How to Audit an Existing Microsoft Enterprise Agreement
- Review License Inventory: Check software and users covered.
- Evaluate Agreement Terms: Assess license counts and usage.
- Check Compliance: Compare actual usage with the agreement.
- Analyze Renewal Options: Review terms for renewal or extension.
- Verify True-up Process: Ensure adjustments are correctly handled.
How to Audit an Existing Microsoft Enterprise Agreement
A Microsoft Enterprise Agreement (EA) is a critical contract for organizations that rely on Microsoft’s suite of software and services.
However, managing an EA can be complex, particularly when maintaining compliance with licensing terms and optimizing costs.
Auditing your EA is essential to avoid unexpected penalties and ensure your software deployments align with the agreed-upon terms.
This article provides a comprehensive guide on conducting a thorough audit of your Microsoft EA, from pre-audit preparation to post-audit remediation.
Understanding the Importance of EA Audits
A Microsoft EA audit involves an internal review of software licenses, deployments, and usage, helping organizations identify discrepancies and compliance gaps.
Regular audits are crucial because they prevent compliance issues that might otherwise result in significant financial penalties. In some cases, Microsoft performs formal audits every three to five years, targeting enterprise customers to verify proper usage and licensing.
Proactively auditing your EA reduces the likelihood of issues arising during these formal Microsoft audits, allowing you to correct problems in advance and avoid costly fines.
Moreover, an audit helps optimize your licensing costs by identifying underutilized resources or over-licensed products that can be scaled back to achieve savings.
Pre-Audit Preparation
Before diving into the audit process, gathering the necessary documentation and assembling the right team is important. This preparation is essential to ensure your audit is as effective as possible.
Assemble Your Audit Team
A successful EA audit requires input from several key stakeholders within your organization. Depending on the size and complexity of your IT infrastructure, you may want to assemble a team that includes the following roles:
- IT Infrastructure Specialists: These professionals will provide insight into your environment’s actual software deployments, configurations, and usage.
- Procurement Managers: Procurement experts ensure that all purchases are properly documented and aligned with the terms of the EA.
- License Administrators manage license assignments, track license usage, and verify compliance with the EA’s terms.
- Legal Representatives: Legal experts help interpret the EA’s contractual language and advise on the legal implications of potential non-compliance.
Gather Documentation
The next step in the pre-audit process is collecting all relevant EA documentation. This includes:
- Enterprise Agreement Contract: This is the foundational document that outlines the EA’s terms, scope, and conditions.
- License Statements: These statements provide an overview of all licenses your organization holds under the agreement.
- Purchase Records: Records of software purchases made under the EA, including product versions and quantities.
- True-Up Reports: These reports show adjustments to your licensing based on changes in usage over time.
- Deployment Records: Detailed records of software installations and activations across your organization’s infrastructure.
Conducting the Audit
Once the pre-audit phase is complete, you can begin the audit process. This involves evaluating your software inventory, analyzing license entitlements, and checking for compliance with the terms of your EA and Microsoft’s product use rights.
Software Inventory Assessment
The first step in the audit process is to create a comprehensive inventory of all Microsoft products deployed within your organization. This includes both enterprise products and any additional products you may be using.
- Enterprise Products: These are core software products like Office Professional, Windows Server, and the Windows operating system typically covered under the EA.
- Additional Products: These may include Visio, Project, or other Microsoft software that is not part of the standard enterprise suite.
- Online Services Subscriptions: Microsoft’s cloud offerings, such as Office 365, Microsoft 365, and Azure subscriptions, should also be included in the inventory.
License Entitlement Analysis
Once you have a clear inventory of deployed software, the next step is to analyze your license entitlements. This involves comparing the software deployed in your environment to the number and type of licenses your organization is entitled to under the EA.
- Review All Active Subscriptions: Ensure all subscriptions and licenses are accounted for, including any renewals or changes made since the last true-up.
- Verify License Assignments: Ensure licenses are correctly assigned to users and devices. This includes verifying that an appropriate license covers each deployment.
- Check Compliance with Product Use Rights: Each Microsoft product comes with specific use rights, which can include restrictions on how the software is used or deployed. Ensure that these rights are adhered to.
- Document Any Over-Deployment or Under-Utilization: Identify instances where your organization is over-deployed (using more licenses than necessary) or under-utilizing its licensed software (licenses not being used effectively).
Read about Microsoft EA for Public and Governments.
Key Areas to Examine
When auditing your EA, it is essential to pay close attention to specific areas where compliance issues are most likely to occur.
These include user-based and device-based licensing, as well as the true-up process.
User-Based Licensing
For user-based licenses, the audit should focus on:
- Counting Active Users: Ensure that the number of licenses assigned to users aligns with the number of actual users in your organization.
- Reviewing Access Rights: Check whether users have access rights that are appropriate for their roles and whether those access rights align with their assigned licenses.
- Checking Assignment Policies: Ensure that your organization follows a consistent policy for assigning licenses, such as only assigning licenses to employees who need them.
- Verifying Qualification for User Licenses: Some licenses have specific qualifications (e.g., employees vs. contractors). Verify that all user licenses meet these requirements.
Device-Based Licensing
For device-based licenses, you’ll need to assess:
- Hardware Inventory Analysis: Conduct a detailed inventory of all hardware devices within your organization using Microsoft software.
- Operating System Deployments: Verify that the number of device-based licenses matches the number of devices running the operating system covered by the EA.
- Device Access Rights: Check whether devices that access Microsoft services, such as Office 365, are licensed appropriately.
