Why should a CEO, the Board, CFO, and CIO care about Software Asset Management (SAM)?
If earnings are a priority, then unnecessary expense leakage and minimizing unpredictable and uncontrolled financial risk should be as well. SAM, much like Supply Chain Management, has the power to save an organization millions of dollars or literally bring it to its knees through catastrophic financial and legal liability identified by a software compliance audit. Let us explain.
Software vendors make their living by selling software. They do this in two fundamental ways. One is to sell you new software solutions, the other is to compel you to buy additional software as a result of true-up exercises each year or software compliance audits. One of the major global software vendors derives at least 35% of its yearly revenue from software compliance audits.
Many organizations “true” up and add unnecessary expenses because they do not have the knowledge, skills, or abilities to accurately assess how many software licenses they actually have deployed across their desktops and servers. They cannot accurately assess this investment because they may not have the right governance and business processes, tools, software licensing knowledge, and people in place to do this heavy lifting. Instead of making informed decisions, they take educated guesses. More often than not, they err on the side of caution, which means that the software vendor benefits, not the organization itself.
Virtualization and Cloud Services are fantastic alternatives for organizations. The only problem is, most organizations do not have an intimate knowledge of how drastically their risk profile changes for the worse when software licenses transition into a virtualized and cloud environment. The reason for this is simple. The architects focused on reducing infrastructure costs do not necessarily have the software licensing knowledge to go with those environments. We have seen clients with a modest investment in ERP software of a few million, create a financial risk of hundreds of millions of dollars, as a result of virtualization and/or the cloud.
IT management assumes that their staff are diligently and accurately enumerating the risk, but more often than not, they do not have all of the pieces of SAM to do this. And more often than not, they don’t know what they don’t know. People make assumptions. Assumptions are okay if an organization does not care about spending millions of dollars they do not have on those pesky true-up exercises or, worse, if they think they can wriggle or negotiate out of a software compliance audit.