Micro Focus Software Licence Audits – Everything You Need to Know

Home IT Asset Management Risk & Audit Software

by | January 26, 2021

Micro Focus software licence audits can be a serious concern to organisations who are not prepared to respond effectively. Micro Focus is a notorious vendor in SAM circles and considered a high risk by FisherITS. Like most software vendor audits, the financial penalty for licensing noncompliance can be extremely damaging and the disruption to business-as-usual activities during the audit process can be just as harmful. Micro Focus furthermore doesn’t shy away from court proceedings.

The Covid-19 pandemic has not stopped vendor licence audits, and whilst some software publishers have been more lenient with customers through 2020 and early 2021, Micro Focus continue to audit aggressively and drive revenue through software licence reviews.
How to Prepare for a Micro Focus Software Licence Audit

Successfully defending a software licence audit from Micro Focus begins well in advance of receiving an audit request letter from the vendor. As with all major software publishers, having a good understanding of Micro Focus software licensing terms, application deployment, and software usage will help your organisation to get a head start in the event of an audit. Being in good shape from a licensing standpoint is also the best way to completely avoid an audit in the first place, as most software vendor licence compliance teams will target organisations where there is the highest chance of finding expensive non-compliance issues.

Achieving a sure state of licensing compliance for Micro Focus products is not a simple task. Micro Focus have acquired over 40 companies to date, so it is important to check your software inventory for all Micro Focus vendors that they have acquired. Some examples of these that have appeared in recent Micro Focus licence reviews that I have conducted are below.

– Attachmate/NetIQ/Novell
– Borland
– EntIT Software
– IONA Technologies/Progress Software
– Intersolv/Merant/Serena Software
– HPE/Mercury Interactive

One of the ongoing themes is that as soon as Micro Focus acquires a new company, they aggressively start auditing the full customer base. This has been particularly notable for the 2017 acquisition of Hewlett Packard Enterprise’s software branch which has played a leading role in over 50% of Micro Focus audit defences FisherITS has been involved in since.

Understanding Micro Focus Licensing

Once your organisation is aware of the scale of Micro Focus products deployed across your network, understanding how the licence metrics for each of those products is defined is the key next step. Micro Focus licensing metrics vary across their products and often include ambiguous wording (I told you this is not a simple task!) and include metrics such as user-based, processor-based, device based, site-based and others. Again, examples of some of the more common products and their associated licence metrics are below for reference.

Micro Focus customers should make sure they understand how the licence metric is defined for the product they are managing. If there are grey areas in the contract, make sure these are clarified throughout the organisation, especially between Procurement, Product Owners and Legal, who all need to agree.

Due to ambiguous wording and convoluted audit methodologies for many products, it can be difficult to be fully prepared for all interpretations. When in doubt it can be best to consult with a third-party expert (be careful not to approach Micro Focus though as it might trigger an audit). The following are some issues I commonly encounter that may help you out.

– Protect Against Remote Access Licence Violations

An area of concern that commonly arises in software audits, or at least in the resolution of audits, is customers feeling like they pay for software that isn’t in use. This is something to think about for customers that use remote access software (i.e. via Citrix).

Micro Focus go by the rule that all users who have access to a server will need a licence, regardless of whether they use the software or not as they are considered authorised to use the software.

    – Be in the Right on Use Rights

An area that can be overlooked and result in bigger noncompliance fines for Micro Focus is product-specific use rights. These can include rights governing virtualisation, third-party or geographical limitations. For example, COBOL is a Micro Focus product that has third party and geographical restrictions as a standard.

For geographical use rights specifically, customers should understand if there are any contractual limits on the territory in which the product can be used and should limit the deployment/usage of the product to the relevant locations. As the usage rights can be restricted by site, country and continent (“Area”), it can become confusing if EULAs and customer-specific contracts are not fully understood. There might also be a geographic relocation fee to pay to transfer the licence from one country or area to another.

    – Understanding Micro Focus Support Charges

Another common pitfall faced by Micro Focus customers is payment for support, which, for most Micro Focus products, needs to be purchased on the full licence set – you are not allowed to have support on only part of the used licenses for many products. This has been added more recently so if an historic contract governs the audit policy, it may be that the newer ‘support all’ policy is not in force. As always, this is something that you should have checked by a legal professional to be certain.

If you have a newer contract from 2018 onwards, you will likely have to pay for support on the full licence set.

What to Do If You Receive a Micro Focus Audit Letter

Organisations should have a standard software vendor audit response process in place that covers in broad terms the approach taken to any vendor audit. You can learn more about this process in detail in our Software Licence Audits – Survive and Take Advantage white paper. For Micro Focus audits specifically, below are some areas to consider based upon recent Micro Focus audit projects that I have worked on.

– When you receive an audit notice letter from Micro Focus, you should always confirm the validity of their request. If Micro Focus cannot prove their right to audit, they will have to kill off the audit before it officially starts.
– Micro Focus can send out audit letters without checking the customer’s entitlement and will ‘see what they can find’ once the data comes in. Always make sure that the scope of the audit is clear, what contracts govern, and which products are included. If necessary, make sure it is in writing before the audit starts.
– Micro Focus has been known to use third-party auditors when the contract does not allow a third-party audit. Understanding the right to audit and the contractual terms of the audit clause will allow customers to remove the third-party. A third-party auditor may act as a more neutral party than Micro Focus, but this can work in the customer’s favour if Micro Focus does not have the capacity to carry out the audit themselves.

Compared to most vendors, Micro Focus has an unusually large amount of web pages dedicated specifically to their audit policy and process in an effort to counter all arguments. For Example, there’s the Micro Focus License Compliance Charter, the Micro Focus License Verification Process and FAQs on Micro Focus License Verification & Policies.


Subscribe To Our Newsletter

Subscribe To Our Newsletter

ITAM Channel brings the best news and views from the ITAM industry. Sign up for the newsletter and get them straight to your inbox

You have Successfully Subscribed!