Best practices charter 2021 for Software license audits: recommendations from Cigref members for customers and their suppliers

6 janvier 2022 | ACTUALITÉS, Cigref in english, Communiqués, Publications du Cigref, Relations Fournisseurs

Cigref’s Supplier Relationships Club is proposing an update of its 2015 Charter of best practices for software license audits, produced with the active contribution of a dozen lawyers, buyers and software asset managers from Cigref member organizations, formed into an « audit management » taskforce.

The charter is also available in French.

Audits remain a reality

Software license audits are a right of the software publisher recognized by customers, but they expose the audited companies to significant legal and economic risks. Moreover, Cigref members believe that the advent of the cloud does not make audits any less crucial for vendors, who can use identified non-compliances to encourage their customers to migrate to the cloud. This is especially true since most organizations that use digital services are moving to a hybrid cloud approach and their migration path to the cloud takes place over several years. They must therefore deal with their legacy IS, and in particular their existing on-premise software, while adopting new licensing and billing models linked to the consumption of services in the cloud.

Audit management therefore remains a major concern for Cigref members, who have expressed the need to update the Charter of Good Practices for Software License Audits, a document initially developed in 2010 by Cigref and then updated in 2015. 

A good audit is an anticipated and supervised audit

Too often, the audit is still experienced by the audited organizations as a heavy constraint, consuming internal resources, generating tensions with the supplier and creating budgetary uncertainties. In order to take place under the right conditions, the right to audit must be anticipated and contractually supervised at every stage of the process.

This charter is intended for both users and software or cloud service providers, and is therefore a reminder of some of the main principles required to establish a balanced relationship based on trust between the parties, before proposing recommendations and best practices for conducting an audit.

The charter is also available in French.

Élaborer et mettre en place la stratégie data : Gouvernance et Architecture Data & Analytics

Le Cigref publie, sous forme de rapport, le résultat des travaux de son groupe de travail sur le thème « Gouvernance et architecture data », co-piloté par Alice Guéhennec, Chief Digital & Information Officer du groupe SAUR et à Patrick Mahu, architecte...

Stratégies de migration dans le cloud, un défi structurant pour l’entreprise

Le Cigref publie, sous forme de rapport, le résultat des travaux de son groupe de travail sur le thème « stratégies de migration dans le cloud », co-piloté par Jean-Christophe LALANNE, EVP IT d’Air France KLM, et Stéphane ROUSSEAU, DSI...

Nouvelles pratiques de développement Low Code / No Code : Libérer la valeur en maîtrisant les risques

Le Cigref publie, sous forme de rapport, le résultat des travaux de son groupe de travail sur le thème « Low Code / No Code », piloté par Claire WAAST-RICHARD, Directrice Data et Numérique chez Enedis. Comment partager avec les métiers les biais ou les zones d’ombre...