Gartner just released the Magic Quadrant for SAM Managed Services. See the Results

How to Prepare for a Quest Audit

 

Organizations all over the world are using Quest software. The company has been around since 1987, offering its solutions. Quite a bit has changed over the past 30-plus years and it’s important, if you use Quest software, that you have a good handle on Quest compliance. This article will dive into the most recent changes that have affected Quest’s compliance program and how organizations can prepare for potential audits.

The volume of Quest audits has increased considerably over the past few years. These audits have also become notoriously aggressive and some have even ended in legal escalations (see Nike Lawsuit). There are reasons for the uptick in audit quantity and vigor, which we will now explain.

Quest Software launched its compliance program in 2010/2011, with an executive mandate that stipulated that Compliance activity must be:

  • Sensitive to Quest customer relationships
  • Take appropriate steps to protect Quests Intellectual Property (IP)

Over time, with the shifting fortunes of the company, and changes across management and leadership, the compliance program was maneuvered into a program that was first and foremost a revenue-generating program.

Today, Quest is owned by a venture capital company, where the business plan focuses on delivering a return on their considerable investment until a decision is made regarding divesting their assets or taking Quest Software through an IPO. Obviously, key to the success is to maximize revenues and having brought in a leadership team largely made up of Ex-Attachmate executives, it should be no surprise that Compliance is central to their business strategy.

So, we know that Quest will look to drive a major portion of their business via compliance audits and considering Attachmate’s old reputation for being litigious, everybody who owns Quest products will be taking steps to manage and control their Quest software portfolio….right?

Probably not; Quest is not generally seen as a strategic software publisher and most End User IT or SAM functions have little appreciation of the potential compliance risks that are inherent within their Quest Software portfolio. This will ultimately be realized when Quest comes knocking on the door and large 6 or 7 digit compliance results cause some consternation amongst the executives.

So, where to start? Well, a good starting point would be to take a look at our Risk Assessment Questions below. If you answer “NO” to any of the questions, we would strongly suggest that you read the rest of the article and watch our webinar HERE. In addition, we recommend that you meet with a Quest expert here at Anglepoint to discuss your Quest product portfolio.

Risk Assessment Questions

  1. Has your organization ever completed a review of your Quest entitlements and consumption?
  2. Do you know how to count license consumption for all of your Quest products?
  3. Do you have a clear understanding of the contracts and license metrics that govern your utilization of Quest products?
  4. Do you know where all the Quest products are deployed across your workstations, servers, and virtual infrastructure?

Answering no to any one of these questions means that your organization could be exposed to risks of non-compliance across your Quest products. If you answered NO to two or more, then that would suggest that your organization needs to take urgent and immediate steps to review your Quest inventory.

To start that process and to get a handle on your Quest products and all of the complexities that are commonplace, here are some key recommendations:

  1. Review all of your contracts and understand the obligations you have in respect of managing the products you own.
    • Unfortunately, a lot of Terms and Conditions are included in Quest’s quotation and purchase orders, so it will be a two-step process.
  2. Determine if there has been any historical or operational changes that could have impacted your responsibilities, such as M&A and divestiture, geographical office openings, etc.
  3. Establish what products your organization is using and ensure you have a clear understanding of the license metrics those products are regulated by.
    • Products and License metrics will have changed over time with Quest, so make sure you are able to interpret how these changes will impact your company.
  4. Determine if your company has the tools to deploy in your environment to establish an accurate Quest footprint and then reach out to determine how many licenses are being consumed.
    • Quest has a complex set of products, so being able to track editions, versions, and license keys will be an essential aspect to doing this effectively.
  5. Once your organization has collected all of the Quest data, your SAM or IT group will need to interpret the information to determine coverage levels, software utilization, and potential risks?
    • Quest has over 200 software titles covered by more than 150 license units of measure (UOM).
    • Being able to determine consumption criteria is not going to be straightforward.

If you are already in receipt of a Quest audit notification, then perhaps the recommendations are a little late in helping your organization take a proactive stance to compliance. However, talking to Anglepoint means that you could still get the support you need to help manage the audit process and ensure your organization is fully briefed and in control of the actions and steps that will be needed to coordinate a Quest Software Audit.

Who Is Anglepoint?
Anglepoint is an industry leader in the SAM Services space, with professional experts who have decades of experience and deep sectorial and vendor knowledge that spans 25+ software publishers. Coupled with our alliances with the major SAM tool providers, Anglepoint is uniquely positioned to enable your organizations to take control and keep control over your software assets.

Contact us to see how we can help with your Quest software needs.