Software asset management involves staying on top of compliance. SOX compels CEOs and CFOs to attest to reporting clean financials and reporting material changes regularly. Here’s the gotcha moment: SOX also requires them to be compliant with copyright law, which is what gives teeth to vendor audits by the likes of Oracle, Microsoft, Adobe and many of our beloved enterprise software vendors. So in the spirit of CYA, ensure that you have what you need to be compliant.
All leading software companies, with Adobe being the most aggressive, will eventually come around to do an audit. The chance of not being audited would equate to the chance of it not raining at all during the year. Software is intellectual property that should be and will be guarded jealously by vendors. When they asked Willie Sutton why he robbed banks, he replied simply “because that’s where the money is”. Auditing pays and as much as companies gripe about it, they understand that it is a license to borrow and not a license to own the software or service.
All too often, mid-level decision makers feel they’re protecting their enterprise by not owning up to a potential compliance problem when in fact they should be “kicking it upstairs” and making it the C-level’s problem. To use another favorite adage of mine, they need to help their boss’s avoid the “you can’t manage what you don’t know” syndrome. And it goes almost without saying: it’s good CYA.
Non-public companies don’t face SOX, but with increased accounting standards and ever-tightening money lending covenants, compliance is becoming part of that, too. When you apply for a mortgage, you’re asked for your liabilities, including whether there’s a legal action filed against you. Lenders want to know about your exposure, and compliance shortfalls are an exposure.
Software asset management is our business and every company should make it theirs.