In large enterprises, purchasing and administering software has never been more difficult. Unlike chairs or stationery, software contracts and licenses come in a variety of forms. At one end of the spectrum, small software vendors typically use simple licenses and pricing. At the other end of spectrum, many large enterprise software vendors use complex contracts to define multi-million dollar deals.\nLicense complexity per se is not the only challenge. In recent years, a growing number of software vendors have engaged in audits, enforcement actions and other activities that cause anxiety and large bills for IT departments in the Fortune 500 and beyond. Several options are available to manage software contract compliance including legal advice, specialized consulting and technology. Major IT buyers and vendor managers tend to use a combination of these approaches to reduce risk.\nThe dollars and cents of software contract compliance\nFailing a software license audit is far from a hypothetical problem. According to Flexera, a software asset management company, software \u201clicense true ups\u201d (i.e. paying for the gap between what a company uses and their license) regularly clears the $1 million mark.\n\nCost Reduction Opportunities. The British government reduced IT spending by $124 million U.S. (\u00a385 million) by renegotiating contracts in 2014-2015. Software license reviews can be triggered by the user and deliver cost reductions.\u00a0\n\n\nOracle in the News. A July 2015 report in Fortune states that Oracle sales staffs are being incentivized to sell certain products aggressively. Related reports of aggressive software audits and license reviews have meant large, unexpected bills for Oracle customers.\u00a0\n\n\nThe Unused Software Opportunity. A survey of 300 IT decision makers by 1E found that 28 percent of software in the enterprise has gone unused in the past 90 days. This suggests an opportunity to scale back software especially for vendors that use a \u201cper seat\u201d\/per user license model.\n\nManaging software licenses is comparable to managing an investment portfolio. Underperforming assets that play no clear role are candidates for elimination. There is no reason to wait for a determined software audit representative to review an organization\u2019s portfolio. Instead, leading companies regularly review their IT portfolios to make optimization decisions on their own.\u00a0\nGet legal advice before you respond to a software audit\nWith multi-million dollar contracts and penalties on the line, calling in legal experts is often a smart move. Julie Machal-Fulks, partner at Scott and Scott LLP \u2013 a technology focused law firm in Southlake, Texas -- has served a number of clients in software contract and audit matters. Assisting IBM\u2019s customers facing audits and similar challenges has been a recent area of focus.\n[Related: Cybersecurity much more than a compliance exercise]\n\u201cI have seen cases where IBM is seeking millions of dollars in fees. Fortunately, I have seen negotiated settlements between IBM and their end customers that reduce those amounts,\u201d Machal-Fulks says. \u201cMonitoring tools provided by software publishers are sometimes required in order to receive discounts. However, installing and operating this software is difficult. In those cases, the vendor finds out that the customer has not used the tool. This discovery leads to a discussion about paying additional fees. It is difficult for users to fulfill these requirements even when they wish to do so,\u201d she says.\n\u201cSoftware audits often come in different forms. For example, I have seen software audits from vendors come across as information requests or reviews. When a company responds to these requests without specialized advice, there is a lost opportunity to control costs. I worked with one client on such a request recently where we could have negotiated a limit to scope of the audit. Unfortunately, that discussion did not take place and the audit is now applicable to the client\u2019s operations around the world,\u201d Machal-Fulks says.\nTiming makes a major difference in seeking legal advice. \u201cOnce data is released to the vendor, the user\u2019s ability to negotiate and adjust the scope of the audit is reduced,\u201d says Machal-Fulks. Knowing when to involve legal experts is a matter of a professional judgement. Using the organization\u2019s spending authorization as a guideline is helpful. For example, if the organization requires executive approval on contracts over $100,000, then one can make a case to involve legal experts in those situations.\nBuilding a software asset management program\nIT managers seeking to benchmark their approach against best practices have several options. The ISO 19770-1:2012 standard (known as the \u201cSAM Standard\u201d) lays out a framework to manage software assets. \u201cThe ISO standard is helpful yet it can be difficult to understand,\u201d says Rodger Correa, Director of Program Coordination for the Americas at the Business Software Alliance (BSA). \u201cBSA has published resources to guide IT staff through the software asset management process,\u201d he says.\nFor organizations with complex software arrangements, seeking a third party review may be helpful. \u201cThe Verafirm process provides a third party review and certification of an organization\u2019s software asset management process,\u201d Correa says. \u201cWe launched this program in Asia first and it has been very popular in India and Thailand,\u201d he says.\u00a0 The only downside to this program is the cost and duration \u2013 the certification process takes six to twelve months depending on the situation\/\nSelecting a technology solution to manage software assets\nIT departments seeking technology solutions have a variety of options available to them. \u201cTechnology tools help but they do have important limitations,\u201d says Scott and Scott's Machal-Fulks. \u201cThe software solution cannot design the strategy or the interaction with the software publisher,\u201d she explains.\nFactor in the following considerations when considering a software asset management platform.\n\nCloud service compatibility. The flexibility of cloud services and products frustrate traditional governance approaches, so look for a product that covers these functions.\u00a0\n\n\nLarge Software Vendor compatibility. The greatest risk and potential costs come from mismanaging software from the world\u2019s largest software vendors. Identify the organization\u2019s major software vendors by spend analysis (e.g. focus on top 3 highest spend vendors) and\/or criticality (e.g. the finance system or order fulfillment system).\u00a0\n\n\nCompatibility to procurement and contract management applications. Ariba and other applications are becoming a popular way to manage suppliers in the corporate world. Integrating with those packages will give the organization better oversight and control.\n\nSustaining effective governance over IT software is an evolving struggle. Using outside experience and resources is a proven way to reduce the risk.