How OpenText maps products to ALAs in an audit

Before any number appears in a finding, an auditor makes a choice that decides most of the math: which Additional License Authorization governs which product. How OpenText maps products to ALAs in an audit is the quiet first step that sets the metric, the unit, and the conditions every later calculation depends on. Get the mapping wrong and the whole finding inherits the error, which is exactly why a buyer should examine the mapping before accepting any figure built on it.

This field note explains how the vendor assigns products to authorizations, where the mapping goes wrong, and how to hold the audit to the grant that actually applies. It pairs with our ALA and entitlement review track.

Why the mapping comes first

Most Micro Focus products are governed by Additional License Authorizations, the definitional documents that explain what each metric counts. A finding cannot be built until each deployed product is matched to the authorization that defines its metric. That matching exercise is the foundation of the whole calculation, and because it happens early and often without the buyer present, it is also the least scrutinised. A mapping made for the vendor's convenience can carry an inflation that no later line item makes obvious.

The mapping traps

The first trap is applying the wrong authorization version, mapping a product bought years ago to a current authorization whose definitions differ from the one that governed the purchase. The second is mapping a component to the metric of the suite it shipped within, rather than the metric that actually governs the component. The third is mapping a product to the most expansive available metric where more than one could plausibly apply. Each trap shares a direction: it favours the reading that counts more, and each is correctable by returning to the grant that the buyer's purchase actually invoked.

Acquisition history complicates the mapping

The Micro Focus acquisition that closed in early 2023 brought a very wide catalogue under OpenText, spanning security, DevOps, COBOL, and analytics product families. Products from that catalogue carry their own authorization lineage, and OpenText's own ECM line predates the acquisition and is governed by the OpenText end user license agreement rather than the Micro Focus authorizations. A mapping that ignores this divide can apply authorization terms to a product the agreement never covered, or the reverse. Understanding which governance regime applies to which product is the starting point, a distinction we set out in Micro Focus ALA versus OpenText EULA scope.

How we test the mapping

The defense reconstructs the mapping from the buyer's own records rather than accepting the vendor's. We assemble the order forms, identify the authorization version each purchase referenced, and match each deployed product to the grant that governed its acquisition. Where the vendor mapped a product to a different authorization, we show the document that establishes the correct one. This is the Reconstruct step in our method, and it routinely moves a finding before a single metric is even counted, because correcting the mapping corrects everything downstream.

Bundles and the mapping problem

Bundled purchases are where mapping errors concentrate, because a bundle invites the auditor to treat several products as one and apply a single metric across all of them. The defensible approach unpacks the bundle into its components and maps each to the authorization that governs it individually, a method we describe in how ALA bundles obscure true entitlement. A component mapped to its own grant is often licensed under a narrower metric than the bundle level reading assumed, and the correction can be substantial across a large estate.

Holding the vendor to the right grant

Once the correct mapping is established, the challenge is to require that the finding be rebuilt on it. We present the authorization that governs each product, identify where the finding used a different one, and ask that the count be re run against the contractually correct grant. Where the vendor mapped to a broader metric than the purchase invoked, the corrected mapping reduces the count to the figure the contract supports. In a recent engagement, re mapping several products to the authorizations that actually governed their purchase removed a large share of the opening shortfall, mirroring the kind of correction reflected in our E-01 case file, where a seat count finding moved from $7.2M to $1.6M, a 78 percent reduction.

The mapping is a documentary question, not a judgment call

It is easy to treat product to authorization mapping as a matter of expert opinion, but it is really a matter of paper. The order established what was bought, the authorization in force at the time defined the metric, and together they fix the mapping without room for preference. A buyer who frames the mapping as documentary rather than discretionary takes the decision out of the vendor's hands and returns it to the contract. That reframing is often the single most useful move early in a defense, because it converts a contestable judgment into a verifiable fact.

Why early mapping review changes the negotiation

A buyer who reviews the mapping before responding to the finding enters the conversation able to dispute the foundation rather than only the figures. Disputing a total invites a negotiation over discounts; disputing the mapping invites a correction of the contract record. The second is far stronger, because it rests on documents the vendor itself relies on. Reviewing the mapping first, before the count is accepted as a premise, is what lets the defense work on the structure of the finding rather than merely its size, and it is the difference between bargaining a number down and proving it was wrong to begin with.

Closing the mapping question forward

After the present finding is corrected, the forward agreement should record the mapping explicitly: which product is governed by which metric, under which definition. Writing the mapping into the agreement removes the ambiguity that let the audit choose, so the next review starts from an agreed product to metric relationship rather than a contested one. Resolving the dispute and fixing the mapping in the forward contract are two parts of the same work, and together they keep the mapping from becoming a recurring source of exposure.

For the full method, read the complete OpenText audit defense playbook, and for entitlement defense across the Micro Focus estate see our ALA and entitlement review track. If your finding rests on a product to authorization mapping you have not verified, open a case.