Contact Us

Microsoft Audits Service Providers - Q&A

Daryl and Alexander are answering questions about Service Provider software compliance audits conducted by Microsoft. 

  1. I get an audit letter. Do I need to initiate the audit immediately? 
  2. How many years can they go back when they audit? 3, 5, 10?
  3. We accidentally submitted a non-hosting cluster, and the auditor counted it as an SPLA debt. Now they don't want to de-scope it. 
  4. If I have a cluster used both for my hosting business and my internal infrastructure, my internal IT, do I have to give all that data to the auditor? 
  5. May I use our SPLA licenses for internal use? 
  6. A provider has an extension of the hosting platform on AWS. Part of the licenses they receive directly from AWS as a part of the infrastructure and the overall EC2 costs. But there are other licenses that they should be paying for, like RDP SAL and SQL SAL. Can they use their SPLA licenses, purchase them from AWS, or even use the bring your own license option? 
  7. When you have E3/E5 subscriptions, do you get the right to install System Center on servers as part of your bundle rights? Can you use System Center via E3/E5 to license your products on hosted servers in an outsourcer's environment? 
  8. Who has the licensing compliance responsibility for the SPLA licences used on-premises?
  9. Would you recommend getting your end customer to sign off on some document, use rights, or something like that when you provide licenses to be used on their premises?
  10. Can we build our own SPLA tool with scripts, or do you suggest buying a product like Snow or Flexera to manage our SPLA environment?