7 Questions to Ask When Engaging an Oracle Audit Defense Consultant


Nathan Biggs (@nathanbiggs), CEO

With Oracle’s end of fiscal year rapidly approaching, many organizations are finding themselves mired in an audit. If you are one of these “lucky” targets of Oracle’s attention, you have likely learned that an audit from Oracle is not so much a compliance verification exercise, as it is an opportunity for their sales teams to pitch an offer you cannot refuse.

When faced with a well-oiled good-cop, bad-cop routine from Oracle, many organizations reach out to an audit consultant for help. There are many such consultancies out there, and selecting one can be challenging. In this blog, I offer a list of questions that you can ask a potential consultant to help you decide who will be most effective in defending you against Oracle.

  1. Are you an Oracle partner?

You may think that being an Oracle partner would be a good thing in selecting an audit consultant, but there are a few things to consider. First, Oracle partners are rewarded when they make a sale, not when they prevent one. Secondly, Oracle asks their partners to report any compliance issues that their customers have back to Oracle. You want someone who will be your advocate in an audit, and not Oracle’s.

  1. Are you a former Oracle License Management Services (LMS) employee?

Most, but not all, former LMS employees toe the Oracle line when it comes to how they offer audit support. They have been immersed in Oracle’s methods for pressuring customers to pay fees for things that those customers are well within their contractual rights to use.

  1. If you have audit tools, did that intellectual property (IP) originate from Oracle audit scripts?

This is especially true with consultants who are former Oracle employees, but can include others as well. Many of them have leveraged Oracle’s audit IP as a basis for developing their own tools. In dealing with Oracle, you never want to put yourself in a position where they can claim a violation of a contract, especially when it comes to infringement of intellectual property rights.

  1. Do you publish lists of customers on your website?

It is common practice in customer agreements for a clause to be inserted that restricts the consultant from disclosing their work with that customer, or even the very existence of an agreement with them. Frankly, when it comes to Oracle audits, we agree wholeheartedly with this customer protection. Oracle seems to look for any trigger or leverage possible to invoke an audit. When a consultant publishes a list of customers on their website, it is like an invitation to Oracle to come after that organization. You should be able to trust your consultant to never divulge confidential information, especially if that can be used against you by an organization as aggressive and predatory as Oracle appears to be.

  1. Do you have DBAs and architects that understand the real impact of how Oracle software is used, and how to reduce the licensable footprint?

Oracle’s software can surreptitiously enable features that require a license, but that you never intended to use. Moreover, they have made it easy for an unsuspecting DBA to use a feature that causes a very large compliance liability. The consultant you select should not only understand Oracle contracts and audit practices, but they should be also intimately familiar with how that software is being used. They should understand the underlying architecture so that appropriate recommendations can be made to ensure compliance going forward, and to limit (or even reduce) the size of the Oracle licensable footprint.

  1. Do you understand VMware virtualization, its benefits to Oracle deployments, and that Oracle’s contract is completely agnostic to whether or not VMware is used?

VMware virtualization technology is becoming best practice for all data center operations, and even for business-critical Oracle workloads. Oracle is making non-contractual (i.e., untrue) claims that VMware cannot be used with Oracle without licensing every processor on every server in the whole VMware environment. You want an audit consultant who understands the benefits of VMware virtualization, and takes a strong stand to refute non-contractual assertions from Oracle.

  1. What is your track record of getting Oracle to back off their aggressive positions and do what is right for the customer?

According to VMware, House of Brick is the “premier, pioneer partner for running Oracle on VMware, including licensing.” When our many audit defense clients have followed our guidance and coaching throughout the audit process, we have never had a customer that was forced to pay fees for non-contractual claims. That is a perfect track record. Our record has been proven to reduce Oracle claims from hundreds of millions of dollars in compliance claims to zero. We never advocate cheating Oracle; they are entitled to every contractual claim that they accurately find. But there is no need to pay anything extra to Oracle if you do not have to.

As the industry leader, House of Brick answers each of these questions in favor of you, the customer. We believe that we are the only license service provider in the industry who can make that claim. If you are being audited, or fear that an audit is coming, reach out to us. We will walk you through the process, and be there for you every step of the way.

Table of Contents

Related Posts