Enterprises faced an increased number of software audits from revenue-hungry vendors in 2009, as well as new types of disputes, says a new Forrester report. Here are some areas to watch, plus advice on playing smart defense with "traffic cop" auditors. Perhaps nothing is as heart-stopping as when the IRS auditors come a knockin’, but the arrival of software vendors—with their audit checklists and licensing agreements in hand—isn’t for the faint of heart, either. And in 2009, according to Forrester Research, companies witnessed intensified audit measures and enforcement vigilance by their software vendors. credit: flickr “Not only did companies face increased software audit activity in 2009, but they also saw more causes of disputes and noncompliance claims,” writes Duncan Jones, a Forrester principal analyst in Surviving a Software License Audit. “In addition to spotting genuine under-licensing, many vendors’ audit teams seemed to want to meet their revenue targets by exploiting technicalities and loopholes.” Among the chief causes of audit compliance nightmares noted in the report: virtualization, multiplexing (“indirect use via integrated applications still counts as use”), inactive user accounts, external use and accidental deployment. [ Read the Enterprise Software Unplugged Blog ] Before we start condemning the evil software vendors or contemplating the relationship implications of such audits (“We’re true partners, right?”), it’s important to note that software makers have every right to protect their intellectual property and ensure customers are complying with the terms of the license agreements, as Jones points out. But “sometimes audits can be painful, or even terminal, for IT sourcing and vendor management leaders,” he adds. The chief problem: Typical IT managers might be Little Leaguers up against seasoned Major League pros. “Vendor license compliance teams are skilled at spotting revenue opportunities,” Jones writes, “ranging from genuine excess usage and deployment to, in some cases, questionable interpretation of contract clauses.” Then there are the fanatical software audit teams that can wreak havoc, Jones says, like “revenue-generating cops who hide with their radar guns in bushes at the bottoms of steep hills.” In the report, he describes rogue or third-party compliance teams that “overzealously pursue their own revenue targets outside of the main account team’s control, oblivious to how the audit team’s behavior may be damaging the long-term relationship with that customer.” Forrester’s client stories of audit insanity, detailed in the report, offer a cautionary tale for CIOs and IT departments who don’t actively manage enterprise software license agreements and user accounts, or practice adequate software asset management (SAM). (For more, see License Audits: Preparing Now Can Ease the Pain.) What are the most important defensive strategies for an IT leader? First, don’t avoid the audit letter that typically arrives first (because it won’t go away), Jones says. Second, demonstrate to the vendor that your company will cooperate fully with a “reasonable process” but will not be bullied or held ransom. Third, convince the vendor that your company does not represent a “good revenue opportunity” for the vendor and that your SAM controls in place prevent any risks of licensing errors, he says. This is all critical for IT leaders because, as Jones observes, “there is little he or she can do once the compliance team has smelled blood.” Do you Tweet? Follow me on Twitter @twailgum. Follow everything from CIO.com on Twitter @CIOonline. Related content brandpost Sponsored by SAP What goes well with Viña Concha y Toro wines? Meat, fish, poultry, and SAP Viña Concha y Toro, a wine producer that distributes to more than 140 countries worldwide, paired its operation with the SAP Business Technology Platform to enhance its operation and product. By Tom Caldecott, SAP Contributor Dec 04, 2023 4 mins Digital Transformation brandpost Sponsored by Azul How to maximize ROI by choosing the right Java partner for your organization Choosing the right Java provider is a critical decision that can have a significant impact on your organization’s success. By asking the right questions and considering the total cost of ownership, you can ensure that you choose the best Java p By Scott Sellers Dec 04, 2023 5 mins Application Management brandpost Sponsored by DataStax Ask yourself: How can genAI put your content to work? Generative AI applications can readily be built against the documents, emails, meeting transcripts, and other content that knowledge workers produce as a matter of course. By Bryan Kirschner Dec 04, 2023 5 mins Machine Learning Artificial Intelligence feature The CIO’s new role: Orchestrator-in-chief CIOs have unique insight into everything that happens in a company. Some are using that insight to take on a more strategic role. By Minda Zetlin Dec 04, 2023 12 mins CIO C-Suite Business IT Alignment Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe