How to Prepare for an Oracle Audit
Audits can be a huge headache if you aren’t prepared for the work ahead. Understanding the audit process and where to start can take some of the pressure off. Here is an overview of the Oracle Audit process and a few tips to help you prepare for your next Oracle audit.
An Oracle audit compares a customer’s Oracle software license rights to the usage of that company’s Oracle products to assess license compliance. A company’s software license rights are specified contractually and it is common for any software company to conduct an audit of those rights to protect the value of its intellectual property.
The Oracle Audit process begins with a Notification Letter from Oracle License Management Services (“LMS”) and is generally addressed to the company’s C-level executive. This letter should reference the Oracle Audit Clause generally found in Section O of the Oracle License and Services Agreement (“OLSA”). It should also define the product scope of the audit, as well as, the specific Oracle License Consultant who will manage the engagement.
Next, Oracle will ask the customer to complete an Oracle Server Worksheet (“OSW”). The OSW is an Oracle template that is completed by the customer as a declaration of:
- What Oracle products are being deployed
- Specifications and configurations of the servers they are deployed on
The Data Collection phase follows the OSW process and includes a discovery and measurement process.
- The discovery process includes a tool that will scan the IT environment in order to locate all servers on which Oracle is installed. This is to verify that all servers have been listed on the OSW.
- The measurement process includes a tool that will verify the versions and features in use for all Oracle products in scope, as well as the server specifications and configurations of the servers they are deployed on.
Once Data Collection has been completed, the assigned Oracle License Consultant will reconcile the customer’s software license inventory against the usage, according to the Data Collection, and provide a Final Report displaying any overages or shortfalls.
The Oracle Audit Clause generally states that a customer will have 30 days to resolve any shortfalls. The resolution is not handled by Oracle LMS and instead is handed over to Oracle Sales. Outcomes can include purchases of Oracle software, retroactive fees, and potential upsell of additional products.
Finally, an Audit Close Letter will be issued. The Audit Close Letter will not be issued by Oracle LMS until the customer has come to a resolution agreement with Oracle Sales.
Most Oracle License and Service Agreements grant a 45 day period for customers to prepare and respond to the Audit Notification Letter. Prior to an Oracle audit:
- Customers should make sure they have the proper resources available to support an audit.
- Customers should be able to answer: Which licenses do we own and how can they be used?
- The customer’s procurement team should be readily available to verify which Oracle software licenses their company owns and the licenses’ restrictions, directly stated in the Order Document and OLSA if any.
- An IT manager or systems administrator should also be available to provide an overview of which Oracle products are being deployed and the IT infrastructure they are being deployed on.
- Customers should have an overview of all their license entitlements including the quantity owned, the type of license metric, and any restrictions to those licenses.
- Customers should assemble all their Order Documents and their corresponding OLSA. At a minimum, a customer should have copies of its annual Oracle Support Contract renewals. This will provide the quantities, metrics, and generally will state if there is a restriction on the licenses. The Oracle Support Contract will not provide the specifics of the restrictions. The restrictions can only be found in the Order Document and OLSA. The Oracle Support Contracts can easily be requested from Oracle Support.
Ensure that you completely understand your Order Documents and OLSA in detail.
In order to understand the granted rights, customers should review and understand their Oracle Order Documents and OLSA completely or seek professional advice. They should also have copies of their Order Documents and OLSA, but it is understandable that a few of these documents may have been misplaced for various reasons.
Every Order Document references a governing OLSA. Once a customer has received an Oracle Audit Notification Letter referencing the Oracle Audit Clause of a specific OLSA, a customer can request copies of the signed OLSA and the specific Order Documents that are related to that OLSA. Requesting the Order Documents will allow a customer to ensure that the product scope defined in the Audit Notification Letter is accurate.
Setup structured communications with Oracle.
Customers may have multiple employees throughout different departments that may be necessary to gather information for an Oracle audit. Communicating through a centralized point of contact is an important step to ensure completeness and consistency.
There are different options when it comes to running scripts.
A customer does not necessarily have to use Oracle scripts if they have another methodology to gather the proper usage data needed such as Oracle Enterprise Manager or a third-party SAM tools.
Using these steps above as a guideline will help you get started in the right direction when an Oracle Audit comes your way. Although these tips are helpful, circumstances for each audit can be different and will require deeper knowledge to get through the twists and turns of the audit process successfully.
Want some help?
Here at Anglepoint, our expertise allows us to aid organizations by educating them through the entire process, giving them the guidance, peace of mind, and confidence they need. Contact us today for more information about how our Oracle experts can help you in your audit prep endeavors. Contact Us at anglepoint.com/schedule