Aspera license management_webinar_software_compliance_audits
Upcoming SlideShare
Loading in...5
×
 

Aspera license management_webinar_software_compliance_audits

on

  • 546 views

Software Audits - When it gets Uncomfortable in the C-Suite, That's When Things Start to get Done ...

Software Audits - When it gets Uncomfortable in the C-Suite, That's When Things Start to get Done

Organizations don’t realize how serious their audit risk
is until it’s too late and the CIO or CFO is signing off on a major (unplanned) expense.
...Only then does license management get the attention it
deserves from top management.

Statistics

Views

Total Views
546
Views on SlideShare
505
Embed Views
41

Actions

Likes
0
Downloads
16
Comments
0

2 Embeds 41

http://www.scoop.it 40
http://www.linkedin.com 1

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Aspera license management_webinar_software_compliance_audits Aspera license management_webinar_software_compliance_audits Presentation Transcript

  • Software Audits When it gets Uncomfortable in the C-Suite, That's When Things Start to get Done By Christof Beaupoil President Aspera Technologies Inc.
  • Introducing… …the President of Aspera Technologies Inc. Christof Beaupoil Co-founded Aspera in 2000 Over 12 years experience in software asset and license management Master in Mechanical Engineering and Information Technology Certified ITIL Foundation and Licensing Specialist
  • Why This Webinar Topic? Organizations don’t realize how serious their audit risk is until it’s too late and the CIO or CFO is signing off on a major (unplanned) expense. …Only then does license management get the attention it deserves from top management.
  • Agenda If you talk about the risks of an audit now, then you’ll be in a better position later. To do this you need: Convincing information your IT Director and CIO will listen to. Testimonies from real people who have gone through a major vendor audit before. Counter arguments to the most common reasons executive management doesn’t want to buy into software license management.
  • The Truth of the Matter Selling commercial software is a business… …The most common risk associated with commercial software is non-compliance… …On this basis vendors often audit their customers to ensure compliance.
  • What Publishers Say… …Vendors initiate audits to generate revenue.
  • Quantifying the Risk Just a few examples of software audit disputes getting public attention: Rent-A-Center and SAP – US$ 9 million Hospital Corp. of America and Informatica – US$ 6.3 million PCS-CTS and the BSA – US$ 500,000 BMP America and Infor – US$ 150,000 It’s hard to ignore the audit risk and importance license management when that much exposure and money is on the table.
  • Agenda Convincing information your IT Director and CIO will listen to. Testimonies from real people who have gone through a major vendor audit before. Counter arguments to the most common reasons executive management doesn’t want to buy into software license management.
  • Exposure and Compliance Audits are time consuming… Testimonial #1: In a blog by Clarence Villanueva of Forrester, one person commented: “Although the audit was confined to DB2 usage, it took an elapsed time of about eight months from start to end to complete the audit.”3
  • Exposure and Compliance Audits are expensive, not only in terms of potential fines but in staff costs. Testimonial #2: Will McManus, CIO of Dynamic Systems Inc. (approx. 2000 employees), was hit with an audit by Autodesk, “...I have a department of six people and it absorbed an enormous amount of resources.” Lack of visibility on who was using AutoCAD stressed the situation, “When the audit was done, the company was out nearly $100,000,” just in legal fees.4
  • Exposure and Compliance Without your own method to create internal reports, you have no grounds to dispute (or disprove) auditor results! Testimonial #3: One person shared with Aspera that he “spent 2 years defending an IBM audit, which took up 20% of his time in addition to two FTEs.” Afterwards, he ended up creating a funded project for license management.
  • How much will an audit cost you? Show your manager the potential costs. Exmaple: If your company has 80 software vendors And only 10% of vendors initate audit request 20 days to respond to each request (without own tool) 8 vendor audit requests x 20 days = 160 days or 0.6 FTE / year Average SAM FTE yearly salary = $75,0005 0.6 FTE x $75,000 = $45,000 / year
  • How much will an audit cost you? Exmaple continues: If 25% of audits requests turn into full-blown audits Average audit takes 3 FTEs (without own tool) and minimum of 3 months, more realistic 6-12 months Average fines, purchasing after the fact = $500,000 3 FTEs for 6 months = (3 x $6250) x6 = $112,500 $112,500 + 500,000 = $612,500 / audit x 2 audits / year = $1,225,000 $45,000 + 1,225,000 = $1,270,000 / year
  • Exposure and Compliance Cannot quantify these consequences of a being caught non-compliant: Having to purchase licenses and/or maintenance post-audit at higher prices, Unfavorable negotiation position in later contracts, Consume loads of effort from multiple resources, Strained vendor relationships, Damaged company reputation, and Higher chances of more frequent audits in the future.
  • How Do Publishers Choose Who to Audit? Although number of software audits rises each year, not all organizations are audited equally…
  • Risk Mitigation Plan License management helps to stop and prevent noncompliance, streamline license purchases, and eliminate inconsistencies… An entitlement-based license management solution enables organizations to: Track software license usage and forecast demand (streamline purchases), Take advantage of product use rights and entitlements, Identify and prioritize legal and financial risks (eliminate under licensing), Quickly respond to software audits, and Prove compliance anytime with an easy to understand, re-producible process.
  • Risk Mitigation Plan Quantify the cost avoidance for your manager: While professional license management will not completely eliminate audits, it does reduce all relevant efforts and risk – by a minimum of 50%: Average time to respond to audit request = 10 days, more realistic 1-3 days 3 days x 8 audit requests = 24 days or 0.09 FTE = $6750 / year Avoid = 0.51 FTE and $38,250 / year 12.5% turn into full audits, requiring 1.5 FTE, 6 months, fines negotiated down 50% 1.5 x 6 months = (1.5 x $6250) x 6 = $56,250 / year $56,250 + 250,000 = $306,250 / year x 1 audit / year = same Avoid = 1.5 FTE and $963,750 / year
  • Agenda Convincing information your IT Director and CIO will listen to. Testimonies from real people who have gone through a major vendor audit before. Counter arguments to the most common reasons executive management doesn’t want to buy into software license management.
  • Common Excuses from Executive Management Already Have… We already have an asset management system that records software purchases (e.g. SAP). Do you know what’s written in the licenses and/or contracts? The contents play a integral role in determining compliance, audit risk, and reducing software spend. Missing components are knowing what you’re entitled to and the license metric.
  • Common Excuses from Executive Management Already Have… We already have BIG 4 Vendor. Sure, some of the data needed for license management is there, but there’s no standard technical process to identify license purchases, record Ts & Cs, and reconcile with software installations/usage. Basically, re-inventing the process for each product/audit. Requires lots of time, manual work, and customization (= not future proof).
  • Common Excuses - Executive Management Discovery Tools We have discovery tools e.g. SCCM, so we have license management. Part 2 Part 1 Must apply product use rights and Same software to be accurate entitlements licensed under different price models Software title doesn’ttool cannot recognize if the software For example: a discovery tell you how licensed, under what metric or product use rights rights... you’re using is licensed for downgrade Must understand metric to determine license demand Cannot measure license demand or compliance.
  • Common Excuses - Executive Management Discovery Tools We have discovery tools e.g. SCCM, so we have license management. Part 3 There is not one discovery tool that can gather data in all environments… …or that can gather all the required data for license management.
  • Common Excuses - Executive Management Too Expensive Investing in a tool and project is too expensive Part 1 – refer to cost avoidance calculations
  • Common Excuses - Executive Management Too Expensive Investing in a tool and project is too expensive Part 2 Saving Potential with License Management6
  • Common Excuses - Executive Management Too Expensive Investing in a tool and project is too expensive In Aspera’s experience, companies that: Record the license and contract models of all manufacturers, Have a tool and Master Catalog to map out the product use rights, Involve all software suppliers in the license management process, Establish connections to all asset management and discovery/inventory tools, and Manage licenses, updates, certificates, maintenance and contracts worldwide… Are able to: Reduce their software investments by up to 30%, Ensure they can prove software compliance irrespective of vendors and manufacturers at any time, Avoid under licensing and over licensing, and Use software licenses more efficiently.
  • License Management You can’t do license management unless… There are solid processes and policies in place supported by an entitlement-centric license management tool.
  • License Management Essential elements of an entitlement-centric technology: Master Catalog Fully researched, detailed catalog of entitlements and software recognition information. Extensive information about each license and software title: Comprehensive, configurable catalog of entitlements so that purchased licenses can be associated with the correct PUR. Synonyms and recognition rules to allow large volumes of raw inventory data to be turned into useful software titles. Unique identifier (such as SKU) so that discovered software can be associated with license purchases. Incorporate contractual Ts & Cs and PUR in compliance position and calculate potential over and/or under licensing amounts.
  • Additional Resources If you would like a copy of Aspera’s Audit Defense Guide please click here. An email will open up with a pre-set subject and all you have to do is hit send. Or sign up for our monthly newsletter* and automatically get a copy of the webinar slides and the Audit Defense Guide sent to you in the next issue. *You can unsubscribe from the newsletter at any time.
  • Additional Resources Presentation at the Spring IAITAM ACE in April 2013 Projecting Savings from Software License Management – The realist’s ROI and Business Case Software license and asset management bring many benefits including faster responses to IT service desk queries, more effective contract negotiations, and confidence in compliance audit situations. But when it comes to securing top management support the most clearly understood language is $$$ and savings. So what’s a realistic projected ROI you can present with poise? What can you take into consideration aside from the obvious financial savings? Learn from practical experience gained over 130 successful projects, and takes notes as the business case for your project is outlined in: Rebuttals to common spending misconceptions, Obvious and not so obvious financial savings, Gauging saving percentages based on level of maturity, project scope, and other factors, and Calculating the numbers.
  • Sources 1-2) Ernst & Young LLP. (2011). Software compliance without tears - Monitoring customers? software usage in a complex world - Software asset management survey. Retrieved February 20, 2011, from www.ey.com/Publication/vwLUAssets/Software_asset_management_survey/$FILE/IT%20COMPLIANCE%20 WITHOUT%20TEARS.pdf 3) Villanueva, C. (2011, August 10). Licensing With The Frenemy - Exploring An IBM Software Audit, Forrester Blogs, Sourcing & Vendor Management Professionals. Entry posted to http://blogs.forrester.com/clarence_villanueva/11-08-10licensing_with_the_frenemy_exploring_an_ibm_software_audit 4) Church, Z. (2008, September 2). Software audit painful and costly for the noncompliant, SearchCompliance. http://searchcompliance.techtarget.com/news/1340705/Software-audit-painful-and-costly-for-thenoncompliant 5) Thompson, M. (2011). Worldwide Salary Survey for Licensing, Compliance and SAM Roles, ITAM Review. http://www.itassetmanagement.net/2011/07/19/worldwide-salary-survey-licensing-compliance-sam-roles/ 6) Translated from German: Dr. Gerick, Thomas. "Lizenzmanagement: zwischen SOX und Kostendruck." Controller Magazine. January 2009.
  • Thank You Questions?
  • Aspera the Company Founded in 2000, registered in Germany: Aspera GmbH and the USA: Aspera Technologies Inc. Co-founders and management team: Christof Beaupoil – Co-founder, President, Aspera USA Bernhard Boehler – Co-founder, Managing Director, Global Account Management Olaf Diehl – Managing Director, Business Development & Operations Keith Sauvant – Co-founder, Managing Director, Research & Development Parent company: USU Software AG Employees: 316 (Aspera USA: 10, Aspera Europe: 75) Partners in: Australia, Benelux, France, Scandinavia, South Africa, and the UK Portfolio: Tools, LaaS, Managed Services, Catalogs, Consulting, Project Management Customers: Fortune Global 500, very large, large, and medium sized organizations, government and civil services bodies
  • Contact North America: Europe: Aspera Technologies Inc. 470 Atlantic Ave., 4th Floor Boston, MA 02210 Aspera GmbH Dennewartstrasse 25-27 52068 Aachen, Germany Your personal contact: Shawn Smith Tel.: +1 508-473-6373 Email: smith@aspera.com Your personal contact: Olaf Diehl Tel.: +49 241-963-1220 Email: diehl@aspera.com www.aspera.com Aspera GmbH and Aspera Technologies Inc. check and update the information in this presentation on an ongoing basis. Despite this, data may have changed. Therefore, Aspera cannot be held liable for the up-to-dateness of this document. The content and structure of this document are protected by copyright. Any reproduction of the information and data contained herein, especially the use of texts, text passages or illustrations, requires written prior consent of Aspera GmbH. Aspera, SmartTrack, FlowControl, ICM, CMM, FM, MM, and the license management logo are registered trademarks of Aspera GmbH in Germany and/or other countries.