If you haven’t received an audit inventation, consider yourself lucky. Publishers are auditing everyone, from volume licensing to SPLA, audits are happening and it’s best you be prepared.
I am often asked “What steps are entailed in an audit and how much is this going to cost me?” Both questions have undetermined variables tied to them. I said this before, but you must look at your datacenter from an auditors perspective. What would they want to see if I am audited? Here’s my advice, (& take it for what it’s worth), but if I knew audits were happening, I would want to keep track of all users that have access to the software and ensure those that do not have access truly do not have access! As an example, I’m hosting SharePoint to 10 users and only 5 of those users have access to Enterprise features – therefore I only need to report 5 right? Maybe- but what happens in some weird way they could possibly access the Enterprise features? You would true up all licensing not reported and probably have an additional fee on top of it!Secondly, if I was using SQL, I would double check and see if VMs can migrate to different hosts. Third, I would get a record of end user agreements and ensure software assurance is active for whatever products they are using under “license mobility.” Last, and probably the most important – be careful of using a third party for audit support. It may look like they helped – but in the end …did they? Email me a firstname.lastname@example.org and I can explain.