IT Audits: Documenting Licensing Issues

One of the biggest issues you will run across during IT Audits is software licensing. If you find any such issues during IT audits, note them in your report. You might want to say something like: “These are deficiencies that I have found. Do you have the documents around to prove you own it?” It’s that simple, and any small business that is dealing on the up and up recognizes that. The burden of proof is on them. They need to go dig out the license agreements, the invoices, the end-user license agreements and original CDs to prove ownership. Licenses Aren't Negotiable If they can’t, then you need to address it with them after IT audits. Tell them that the deficiency is going to cause a lot of headaches sooner or later and you need to figure out a remediation plan now. Most businesses will ask you what they should do about it. With most small businesses, you may need to give them a couple months after the IT audits to let it work through the cycle--but no more. In an ideal world, you’d love to fix it immediately to get rid of the liability and the problem right away. Licensing compliance is definitely something that should be in your service contract. Protect Yourself There should be a paragraph that talks about how the client’s responsible for having properly licensed software, that if you identify that there’s any deficiencies in IT audits, it’s your responsibility to develop a remediation plan and present them with the options and they’re obligated to either remove the software or purchase it. It’s that simple. You shouldn’t be working for anyone that has a problem with buying software legally because it exposes you to direct legal consequences as well as reputational consequences. IT Audits: What are some remediation plans? Sometimes businesses so underutilize software, some programs on a PC can be safely removed because they’re not being used anymore. Or someone two years ago thought they might want to use it, so they picked up a pirated copy. If you find out in the course of talking with users that they’re not actually using the program, the safest thing is to go to Add/Remove Programs and take it off for them. If the PCs are nearing the end of their lifecycle, a cost effective way of remediating the software problem is upgrading the PC and helping them to install the OEM version. Another option is for them to keep their existing equipment and buy the two-year site license with the maintenance, providing unlimited upgrades. The Bottom Line on IT Audits Figuring out what your clients' licensing needs are during IT audits. Just be sure you address the problem. Copyright MMI-MMVI, Computer Consulting 101 Blog. All Worldwide Rights Reserved. {Attention Publishers: Live hyperlink in author resource box required for copyright compliance}

IT Audits: A Checklist

IT audits need to be as comprehensive as possible. To ensure you hit every area you need to during your IT audits, review this checklist. • IT Audits - Physical Security: To ensure that appropriate physical controls are in place to secure technology assets (servers, networking and telecommunications equipment) preventing unauthorized access. • IT Audits - Logical Security: To ensure that appropriate software security controls are in place to prevent viruses and unauthorized data access. • IT Audits - Logistical and Environmental Controls: To ensure that systems, networking and telecommunications equipment are housed in facilities designed to offer proper environmental conditions (regarding temperature and dust regulation, furniture, racks and physical equipment organization) • IT Audits - Configuration Management: To ensure that systems are installed and configured according to established requirements and standards. • IT Audits - Systems Administration Procedures: To ensure that security and systems administrative procedures are properly defined and assigned to staff. • IT Audits - Hardware Inventory Management: To ensure that all hardware is properly inventoried and that warranty and maintenance records are maintained. • IT Audits - Software Licensing Compliance: To ensure that all software usage is in compliance with licensing agreements, and that appropriate licensing records are maintained. • IT Audits - Data Backup and Disaster Recovery Procedures: To ensure that data backups are being made and tested on a scheduled basis, sufficient to recover in the event of a systems failure, data loss, or other disaster. • IT Audits - Documentation: To ensure that all systems, procedures, and policies are properly documented and updated, including the appropriate retention of systems reports, error, help desk, and other related problem logs. • IT Audits - Performance and Capacity Planning: To ensure that all systems are performing according to required levels, considering uptime, systems availability, bandwidth, data storage availability, and the archival of older data files. • IT Audits - Change Management: to ensure that all major changes to systems hardware and software are properly documented, tested and verified prior to implementation, with appropriate back-out plans. Copyright MMI-MMVI, PC Support Tips .com. All Worldwide Rights Reserved. {Attention Publishers: Live hyperlink in author resource box required for copyright compliance}

IT Audits: The Next Step

With most of your clients, once the relationship is established and IT audits are complete, you should move into a project plan mode where you set up a spreadsheet and organize it on a monthly basis.

During IT audits, you’re going to find that some things have to be done this month; some can wait until next month, and many things should be added to a wish list.

Wish Lists Defined

The wish list things are going to be those things that either have to be done because there’s a vendor or regulatory agency driving it, or there’s a product that’s becoming obsolete and won’t be supported anymore. Whatever the reason, a bunch of wish list projects will need to be done at a certain date.

Your best bet, and their best bet, is for you to keep track of the wish list items as if you were their full-time IT manager. Put the tasks down by month. That’s your future revenue stream.

How to Organize Tasks.

After IT audits, your first priority should be organizing tasks. It is as simple as setting up an Excel spreadsheet and putting a couple columns in there like Month, Task, Estimated Labor Cost, Estimated Product Cost for software peripherals, hardware, and a column if you need to bring in an outside contractor or vendor.

Let’s say they have an old Citrix server and they know that it needs to be upgraded because it hasn’t been touched in three or four years. If you don’t have a lot of expertise on metaframe, knowing that the project is coming up would give you plenty of time to go out and look for a specialty contractor in your area who does have Citrix metaframe expertise and is certified.

Keeping organized helps you to plan ahead with their ideas in mind.

Copyright MMI-MMVI, Computer Consulting Blog. All Worldwide Rights Reserved. {Attention Publishers: Live hyperlink in author resource box required for copyright compliance}