Software audit program

  • Software audit
  • Legality audit
  • Software review
  • SAM (Software Asset Management)
  • Software audit software

Table of contents

What is a legality audit?

A software legality audit is the process of verifying that all computer programs used in an organization are legal, i.e. have the appropriate licenses. The purpose of such an audit is to ensure that a company or institution is using software legally and that it does not infringe on the copyrights of software manufacturers.

Benefits

Compliance management and legal risk minimization
The eAuditor system automatically identifies and tracks software licenses to ensure compliance with legal and licensing regulations. This helps avoid potential financial and legal penalties associated with the use of illegal software.
Optimize licensing costs
With eAuditor, it is possible to accurately monitor license usage, allowing efficient management of subscriptions, perpetual licenses and volume licenses. The system makes it possible to identify unnecessary or unused licenses, which can lead to savings on licensing costs.
Automation and efficiency
The eAuditor system automates the processes of inventory, license verification and IT asset monitoring, which significantly increases the efficiency of software management. Automated reporting and compliance monitoring reduces the need for manual oversight and minimizes human error.
IT Security
The eAuditor supports the identification and management of unauthorized installations and monitors potential risks associated with software use. As a result, the organization can improve IT security by avoiding risks associated with illegal or unsecured software.

Key elements of the Audit

  1. Software inventory: Gathering information on all software installed on computers in an organization.
  2. License verification: Verifying that each copy of software is properly licensed. This includes comparing the number of copies installed with the number of licenses purchased.
  3. Documentation: Collecting documents that prove the legitimacy of software, such as invoices, license agreements, certificates of authenticity, etc.
  4. Compliance assessment: Analyzing whether the organization complies with licensing requirements for each program used.
  5. Reporting: Preparing a report on the results of the audit, which may include recommendations for corrective action if any irregularities are detected.

Software Asset Management (SAM)

Software Asset Management (SAM), or Software Asset Management, is a process and set of practices designed to manage and optimize an organization’s procurement, implementation, maintenance, use and disposal of software. SAM’s main goals are to ensure license compliance, optimize software-related costs and minimize legal and operational risks.

ISO/IEC 19770 Standard

Software auditing according to ISO/IEC 19770 is the process of assessing and verifying compliance with the requirements of the standard. ISO/IEC 19770 is an international standard that defines practices for software management and auditing. This standard focuses on the identification, management and monitoring of software.

The main objectives of a software audit according to ISO/IEC 19770 include:

  1. Software identification: The audit aims to identify exactly what software is used in the organization, including licenses, versions, vendors and other relevant information.
  2. Software license management: The audit is designed to assess the organization’s compliance with software licensing policies. Software licenses, agreements, usage restrictions and legal policies are checked.
  3. Compliance assessment: The audit verifies the organization’s compliance with legal requirements and rules for software, including licenses, usage rules, security policies and other arrangements.
  4. Non-compliance and risk detection: A software audit aims to identify possible non-compliance, license violations, unauthorized software or other software risks.
  5. Improving software management: The audit provides the organization with feedback and recommendations for improving software management, including processes for purchasing, deploying, tracking and disposing of software.

A software audit in accordance with ISO/IEC 19770 focuses on accurately identifying, managing and assessing compliance of an organization’s software policies. It aims to ensure that software is properly managed and used in accordance with legal and licensing requirements and the organization’s internal procedures

Scope of the Audit

The eAuditor system is an IT management tool that enables software auditing in an automated and comprehensive manner. Software auditing in the eAuditor system is compliant with ISO/IEC 19770.

The scope of the eAuditor software audit covers several key areas::

  1. Software Inventory:
    • Automatic detection and cataloging of all installed software on computers and servers on the network.
    • Identification of software versions and installation dates.
  2. License compliance verification:
    • Comparison of installed software with owned licenses.
    • Monitor license usage and identify potential non-compliance.
    • Tracking license validity and renewal dates.
  3. IT resource management:
    • Create and update a database of IT assets, including both hardware and software.
    • Generate reports on the status of resources, their location and users.
  4. Monitoring and auditing:
    • Analysis of compliance with security policies and software usage rules.
    • Track user activity and application usage.
    • Detection of unauthorized installations and suspicious activities.
  5. Reporting and analysis:
    • Generate detailed reports on audit results, including reports on license compliance, software usage, potential non-compliance and recommendations for corrective action.
    • Visualize data in the form of charts and tables to facilitate analysis and decision-making.
  6. Integration and automation:
    • Integration with other IT management systems and monitoring tools.
    • Automate audit processes, allowing for regular and systematic reviews of software status.
  7. Safety and compliance:
    • Securing data and audit reports.
    • Ensure compliance with licensing and data protection laws and industry regulations.Using the eAuditor system enables organizations to effectively manage software licenses, minimize risks associated with license incompatibilities, and optimize costs associated with the purchase and maintenance of software.

Supported license models

The eAuditor system supports a variety of licensing models for software inventory, enabling comprehensive license management and compliance with licensing terms. Here are the main licensing models supported by the eAuditor system:

  1. Perpetual Licenses:
    • The user has the right to use the software indefinitely for a one-time fee.
    • The eAuditor system monitors perpetual licenses, ensuring compliance with purchased licenses.
  2. Subscription Licenses:
    • The software is available on a regular fee basis (monthly, annual, etc.).
    • eAuditor keeps track of subscription dates and reminds you to renew your license.
  3. Device Licenses:
    • Licenses assigned to a specific device, regardless of who is using it.
    • The eAuditor system inventories the devices and the licenses assigned to them.
  4. User Licenses:
    • Licenses assigned to a specific user who can use the software on different devices.
    • eAuditor manages user licenses, monitoring their assignment and use.
  5. Volume Licenses:
    • Licenses purchased in large numbers, often at a discount, for a certain number of installations.
    • The system tracks the number of copies installed and compares it to the number of volume licenses purchased.
  6. Role-based Licenses:
    • Licenses assigned based on user role in the organization.
    • eAuditor allows you to assign licenses according to user roles and monitor compliance.
  7. Processor Licenses:
    • Licenses assigned to the number of processors in the servers.
    • The system monitors servers and the processor licenses assigned to them.
  8. Core Licenses:
    • Licenses assigned to the number of cores in the processors.
    • eAuditor inventories processor cores and manages assigned licenses..
  9. Modular Licenses:
    • Licenses assigned to specific software modules or functions..
    • The system tracks which modules are active and monitors their licensing.
  10. Software as a Service:
    • Software available as a service, where licenses are usually subscription-based.
    • eAuditor manages access to SaaS services and monitors compliance with licensing terms and conditions.

Database of patterns

A rich public database of application and package patterns allows quick identification of software. The software automatically identifies license models and calculates the corresponding Core Factors in accordance with Microsoft’s licensing documentation. Users have the option of using a private database of application and package patterns, which is a collection of patterns for exclusive use in a given installation.

Software diagrams

eAuditor allows you to build the implementation of so-called software schemes and assign them to a selected group of computers, which makes it possible to identify software of a given category on selected computers, whereby a given software can be on different computers in different groups (e.g. for computer group A, software X is prohibited and will be automatically uninstalled, and for computer group C, software X is recommended).

IT infrastructure and security management

Learn about eAuditor during a free presentation