Enterprise License Management (ELM) is the enterprise-wide discipline established by Information Technology (IT) Organizations to efficiently deploy, track, and manage vendor-issued licenses, such as in the case of purchased or leased software or hardware. Improper utilization and tracking of such licenses is known as one of the highest potential areas for financial waste and penalties in mid-sized to large enterprises. And, when big companies like Microsoft, IBM, and Oracle come knocking on your door for license true-up, you’d better be ready. This publication introduces the reader to ELM and some of its basic concepts.
Key Enterprise License Management Activities
Common ELM activities include but are not limited to:
- Maintaining inventories of license related vendor contracts.
- Analyzing of vendor contracts for license entitlements.
- Establishing and communicating enterprise-wide Policies, Standards, and Best Practices for license adoption, use, tracking, etc.
- Selecting and establishment of enterprise-wide License Management tracking and reporting tools.
- Developing and maintaining license-related financials for executive leadership.
- Reporting on or about license entitlements, capacity, utilization, and compliance.
- Working with C-level executives and Vendor Management organizations to negotiate better vendor contracts, especially in the case of enterprise license scenarios.
- Working with the enterprise to ensure vendor license and contract compliance.
- Working with the enterprise to calculate and report on license-related Risks, such as penalty exposure.
- Facilitation of vendor audits.
- Renegotiation of vendor-imposed non-compliance penalties.
- Working with Records Management (RM) to tie ELM into RM for purposes of evidence, as necessary.
- Working with Governance, Risk Management, and Compliance (GRC) Steering Committees and their stakeholders to facilitate their efforts.
- Work with all the individual License Management (LM) teams to coordinate consistent license related operations, reporting, and support across the entire enterprise, especially in the cases that drive a return to contract compliance.
Note: Lease Management sometimes also falls into the purview of License Management.
It’s important to keep in mind that licenses come in many different forms. There are named users, hardware specific, floating, and enterprise, just to name a few. These differences become the foundation for complexity when it comes to work associated with ELM. Collecting data about different license types, combining it all, finding ways to come up with consistent analysis and calculations and reporting all become part of the challenge that is ELM.
License Management Tools
There are tools, especially in the case of software license management, that can be installed to crawl computers around the enterprise network and collect data about software package installation and use. That collected data is then automatically compared to vendor contract data you manually enter into the tool, allowing you to compare Actual State to Expected State. People think this is easy. It is not. And, to make matters worse, it’s expensive to install and maintain over time, requiring dedicated software engineering skills. For these reasons, think long and hard about installing these types of tools because the investment required for doing so is significant. You should be clear that you can afford and be dedicated to that investment, over the long term, because ELM is not a one-and-done type of activity. It must be performed regularly, throughout each year, every year.
This being said, if you can afford and are dedicated to such an investment, there are some very impressive License Management tools on the market that can help you in your ELM efforts.
The Differences Between ELM and License Management
License Management (LM), unlike ELM, represents the discipline performed to manage licenses at a more granular or domain-specific level, usually for one or more vendor products but not for all that exist in an enterprise. As a result, there may be many different organizations that perform LM activities for the specific vendor products they deal with. For example, one team might specialize in database software licenses because they specialize in databases; another team might specialize in desktop and laptop software licenses; and another team might specialize in document management software licenses. Given these many different LM areas, ELM unlike LM has the responsibility of coordinating and performing enterprise-wide work activities that span across all LM areas.
The complexity of ELM vs. LM is in the understanding that ELM must be performed across the entire enterprise, while LM works in smaller and more controlled license pockets. This complexity gets far greater when we stop to realize that there are many different types and forms of licenses so trying to combine data into meaningful denormalized reports (e.g. financial, risk, etc.) for executive leadership and vendor management organizations becomes even more difficult.
ELM responsibilities are commonly assigned to Architecture Organizations
Because Architecture Organizations have enterprise-wide scope, most C-Level executives tend to put the ownership, responsibility, and accountability for ELM squarely on the shoulders of the Chief Architect (a.k.a. Head of Architecture) and in the Architecture Organization.
The Negative Financial Impacts of Poor ELM
Poor Enterprise License Management often leads to three (3) very well-known negative financial impacts…
- The excessive purchase of new and unneeded licenses, due to the inefficient reclamation and reuse of existing license entitlements. This usually results in poorly negotiated and executed contracts to purchase new products like software.
- The money and time wasted to try and collect and report on vendor-related enterprise license utilization, during vendor audits. When vendors come knocking on your door to perform their surprise (but contractually supported) audits of how you’re using their products, the burden to facilitate those audits will pull key resources from your critical projects, possibly for weeks at a time.
- Vendor imposed license non-compliance penalties. When you cannot protect yourself with accurate supporting license utilization and capacity data, vendors impose the worst case scenario penalties on you, as specified in the contracts you sign to use their products.
ELM as a dimension of Records Management
The work performed to track and understand where licenses are installed and how licenses are being used for the purposes of maintaining compliance with vendor contracts is very much a form of Records Management (RM) and always should be considered as such. The materials collected and managed represent evidence in support of any position your enterprise might take, in defense of any litigation resulting from license-related disputes. For this reason, ELM data should be linked into your Records Management activities and Records Management organization, if you have one.
ELM as a dimension of Governance, Risk Management, and Compliance (GRC)
If your enterprise has a Governance, Risk Management, and Compliance steering committee or control body, there is a very good chance that vendor license compliance is an important control dimension for their GRC efforts, especially since the penalties for non-compliance can be massive (in the tens of millions in some enterprises). Calculating and sharing license risk exposures will be critical so that the GRC control body can help fund and drive the work related for correcting non-compliance before penalties hit. For this reason, it is recommended that ELM be closely tied to and aligned with GRC.