softwareOne_logo_forPrint_no_tagline_(1).jpg

Thought-Leadership Blog

FacebookIconTwitterIconlinkedinIcon

Oracle Audit Protection – Mitigate Non-Compliance Risks by Crushing Big Rocks First

Thought-Leadership by Eric Guyer
on July 21, 2015

oracle-audit-protection-mitigate-non-compliance-risks-by-crushing-big-rocks-first

Oracle audits routinely result in tens of millions of dollars in list license compliance gap. While most IT executives know they are not adequately prepared for an audit, they may not believe such a financially destructive outcome is probable for their organization. But first-hand experience is not the best method for learning how to face this reality. If audits are the “not if, but when?” proposition that we suggest, then what is the best way to prepare for an audit?

The High Stakes of a Compliance Gap

Before answering that question, it’s important to understand the ingredients of a multimillion dollar compliance gap:

  • First – Oracle’s published list prices are stratospherically high, so it doesn’t take much to result in what would otherwise be a reasonable license fee under standard discounting practices.
  • Second – Numerous licensing rules aren’t even documented publicly. Of those that are, misinformation abounds (even from Oracle sales people) regarding how Oracle applies its rules.
  • Third – Oracle’s compliance policies enable a broad range of punitive damage, including list back support for the years of infraction and even terminating the customer’s right to use the software.

We could stop there and agree that compliance is difficult, even for dedicated teams of internal contract specialists, software technicians, and lawyers. That said, rational people can agree that a license gap exists and acquiring more software is necessary. If you are working with a reasonable Oracle field sales team that isn’t seeking to capitalize on your non-compliance, then a good deal can get done.

Mitigating the Risk of Non-Compliance

If this were the typical (or at least publicized) outcome of audits, then customers wouldn’t fear them. Ironically, most IT shops believe compliance is impossible, not just hard, and therefore do nothing to mitigate the risk. Which leads us back to the question at hand: What is the best way to prepare for an audit? Simply put, crush the big rocks first, i.e., to at least rationalize the most common, policy-driven, and compounding issues.

Specifically, most Oracle customers are bitten by the same three to five license policies, such as virtualization, extra-cost options, high availability, and disaster recovery. As a side note, most customers have thoughtful justifications for how they are deployed, but none of those reasons matter on the publisher’s end of an audit finding. It is especially ill-advised to believe that your unique configuration will be deemed the exception to the rule.

Understand Your Needs, Or Engage a Software Asset Management Partner to Help You Uncover Them

The key, of course, is knowing what the most common compliance issues are and how to solve them in a license-friendly manner. If you so choose to run Oracle in a vast and redundant virtualized landscape across multiple data centers, then it is best to do so after understanding the licensing implications. But in our experience, most customers would prefer to not only avoid, but also reduce unnecessary costs.

In any case, SoftwareONE doesn’t need to know anything specific about an Oracle installation to advise on multimillion dollar cost avoidance. In fact, our entry-level service offering is specifically designed not to require any time and resource-intensive discovery effort whatsoever.

To that end, we’re pleased to build your trust before asking for what may lead to uncomfortably incriminating evidence. Once the big rocks are crushed, then we can focus together on the discovery and optimization services that result in increased value rather than damage control. If you would like to speak with our Software Asset Management specialists, then click the banner below to schedule a discussion.

oracle-call-to-action

Related blog posts:

Topics: Core Infrastructure

pyracloud-demo-request

Subscribe to Email Updates

Subscribe by RSS
SHARE THIS PAGE
     

ON TWITTER