- Virtual Machine Usage: Virtual environments like virtual machines (VMs) can complicate license compliance. Ensure that any VMs are licensed correctly according to Microsoft’s virtualization rules.
True-Up Considerations
The true-up process is critical to the EA, ensuring that your organization accurately reports software usage. During the audit, you’ll need to verify the following:
- Annual Review Process: The true-up process requires accurate reporting of any increase in software usage (e.g., new users, new devices) and adjustments for any decrease in usage (e.g., software retirements, staff reductions). Verify that these adjustments are properly documented.
- Timing Requirements: The true-up report must be submitted to Microsoft at least 30 days before the anniversary of your agreement. Ensure all changes since the initial order are accounted for, including product additions or removals.
Common Compliance Issues
Organizations often encounter several common compliance issues when managing a Microsoft EA. These include:
- SQL Server Edition Mismatches: The various editions of SQL Server can make licensing complex. Based on your licensing entitlements, ensure that the correct edition is deployed.
- Windows Server Core Licensing: For Windows Server, it’s important to ensure that you have the correct number of cores licensed. Core-based licensing can be tricky if you’re not careful about how you count physical cores.
- Office 365 Subscription Alignment: Ensure that your Office 365 subscriptions align with the number of users and devices accessing the service.
- CAL Coverage Gaps: Client Access Licenses (CALs) are often a source of compliance gaps. Ensure all necessary CALs are properly assigned and cover all users and devices.
Usage Rights Violations
Other common issues include:
- Incorrect Product Edition Deployment: Deploying a more expensive product edition than required can lead to unnecessary over-licensing.
- Virtual Environment Compliance: Virtual environments, particularly concerning software like Windows Server and SQL Server, often have specific licensing rules.
- Geographic Usage Restrictions: Microsoft’s licensing agreements sometimes have geographic limitations, so it’s important to ensure these restrictions use the software.
- License Transfer Violations: Licenses are often not transferable across different environments or entities, so adhere to Microsoft’s transfer rules.
Best Practices for Ongoing Compliance
An EA audit is not a one-time event; ongoing compliance monitoring and management are essential to maintaining a compliant and optimized licensing environment.
Regular Monitoring
Implement a process for regularly reviewing your Microsoft licensing:
- Quarterly Internal Reviews: Conduct quarterly reviews of your license usage to catch potential compliance issues early.
- Microsoft’s Assessment Tools: Microsoft provides various tools, including the Microsoft License Statement and the Microsoft Assessment and Planning Toolkit, to help organizations assess their licensing compliance.
- Document All Software Changes: Maintain detailed records of any software changes, whether they involve new deployments, upgrades, or removals.
- Maintain Detailed Deployment Records. These records are essential for tracking software usage and ensuring that deployments align with license entitlements.
Process Implementation
To maintain ongoing compliance, implement clear processes for:
- New Software Deployments: Establish procedures for evaluating the licensing implications of new software deployments before they occur.
- License Assignments: Develop a policy for assigning licenses to users and devices and enforce this policy consistently.
- User Onboarding/Offboarding: Ensure licenses are assigned when new employees join and removed promptly when employees leave the organization.
- Virtual Machine Provisioning: Implement a consistent process for ensuring that virtual machines are licensed properly and that new VMs are appropriately accounted for.
Remediation Strategies
If gaps in compliance are discovered, address them promptly:
- Document All Findings: Ensure that any compliance gaps discovered during the audit are thoroughly documented.
- Develop Correction Plans: Work with your procurement and legal teams to develop a plan to address compliance gaps, such as purchasing additional licenses or removing unnecessary software.
- Consider License Optimization: If your organization is over-licensed, explore opportunities to optimize your licenses, such as downgrading to less expensive editions or consolidating licenses.
Read our article on best practices for managing your Microsoft EA for large enterprises.
FAQ: How to Audit an Existing Microsoft Enterprise Agreement
What is an Enterprise Agreement?
An Enterprise Agreement (EA) is a Microsoft licensing contract for large organizations offering discounts for bulk purchases.
Why is auditing important?
Auditing ensures compliance and helps identify unused or over-licensed software, which can lead to cost savings.
How often should I audit my EA?
It’s recommended to audit annually, particularly before renewal or true-up.
What does “true-up” mean in EA?
True-up refers to reconciling the difference between the licenses purchased and the actual usage.
What documents should I review during an audit?
Review the signed contract, usage reports, invoices, and license assignments.
How can I verify software usage?
Use Software Asset Management (SAM) tools to track usage and ensure compliance.
Can I audit past agreements?
Enrolling past agreements helps identify overpayment or unused licenses that may be reclaimed.
How do I check license compliance?
Ensure the number of licenses matches actual usage and that the software is not being used beyond its terms.
What is a Software Asset Management (SAM) tool?
SAM tools track software deployments and usage to help ensure license compliance and avoid over-deployment.
Should I involve Microsoft or my reseller in the audit?
Yes, they can help clarify terms and resolve discrepancies during the audit.
How do I check the number of licensed users?
Review the user count provided by your SAM tool or Microsoft usage reports.
What is the risk of not auditing my EA?
Failure to audit could lead to non-compliance, costly fines, and unnecessary software expenses.
How can I identify unused licenses?
Look for software not actively used or assignable to another department to maximize license value.
What happens if I have too many licenses?
You may be overpaying. Unused licenses can often be reallocated or removed to reduce costs.
Is it necessary to perform a manual audit?
Manual audits help verify details, but SAM tools can automate much of the process, saving time.