Making Software Compliance Reporting Easier

Audits increase importance of accurate reporting

Software Compliance reporting is a topic that is growing in importance every day in our world. Whether they are called audits, license reviews, or snapshots application producers want to know how much of their software is currently deployed within a customer’s environment. The challenge is, how we collectively in the market can make this license review process smoother and something that is achievable on a consistent basis by customers. In a recent study authored by my company – Flexera Software (The State of the (Software) Estate: Waste Is Running Rampant in Enterprises, 2016 Key Trends in Software Pricing & Licensing Survey Report), the following audit frequency statistics were reported: 64 percent of enterprises (up from 63 percent last year) faced a software audit within the past year.  46 percent (up from 38 percent last year) were audited more than once. And 23 percent (up from 19 percent last year) were audited three times or more.

This entire process really only serves to drive a wedge further between the producer and their customer and the job isn’t getting any easier. License agreements continually change and license models are increasing in complexity. Vendors use different terminology and metrics, provide no or limited tools for customers to track usage, and there are typically big challenges in both parties agreeing on what has been actually licensed.

Not a new concept

Overall, license reporting is not a new concept. IBM has long required customers wishing to qualify for sub-capacity pricing to report consumption via the IBM License Metric Tool (ILMT). SAP requires customers to report license utilization via their License Administration Workbench (LAW) reporting tool. The biggest gap with a vendor-supplied reporting tool is that it is showing only one side of the equation, the compliance or lack thereof at that current point in time.  It typically will not identify shelfware, under-utilized assets, unused assets, or opportunities for savings across the broad array of software a customer may be using. The final piece to the puzzle that is not typically addressed through this process is what are the actual license rights the user is entitled to based on what was purchased and under what license model.  Second use rights, upgrade / downgrade rights, virtualization rights and hundreds more all impact compliance and opportunities for savings. In the end, what customers really want is a single pane of glass for all of their software compliance AND optimization license data to be displayed.

Things have changed

In years past, you really can’t blame the producers for wanting to control how consumption of their software was being recorded. The previous generation of inventory and discovery products could provide inconclusive or inconsistent results. But today’s technologies are significantly better at both the discovery and inventory of assets in a given environment and their ability to recognize and rationalize third party data sources.  It’s not just discovery and inventory either that has improved, the CMDB is now a critical component in tracking the life cycle of software and once a change in status of a server is recorded (upgraded, retired, etc.) that data can be automatically updated in a software license optimization solution to provide almost real-time license impact.

Traditional enterprise tools lacked the ability to integrate all the right data sources and focused strictly on counting what you had for basic, legacy Windows licensing models.  The world is much more complex, and there’s a growing recognition that a lot more value can be derived by going beyond an inventory – you want to normalize that, ensure continuous compliance and ultimately get to the point of optimizing usage based on usage rights.

The call here is to have producers work with the leading Software License Optimization products to ensure we all know what is required and expected. Let the market help be part of the solution here. The integrated offerings between Software License Optimization providers and IT Service Management (ITSM) companies can provide tremendous insight into software consumption, utilization and compliance.  Now let’s have the producers communicate out to the market what they need from the Software License Optimization vendor in order to feel comfortable the reporting data delivers proper compliance reporting

A need for better understanding

What we are hearing from the market place is that customers want to better understand their consumption and compliance position. They want to be in compliance. No one wants surprises these days. Unbudgeted cost layouts for license true ups have a huge impact.  Our survey also reveals that the amount enterprises are paying to their vendors to “true-up” – compensate them for incidents of software license non-compliance – is also on the rise.  For example 44 percent of respondents this year (compared to only 25 percent last year) report that their true-up cost paid to vendors was $100,000 or more.  20 percent of enterprises (up from only nine percent last year) report that their true-up costs were $1,000,000 or more.

So how is this actually changing customer behavior? One last bit of data from the study – To ensure they are prepared for vendor software license audits most companies – 86 percent – perform self-audits at least once per year (up from 80 percent last year).  Slightly more than half perform self-audits more than once per year (up from 45 percent last year). We are seeing customers taking a much more proactive approach to this problem. Organizations such as KPMG and Deloitte are investing in building additional Software Asset Management (SAM) and license optimization capabilities so they can help customers adopt best practices and revamp business processes. We are seeing internal risk departments being more aggressive in their internal audit reviews. They are specifically addressing an organization’s unpreparedness for a license audit and are also holding senior executives responsible for addressing the problem.

A dysfunctional supply chain

Jim Ryan, Flexera Software’s CEO, calls the software supply chain the “most dysfunctional supply chain on earth.” By working together on requirements and standards we can streamline this effort. We can take ambiguity out of the reporting process. We can ensure that both the producers and their customers are looking at the same data and turning the conversation away from a compliance or true up discussion to one of strategic buying and planning.

Tim Boudreau

Tim Boudreau

Tim Boudreau has over 30 years in the software industry holding a variety of sales, sales management, business strategy and Strategic Alliance roles across companies such as CA Inc, Compuware, IBM Tivoli, InstallShield and now Flexera. For the past eight years Tim has focused his efforts on building out Flexera’s Global Strategic Alliance organization which includes technology and joint sales programs with BMC, ServiceNow, IBM, VMware and Microsoft. He has also led Flexera’s efforts to build out a strong ecosystem of partners and affiliations in the Software License Management space to help customers achieve maximum results with their License Management programs. Those partnerships and affiliations include KPMG, Deloitte, Dell, Accenture, and many others.