Released October 2012, Updated March 2013 | by Tim Sommer
This report is aimed at those in IT-Management or Software Asset Management (SAM) confronted by a Vendor Compliance Audit. We often discover that Software Customers are unaware of the rights they possess when it comes to Software Vendor Audits.
Has your organization been confronted by a vendor audit? An unusually high penalty claim? You should know and reserve your crucial top 10 rights in an audit situation – from A to S. We offer valuable guidance to customers preparing for, managing, or about to settle, a Compliance Audit.
Should you have any questions, please contact OMTCO; contact details are listed at the end of this report. For those executives interested in sharing their thoughts on licensing, Software Asset Management or compliance audits, we highly welcome your feedback and comments.
Top 10 Rights – And Obligations
- Announcement | You may expect a formal letter of announcement of the audit from the vendor, comprised of the audit’s scope, a time schedule and nomination of the vendor audit lead and mandated auditor. However, receiving this letter puts an end to any regulation of incompliance outside of a settlement.
- Time Plan | You may adapt the time plan to your constraints – but you may not postpone the assessment indefinitely.
- Data | You may restrict the auditor’s access to selected data – but you may not withhold access to licensing-relevant data.
- Confidentiality | You may ask the auditor to offer a guarantee of confidentiality of your data and to work in a Secure Data Room – but you must allow the vendor to access your Licensing Compliance Table (LCT), even if this may lead to a settlement penalty.
- Formats, Procedures, Tools | You may impose your formats, procedures and (scan) tools, such as TAD4D, iQSonar or iLMT, on the auditor – but you must allow the auditor to verify the coverage and data quality.
- Physical Access | You may restrict the auditor’s physical access to any person, facility, geography or devices – but you must answer licensing-relevant questions and provide data for the purpose of verification.
- Licensing | You may request to be provided with all licensing documentation in written form, as well as an in-depth explanation of any particular licensing rules – but you may not indefinitely challenge the “how’s” and “why’s” of licensing rules.
- Your Team | You may involve any employees and departments of your choice (e.g. purchasing, legal) – but you should name a Single Point of Contact (SPOC) for all audit matters.
- External Support | You may be accompanied, assisted or represented by any external support of your choice, such as licensing experts or legal teams – but you should define and communicate their exact roles and powers.
- Settlement | You are entitled to have thoroughly explained to you how the incompliance penalty has been calculated – but you must then comply swiftly with the vendor’s request to re-establish compliance.
Conclusion And Recommendation To Customers
In our experience, a vendor compliance audit requires the full commitment of the client’s organization, supplemented by licensing expertise and counter-audit experience. This minimizes the workload of the client’s organization, and ensures that the audit is conducted in a fair manner.
OMTCO has product and licensing expertise and counter-audit experience for all major vendors, such as IBM, Oracle, Microsoft and C-vendors, such as Attachmate, Informatica, Citrix, Infro (Global Solutions). This accelerates the audit process and ensures that all the steps of an audit occur in a fair manner – from Annoucement to Settlement!
Should you wish for advice tailored to your specific needs, please call your OMTCO representative directly or contact OMTCO at firstname.lastname@example.org.
(Released October 2012, Updated March 2013)
– CONFIDENTIALITY NOTICE –
OMTCO does not disclose clients’ names, client projects or data. The case study and data published in this report is generic and derived from years of compliance reviews. All analysis presented and information disclosed in this document are exclusively based on public information. Should you wish to learn more about our confidentiality practice or about this case study, please contact an OMTCO representative.
Vendor Audit – Top 10 Customer Rights, From Announcement To Settlement
HAS YOUR ORGANIZATION BEEN CONFRONTED BY A VENDOR AUDIT? AN UNUSUALLY HIGH PENALTY CLAIM? YOU SHOULD KNOW AND RESERVE YOUR CRUCIAL TOP 10 RIGHTS IN AN AUDIT SITUATION. WHEN AN AUDIT CONFRONTS YOUR ORGANIZATION, OMTCO IS BY YOUR SIDE TO PROVIDE YOU WITH LICENSING EXPERTISE, COUNTER-AUDIT EXPERIENCE AND NEGOTIATION SUPPORT.
is a consultant
at OMTCO Munich Office.
00 49 170 6003451
is a consultant
at OMTCO Vienna Office.
00 43 699 15007391
OMTCO provides its clients with the best, thought-out advisory and line services, ranging from design-stage to implementation in Operations, Management, Technology and Consulting.
OMTCO works with the highest possible level of expertise – taking into account our know-how and our pragmatic experience from market analysis, competitive projects and professional references.
OMTCO has Oracle licensing expertise at its disposal, in addition to extensive experience in Oracle compliance reviews and customer-sided counter-audits.
Should you wish for advice tailored to your specific needs, raise comments or ask questions, please contact OMTCO at email@example.com or call your OMTCO representative directly.
For Software Asset Management, visit:
For counter-audit experience, visit:
For licensing expertise, visit:
For further references, visit:
This document is current as of the initial date of publication and may be changed by OMTCO at any time. Not all offerings are available in every country in which OMTCO operates. THE INFORMATION IN THIS DOCUMENT IS PROVIDED “AS IS” WITHOUT ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING NO WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY OR CONDITION OF NON-INFRINGEMENT. This report is for information and illustration purposes only. It is not an advisory document and does not take into account your specific customer situation. Please refer to the disclaimer published at http://omtco.eu/disclaimer.