This is an Oracle license audit guide written to make it easy to search for the answers that you need to manage the audit. Its designed to tell you what you should ask yourself to better prepare and complete the engagement successfully. This is written by Oracle licensing experts who has worked for Oracle conducting audits and now as consultants helping over 100 companies defend themselves in Oracle audits. The article will cover Oracle license audit process and what are the most common reasons customers are non-compliant with Oracle. Then we provide recommendations on how to manage the audit. The first recommendation we can give is that dont face an Oracle licensing audit alone.
Audits are a big part of Oracle license revenue. We estimate that 50% of all Oracle software license revenue streams from license audits. Oracle audits works like this; Every year the Oracle account team needs to nominate a customer suited for a license audit. The customers selected for audits are rarely randomly chosen.
After the license audit has been conducted, Oracle will present a report that is worst case scenario with the highest amount of fees paid to Oracle. This is a normal practice among software vendors and Oracle is not different. However, the license report is designed in a way that it looks at the most expensive licensing models to cover the license need.
There are also grey areas that deals with Oracle licensing and Oracle views the customer licensing most favorably to Oracle. That is where you need Oracle licensing expertise to articulate the licensing policy in the end customer favor and not Oracle. You can read about Oracle LMS compliance policy
Oracle usually audits customers every 36 months, but the time difference can vary, if you are a Oracle customer who in the past have been found to be out of compliance with your Oracle software license agreements, you are more likely to be audited again. The same goes if you decline to purchase Oracle software licenses and cloud you are more likely to be audited by Oracle. Oracle audits are difficult to manage because there are very few software tools that can accurately measure your Oracle licenses. It usually requires a combination of software and expert knowledge to accurately measure Oracle licenses.
Audits can be easy to manage if you are pro-active when you receive the audit notification letter from Oracle. You should quickly engage with an Oracle license expert to help you understand your licensing position before the audit begins. If you do so there is a strong chance you will pay zero to Oracle after the official license audit has been completed.
Oracle audit process is something that companies must master in order to take control and make sure mistakes and avoidable fees to Oracle are paid. This article is providing a high level introduction for the 4 major steps of an Oracle audit. Remember that you have 45 days to reply to the Oracle audit, that means you have 45 days to review your Oracle licensing and come up with an Oracle audit defense plan.
Oracle LMS will send a notification letter to your CFO / CIO or both, notifying you that Oracle intention is to perform an audit of your Oracle software licenses. The letter has a friendly tone and either indicates that the license audit will be conducted by Oracle of if Oracle would like an Oracle reseller / partner to conduct the audit on their behalf. Many audits are conducted by Oracle resellers
During the kickoff meeting Oracle wants to agree on a timeline for you to share all the necessary data. As Oracle is completely dependent on you co-operating and providing them with the data about your IT infrastructure, they are reliant on you running their Oracle LMS scripts or Oracle license compliance tools.
Oracle provides you with access to a web-based license audit portal where you are asked to answer a questionnaire about your Oracle usage. Be careful to provide the correct information in this portal. You can then download the Oracle LMS scripts Oracle wants you to run and then upload the output in the same portal. Our advice is to not share any data with Oracle you have not yet analyzed independently.
You will receive the report approx. 4-6 weeks after you have shared the data with Oracle.
The report is almost always a “preliminary report” where Oracle asks you to review the findings and ask if you agree to them. If you are at this stage, do not agree with the findings until you have had an Oracle licensing expert provide a 2nd review of the license audit findings.
The reports are almost always issues in the 2nd month of Oracle financial quarter, as you have 30 days to purchase licenses for any shortfalls identified in the reports. Hence the 2nd month is when you can expect the report.
You must have the right documentation and skills to successfully complete an Oracle software licensing audit to avoid the potential risks. This type of audit is complex and requires a lot documentation. Global License Advisory Services (GLAS) is the name of the Oracle department that handles licensing audits.
License rules are enforced by Oracle’s License Management Services Division. Most cases are complicated when it comes to licensing agreements between software vendors and customers. The license audit is dependent on the cooperation of end-users. The license agreement includes a clause about audit rights. Oracle gives notice 45 days before the licensing audit so customers have time to prepare. Oracle also conducts licensing audits in order to protect intellectual property rights of software developers.
An Oracle audit can result in unexpected costs. It is important to manage license entitlements to avoid additional costs. An internal audit can be used to determine license entitlements and actual deployable usage. Companies could miss vital information or take unnecessary risks if they don’t have the documentation. Although it is best to seek help before the Oracle licensing audit letter arrives, it is not too late to hire independent license experts. Even if an audit letter is sent in the middle, licensing experts can help you save time and provide guidance.
