What to expect from a Baseline Audit & Review by Fisher Australia
Specific vendor review
We create a simulated audit review using the methodology typically used by your selected vendor. The findings from this review will identify:
- Potential vulnerabilities within your data collection process
- Potential products/metrics that your selected vendor would focus on
- A preliminary view of the vendor’s software product position including quantity, deployment and gaps based on your current data
- Our recommendations to address findings and risk exposure
- Establish the scope of covering the nominated vendor for the review which includes business areas and geographies.
- Review the available contracts and associated documentations from your selected vendor starting from the point of enterprise software licence agreement signing to the current date.
- Develop an overview of your software licensing entitlements.
- Investigate the current deployment/usage of the software using data available from your SAM (Software Asset Management) system.
- Reconcile your software entitlements against your current deployment, highlighting the over and under consumed software.
At this stage we will provide you with advice on our recommendations and the next best steps.
Fisher Australia recommends a multiple vendor approach (as explained above), and ideally combined with the implementation of a SAM tool if not already in use. The SAM tool would allow to log the findings for each vendor, allow normalisation and verification, and potentially identify licenses by vendors which might not have been deemed important enough to investigate but have considerable risk inherent if over-deployed.