Many organizations are taken by surprise when faced with the total cost of a vendor audit, this oversight can result in a substantial amount of unbudgeted IT spend. It is important therefore, for SPVM and IT Asset Managers understand the total risk posed by audits, prioritize the vendors with whom they spend the most and those that are business critical, and ensure they have the right processes in place in order to take action when the audit lands.
Our experts offered their top six vendor audit tips for before, during and after an audit:
1. Develop a strategy. Build and implement a clear and repeatable process that can be followed each and every time you receive an audit request. Involve support from other key stakeholders – Audits are not just an ITAM responsibility. These stake holders could be IT buyers or lines of business managers, who must understand the licensing implications of their purchasing decisions. Likewise, the working group should include C-Level, procurement, finance and legal personnel. It takes a team effort to navigate through an audit, and it is critical that all these stakeholders are aware of the process, and collectively understand what is required and the desired outcome. Document the process for every audit undertaken and use this experience to continuously improve your strategy.
2. Deploy initial response tactics. Manage the response carefully to suit your organization. If the audit has landed at a time when your business has mission critical or time-sensitive priorities that are using higher than normal resources, ask the vendor to defer, the audit should fit your timeframe, not the vendors..
3. Know your vendors. There are a multitude of things that drive each vendor to audit and these include both your businesses actions and their commercial position. Its important to know what make the vendor ‘tick’. Having this insight of your vendor will allow you to avoid activities that will raise the red flag. Where such activities are unavoidable, this allows you to prepare the data and gather proof proactively and be prepared. Understanding a vendors cloud motivation is important too, this is often used in cases of non-compliance as a means to win more business. Assess your cloud needs in relation to each vendor and don’t be lured into unfavourable contracts.
4. Control communication and data flows. This is important both before and during an audit. Conversations with support desks can offer a vendor information about your business that can trigger an audit so manage these conversations carefully to prevent the wrong information being leaked. Once engaged in an audit ensure only the spokesperson is communication with the auditor and stay in control of the information and data provided. An over helpful team member may provide more than just the information being requested and raise more questions than they answer.
5. Let the audit drive negotiations. The outcome of an audit can be substantially softened by using the findings to leverage negotiations for planned purchases or up and coming renewals. Research and understand what motivates a software vendor from a product-specific and revenue target standpoint and align this to your requirements and strategies. Finding these synergies will help you to achieve the best commercial and contractual deals.