Cherwell IT Service Management Blog
Resources, Best Practices, and Solutions for ITSM Pros

Ernst & Young Survey Validates True Motives Behind Vendor Audits

Posted by

An article caught my eye this morning in Manufacturing Business Daily summarizing the results of a recent Ernst & Young survey that focused on software asset management philosophies and practices among software vendors and their customers.

Before discussing the results, I should point out that I’m pretty skeptical about studies conducted and published by firms with a commercial interest in the topic being explored. Because Ernst & Young dedicates part of its business to IT governance, internal auditing, and compliance services for large enterprises, it’s virtually impossible for the firm to be objective in its research methodology or interpretation of results–in fact, they offered no information about their approach to the survey. (For example, is there inherent bias among those selected to participate? What were the roles with respect to compliance of those individuals or teams that actually completed the survey? Why did they recruit end-user organizations that averaged over 10,000 desktops [organizations of this size comprise only 0.1 percent of all US companies over 100 employees]? Is it possible to draw conclusions relevant to the marketplace with so few participants? The list goes on and on.)

Nevertheless, the results are interesting and at least on the surface validate what we’ve long suspected to be the true motives behind vendor audits; software publishers are far more interested in revenue generation than they are in protecting their intellectual property or helping customers be successful in managing their software estates. Only four of the eight “major” software publishers surveyed stated that protection of intellectual property rights is an objective of their compliance programs, flying directly in the face of the very legal platform software vendors and the BSA claim as the basis of their actions. It’s also ironic that only 38% of vendors suggested that their compliance programs, which are generally advertised as “SAM” programs, have customer education and/or process improvement as a stated goal.

Another area I found interesting is vendors’ views on why customers struggle with license compliance: 75% of the publishers surveyed stated the belief that end users have inadequate IT asset management tools; 63% indicated their customers simply “don’t understand”; and 50% attributed the problem to the complexity of contracts and user rights.

Despite the survey’s likely bias and limited statistical validity, I can’t help but ask the question: if vendors were to place greater emphasis on helping customers overcome the challenges they perceive are barriers to full compliance, isn’t it conceivable that they’d indirectly accomplish their number one goal of generating more revenue? And isn’t this what the ISO/IEC 19770 Software Asset Management Standard is designed to help achieve (and at a cost far less, I might add, than what it takes to fund their compliance campaigns and enforcement efforts)? As I’ve mentioned in a number of my posts here, few major publishers have shown significant commitment to the standard as a means of helping simplify customers’ efforts at software license management–and the results of this survey provide yet another piece of evidence validating (and perhaps explaining) that lack of support.

Below is a summary of the survey results among publisher participants. The full report can be found here:

Objectives of vendors’ compliance programs

63%: Revenue generation

50%: Development of agreed baseline with customer

50%: Intellectual property rights protection

38%: Key control or process for internal governance

38%: Process improvement for customers/encouragement of SAM/customer education

25%: Anti-piracy

13%: Customer satisfaction

Vendors’ views on why customers struggle to achieve compliance

75%: Inadequate management tools at end-user

63%: Lack of understanding

50%: Complexity of contracts/user rights

50%: Lack of management attention

25%: Lack of due diligence in mergers and acquisitions work

13%: High cost of software

How vendors select a customer for audit

75%: Internal inconsistency in purchasing patterns

50%: History of poor license compliance

50%: Size of customer

25%: Mergers and acquisitions

13%: Number of countries operating in