Best Practices for a Microsoft audit

It is sometimes useful to take into account the worst case scenario. However, in the case of a Microsoft audit, it is important to know that legal prosecution will occur only in the most severe cases. Following these B-lay’s practices will guide you through a better and transparant audit process.

Don’t be overly afraid

When Microsoft has reason to suspect that a customer is significantly out of compliance, the company involved is asked to perform either a Self-Audit or a SAM Engagement and report the results. If you cooperate and agree to pay for additional licenses to become compliant, then there won’t be any further consequences.

If your company ignores the friendlier audit types mentioned earlier, or refuse to comply, the case may be turned over to the Business Software Alliance (BSA). If the BSA takes action and a company is found to be non-compliant, the fine is often two to four times the license cost for each instance. Also, the offender will be required to purchase valid licenses or remove the software from their systems.

Don’t Procrastinate

Don’t postpone until it is too late. Understanding the importance of SAM is key to minimizing the financial risk associated with non-compliance. If you have reason to believe that your company may be out of compliance, it’s best to take remediation actions as soon as possible. Microsoft is more understanding when they see indications that you are taking SAM seriously and are determined to become compliant.

Don’t Assume Legitimacy

Always work with a trusted and certified reseller. There are quite a lot of resellers out there taking advantage of companies by selling them pirated software. Many companies don’t realize they are using pirated software until an audit uncovers the truth.

Implement a SAM tool

A Software Asset Management tool will provide a good starting point. Being able to discover all the software installed on your IT estate gives you a first idea or estimate of your current license position about your license entitlements.

There are some good SAM tools, both free and paid, that can be implemented:

Free SAM tools:

Microsoft Assessment and Planning Toolkit is a free tool developed by Microsoft that is designed to scan your Microsoft infrastructure. This tool provides inventory, assessment, and reporting functionalities to simplify the migration planning process, but also discovers installed software. You can download this tool directly from Microsoft’s website.

Spiceworks allows you to easy search all the software you have installed in your environment and automatically or manually track license keys for any piece of software. Additionally, you can tell which software versions are installed on each device. You can download this tool from the official Spiceworks website.

Paid tools:

System Center Configuration Manager (SCCM) is another tool developed by Microsoft, and one of the best tools for SAM related discoveries.

The non-Microsoft alternatives would be either a tool from Flexera Software a tool from Snow Software. Although costly at first, these tools can help save cost in the long run.

Whichever option you choose, the tool should at least be able to include the following functionality:

  1. Scan each of the computers on your network and tell you what software is installed
  2. Track Microsoft Office and operating system licenses (server and client) across all of your devices;
  3. Discover unlicensed software running on the network;
  4. Automatically gather license information;
  5. Keep tabs on how often each volume license has been utilized;
  6. Generate detailed reports that eliminate the need for manual guesswork.

Organize and centralize all physical proof of purchase documents

In the case of an on-site visit, Microsoft will look at the physical proof of purchase: Certificate of Authenticity, installation CD, Manuals, Software Kits, Purchase Orders, Invoices and Volume Licensing Contracts. Consider putting everything into physical folders which hold all software CD’s and keys relating to each new PC and Server you deploy.

Work with Your Vendor

Most likely you won’t be fully compliant for every piece of software in your company. That’s normal, and Microsoft knows and expects this. Microsoft also expects you to work quickly to become compliant, which will involve working with them to determine what it takes to become compliant. Management will be interested in the financial impact, so it’s best to understand the cost implications as soon as possible.

What is also important to keep in mind is that Microsoft does not want to shut you down, it is in their best interest to work with you and mediate the situation so that it is beneficial for both parties.

Prepare your company for the next Microsoft audit with B-lay. We recommended creating a recurrent SAM process with designated roles and responsibilities that will keep everything in check for you. Experts, either in-house or third party consultants with license specific knowledge will be invaluable to most organizations. They can play a decisive role in determining your licensing requirements and negotiating the best terms and conditions before non-compliance situations actually occur. They can also help enterprises get Software Asset Management on the right track, automate the process as much as possible and monitor with Self-Audits to ensure a comfort point is maintained.

Make sure you have the right expertise

You can of course invest in staff and building knowledge completely on your own. But you might also want to consider enrolling in a fully operational license management program. This can be done in less than three months and will be tailored to the specific demands of your company. Please contact B-lay, and get your audit defense in place.

More information can also be found in our white paper “Be prepared for a Microsoft Audit ”. Our new white paper format is mobile friendly, so you can easily read it on your tablet or mobile phone.

This article was published on 05-10-2016