May 1, 2020 - Blog

Microsoft License Contracts & Compliance (LCC) Audit

Karl O'Doherty, Principal Microsoft License Consultant, Version 1

8 Key Considerations When Planning for a Microsoft License Contracts and Compliance (LCC) Audit

Microsoft is engrained in the fabric of your IT infrastructure and business processes, however with in-depth technology solutions comes a high volume of complex licensing terms. Trying to navigate Microsoft licensing terms can be problematic for many organisations, leading to software license shortfalls and poorly optimised procurement. 

Karl O’Doherty, Principal License Consultant from our SAM & License Management team is here to make sure you are prepared for a Microsoft License Contracts and Compliance (LCC) Audit:

Microsoft reserve the right to protect their intellectual property whether it is deployed on-premise, within hybrid environments or in the public cloud. Microsoft has at its disposal multiple mechanisms to audit their customers and ensure that their intellectual property is protected.

Failure to implement forward planning in advance of a Microsoft audit can have a significant impact on day to day operations largely based on the need to re-assign IT resources. There can also be significant commercial implications such as having to address unforeseen financial exposure or bring forward future technology decisions to close imbalances.

Whether your organisation is looking to take a proactive approach by implementing new standards to protect its audit defence posture or responding to an audit request, below are 8 key considerations to help you better prepare.

Step 1

What is the driver behind this audit?

How should I respond to the specific audit request?

  • Do you have inconsistent Microsoft purchasing patterns?
  • Did a recent merger and acquisition activity create an exposure?
  • Was a strategic licensing agreement dropped?
  • Have staff or business partners leaked an exposure?
  • Is this audit type mandatory or voluntary?
  • Can we use the audit to our advantage by minimising risks and modernising our Microsoft estate?

Step 2

What is the potential operational impact of this audit?

  • Has an audit timeline been defined and will this impact on planned activities and day to day operations?
  • Are timelines unclear therefore posing a risk that the audit process could run for several months?

Step 3

Define your expected outcomes. What do you want to achieve?

  • Forensically understand your Microsoft deployment, usage and license position.
  • Manage risk and ensure compliance.
  • Use asset intelligence to enable effective strategic planning.
  • Modernise on-premise deployments and leverage Cloud alternatives.
  • Eliminate waste and deliver hard cost savings.
  • Better lifecycle management.

Step 4

What is your current defence posture and are you equipped to successfully navigate the audit process?

  • Do you have the necessary level of organisation-wide Microsoft asset intelligence?
  • Do you have a data collection methodology to follow?
  • Do you have an accurate understanding of what Microsoft is installed, where it’s installed and usage?
  • Are you effectively tracking consumption of Microsoft online services?
  • Do have access to discovery tools and expertise required to close any data collection gaps?
  • Are there effective Microsoft proof of license entitlement records maintained?

Step 5

Executive Sponsorship. Do not go it alone – consider what support you will need to ensure you navigate the audit process successfully.

  • Establish who your stakeholders are both internally and within Microsoft.
  • Are your stakeholders on your side? Do they understand the benefit case and risks?
  • Do you have the best possible audit management team?
  • Does your team include IT strategy and architecture, IT operations, procurement, commercial & legal representation?

Step 6

Define an audit engagement plan.

  • What is the audit methodology and how will this impact daily operations and other pre-existing commitments?
  • Do you have the internal expertise to support complex activities such as data collection, data analysis and license position validation?
  • Do you have detailed knowledge of Microsoft product terms and licensing agreements to make decisions that mitigate risk and reduce cost?

Step 7

Future Plans. Are you aware of any changes planned within your organisation?

  • Are there compelling events that may impact your investment in Microsoft?
  • Are there any planned mergers or acquisitions?
  • Are there any changes to the company’s future software needs?
  • Do you have any new project roll-outs or retirements?
  • Does the technology architecture and strategy team have plans to adopt additional Microsoft products or options?

Step 8

Creating an effective negotiation strategy. Leverage your Microsoft relationships.

  • Are you effectively communicating with the Microsoft Account Team about the operational and commercial impact of the audit?
  • Have you identified opportunities that may strengthen your position?
  • Can you document KPI’s that allow you to track your effectiveness of managing the audit process and settlement?
  • Are you engaged with all relevant Microsoft stakeholders beyond their audit team?
  • Do you understand the impact of any settlement timeline set out by Microsoft?
  • Have you an effective communication plan in place to successfully navigate the audit process?

Without the necessary Microsoft license expertise, organisations run the risk of allocating significant effort to complete an audit which could result in unnecessary financial exposure. Due to this impact you need to demonstrate control over your Microsoft license position, have a good understanding of your usage and be aware of any gaps, now and in the future.

About Version 1

Version 1 has considerable experience in helping multi-national enterprises proactively assess their license compliance position and plan for the future by adopting a proactive approach to software asset management (SAM) for Microsoft.

So, whether you are under threat of an audit or struggling with creating a new standard internally, contact us for advice and guidance.