Each year, there are thousands of software audits executed worldwide by vendors and their designated third-party auditors, but no consistent approach to the conduct of these audits. There is significant variation between vendors on all aspects of the software audit process, making it difficult for a customer to develop a consistent approach to managing what is often a multi-vendor software estate.
This creates and adds to the tension between customers and vendors and disrupts the functioning of the software supply chain, which ultimately disadvantages both parties.
A code of conduct for software audits would help to alleviate this problem. It would also serve to codify market practice and provide a catalyst for improvement.
FTI Consulting LLP has developed a draft code of conduct (“the Code”) based on the authors’ many years’ experience in the software licensing industry and input and discussions with several software vendors and other parties.
The Code aims to capture and document reasonable market practice in software auditing, as currently there is no such document. Most suggestions in the market tend to be partisan, and those in academic and similar texts, such as they are, tend to be out of date, sometimes inaccurate and often out of touch with market practice.
Adoption of the Code by both the vendor and the customer would provide an agreed framework for the audit approach, and as a result, both parties would benefit from decreased tension and greater trust and a smoother and less disruptive process.
To read the case for a code of conduct for software licence audits please click here.