Software audits: how do they work and how can you protect yourself?
Software audits are a proven business model for suppliers and an expensive surprise for customers. How does an audit work, which suppliers conduct them, and how can you protect yourself?
- 1 March 2025
- 5 min
A software audit is an unexpected and costly surprise for many organisations. Suppliers send a letter, demand insight into software usage, and the outcome often leads to additional charges ranging from tens of thousands to millions of euros. How does it work exactly, and how can you protect yourself?
How does a software audit work?
Almost every enterprise software contract contains an audit clause. This gives the supplier the right to, with some notice, verify whether you use the software in accordance with the licence agreement. In practice, an audit proceeds in three steps:
Notification: The supplier or an external audit party (often KPMG, Deloitte or a specialised firm) sends a formal audit notice
Inventory: You are asked to provide data about software installations, users, servers and deployment environments
Outcome: The auditor compares the actual deployment with the purchased licences. Discrepancies lead to additional charges
Why are audits being conducted more frequently?
Software audits are a proven business model for suppliers. With large customers, an audit almost always yields results – licence models are complex, rules change regularly and most organisations do not keep an up-to-date licence overview.
Factors increasing the likelihood of an audit: contract renewal is approaching, the organisation has grown or merged, the supplier has been acquired (such as VMware by Broadcom), or the supplier has released new product versions with changed licence terms.
How can you protect yourself?
The best protection is preparation:
Keep an up-to-date licence overview. Know what you have purchased, what is installed, and how many active users there are
Read the audit clause. How much notice must the supplier give? How long can the audit last? Who bears the costs?
Do not react immediately. After receiving an audit notification you always have room to respond. Seek guidance from an independent party before sharing data
Negotiate the outcome. Even if there is a discrepancy, additional charges are negotiable. A supplier has an interest in maintaining the relationship
Frequently Asked Questions
The most commonly asked questions on this topic.
What is a software audit?
A software audit is a formal inspection conducted by a software supplier or an external auditor to verify whether an organisation uses its software according to the licence agreement. Audit rights are standardly included in virtually all enterprise software contracts.
Which suppliers conduct audits?
Almost all major software suppliers, including Microsoft, Oracle, SAP, IBM, Adobe, Autodesk, regularly conduct audits with customers. Tier 2 & 3 suppliers do so less frequently, but the right is always contractually reserved.
What are the consequences of a negative audit?
Additional charges plus penalties, sometimes amounting to two or three times the normal licence price. Additionally, the supplier can demand that you immediately purchase additional licences on their terms, without room for negotiation.
Ready to save on software?
SoftVaro negotiates the best deal on your behalf with over 4,000 suppliers. Independent, transparent, within 24 hours.