Corporate UK Facing Compliance Time Bomb During a Period of Economic Uncertainty!
IT managers have got their heads in the sand when it comes to adopting an effective software asset management policy, according to research commissioned by the Software Industry Research Board (SIRB), an initiative of FAST IiS in association with leading software publishers.
60% of UK businesses surveyed do not perceive a risk from misuse of software or counterfeit supply, and 43% do not believe they face a threat from the lack of compliance as they claim to have a Software Asset Management (SAM) policy, according to research detailed in the IDC White paper, "Maturity of SAM Practice in the UK Market – Perception and Reality of Risk", October 2008, sponsored by FAST IiS.
The research also identified that 75% of companies have in place a SAM policy and yet 38% admitted that they had only a basic understanding of their software licences. This lack of transparency can leave businesses open to the threat of the legal and financial consequences of under and over licensing. This is clearly not a good situation to be in under any circumstances, but especially not in the tough economic climate we are currently experiencing.
The same research found that a significant number (55%) of those same companies had been subject to a software publisher audit within the last 12 months. This is a trend that is expected to continue, making it a very real risk for businesses.
Other key findings included:
• The majority of UK businesses recognised that poor management of software can expose them to risks that can compromise the business such as viruses (61%), corruption of data (60%), Trojan horses (58%), external hacking (55%), and employee sabotage (51%), any of which can carry enormous consequential impact.
• Only 9% of those surveyed said software compliance was the responsibility of a Board Director, a further 16% stated the CIO but the overwhelming majority – a staggering 63% - stated that it was solely the responsibility of the IT manager or a line-of-business manager.
John Lovelock, Chief Executive of FAST IiS, stated: "Let us be absolutely clear: there is a difference between illegal supply of software or counterfeit goods, which is essentially deliberately defrauding the software publishers, and poor organisational discipline and management practices that lead to under - or even over – licensing, but the impact upon the software industry is still a significant loss in revenues."
He continued: "The point to stress to business leaders is that they cannot afford to be complacent about the subject of compliance and risk to their businesses as they need to validate that they are able to demonstrate good governance and transparency in terms of compliance. The research points to critical weaknesses that leave their organisations with material risk – and put bluntly that means a risk to the bottom line!"
The research highlights four core areas of risk:
• Commercial risk from not managing software assets effectively thereby over spending which, at a time of economic uncertainty, is a cost that needs to be avoided.
• Operational risk as a result of not tracking software assets throughout an organisation thereby leaving it open to attack through viruses and the like.
• Legal risk from using unlicensed or pirated software and the associated damage to reputation that can be caused as a result of the legal consequences for allowing employees to use unauthorised software.
• Risk of a software publisher audit that can lead to a hefty bill.
"The majority of those surveyed recognised that poor management of software assets can bring in risks such as viruses and the corruption of data amongst many others. However, what has been identified in the research is that despite that knowledge companies are not evaluating the operational, legal and commercial risk from not having a software asset management (SAM) strategy", added Rikke Rasmussen, Licensing and Anti-Piracy Manager, Microsoft.
Michael McCloskey, Chief Executive, FrontRange stated: "This research clearly demonstrates a lack of consistency across the business community toward the issue of software asset management and that responsibility for this needs to be taken at Board level, albeit the practices are managed primarily within the procurement and IT operations structures."
Petra van Beneden, Director, EMEA Licence Management Services, Oracle, added: "No one would expect the board to manage the operational details of SAM any more than one would expect a board to manage asset registers or be involved in day-to-day operational activities. But at a strategic level the Board needs to be assured that the company has minimised its risk and cost in this area."
Fred Broussard, Research Director at IDC, added: "This research showed that the majority of respondents found that their software asset management practices benefit from adoption of best practice in software asset management. These benefits include reduced commercial risk, reduced operational risk, increasing the speed and reducing the cost of conducting an audit to demonstrate compliance as well as ensuring that IT systems are stable, secure and available."
This is the first of four quarterly white papers based on the results of the research. The three follow on papers which are due to be published in 2009 will provide more detailed analysis of the UK SAM scene and will offer readers expert guidance on Best Practice and how to effectively implement it cost effectively across an organisation.
write your comments about the article :: © 2008 Computing News :: home page