Sourcing and Software Audits (Not a Love Story Yet)
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
Sourcing and Software Audits
(Not a Love Story…Yet):
How to Reduce Cost and Risk by
Getting Your Arms around Your
Software Licenses
Lawrence Kane
Senior Leader, ITI Strategy, Sourcing, and Asset Management
Boeing
Paul Becker
ITI Sourcing, Asset Management
Boeing
L
F AL
ER
V
D EN
14
20
SU MM
IT
www.sig.org/eval
Evaluation How-to:
Why? How?
Option 1: App
Your feedback drives
1. Select Schedule
SIG Event content 2. Select Schedule by Day
By signing and 3. Select Day
4. Select Session
submitting your
5. Scroll to Description
evaluation, you are 6. Click on the Evaluation link
automatically entered Option 2: Browser
into a prize drawing 1. Go to www.sig.org/eval
2. Select Session (#WS02)
L
F AL
ER
V
D EN
14
20
IT
SU MM
Sourcing & Software Audits
(Not a Love Story)
How to reduce cost and risk by getting your arms around your
software licenses
Paul Becker, ITI Sourcing, Asset Mgmt, Boeing
Lawrence Kane, Senior Leader, ITI Strategy, Sourcing, and Asset Mgmt, Boeing
2014 Global Sourcing Summit
October 14 - 16, 2014
Copyright © 2014 Boeing. All rights reserved.
About Boeing…
Engineering, Operations & Technology
The world’s leading aerospace company
Provides products and support services to
customers in 150 countries
Designs and manufactures commercial and
military aircraft, rotorcraft, electronic and
defense systems, missiles, satellites,
launch vehicles, and advanced information
and communication systems
Headquartered in Chicago, Boeing employs
more than 170,000 people across the
United States and in 70 countries
More than 140,000 of our people hold college
degrees, including nearly 35,000 advanced
degrees, in virtually every business and technical
field
Copyright © 2014 Boeing. All rights reserved. |4
Agenda
Engineering, Operations & Technology
The threat we all face
Leveraging people, processes, and tools to protect
ourselves
Business case of robust asset management
Key takeaways for success
Copyright © 2014 Boeing. All rights reserved. |5
Once you purchase software the fuse is lit
Engineering, Operations & Technology
• IT people aren’t contract experts
• Just because you bought it doesn’t
necessarily mean you are entitled to it
• Software Publishers are make it hard to
comply intentionally
• Distribution of software licenses to the
wrong environment (e.g., Server vs.
desktop)
• Pirated/hacked software
• Illegal distribution of software (e.g., One
employee copies software to give to
another)
• Outdated or unsupported software
Copyright © 2014 Boeing. All rights reserved. |6
Discuss…
Engineering, Operations & Technology
How do you know if you have a risk?
Copyright © 2014 Boeing. All rights reserved. |7
Potential risks
Engineering, Operations & Technology
If you don't have an asset management governance structure
and skilled professionals to run it, you already have a risk
You have a 65% chance of being audited as publishers look for
additional revenue
The inevitable risks of software audits we all face
– Varying levels of asset maturity, software publishers see this as a
source of revenue
– Software asset management experts estimate that $59B of software in
use globally is not licensed
Example case study
– Audit finding of $200M at a Fortune® 50 company from just 1 publisher
– Negotiated down to “only” $40 million
Unfortunately many companies only know there’s a problem once
they have been audited… by which time it’s too late
Copyright © 2014 Boeing. All rights reserved. |8
How well do you know your licenses?
Engineering, Operations & Technology
End-user License Agreement (EULA)
Processer Value Units (PVU)
Proprietary License
General Public License (GNU)
Workstation licenses
Concurrent Use License
Non-perpetual Licenses
Etc., etc., etc…
Copyright © 2014 Boeing. All rights reserved. |9
What could happen to your company?
Engineering, Operations & Technology
Copyright © 2014 Boeing. All rights reserved. | 10Situations many of us face
Engineering, Operations & Technology
People, Process, and Technology vulnerabilities
Knowledge, skills and ability of IT employees less than that of
software publishers
End users with Admin rights
End users who do not understand how important it is to honor
license commitments
Procurement strategy not aligned with true demand
Deployment process not sufficiently managed
Little or no Software Asset Management program governance
Discovery tool limitations
Asset Management system and/or data limitations
Server build process that does not consider license management
…and the software publishers know it
Copyright © 2014 Boeing. All rights reserved. | 11Business Software Alliance
Engineering, Operations & Technology
Copyright © 2014 Boeing. All rights reserved. | 12Discuss…
Engineering, Operations & Technology
When was your last audit?
Is your level of maturity robust enough?
Is your staff knowledgeable enough to defend you?
…How do you know???
“IT assets will need to be measured for a variety of business, risk, and operational
management reasons in the future.” Enterprise Systems Journal
Copyright © 2014 Boeing. All rights reserved. | 13What level of maturity is best for you?
