Software Audit
Use Case: Software Audit
Title:
Software Compliance and Audit with CIQ ITAM
Objective:
Enable the IT or Compliance team to demonstrate corporate software compliance, providing detailed evidence for developer audits and ensuring all software assets are licensed, approved, and fully tracked.
Primary Actors:
- IT / Compliance Analyst
- External Auditor (when applicable)
Preconditions:
- All corporate devices have the CIQ ITAM agent installed.
- Installed software is registered and linked to valid licenses.
- Approval policies and critical software alerts are configured.
- Proper access profiles and permissions are set to query inventory data and generate reports.
Detailed Use Scenario
1️⃣ Audit Preparation
- The analyst accesses the complete software inventory in CIQ ITAM.
- Filters software by manufacturer, version, license, approval, and critical alerts (red alert or unauthorized software).
- Identifies devices with unlicensed or non-compliant software.
2️⃣ Detailed Device Information Review
For each audited device, CIQ ITAM provides:
- Hardware: CPU, RAM, disks, motherboard, peripherals, status, and health.
- Operating System: version, architecture, installed updates, and serial number.
- Network: IP, DNS, gateway, MAC address, active interfaces.
- Installed Software: name, version, license, approval, critical alerts, and change history.
- Geolocation: physical location of the device to validate on-site or remote audit.
3️⃣ Non-Compliance Identification
- The system automatically generates red alert software notifications, highlighting unlicensed or non-compliant programs.
- Devices without an agent or with suspicious change history are also flagged.
4️⃣ Audit Report Generation
- The analyst generates detailed reports including:
- Complete list of installed software per device.
- Valid licenses and available balance.
- Non-compliant or red alert software.
- Recent hardware/software changes potentially affecting the audit.
- Reports can be exported in formats compatible with external auditors.
5️⃣ Corrective Actions
If non-compliance is detected, the analyst can:
- Perform remote uninstallation of unauthorized software.
- Install or update software according to correct licensing.
- Log all actions in the CIQ ITAM history, ensuring full traceability.
6️⃣ Audit Closure
- All audited devices and software are validated and compliant.
- Documented evidence in CIQ ITAM proves legality and compliance to developers.
- Future alerts can be configured to monitor newly installed software and maintain ongoing compliance.
CIQ ITAM Features Utilized
- Detailed hardware, software, and network inventory.
- License and compliance control (Microsoft 365 and other software).
- Removing unauthorized software or installing correct versions
- Change history and consolidated inventory.
- Audit-ready reporting and export functionality.
- Remote management for fast corrective actions.
- Geolocation and perimeter tracking to validate physical devices.
Benefits
- Ensures compliance with developers and regulatory authorities.
- Reduces legal and financial risks associated with unlicensed software.
- Improves Helpdesk and IT efficiency by identifying and correcting non-compliance remotely.
- Complete documentation with detailed history and reports for audit purposes.