Tip

Checklist: Effective software license management

Software license management has become a critical issue for many IT organizations in light of increased pressure from software vendors and industry watchdogs, as well as recent government regulations, such as the Sarbanes-Oxley Act of 2002 (SOX

Requires Free Membership to View

) and the Health Insurance Portability and Accountability Act (HIPAA). Faced with the daunting task of managing tens of thousands of software licenses, IT managers must implement effective solutions that will help mitigate risk from potential compliance audits and maintain corporate compliance.

Scott Fenton, CIO of Peregrine Systems, an asset and service management enterprise software provider, has assembled the following tips and best practices to help global organizations systematically and pragmatically reduce costs, enhance IT productivity, improve service levels and lower risk as their business needs evolve. You may download a printer-friendly version.

 
 
         
                   
                 
                   
                   
                   
     
                                   
                 Checklist: Managing software licenses                  
           
              Evaluate your current situation by asking a few simple questions:                  
           
                 • Are we prepared to respond to a software audit?                  
           
                 • What processes do we have in place to determine our risk exposure?                  
           
                 • Can we quantify our compliance risk exposure?                  
           
                 • What is our policy around the distribution of software?                  
           
                 • How do we determine who is entitled to what software?                  
           
                 • If someone installs software, how do we keep track of it?                  
           
                 • What processes do we have in place to harvest licenses from disposed hardware?                  
           
                                 
           
              Create a clear policy and processes with business users about the purchase, use and distribution of software, and ensure that it's required reading for all employees.                  
           
                 • Be specific about penalties for policy violation, so that employees understand the consequences.                  
           
                 • Clearly state that employees should only purchase software from company-approved vendors to ensure that the organization does not fall prey to "distributors" who resell                  
           
              illegally copied software. Be wary of software sold through online auction sites or unauthorized dealers.                  
           
                 • The Business Software Alliance has a good sample policy on its Web site (www.bsa.org).                  
           
                                 
           
              Establish an anonymous way for employees to report activity that they believe might be outside of the corporate compliance policy.                  
           
                                 
           
              Be aware of the potential types of software license compliance audits your company face.                  
           
              (e.g. internal audit, regularly scheduled audit generated by a compliance initiative, internal auditor request, third-party audit, specific software vendor initiated audits).                  
           
                                 
           
              Standardize Software license procurement and management via an IT asset management solution. This can provide a comprehensive end-to-end view of all IT assets, including                  
           
              software licenses and their related financial information, such as contracts, warranties, etc.                  
           
                                 
           
              Avoid over-procurement and reduce costs by studying usage patterns within your global enterprise to determine current and future needs.                  
           
                                 
           
              Keep track of all software licenses and entitlements in a centralized repository. Use best-of-breed asset tracking software to automate asset discovery and maintain a real-time                  
           
              database of all your IT assets from procurement to retirement.                  
           
                                 
           
              At least once a year, inventory the software your business has licensed and confirm that users are entitled to those licenses.                  
           
                                 
           
              Establish and implement a software distribution strategy using best-of-breed software distribution solutions. Do not distribute or install software from CDs. And never install                  
           
              software from MSDN subscriptions for business use because it is not legal.                  
           
                                 
           
              Continually assess the corporate or regulatory compliance needs impacting your organization, such as SOX and HIPAA, and strategically adapt IT priorities as your                  
           
              organizations' needs evolve.                  
                   
                 
               
             
           
         
       
       
   

ABOUT THE AUTHOR:   Go back to checklist
 
Scott Fenton, Vice President and CIO
Scott has over 20 years of technical and operational management experience in the high-technology and electronics industry. He is responsible for managing Peregrine's worldwide IT, telephony and business system infrastructure and services. Peregrine develops and sells enterprise software that enables customers worldwide to evolve their asset and service management capabilities. Copyright 2004 Peregrine Systems Inc
 


 

This was first published in September 2004

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.