How to Protect Your Business in SPLA Audit?

Posted by HelenaNelson on July 5th, 2019

If you are using products under the Microsoft Service Provider License Agreement (SPLA), you have to perform an audit and assessment and provide a certificate of compliance. Service providers help clients navigate the licensing issues that arise while conducting SPLA certification. If SPLA audit and certification is the issue, consider the following:

Data gathering

Before certifying your compliance with SPLA, you need to review sources of data. It is good to gather data that independent auditors would use such as any free tools generally accepted in audits. This is to avoid any big surprises during audit reports.

Validation of data

Doesn’t matter which tool you use, it is crucial to call upon a process that can validate the data deployment, its accuracy, and completeness. To ensure accuracy in SPLA audit, revealed data sets are compared to other data test to assess if all machines have been covered. Active Directory objects are commonly used to validate completeness testing. Comparing Active Directory with the discovery data determines completeness in SPLA audit. Mostly, companies have anti-virus software installed on the hardware they own. When there’s AV running and not reflected in the discovery data, then completeness testing in SPLA audit will fail. Merging the AV data to the discovery data helps find all missing machines and complete the audit.

License position for SPLA

A technically complicated part of SPLA certification is the calculation of effective license position for SPLA. The customers face big challenges when it comes to interpreting Microsoft’s dynamic and complex licensing rules. Therefore, after gathering and validating discovery data for SPLA deployments, it is recommended to seek help from an expert to understand licensing rules. The good thing about SPLA audit is that the entitlement data is simple to find. Monthly true-up orders forms the basis of SPLA assessment. Experts can help review the data from the tool and complete the certification.

Procedures and policies for SPLA

Defending SPLA audits becomes easier with a set of recommended policies and procedures. For this, you need data that represents all deployed Microsoft products in a customer-facing environment during the SPLA term. The policies and procedures ensure that data necessary to prove compliance is available. The policy provides a guideline for data collection along with analysis steps formulated to avoid any compliance risks and prepare for further SPLA audits.

Third-party services are of great help when it comes to SPLA certification, compliance and audit. They can provide all the necessary help to let the business run without hassles. 

Source URL: https://bit.ly/2KLegMi