If you want to know more how independent license experts can help you Oracle audit negotiations support – audit advisors will help covers the topic in detail.
Frequently asked
Oracle LMS stands for Oracle License Management Services and is Oracle official audit organization that reports up to Oracle CFO. It does not report to Oracle sales organization. In 2020 Oracle renamed that organization to Oracle Global License Advisory Services (GLAS). The organization is divided into several groups, the main workforce is based in Bucharest Romania where they conduct all the licensing analysis of Oracle LMS script outputs, such as database outputs, middleware outputs and Oracle application outputs.
There are local members in most countries/regions of the world. They act as a project manager / face of the Oracle license audit. They will host all Oracle license audit meetings, create the audit project plan and present and write the audit report. They are closely aligned with the local sales teams to decide which Oracle customers are selected for Oracle license audits. The bulk of the Oracle licensing audit work is done by the technical analysts in Romania.
Oracle LMS does not negotiate any commercial contracts with its end customers, this is managed by Oracle sales organization. Oracle sales teams and LMS likes to play the game “good and bad cop”. Don’t be fooled by this, Oracle sales teams pulls all the strings at Oracle.
Oracle JPE is short for Joint Partner Engagement. It is Oracle initiative to use Oracle resellers to conduct and manage Oracle license audits. The JPE partners are not paid any consulting fees by Oracle and only rewarded if they are able to resell licenses to cover any shortfall in Oracle license audit report.
Warning: This is obviously a red flag for anyone who knows Oracle licensing. Oracle licensing around many topics such as Virtualization, Cloud and DR is vague and is open for interpretation. To have an company managing software audits with incentive to resell more licenses is questionable- you can imagine that the Oracle licensing interpretations are not favourable to the end customer.
Oracle SIA is short for Oracle Software Investment Advisory. Former ex-Oracle LMS auditors accounts for 80% of its staff. Oracle started an initiative to help more customers to Oracle cloud and educate and train its customers about Oracle licensing topics. A noble mission, however, the results are clear for everyone. Many Oracle customers who started conversations with Oracle SIA about their licensing got surprised. When Oracle SIA discovered non-compliance during those educational sessions, they turned help into threats of official Oracle license audit unless a purchase for new licenses were done.
Recommendation: Ask for independent advice on Oracle licensing, not from the vendor.
Oracle LMSCollection Tool is Oracle in-house developed set of scripts for measuring its customers Oracle software environments. Oracle customers are allowed to use this script for measuring Oracle licenses, however the difficulty comes into being able to correctly interpret the output towards a license requirement. The Oracle LMS scripts cover Oracle Database products and all its options, Oracle middleware products and Oracle E-business Suite, Oracle Siebel licensing, Primavera licensing, Peoplesoft licensing and JD Edwards licensing.
Our recommendation – if you want independent advice on Oracle licensing or cloud, you should work with a third party that is not incentivized to push you into one direction.
If you are under an Oracle license audit and need Oracle audit support, contact us and we can start immediately.
Oracle is well-known for regularly auditing customers. Although it is a major source of revenue, license audits can be a frustrating problem for well-intentioned businesses. This audit is often difficult to understand and can lead companies to not comply with Oracle’s licensing obligations. Companies can avoid significant fines by being aware of the risks and taking compliance measures.
Users may feel tempted to end validation if they notice an increase in Oracle licenses. Although they may believe that Oracle has a complete list of all their licenses at once, this is not often the case. Instead of comparing their license lists with the actual agreements, they should look at the underlying agreements to determine if they are in violation of any terms. They should also verify that Oracle has registered the license metrics.
A notification letter from Oracle is the first step of the process. The letter includes a list all legal entities using Oracle software. It also asks for the CIO/CFO to be the single point of contact in the audit. These audits can be conducted by Oracle’s License Management Services and may involve any number of other parties. As part of their business strategy, Oracle sales representatives might also initiate license audits in some countries.
Our recommendation is to follow the guidelines we lay out in the, but if you have the chance use an external expert to help you reduce the claims by 90%+
It is crucial to have a licensed solution in case of an Oracle licensing audit. You should contact a specialist licensing consultant provider immediately after being notified you are subject to an audit. These experts have extensive knowledge about Oracle licensing practices, Oracle contracts and the underlying architecture. These professionals can make recommendations to ensure compliance. These tips will help you get started if you aren’t sure where to begin.
