Tuesday, 4 October 2016

Avoid Hidden Compliance Risk Before Next Software Audit

A recent survey conducted by 1E discloses that the average number of software vendor audit has come down to four per annum. Whereas, about 10 percent of U.S. companies conduct around 10 to 15 software audits per year. Besides volume, intensity of software audit is rising since the companies have changed their approach from making rectifications to make it perfect. For an instance, recent changes in IBM’s audit clause can be referred. 


As per Gartner, the vendors are trying to find out the ways that would minimize disruption to the customer’s business activity. Such transformation of attitude is not immediate as traditional on-premise software vendors have linked  their services to the cloud. This also includes the software vendors that have already expedited by adopting new cloud services for effective software license management. Such companies may waive off the penalties over a non-compliant customer if the client upgrades to the cloud services.

The common factors that cause non-compliance of the software are given as below:


1. Limited use licenses:

Some companies buy a software for one purpose but now they use it for other purposes. Such license type is known as limited use license and can be used in non-production environment involving development, testing or even failover. Most of the companies purchase limited use licenses, then after some time engage these softwares into production including internal data processing operations.

2. Frequently changing product use rights:

The large IT vendors are increasingly changing their product use rights to enable software license management. Most recently vendors like SAP and Oracle have begun asking their clients to buy additional licenses to enable third-party application access. For instance, a business using one hundred licenses of a particular software, requiring to access information from SAP, would now be required to purchase 100 additional licenses. This trendemerged after vendors started interpreting ‘indirect access’.

3. Difference between licensing programs and definitions:

Many a times your definition vary from those of the vendors. Any misinterpretation of any definition can unknowingly cause a customer out of compliance.


No comments:

Post a Comment