Audit Inspections: How to Proceed with Inspecting Computers for Software Installations
BSA | The Software Alliance (BSA) is an organization that represents software companies and prosecutes alleged unlicensed use of those member companies’ software products. The BSA generally initially sends a company a letter indicating the company may be out of compliance with applicable software license agreements and demanding that the company investigate and inspect each computer for BSA-member software installations. Then the inspection begins.
This process varies depending on the size of the company and the number of computers within the scope of the audit. A small company with very few computers has more cost-effective options, such as using a free scan tool to inspect their computers, conduct hard drive imaging, or simply logging on to the computers to determine what is installed.
However, there are numerous methods of inspecting and reporting software installations, and because of the complexities facing companies with many computers, it often is more effective to use a network scanning tool to determine installations on computers.
After selecting and deploying the scanning tool that is most effective for a company’s needs, a company should review the raw inventory results to determine if there are any errors in the results. It is not uncommon for inventory tools to report the presence of a software product on a computer even after the company has taken steps to remove the product. In addition, there are several product-specific pitfalls to avoid. For example, it is common for older versions of the free Adobe Reader to appear in inventory results as the full Acrobat product. Also, a computer may appear to have a full Microsoft Office suite, when one component, such as Microsoft Word, is the only product from the suite that actually is installed. Each of these items can make a significant difference in a company’s exposure.
Finally, companies also should use a review of their software inventory results to determine which software products they need going forward. BSA settlements typically require companies to certify their compliance with applicable software agreements as of the date of settlement, and it is advisable to begin the compliance review as soon as possible. For example, it is often the case that a company does not require the full Adobe Acrobat, but could meet their needs using the Adobe Reader tool.