3 Reasons to Love Software Audits

Many organizations engage with us because they’ve had a recent wake-up call with a software audit and need to get serious about software asset management. Software audits can come in a few different formats with the most familiar being the software vendor audit.

Editor’s note: This post was originally published January 24, 2023 and was last updated on February 6, 2024.

While common audit triggers include a reduction in spend and recent M&A, not all vendor audits look alike. Some are disguised as free ITAM/license assessments (e.g. Microsoft® SAM Assessment, Adobe Software Insights Review) to help organizations get more value and stay secure.

Another type of audit is a cybersecurity audit. These are often triggered by your internal audit team or by commercial requirements to have a security certification (e.g. ISO27001, SOC2, etc.). We also find that organizations who’ve encountered a significant security incident conduct third-party audits to identify gaps.

While audits are time-consuming and can be expensive, they can be a blessing in disguise if organizations heed the wake-up call and get their software asset management house in order. Here are three benefits of being audit-ready.

1. Eliminate the practice of paying for software your organization isn’t using.

When you take a look at your effective license position, you are understanding what you’ve purchased against what’s installed and licenses allocated or assigned. If you’re not compliant, then the next question is the software actually being used, and can it be uninstalled? If you perform this activity >90 days before your next audit and are able to get to a positive position, your risk of being fined reduces significantly.

The side benefit of understanding usage data is your organization has one more lever in renewal negotiations if you aren’t using the licenses you’ve purchased. Here are a couple of examples of customers who leveraged usage data to mitigate risk, and reduce license costs.

2. Improve your cyber-security posture.

If you can’t see it, you can’t secure it. Fortunately, many organizations are now seeking to follow this advice, especially with guidance from the United States federal government for all agencies to obtain a complete software inventory.

Organizations can improve security and visibility of IT assets by:

3. Minimize interruptions and get more value from your team.

The time spent preparing for a vendor audit can consume your team for weeks with all the manual processes involved. With automated reporting of application usage against entitlements, organizations can get near-real-time visibility into how licenses are used to ensure compliance. For instance:

We often hear that organizations only have enough time to proactively manage the top 3-5 vendors. What impact could you drive if you had data for your next 50 vendors at your fingertips?