Knowledge Base

 

Overview

Software is an intangible asset protected by copyright and contract law. A legal right to use software is granted in accordance with the terms and conditions of the licence(s) purchased. Irrespective of the price paid for software, or whether the purchase was made with operational or capital funding, software must be recorded and managed to ensure compliance with the legal and contractual licence terms and conditions. If a software product is deployed to a device, then a licence is required for that software, irrespective of whether the software is used or not; if it is deployed, it requires a licence.

image

The Software Licence Management Framework

The implementation of an effective software licence framework will provide agencies with a structured approach to controlling and managing risks while maintaining this business critical asset.
It is important to realise that this is a continuing process and not a one off event. For a framework to be effective, it requires an equal contribution of people, software and processes. If the framework is lacking in one of these elements, then it will fail to realise any real benefit to the agency.
 

image

People

People are the resources required to complete the necessary tasks to implement a framework and to update and maintain it on an ongoing basis. It also requires the commitment of employees within an agency to follow the procedures that have been developed as part of the agency framework.

image

Software

Software is an integral part of the framework. It provides a mechanism to deploy software automatically and acts as a repository for licensing information, audits and protects the agency’s environment and provides functionality to users.
 

image

Processes

Processes define the instructions employees are to follow within the framework. If there are no formal processes in place, or if the people or software don’t support the procedures, then the framework will soon fail.
 
 

Why Organizations should maintain Software Licenses ?

There are significant benefits to all organisations in implementing a software licensing framework, in particular those organisations that have a complex software environment. Following are the benefits if implemented:

Savings may be achieved when:

  • The correct licence is purchased.
  • Licences are purchased under volume licensing agreements.
  • Licences are only purchased when needed
  • Maintenance is purchased within time
  • Licences may be upgraded, rather than purchasing new licences
  • Unutilised licences can be tracked, pooled and transferred to other assets as required

Employees will work more efficiently as time will not be wasted:

  • Looking for media
  • Supporting untested software
  • Searching for licences

Assist in the compilation of an accurate budget, as:

  • All maintenance renewal dates will have been captured.
  • Upgrades can be accurately calculated.
  • User base licence growth can be accurately calculated.
  • Details of licence ownership numbers is accurate.

Improves the organisations ability to manage their software to determine what:

  • Software is deployed
  • Software is in use
  • Hardware not in use

Risks of Not Managing Software

The risks involved in not implementing a framework should be highlighted in the business case. The risks will vary across organisations and be largely dependent on the size and complexity of its software environment. The following issues are examples of the types of risks the organisation may be vulnerable to:

Over Licensing

An organisation may become over licensed, for example full packaged product (FPP) is purchased by a employee and deployed onto their desktop, the licence is then stored in their filing cabinet and forgotten. When the agency conducts an audit and identifies that they are under-licensed for the product deployed, the purchase department purchases another licence for the application due to the perceived shortfall in licences. This results in additional unnecessary expenditure.

Under Licensing

If an organisation does not have a framework and adequate procedures in place, they are at greater risk of being under licensed, as products may have been deployed without following the correct protocol. Organisations and their CEO’s are at legal and financial risk of incurring costly legal fines, penalties and damage from respective software vendors if found to be under licensed during an external audit.

Increased Expenditure

Software licensing expenditure may increase unnecessarily because accurate software licensing information is not available to support organisations to make the appropriate commercial decision. For example, if the option is available, upgrading software licences may be cheaper than purchasing new licences. An organisation that does not keep track of their licence records will typically purchase new licences rather than upgrading as they will be unaware that they are entitled to do so.
Issues to be aware of include:

  • Purchasing under a volume licensing agreement rather than one off licences (FPP) on an as needs basis which may be more expensive
  • Deployment method of the product designates which licence type need to be purchased. Several different licences may be available for one product and an incorrect licence may easily be purchased where employees responsible for purchasing software have limited or no licensing knowledge
  • Recording all maintenance expiry dates for software. After the expiry date, new licences will need to be purchased, which can be significantly more expensive than upgrade licences that could have been purchased under the maintenance arrangement.

Security Breaches and Viruses

An inadequate framework may place the organisations environment at risk to security breaches such as viruses, or updates and/or patches are not being automatically or proactively installed.

No technical support or product upgrades

Keeping software maintenance up-to-date will reduce the risk that vendor technical support and/or product upgrades not being available when required and ensuring the software purchase department know what versions of products are installed so they can support the product deployed. Unlicensed deployments of non-standard software on networks will not be supported by any software vendors.

Software compatibility issues

Employees should not be able to load software that is not authorised or has not been tested, as software compatibility issues may occur. This may expose the agency to significant unexpected financial risk and operational impact, especially if compatibility issues arise with a mission critical application, then the repercussions can be immense. Therefore it is recommended that agencies establish Approved Software Lists to guide software procurement.