The SAMOSA bill has pushed software management into the headlines. It asks for inventories, discovery tools, automated licence tracking, and trained staff able to handle acquisition and contract negotiation. I do not expect UK law to copy a US bill overnight, but the requirements are sensible prompts. If you look after infrastructure, you should treat this like a staging gate. Get the facts, measure actual use, and stop buying on gut.
Start with a pragmatic inventory. Scan networks and endpoints, tie installations to active accounts, and log actual usage for at least 90 days. Use at least two discovery methods: an agent on critical servers and a passive network scanner for everything else. Tag each item with vendor, product ID, edition, install count, and owner. Classify licences into the basic types you will meet: per-seat, per-core, subscription, concurrent use, appliance/OEM, and SaaS entitlements. For each licence type capture the cost model, audit triggers and reassignment rules. Build a simple spreadsheet that lists current spend, installs, peak concurrent users and a probable compliance gap. Example calculation: if a per-user licence costs £30 per year and you find 3,000 inactive installs, that represents a recurring waste of around £90,000 a year. That is an example for illustration; use your own numbers.
When you model migration options, compare three paths: consolidate to enterprise or site licences, move to SaaS with central control, or migrate to supported open source. Add hard numbers for migration effort. Estimate engineering hours to migrate or retire each application. Multiply by your billable hourly rate. Add contract termination fees and data migration costs. Then model a simple payback: annual licence reduction minus one-off migration cost. Aim for payback inside 18 months for non-strategic apps. For strategic platforms, insist on exit terms and data portability before you sign anything.
Automation buys you time and accuracy. Deploy discovery tools that produce machine-readable inventory. Open-source tools to consider as examples are OCS Inventory NG, GLPI and Snipe-IT for entitlement and asset records; commercial software asset management tools add richer licence reconciliation. Automate licence tracking by creating a central entitlement repository with APIs to feed billing systems and identity platforms. Schedule daily reconciliations that compare active accounts against entitlements and flag excess. Make automated alerts for unused seats, approaching audit windows and contract renewal dates. If you have cloud SaaS, pull usage metrics via vendor APIs and store them in a single place so you can query actual active users versus licences.
Contract negotiation is a skill to train, not an optional extra. Teach procurement and engineers to ask for these clauses: access to raw usage telemetry, defined audit windows, single audit per year, caps on audit penalties, true-up options with fair market pricing, portability for data and workloads, and clear termination exit costs. Push for API access to the vendor’s usage reports so you can automate reconciliation. Insist on licence definitions that match how your systems run, not the vendor’s preferred accounting trick. When quoting examples in negotiation, use your reconciled inventory as evidence. Say: “Our logs show 120 active users, not 350 installs,” and present the export.
Make interoperability a purchase criterion. Ask for machine-readable licence files, service-level access to usage data, and a software bill of materials for complex products. Keep a small test environment for any major platform you might adopt so you can validate licence behaviour under load. Train one engineer in basic contract negotiation. Train one procurement person in licence models and audit playbooks. Put a simple CIO-style approval step on any uncatalogued purchase; make it lightweight and fast, but enforce it. That cuts shadow purchases without blocking real work.
Take three actions this week: run a focused 90-day discovery, build a spend-versus-usage spreadsheet, and add automated reconciliation for the top five cost drivers. Do those and you will cut waste, be ready for external audit or similar regulatory change, and give yourself bargaining power in contract negotiation. I prefer concrete steps that show a quick return. Keep the work tight, measure constantly, and let automation do the heavy lifting.
