If a company has unlicensed software running in its system, a software trade association may force it to undergo a software audit–a time-consuming and costly process (read “Program Pirates“). Robert Weiss, a partner at Neal, Gerber & Eisenberg who specializes in information technology law, has some tips for creating a coherent software asset management program, so companies can avoid the frustrating experience:
“It’s easy to misunderstand the whole concept and think that you can achieve a good software asset management program just by installing some kind of tool that monitors software use in a company. But really, it’s more of a process and procedure than just a tool. A good one should involve a number of departments in a company.
“You want to involve someone from your IT department because you want someone who’s in charge of installing the software. You want someone from HR because people in HR implement employeewide policies, and part of software asset management is making sure employees don’t inappropriately install software that’s unlicensed. You want someone from your legal department to make sure they’re staying on top of licenses and compliance within the company. And you’d probably want to involve somebody from your finance department to make sure they’re keeping track of all your purchase records of software and carefully projecting future software needs.
“Having said that, it’s not a bad idea to assign a single person in charge of software asset management to make sure the policy is being complied with.
“A good program has a number of different elements. The first one has to do with budgeting. A lot of times a company doesn’t think about software as its own specific line item. It gets folded into other budget components. But it’s good to have a separate expenditure line item for software. That helps you stay on top of what you’re spending on software and anticipate future needs and avoid excess spending.
“Another important part of budgeting is to control upgrades. If you obtain a good understanding of how software is being used in your company, it helps you to only purchase upgrades to software where new features will be used. A lot of companies have a tendency to just upgrade and buy new versions without thought. But if you’re checking with your employees as to what they’re using or needing, it can help you avoid mindlessly buying new releases, which can get expensive and unnecessary.
“Keep communications going with your employees about what they’re using and what they think they need to use. If you have a good handle on their software needs, they’re less likely to go out on their own and try to install software.
“Another component is having a software purchasing policy. It’s a good idea to maintain a good relationship with your software vendor. [If you get audited] you may find yourself needing to talk with your vendor to understand what their records say you have currently licensed. A lot of companies end up losing the paperwork. It’s good to periodically try to verify your purchase records with the vendor.
“It’s important to retain invoices showing you’ve paid for the original software product and any upgrades you’ve acquired over time. It’s not sufficient to just have invoices for the upgrades.
“Try to centralize purchasing of software and make sure software purchases are approved by some layer of your company’s management. What you want to avoid is having software be purchased in the name of different affiliates or subsidiaries. Company policy should prohibit direct purchasing and software downloads by any employee. It’s also a good idea to implement some technical controls, because it’s easy enough to limit administration rights on your company’s network.”