Engineering, Operations & Technology
Industry Maturity Model 5
4 Agile
Managed Beyond IT: supporting
The company as a
Investment to Implement
IT Proficiency: Standard
competitive advantage:
processes, cross-
3 Adopted organizational integration,
Integrated enterprise
Value Received
capabilities, committed
measured impact, service
IT Competency: Department audit and
oriented
standards, basic processes, improvement, business
basic integration, utility oriented oriented
18 – 24 months 18 – 24 months 18 – 24 months 18 – 24 months
2
Applied
IT Today: Basic capabilities,
pockets of excellence, few
processes, tools, and
standards
1 Explored
No sustained
capabilities Capability
1 2 3 4 5
True-up by audit Manual record-keeping and Limited IT uCMDB with IT uCMDB with robust Robust enterprise uCMDB
true ups discovery tools in place discovery and tracking tools with advanced analytics
Few people responsible; Asset Mgrs assigned, Asset Mgrs and Product Mgrs Strong coordination; managed Structured enterprise-wide
limited organization coordinated efforts assigned, coordinated efforts virtual organization organization w/ dedicated staff
No rigorous compliance Compliance based on Compliance with asset needs Compliance with asset needs Proactive compliance and
process representative sample known; forecasting limited forecasting and optimization utilization
“Expect to spend 18 to 24 months deploying all the policies, processes, people, and tools required to move from level to level of ITAM maturity.” —Gartner
Copyright © 2014 Boeing. All rights reserved.How do you improve your level of
maturity?
Engineering, Operations & Technology
Define your governance strategy
– Optimize the organization and operating structure to meet your needs
– Determine what you are going to do yourself vs. what you are going to
buy
– Don’t forget you can outsource the work, but not the responsibility
Determine the tools you need
– Acquire and deploy robust tools that fit your infrastructure
– There is no one size fits all answer today
Implement process improvements
– Implement process disciplines that proactively prevent escapes
– Ensure software is purchased through the correct channels
Assign the right people
– Hire, train, and reward personnel necessary to implement your
solution
– Educate and inform your end users
Copyright © 2014 Boeing. All rights reserved. | 15Some best practices to reduce audit risk
Engineering, Operations & Technology
Review your high risk, high dollar software publishers
Put governance in place to address highest risks first
Develop and communicate policies on software license
compliance, purchase, and distribution
Consider hiring audit certified professionals
Know how to access law firms that specialize in defending
against audit findings if necessary
Implement a quarterly internal review process that matches
entitlements and deployments and takes action on any
discrepancies
Assure there is sufficient budget to proactively correct any over
deployments
Copyright © 2014 Boeing. All rights reserved. | 16Business case for robust software asset
management
Engineering, Operations & Technology
Reduced audit risk
Identify opportunities to utilize licenses more effectively
Reduced software costs through harvesting and redeployments
Better data to negotiate favorable contracts
…No surprises
Copyright © 2014 Boeing. All rights reserved. | 17Discuss
Engineering, Operations & Technology
Is your procurement strategy effectively utilizing knowledge from
your software asset governance to aid in contract negotiations?
Does your sourcing strategy align with your technical architecture
and software roadmaps?
What aspects of asset management should you outsource vs.
insource?
“63% of companies surveyed believe they lose an average of 25% of contract value due to poor governance.”
─ International Association of Outsourcing Professionals
Copyright © 2014 Boeing. All rights reserved. | 18Key Success Takeaways
Engineering, Operations & Technology
If you don’t know what your asset management strategy
is, find out… the financial risk is too great not to know!
Leverage sourcing in your solution
̶ Skilled professionals are available to support your asset
management solutions
̶ Risk is further mitigated when skilled professionals are engaged
̶ Use data from your software asset governance to aid in contract
negotiations
Determine your financial risk by software publisher and
prioritize
̶ Create accounts needed to purchase licenses once the discrepancy
is discovered
Communicate your risk and solution
Copyright © 2014 Boeing. All rights reserved. | 19Engineering, Operations & Technology
Thank you!
Lawrence Kane
Paul Becker Senior Leader
ITI Sourcing, Asset Mgmt. ITI Strategy, Sourcing, & Asset Mgmt.
Phone: (425) 505-8995 The Boeing Company
The Boeing Company Phone: (425) 865-7516
E-Mail: paul.w.becker@boeing.com E-Mail: lawrence.a.kane@boeing.com
Copyright © 2014 Boeing. All rights reserved. | 20Session #WS02
Sourcing and Software Audits (Not a Love Story…Yet): How
to Reduce Cost and Risk by Getting Your Arms around Your
Software Licenses
Speakers:
Paul Becker Lawrence Kane
Boeing Boeing
(425) 505-8995 (425) 865-7516
paul.w.becker@boeing.com lawrence.a.kane@boeing.com
L
F AL
ER
V
D EN
14
20
IT
SU MMAbout the presenters…
Engineering, Operations & Technology
Paul Becker is responsible for IT Infrastructure Strategy,
Sourcing strategy, and Asset Management Governance at
Boeing. Consultant for sourcing negotiations on
telecommunications contract agreements valued at over $150
million per year. Established and implemented transition strategy
and procedures for an out sourced service delivery vendor center
in the Philippines working within telecommunications.
Implemented Lean+ principles in various work groups to include
operations for Deloitte, project management development for
Teris, and operational improvements for Verizon.
Lawrence Kane is responsible for IT Infrastructure Strategy,
Sourcing, and Asset Management execution at Boeing. He
architected the IT infrastructure strategy, governed the software
asset management process, established the sourcing office, hired
and developed a high-performance team and saved more than
$1.5B by architecting the IT infrastructure sourcing strategy,
designing the proposal evaluation process, executing RFPs,
negotiating with providers and benchmarking the effectiveness of
resultant deals. He is also the best-selling author of eleven books.
Copyright © 2014 Boeing. All rights reserved. | 22You can also read
