A Software Audit Task Force brings together all of the stakeholders within your organisation who will need to play a role in responding to the vendor audit request and navigating the process as smoothly and safely as possible.
The notification or request to audit will typically be an email or letter from the software vendor directly, or from an appointed auditor. The request rarely goes directly to the ITAM / SAM team, but more commonly to whomever last signed the contract with the vendor. It is therefore important that when the request comes in, the ITAM/SAM team are informed immediately and they can begin to call together the Software Audit Task Force in in response.
Why do we need a Software Audit Task Force?
A Software Audit Task Force is essential to orchestrate a safe and effective response to a software vendor audit request. It is a collaborative working group that ensures that stakeholders are fully informed at all stages of the process and can work together to formulate, govern and execute a strategic response to the audit request.
How do you set up a Software Audit Task Force?
The key to setting up a successful Software Audit Task Force is to never assume that the required stakeholders understand the software audit process. In order to support the audit, it’s vital that the purpose, the roles and responsibilities are communicated and understood. This guidance and structure should therefore come from the ITAM / SAM team, with the backing of the business.
Who is on a Software Audit Task Force?
Potential stakeholders would typically include, but not be limited to:
Software Asset Management – Responsible for coordinating the task force, license compliance & cost-optimization.
Finance – Audits can be expensive! Payments will need to be structured etc.
Procurement – Essential for gathering software license entitlement data and contract negotiation.
Senior Manager – A nominated single point of contact with the vendor or auditor.
Commercial – The Commercial revenue-generating side of the business will need to be informed and consulted on software strategy, especially if any products are to be potentially removed.
IT Service Delivery – Responsible for ITAM/SAM and how the business consumes software.
IT Service Desk Manager – Responsible for performing the actions required as a result of the audit; removal of any unlicensed/unapproved software.
IT Risk Management – Responsible for security in software policy.
Legal – For clear understanding of existing contracts & negotiating new audit clauses etc.
Budget holders – Impacted by any commercial changes to software licensing contracts / costs.
IT Security – Overall responsibility for security through the software asset lifecycle.
In addition to the audit task force – Identify key stakeholders that may vary:
- Technical users
- Application owners
- Different aspects of the business that may need to be involved on a case-by-case basis.
It is good practice to use a RACI matrix to clearly define who will need to be responsible, accountable, consulted, and informed at each step of the process.
What is the Software Audit Process?
This is answered in our blog What is the Software Audit Process?
Certero has a team of Software Asset Management experts who can also help to explain the audit process, highlight the roles / responsibilities of stakeholders and actively guide you through a software vendor audit to avoid the many challenges and pitfalls. If you’d like help, please contact Certero’s team of licensing experts to explore your options.
