You won the luck of the draw and you receive the letter from Microsoft that kindly informs you that there will be an audit of your environment and your licenses. What do you do?
This is a situation that is becoming more and more common for Mirazon’s clients. I’ve been selling and managing Microsoft licenses at Mirazon for over seven years, and in the first six years, I helped maybe one or two clients who faced an audit from Microsoft. In the last 18 months, I have seen at least four.
It seems that Microsoft is currently cracking down on customers, just to make sure everyone is staying in compliance. So, in this series of blog posts I will cover what you need to know about Microsoft audits.
Types of Audits
The first thing you need to understand is that there are different types of audits conducted by Microsoft. Sometimes, Microsoft has you conduct a “self-audit” where you do all the work (with the help of a consulting company like Mirazon) and sometimes Microsoft will take a more leading role in the process and leverage some of their own resources.
If you are a small business, then chances are that Microsoft will not bother you with any sort of audit. They have bigger fish to fry. But if they do, then chances are that they will ask you to conduct a “Self-Certification Audit.”
For a self-audit, you will need to examine what you have installed, how many users you have, and what licenses you own. If everything matches up, then you just tell Microsoft and go happily on your way. If you find that you are deficient in your licenses, then you will need to correct that problem and report back to Microsoft that you are back in compliance. In our next blog post, we will cover a step-by-step process for this type of audit.
If you are a large company and you have an Enterprise or Select Agreement with Microsoft, then you probably are already used to Microsoft asking you to count your devices, users, and licenses to make sure they match up. You should be doing this every year as part of your “True Up/True Down” process.
But, if you get audited by Microsoft, chances are that it is not going to be a self-audit. Instead Microsoft is probably going to take a leading role in the process and be heavily involved.
And the same thing can happen to smaller customers as well, so you should read that letter from Microsoft carefully. One of our clients recently received a letter that I assumed was going to ask them to do a self-audit, but it turned out that Microsoft was conducting a “Software Asset Management Review.”
In this type of audit, you will be asked to complete part of the process, but Microsoft will be leveraging their own resources to complete the rest. Although it may not be obvious at first, there are actually some advantages to this: instead of putting the time and money for this process entirely on the shoulders of the customer, Microsoft will carry some of the burden. In the final post of this series, we will provide some suggested procedures for this type of audit.
In either type of audit, if you cooperate (or perhaps a better way to put it is “come along quietly”) then usually the process is friendly: Microsoft will grant you deadline extensions if you need them, they will send you the licensing information they have on file for your company to help grease the wheels, and although you will be required to correct any licensing deficiencies you will usually not be fined for being out of compliance (at least, that has been my experience).
However, if you don’t cooperate, then things could get ugly. So, just accept the fact that this is a necessary evil and get it done.
Our next post will cover how to survive a self-audit.