Stacking the Deck: Why Oracle is Going to Audit You (And What to Do about It)

No one likes feeling like they’re behind the proverbial 8-ball. So often, we tell ourselves that’s not the case – follow the rules, work hard, keep your nose clean, and you’ll be fine. These are the lies we tell ourselves.

Most of these non-truths are harmless, but let’s get one thing straight: No one likes feeling like they’re behind the proverbial 8-ball. So often, we tell ourselves that’s not the case – follow the rules, work hard, keep your nose clean, and you’ll be fine. These are the lies we tell ourselves.

Most of these non-truths are harmless, but let’s get one thing straight: Oracle has some great products, but they aren’t really anyone’s friend. They’re a business. And when you rely on these products, they’ve got you right where they want you; the deck is stacked against you, and Oracle knows it.

I can’t help you in other areas of your life where the odds are stacked against you such as surviving that performance improvement plan your boss put you on or triumphing over loan sharks, but here’s my completely un-sugarcoated view of how to prepare for the inevitable – an Oracle audit.

The Bitter Truth: Oracle Wants to Audit You

I know, your sales guy came out to the office last year and you hit it off famously. Your Oracle service rep seems like the most responsive and diligent person you have ever had the pleasure of working with.

But none of this is going to stop Oracle from auditing you. Especially right now.

Let’s face it – the economy took quite a tumble this past spring, with an estimated 66,000 businesses nationwide folding since March 1. Even well-prepared, moneyed organizations are cutting expenses wherever they can. Oracle’s leadership knows that companies will be more cautious when it comes to spending over the next couple years. It’s also not unlikely that a number of Oracle’s clients are going the way of the dodo in the near future.

So, Oracle’s gotta make up that lost revenue somehow. And a good way to do just that is to run audits on clients and ding them for non-compliance.

“But we aren’t non-compliant!” you protest.

Being found non-compliant is, as it happens, a bit like being found a witch during a witch trial; the potential auditor just needs to look in the right place to find incriminating information, and the burden of proof is entirely on you, the customer, to prove your innocence. Spoiler alert: You will be guilty until proven innocent, and Oracle is counting on proving that innocence being far more trouble than its worth – even after you’re sent a massive bill.

Under a Microscope

Oracle has long been known for its contentious tactics. “Oracle maintains what I consider to be the most aggressive audit program of any major software publisher,” Christopher Barnett on General Counsel News.

Even if you believe you and your team are doing everything right, it’s not unusual to turn around and find you were breaking a rule without knowing it. Sometimes the rules change without you knowing. Products get de-supported. Terms and conditions change with little fanfare or an update to a website link inside your contract. The Processor Core Factor table was updated three times in 2017.

And then, there’s the simple fact that one of cloud computing’s greatest strengths is also one of its greatest weaknesses when it comes to compliance – its accessibility by any employee or contractor, in any location. Should an employee accidentally download a product (which is, by default, set to “on”), you’ll be on the hook for a very hefty bill. Ditto for a managed services provider accidentally enabling an Oracle product, a scenario Lena J. Weiner explored earlier this year.

In short, anyone can lapse into non-compliance. The best way to prevent this is to partner with a compliance monitor who has the experience and know-how to know what to watch out for and has your back.

Don’t Bring a Knife to a Gun Fight

If you’ve never been through an Oracle audit, you might think you can clear up the problem with a quick phone call to your Oracle rep to clear things up. Unfortunately, that never works in these scenarios.

Let’s get real: at this point, you need professional help. It’s time to bring in an audit protection service that will help advise you through the audit. Additionally, here are a few things such an organization will tell you on day one of working together:

• Keep copies of all documents used during negotiations. If Oracle changed its policy between when you began talks with your sales rep and now, it would sure be nice to have a whitepaper or brochure your rep handed you that featured the original.
• Read the fine print! I cannot emphasize this enough. The devil is in the details – never assume that this year’s contract will be like last year’s or that everything the sales rep or sales engineer promised was written into the contract. If you don’t believe me, check out the new Oracle Terms and Conditions (Page 18, Section 8), which went live last year.
• Keep a robust compliance monitoring team on your side. This is a big battle for anyone to fight on their own. Keeping an organization in your back pocket that specializes in Oracle compliance and Oracle contracts isn’t just good business – it assures peace of mind and protects the investment your organization makes in Oracle products. Have them regularly review your environment so that they catch any mishaps before Oracle does.

When it comes to surviving the inevitable audit, being smart about it can save your business millions of dollars – and save your headaches and frustration. Don’t wonder if it’s coming; prepare for when it’s coming.

About Michael Corey