Types of Microsoft Audits – Be prepared for a Microsoft Audit

Microsoft uses different audit types to verify if their customers are licensed correctly. In this article we will explain the different types of a Microsoft Audit.


This is the most common and friendly audit type organizations have been subject to. It requires companies to verify whether they are compliant with Microsoft’s licenses, which is usually done by sending Microsoft the software keys for each license or purchased product. Then the companies compare this to their entitlement and purchasing records and establish their license position.

The internal cost of a Self-Audit varies depending on the size of the organization and the amount of data that needs to be captured. Unless the organization is 100% compliant or close to that, the cost of the audit will most likely be considerably less than paying for any incompliances uncovered during the other audit types.

Software Asset Management (SAM) Engagement

The Software Asset Management Engagements are usually conducted by third-party auditors or consultants. Microsoft allows the company that is audited to choose from a list of proposed options of third-parties that can perform the audit. Whilst this helps Microsoft to position the situation in a more neutral fashion, it is not mandatory to have the audit performed by a third party of Microsoft’s choice.

Microsoft will request that the auditee allows a third party to audit its software installations and report the results directly to them. At the end of these engagements, the auditee is required to purchase the licenses covering any shortfall in its software licenses. Microsoft’s SAM Engagement has been extensively used instead of traditional software audits, the License Contracts and Compliance (LCC) Audit.

There are some advantages related to the SAM Engagements:

All costs related to the audit project will be borne entirely by Microsoft.

Microsoft will provide, via third parties and/or direct, technical specialists that will assist the customer in running the necessary discovery scripts and/or applications in order to identify all installed software.

Microsoft will provide, via third parties and/or direct, licensing specialists that will establish a clear licensing position for the customer.

The auditee will receive recommendations regarding the proper utilization of their software licenses.

The auditee can benefit from the implementation of specific Microsoft SAM procedures and processes.

License Contracts and Compliance (LCC) Audit

This is the most stringent and costly type of audit. License Contracts and Compliance Audits are mostly used when an organization decides to ignore the request for or declines to take part in the Self-Audit or SAM Engagement Audit.  Essentially, the LCC audit is a legal audit that you must comply with. Legal action can be taken if you delay any notification of an audit.

An LCC audit needs to be taken seriously as it is not voluntary. Microsoft will pursue to build a legal case leveraging your license position for financial compensation, ranging from fines and penalties, to criminal prosecution in a worst case scenario.

Thousands of small, mid-sized businesses and enterprises are receiving these audits as part of Microsoft’s aggressive growth objectives and their attempt to grow their market share. Typically these audits result in additional license sales for Microsoft.

More information can be found in our white paper “Be prepared for a Microsoft Audit ”. Our new white paper format is mobile friendly, so you can easily read it on your tablet or mobile phone.

This article was published on 06-09-2016