify problem areas to resolve before an external audit arrives. Or in the case of M&A activity, our software audits lead to high levels of Value Creation through much more effective design and usage.

If you are interested in a no obligation discussion on what this may mean for your organization please CONTACT US and we will be eager and willing to help on your journey.

You May Also Like

Jan 28, 2025
Optimizing Customer Service with AI: Automation, Data Analytics, Personalization and Customer Service Agents
Learn More
Nov 13, 2024
The 4 Essential Chapters of the HR Strategic Playbook: Achieving Cost Reduction Without Sacrificing Talent
Learn More
Sep 12, 2024
How Artificial Intelligence (AI) can optimize your business operations(Part 2)
Learn More
Aug 21, 2024
How Artificial Intelligence (AI) can optimize your business operations (Part 1)
Learn More

Helping businesses to achieve maximum growth potential.

Legacy is only good when transformed to happy memories.

Don’t leave your applications and IT infrastructure unguarded.

Copyright © 2025 Uptrend labs. All Rights Reserved.