It’s a nice, cool late October morning, the time of year when the shadows grow darker and longer and “spooky” stuff lurks around every corner. You’re at your desk sipping some coffee and checking emails when a new one comes in from Sarah, the CIO, marked “Urgent.” She says that she received a letter from some outfit called the Business Software Alliance asking the company to conduct an audit of its use of “Company X” software and threatening legal action and potential damages if the company fails to cooperate. She attached a copy, so you open it up and read through it for yourself. Your first thought is WFT? and that this is some kind of scam and you should just toss the letter in the trash and move on. That would be a mistake. A very big mistake. Like a going down into the basement alone in the dark to check out odd noises and scratching sounds type of mistake.
Congratulations, you just received your first software audit letter and if you’re like most in-house lawyers what’s ahead for you and the company is going to come as a big, painful surprise. Much like that opening scene in Night of the Living Dead when someone says “They’re coming to get you, Barbra…” Yes, indeed, they are. The software companies that is, not a ghoulish horde of brain-eating zombies (though you may prefer that to the audit). The good news is that you will likely only see a handful of these letters over the course of your career at any one company. The bad news is whatever you had planned for the next few days is now on hold as you will need to immediately start to work on how to respond to the letter and preparing for the audit. I have dealt with a few software audit letters over the course of my in-house career and there are some tried and true things you should do when faced with one. This edition of “Ten Things” lays out some of the lessons I have learned regarding software audits: