Oracle dubbed 'big bad wolf' of software audits

Software licensing audits now take average of nearly 200 work-hours to resolve, according to Campaign for Clear Licensing research

The Campaign for Clear Licensing (CCL) has hit out at the "anti-competitive" tactics of software vendors after its research found licensing audits take an average of nearly 200 work-hours to resolve.

The pressure group's survey of 170 global ITAM, SAM and software licensing professionals also concluded that Oracle is still the "big bad wolf of audits" after it was found to be the most aggressive of all the major vendors.

"Surely customers have better things to do than fiddle about with audits."

The research asked respondents to estimate how long an average software audit takes to resolve in work hours and total duration. The average estimate was 194.15 working hours over a duration of 7.13 months.

Talking to CRN, CCL founder Martin Thompson argued that the big vendors are using audits to block competition and restrict innovation.

"This is anti-competitive because for all the time these customers spend talking with the big vendors about audits, they are not looking at alternatives. They are locking them in," he said.

"This is really taking up a lot of time and people could be doing stuff that's more useful. Surely customers have better things to do than fiddle about with audits. There is so much pressure on IT departments; this is just a waste of time."

The 194-hour figure - which Thompson estimated is actually on the low side - is likely to have gone up over the last five years because software licensing, and therefore the audit process, has become more complex, Thompson added.

Oracle was seen by respondents in the survey as the worst offender, with nearly a quarter fingering it as the least helpful vendor in terms of audits. IBM and Microfocus were second and third, ahead of Microsoft, Autodesk, SAP, Adobe, Dell Software and HP.'Many vendors have become more predatory'

Paul Sheehan, co-founder of SAM consultancy ITAM Solutions, agreed with the CCL's findings but said he had noticed a separation in the market between different vendors in their approach to audits.

"The average audit bureaucracy and cost is becoming substantial," Sheehan (pictured) said. "In more than one case, we have seen an audit go on for more than a year, with full-time staff attached to it. It's where there's any variance in the availability of hard data - that's when the vendor will keep playing the game until you've run out of patience and pay them off.

"Many vendors have become more predatory, but then again - looking at recent announcements around Adobe disbanding its audit practice - some vendors are going in the other direction. Some vendors are becoming more and more unreasonable and others are reaching the point where they're saying 'we've got to change this; it breaks customer relationships and we don't want that'."

Thompson said the research shows that Oracle - a vendor the CCL has previously attacked for its "hostile" licensing tactics - is still seen as the bullyboy of the audit world.

Although Microsoft was seen in CCL's survey as the most helpful vendor in terms of audits, ahead of IBM and Autodesk, it wasn't spared criticism in CCL's research.

"A friendlier but equally time-consuming approach is the 'review' process adopted by vendors such as Microsoft, whereby previous compliance misdemeanors might be overlooked as long as the customer adopts the software publisher's strategic products, in the case of Microsoft in 2016: Office 365 and Azure," the report said.

"...While less aggressive, this approach is still anti-competitive and it assumes the vendor's cloud solution is the most viable option."

Channel opportunity

The growing spectre of audits plays into the hands of resellers that have built out SAM practices, Thompson argued.

"There's a massive interest and growth in the SAM managed services industry," he said.

"Frankly, this is not the cutting edge of IT. It's seen as admin or housekeeping, and a lot of organisations are just outsourcing it because there is more interesting stuff to do.

"People are bringing in partners to help them gather the data to defend audits. The bottom line for the partner is that you are saving the client all this time from defending audits, and allowing them to get on with more interesting, sexy stuff.

"There's also a worldwide shortage of good licensing people, so not only are people outsourcing this stuff because it's a bother, they're also outsourcing it because they can't get hold of the right people."

Dennis Montanje, managing director of SAM consultancy Softline Solutions, agreed that customers can avoid the pain that often accompanies an audit by bringing in a third party.

"As an independent-from-software-publishers SAM expert, we often come across organisations that are confronted with an audit when either the timing is off or the insight in their compliance is lacking," he said.

"We help our customers to create this transparency in the software license compliance status. Being in control offers organisations the ability to guard themselves against audits. Insight into the software license compliance status also opens up the ability to get into contact with the software publishers beforehand and to open up communication. The outcome of good contact should not be underestimated. Of course some software publishers are more open to this approach than others. One should realise that a software audit is always part of a commercial discussion and can therefore be put to good use, both externally as well as internally."

CRN approached Oracle for comment and was waiting to hear back at the time of publication.