Mar 28, 2018 - 07:43 AM
Interesting concept, though I'm thinking that purchasing should be 'purchasing' because of a determination of compliance... and not asking!
In other words, you should be purchasing because of an intended expansion of software requirements ( planned rollout).... or unintended ( oops, SAM review!!)
Thanks to the infrastructure being rather fluid these days ( with disposable hardware and massive virtualization), it's nearly impossible for a license holder to declare - and maintain - an architecture that accomodates original intent of using the license. As well, not too many companies would want to divulge architecture.... and I'm certain that no vendor would give a pre-conditional compliance declaration either.
The best that the vendors can do is offer 'usage rights' that are the T&C's of the license; if you don't exceed the usage rights, then you are 'entitled' to use the license. ( Thus, a license is transformed into an entitlement under these usage rights)
Such usage rights take into account the fluid state of the customer, from Office to SQLServer, from lesser install rights to Virtualization rights.
Lastly, you can't protect yourself from a purchasing POV; if the WMWare admin decides to turn on 'High Availability' then a new architecture has emerged from that requirement.... and you won't even see that!
Mar 28, 2018 - 08:55 AM
I understand completely your position, it's far to be easy, but I've seen several time people proposing to increase the software publisher responsibility to propose software that are compliant, at least at the acquisition time. The infrastructure is laer subject to change but not all the time.
Any idea to negotiate a minimum of responsibility transfer?
Mar 28, 2018 - 10:41 PM
SAM should also be present on any architectural review / approval board - again, the idea is to spot licensing / SAM related risks and work with the solutions designers to ensure that the correct licenses are purchased and that they are designing cost efficiently.
At the point of signing, you are absolutely right that you need to work with the vendor to ensure the licenses they are selling you are correct. This is your opportunity to change or modify the contract so that license metrics, the way they are measured and how you will be using the software are all crystal clear, enabling you to be compliant into the long term.
There is also a lot of other documentation that is created during the contract negotiation process that should be kept with the contract and / or in your SAM database (if the procurement people don't want it with the contract).
- Legal review notes (usually a word document where the two lawyers bounce queries about specific clauses back and forth between them)
- Emails between you and the sales person about how an application will be used and their recommendation regarding what is purchased
- Any emails specifying conditions under which you are signing the contract eg we will sign this contract but only if you give us a 2 year transition period to allow us to uninstall the old applications
While none of these have the formal status of the contract, they all provide information regarding how the two parties intend the contract to be interpreted, and they would (worst case scenario) be admissable in a court of law.... which means that in any audit dispute the need to be taken into account (if the auditor doesn't agree, get your lawyers involved).
Mar 29, 2018 - 04:20 AM
I would add to your list some information provided to the reseller to enable to quantify licenses.