Oracle licence exposure can be affected by changes to physical architecture, usage, or agreements with Oracle. You can check your licenses on a regular schedule to be proactive. You can schedule an audit for any changes to your Oracle license if you are unsure. If you are unsure when an Oracle licensing audit is required, you can save a lot of money by taking a proactive approach. Contact the leading Oracle licensing expert firm.
Delay the Oracle license, you normally have 45 days to acknowledge you have received the audit letter. This is the time when you should quickly engage with an Oracle licensing expert to review your licensing. This should be an ex-Oracle l auditor who has helped hundreds of Oracle customers before and can use the same tools and methods that Oracle will use in the official audit.
Oracle will request you to run their Oracle LMS scripts and share the output with them. Oracle does not have a discovery script which means, whatever Oracle installations you cannot find, Oracle cannot find either. If you have done step 1 properly, you should not have anything to fear by running the Oracle LMS scripts. However, there may be reasons why you do not want to do so. Watch the video below to learn more.
Oracle products have different editions, make sure that you have installed the correct version. Oracle database also have additional features that requires additional licenses. If you unknowingly have used those features now or in the past, you will be required to purchase licenses for both past and active usage.
Oracle have different rules for how to calculate Oracle licenses for processors (CPU) or Named User Plus. It is important to review the hardware you are running and understand Oracle licensing rules to make sure you have sufficient Oracle licenses to cover your needs. There are for example user minimums for each product, 25 user minimums for Oracle database enterprise edition and the options must have matching quantities and metrics.
If you deploy Oracle software on virtual technologies it is very easy to be out of compliance with your Oracle license entitlements. Oracle soft partitioning guide that includes vague rules for how to license Oracle in VMware, Hyper-V, IBM LPAR, and other technologies are often a cause for concern. If you are deploying Oracle licenses in AWS or Azure, there are rules for how to calculate the licensing when deploying in public cloud.
Many Oracle customers are being caught out in license audits because they are not aware of these licensing policies.
Review your named user plus licensing; Do you cover the user minimums for each product? If you have 2 processors of Intel with a core factor 0,5 and you have 8 cores. That means you need to license Oracle database enterprise edition with 2x 8 cores = 4 processor licenses of Oracle database enterprise edition. The user minimums for Oracle database Enterprise Edition are 25 per processor. User minimums for this server is 100 named users plus regardless of if you only have 15 users.
Review if the server can be licensed with named user plus at all. It’s quite common that Oracle customers have incorrectly chosen a named user plus licensing model because they cannot count all users. For example, with a web application or integrations to other applications which require the other application population to be licensed as well.
Oracle database options usage
In almost every Oracle audit we come across, Oracle customers have unknowingly used features that trigger additional licenses. For example, that you run Oracle database standard edition and use Enterprise Edition features. That will require the Oracle customer to license Enterprise Edition (core licensing) and pricing is 47,500 $ per processor as well as the additional EE options licensing.
If a Oracle DBA or someone else have used this feature there is historical evidence saved in the Oracle database that is detected by Oracle LMS during the official audit.
Answer: Take your time, per your contracts with Oracle – You normally have 45 days to reply to the
notification. You have no contractual obligation to acknowledge the letter until the 45 days are up. If you want more than 45 days, you can try to negotiate a contract term giving you 90 days notice period.
Answer: No, you have no obligation at all. This is not a formal audit.
Answer: They will start to “chase” you, but there will not be any consequence of delaying.
Answer: Sure, the contract says “the audit shall not reasonable interfere with your business operations”
Oracle are often nice enough to delay an audit for a few months if you can provide them with a good business justifiction why you want to postpone the Oracle licensing audit. Good reasons can be you are currently undertaking changes in your IT infrastructure.
That is more difficult, but I have seen it happen, usually that involves you making a large purchase. Then Oracle can withdraw the audit notification.
Answer: Review your contracts, what does the audit clause say? Do Oracle have the right to audit you? Action to take: If you as many others don’t have copies of your agreements, you might now want to contact Oracle to get copies of all the relevant agreements. only support renewals are not sufficient, should be Oracle OMA, OLSA and Ordering Documents.
Answer: Now you should negotiate an NDA, ask Oracle to sign your company NDA. This usually takes them a few weeks, buying yourself more time to prepare for the audit.
Answer: Oracle always wants to schedule a kick-off meeting ASAP. The purpose of such meeting is to discuss the project plan, sharing scripts and so forth. Getting your agreement on specific dates when you will submit the data to Oracle.
My advice is to instead use the next meeting to negotiate:
Answer: Oracle always wants to schedule the kick-off of the audit as soon as possible, say no to that. Oracle suspect that the more time have to prepare for the Oracle audit, the bigger chance that you might discover any license gaps and fix them before the audit begins.
