I’ve been working with incredibly talented people at 1E. It is review time, and I have to say that I thought they were testing me when they sent me a draft press release to review with the title, “Vendor audits are on the rise, yet 28% of software remains unused”. I asked myself the question, “Wait, is that right? Can these two (disparate) phrases actually be in the same sentence”?
Let’s look at the two phrases separately:
Vendor audits are on the rise: We all know that software vendors are increasing the number of audits performed. Gartner said that 54% of all organizations received a vendor audit request in 2009 – in 2014 that number jumped to 68%. If you haven’t been audited yet, this may be the year.
28% of all software remains unused: How can there be so much unused software? How can this be right?
Leaving the alarming statistic of vendor audits alone, let’s look a bit more closely at the 28% unused software figure.
From the 1E report:
1E looked into 1.8 million desktops in 74 companies, across 13 industries. Over a quarter (28%) of all software deployed across those 1.8 million desktops is unused (not used in 90 days) and 6% is rarely used (not used for the past 30 days).
If we look at only the top 35 software titles that are installed across those 74 companies (and there are more than 1,800 titles in total), the price paid for unused software comes in at $266 (£170*) per PC in the UK and $224 in the US.
What these two data points are really saying is that organizations are not employing IT asset management to the degree necessary to maximize return and reduce risk. So what should be done?

  1. Employ better ITAM approaches to get more out of their software assets – today. AppClarity is a 1E tool that tells the organization what software is sitting unused, and based on chosen policies, can reclaim that software for another user or simply park it on a shelf (presuming its legal). It should be added that unused software is also generally not patched software – creating security risks.
  2. Implement ISO ITAM processes (19770). Yes, implementing a standard is a bit cumbersome (disclaimer: I helped rewrite the second version which actually made implementation easier), but when applied, you have the confidence of a best-practice, globally recognized standard that will result in numerous business benefits including reduced risk from non-compliant software and let your software vendors of your commitment to the principles from the standard (perhaps discouraging them from auditing you in the first place).
  3. Get your organization to identify an executive sponsor for your ITAM program to ask these questions:
    1. Are we software legal (and if the answer is yes, how do we really know that)?
    2. Are we getting maximum value from our IT assets? Are we using everything, is there a better license type for how we actually use the software, can data centers, servers, and the software on those servers be better utilized to lessen risk and increase return?
    3. What processes do we have in place so that we get off the hamster wheel of repeated vendor audits? What process do we need to have in place to allow us to focus on our business versus vendor audit distraction?

Back to the disparate phrases, I still find it a bit awkward, but when you think them both through, it’s actually brilliant. It oftentimes takes a business driver to make change. If the threat of audit is not enough to make change, then the knowledge of knowing that organizations are leaving, on average, 28% of software, unused. If that does not drive change, I’m not sure what will.