The Case for a Code of Conduct for Software Licence Audits
Almost all software licenses include a provision for the audit of a customer by the vendor to check whether usage is in compliance with the rights acquired. Globally, there are thousands of such audits every year, conducted by vendors and by third parties on their behalf and billions of dollars change hands as a result.
Customers dislike the audit process because it is intrusive, time-consuming and often results in difficult contractual and commercial discussions around the need for additional licences. Many in the vendors also dislike audits for similar reasons and because they fear that audits damage the vendors’ relationships with their customers.
Not all vendors carry out audits for these reasons. However, most audits result in incremental revenues for those vendors that do them and these revenues can be significant in terms of overall vendor profitability.
There is no consistent approach to the conduct of software audits by vendors. The rights and obligations are defined by the license agreements but these are usually non-specific in terms of detailed conduct and resolution of audit findings.
There is considerable variation between vendors in terms of the identity of the auditors, technical approaches and tools, scope and intrusiveness, provision of entitlement information, approaches to resolution and more generally in the positioning of audits and the attitude to customer experience.
This makes it difficult for customers to develop consistent management of their software investments. It adds to the tension between vendors and customers and disrupts the functioning of the software supply chain to the disadvantage of vendors and customers.
Most Popular Insights
- 10 Global Cybersecurity Predictions for 2024
- Global CFO Survey 2024
- Bridging the Gap Between Artificial Intelligence Implementation, Governance, and Democracy: An Operational and Regulatory Perspective
- The Power of Positive Paranoia: A Key Trait for Every CEO and General Counsel in 2024
- A Targeted Approach is Key to Implementing AI