The ITAM Review

News, reviews and resources for worldwide ITAM, SAM and Licensing professionals.

Six Ways to Attract a Vendor Audit

Head in Hands Are you bored at work? Do you fancy a new challenge? How about the prospect of attracting lots of board level attention, the threat of legal action, loss of IT jobs, enormous punitive charges and all round fire fighting with a vendor audit?

Simply follow this quick guide and you’ll soon be attracting vendor audits quicker than you can say “Six Figure Settlement”!


Firstly, ensure all your employees are aware that they can earn a juicy reward for an anonymous tip-off regarding piracy to the BSA. There is currently a £10,000 reward in the UK and in the US the reward is on a sliding scale between $5,000 to $1,000,000.00. For example Associated Healthcare had to pay a $50,000.00 settlement as a result of an anonymous report filed on


Don’t worry about keeping copies of historical licensing documentation or licenses; your vendor is sure to keep an accurate copy of this for you. Especially OEM licenses and all those dusty boxes – throw them away! You can rely on your vendor to keep an accurate track of your purchase data. If your vendor asks simply say “Sorry we lost it – please let us know what we have”. 


Phone up your vendor regularly and ask lots of stupid licensing questions that demonstrate that you are ripe for plucking. The goal is to make it clear to your vendor you have no care for intellectual property by making statement such as “We have no idea what we’re using, our guys install whatever they want” and “Oh, I thought that was free”.


One of the key triggers that initiate a vendor audit is through third party data mining of public data. For example a vendor might use third party data from a company such as Dunn & Bradstreet (or by looking at your company website) to establish that you have 20,000 employees, and then compare that figure to your purchase history which states you have bought only 10,000 licenses of an email client. This discrepancy represents a ‘lead’ for the audit team to investigate. Set many traps like this to ensure audits on a regular basis.


Once you have attracted at least one audit – why not introduce the sales reps from your other vendors to each other so that everyone is aware of your flagrant piracy violations. A tip off regarding one software vendor often leads to several vendors filing suit.


Make sure everyone in your company has access to all the software CD’s they need, for convenience why not burn extra copies and stick post-it notes with the license keys written on them? Remember convenience and ‘keeping the company going’ is more important that paying for licenses. Somebody else can sort that out later. Make sure plenty of these CD’s are lying around when your vendor comes to visit.

What other tips would you recommend to guarantee some audit activity from your vendor?

About Martin Thompson

Martin is owner and founder of The ITAM Review, an online resource for worldwide ITAM professionals. The ITAM Review is best known for its weekly newsletter of all the latest industry updates, LISA training platform, Excellence Awards and conferences in UK, USA and Australia.

Martin is also the founder of ITAM Forum, a not-for-profit trade body for the ITAM industry created to raise the profile of the profession and bring an organisational certification to market. On a voluntary basis Martin is a contributor to ISO WG21 which develops the ITAM International Standard ISO/IEC 19770.

He is also the author of the book "Practical ITAM - The essential guide for IT Asset Managers", a book that describes how to get started and make a difference in the field of IT Asset Management. In addition, Martin developed the PITAM training course and certification.

Prior to founding the ITAM Review in 2008 Martin worked for Centennial Software (Ivanti), Silicon Graphics, CA Technologies and Computer 2000 (Tech Data).

When not working, Martin likes to Ski, Hike, Motorbike and spend time with his young family.

Connect with Martin on LinkedIn.


  1. Rajat says:

    Very Nice..!!

  2. Sandi Conrad says:

    Nicely said Martin! I especially like point #2. Even worse is when buying

    OEM to assume that the vendor can pull off a report when needed that will verify the purchases, so therefore they don’t need to worry

    about putting those pesky stickers on the computers.

  3. In the same vein — Definitely

    make sure you get rid of historical contracts, particularly if you are on a legacy license metric that’s no longer supported because the

    vendor doesn’t make as much money with it. The vendor will certainly be generous with their interpretation of what’s in there!

  4. Right on target. Especially points 3 and 5. 🙂

  5. Right on target. Especially points 3 and 5. 🙂

  6. Jeff Jones says:

    Great list! For many enterprise software titles, I would add one more:

    1.) Never update old license metrics, and respond to all vendor inquires with the same response: “Oh, that new server is covered by our

    old 1995 licenses under the old metric”. Believe it or not, most vendors don’t believe that you would have actually predicted modern-

    day usage 15 years ago, and this will certainly invite an audit (even if your statement is accurate). And once the fox is in the


  7. Jason Keogh says:

    Merge or be acquired… M&A activity often invalidates large vendor custom license

    agreements, ELA’s etc. as they are only valid with the organisation they were originally agreed with.

    This is a hard one to avoid


  8. Jason Keogh says:

    Merge or be acquired… M&A activity often invalidates large vendor custom license agreements, ELA’s etc. as they are only valid with the organisation they were originally agreed with.

    This is a hard one to avoid though…

  9. Cameron Cook says:

    Awesome! Liked it so much I forwarded it to my IT Asset Management team!

Leave a Comment