Cigref’s Supplier Relationships Club is proposing an update of its 2015 Charter of best practices for software license audits, produced with the active contribution of a dozen lawyers, buyers and software asset managers from Cigref member organizations, formed into an « audit management » taskforce.
The charter is also available in French.
Audits remain a reality
Software license audits are a right of the software publisher recognized by customers, but they expose the audited companies to significant legal and economic risks. Moreover, Cigref members believe that the advent of the cloud does not make audits any less crucial for vendors, who can use identified non-compliances to encourage their customers to migrate to the cloud. This is especially true since most organizations that use digital services are moving to a hybrid cloud approach and their migration path to the cloud takes place over several years. They must therefore deal with their legacy IS, and in particular their existing on-premise software, while adopting new licensing and billing models linked to the consumption of services in the cloud.
Audit management therefore remains a major concern for Cigref members, who have expressed the need to update the Charter of Good Practices for Software License Audits, a document initially developed in 2010 by Cigref and then updated in 2015.
A good audit is an anticipated and supervised audit
Too often, the audit is still experienced by the audited organizations as a heavy constraint, consuming internal resources, generating tensions with the supplier and creating budgetary uncertainties. In order to take place under the right conditions, the right to audit must be anticipated and contractually supervised at every stage of the process.
This charter is intended for both users and software or cloud service providers, and is therefore a reminder of some of the main principles required to establish a balanced relationship based on trust between the parties, before proposing recommendations and best practices for conducting an audit.