Answer: They have no right to access your data centre, and they also do not have any discovery tool finding all of your Oracle Software. The Oracle audit cannot take place without your collaboration. Which is something to keep in mind.
Answer: You can try to say no, for how can Oracle on a local level determine if they have enough licenses. You might have spare licenses on another subsidiary that might cover any license shortfall. The audited subsidiary might have a shortfall of 20 Weblogic Licenses, but those might be available from another entity. It is very difficult for Oracle to conduct an Oracle licensing audit on a subsidiary as you may have a surplus of Oracle licenses on another legal entity.
Answer: This is not allowed, But i have seen that Oracle LMS sometimes to include Oracle ASFU licenses. Per contract any audit on ASFU licenses should go thru the partner from which you bought the Oracle ASFU licenses.
Answer: No, there is no such thing as a “your turn-system” when it comes to Oracle License Audits. The software audits are not random. You have been selected by your Account Manager with the support of Oracle LMS. There is almost always a reason to suspect that Oracle have good reasons for suspecting you are audited. Some customer have not been audited for 10 years others are audited every 3-4 years.
Most common reasons for being selected for an Oracle audit are:
Answer: You need to figure out what is the compliance gap you have and how to fix it before the audit starts. 95% of all Oracle audits have a shortfall and usually they are in the millions. But most of the license gap is not because customers are “over-using” Oracle.
The main culprit is:
Answer: Oracle will almost always take your order now instead of waiting for the audit completion which can be many months in the future. You have a stronger negotiation position to purchase before the audit begins rather than after.
Answer: I strongly recommend – get external help by a partner who can analyse Oracle audit scripts. Once Oracle hands the lms scripts over to you. You run the scripts and then give the licensing partner the output first. They can analyse what Oracle will find out once they get the output.
Also review the most common reasons for being audited and you might find out why Oracle believes you are non-compliant. The only people who dont want you to get external help is Oracle, because then they will not get much revenue.
Answer: Are you aware of what features IT staff or DBAs have used when operating your Oracle environments? It could have been a DBA 2 years ago who used features that triggered license purchase. But there are no warning flags. But Oracle will detect that in the audit. I have seen it many times. Remember there is a reason why Oracle is auditing you, they expect to get revenue.
Answer: I have helped companies that only have 5 servers of Oracle Software running and they are being found to be millions of euros non-compliant. One customer had 4 servers and was facing a 9-million-euro license gap.
Answer: It is currently not happening on any large scale if it happens its a almost a one-off. rare, but this can change. Most likely it will be sales reps who wants to review your Java usage.
Answer: Don’t hand over any SAM tool data to Oracle, you need to analyse it. Dont believe the LMS certification marketing hype.
Also even if you have skilled in-house Oracle SAM staff. If you should consider get external help in if you are under audit – It can help to have a “fresh” eyes looking at data to verify that you are correctly licensed.
Answer: Oracle audit organization have gone thru a large re-organization. Most of their audit staff is now based in Romania. The average experience of a consultant is probably 1-2 years. Even how good-hearted Oracle can be, by having in-experienced license auditors will to lead to mistakes. It can be good to make sure you keep them honest by getting external help.
By doing so might actually save your relationship with Oracle, as most companies that have “soured” on Oracle – have done so because they felt they were unfairly treated in an audit.
Answer: Nowhere, it only says you need to co-operate with Oracle LMS. However some later versions do have contract language saying you need to run Oracle data measurement tools. If you are audited by Oracle, Redress Compliance can analyze the Oracle LMS Script and tell you what Oracle will discover in the audit. By doing the independent audit it will give you more options before the official Oracle audit begins.
If you are an Oracle customer who needs help with Oracle licensing, please use the contact button to organize an online meeting.
We are serving clients worldwide with Oracle license management services.
Read more on our blog
Oracle License Audit – how to take control
Oracle License Compliance Scripts – Oracle LMSCollection Tool
If you would like to be updated on Oracle licensing and receive more tips, follow us on
social media:
✔️ Follow us on LinkedIn
✔️ Subscribe to our channel on YouTube
Related Services
If you need with an oracle license audit, contact us for expert support. We are ex Oracle auditors who knows all the weaknesses and strengths in Oracle license audit process. We also have the ability to analyze Oracle license compliance scripts tools aka Oracle LMS scripts. It is well known in the industry that you should not go into an Oracle licensing audit alone. At Redress all of our clients who are facing audits are coming to the front of the line and we start helping you as soon as we can. Contact us to discuss how we can help your company.