In part one we focused on the initial steps required when responding to a software audit demand. In part two we explain how you can effectively manage a vendor review and what you should do at the conclusion of a vendor audit.
STEP FOUR: MANAGING THE AUDIT
By assigning a single point of contact, you can ensure that only agreed information is shared between the organization and the software auditor. As explained in part one, this should be a senior member of staff. All documents and communications must go through them as ultimately, the senior management team is primarily responsible for the state of the organization’s software estate.
“Having a single point of contact reduces the risk of another member of staff proudly describing the environment they manage which may be something that isn’t on the auditor’s radar. It will be now!”