An audit feels personal when it lands on your desk, but it is the output of an organized function with its own targets and process. OpenText runs a global software compliance team with executive sponsorship, and understanding how that team is structured tells you a great deal about what to expect and how to respond.
Knowing your counterpart is not about suspicion. It is about preparation. A compliance review run by a dedicated team with a defined commercial objective is a different exercise from an informal entitlement question, and treating it as the former from day one keeps you from making the concessions the process is designed to extract.
Executive sponsorship sets the objective
The compliance function operates with executive sponsorship, which means it is not a peripheral activity but a recognised contributor to revenue. That backing shapes everything downstream. Targets exist, reviews are prioritised by likely yield, and the process is run with the consistency of a repeatable program rather than the variability of an ad hoc check. For the buyer, the practical implication is that the opening finding reflects a commercial ambition, not a neutral measurement. It is a starting position, and starting positions move.
The Compliance Manager runs the review
The day to day owner of a review is typically a Compliance Manager. This person prepares the entitlement and support position, assembles the picture of your deployment, and then runs the true up negotiation that follows. The role combines analysis and commerce. The same person who builds the finding is often the person who will later negotiate its resolution, which tells you that the finding and the negotiation are two phases of one designed process, not separate events. The negotiation phase is examined in true up negotiation tactics under audit pressure.
How the entitlement review is built
The entitlement and support review gathers what the vendor knows about your contracts, your maintenance status, and your deployment, and compares it against a measured or self assessed view of usage. The output is a position: here is what you are entitled to, here is what we believe you are using, and here is the gap. That gap, priced under the remedy clause, is the finding. The crucial point for the buyer is that the deployment side of this comparison is frequently assembled from incomplete or overinclusive data, because the vendor counts what it can see rather than what is genuinely licensable. The corrective is to build your own effective license position in parallel, as described in building an effective license position before the vendor script runs.
The vendor's deployment picture counts what is present. A defensible license position counts what is entitled and used. The gap between those two views is the finding, and most of it is built from the difference.
Why the breadth of the estate matters
The compliance team works across one of the widest software estates in the market. The Micro Focus acquisition, which closed at the end of January 2023 for around six billion dollars, added security products such as Fortify, ArcSight, Voltage, NetIQ and Sentinel, DevOps products such as ALM, Quality Center, Octane, LoadRunner, UFT, Dimensions and AccuRev, COBOL products such as Visual COBOL and Enterprise Server, and analytics such as IDOL. The original OpenText ECM line, including Documentum, Extended ECM, Content Suite, eDOCS and InfoArchive, sits alongside these and is governed by the OpenText EULA rather than the Micro Focus Additional License Authorizations. Each product carries its own metric, and breadth creates overlap. Overlap is where opening findings inflate, because the same user or system can be counted under more than one definition. The authorization terms that govern most of the acquired products are reviewed in our Micro Focus ALA and entitlement review track.
The two phases of one designed process
It helps to see a compliance review as a single process with two phases rather than two separate events. The first phase is construction: the team gathers what it knows, forms a view of usage, and assembles a finding. The second phase is conversion: the same team, often the same person, turns that finding into a commercial outcome through a true up. The handover between the phases is seamless by design, because the finding is built to become the opening position in a negotiation. The figure is not presented as a proposal. It is presented as a measurement, which makes it feel non negotiable even though it is the most negotiable thing in the room.
Recognising the two phases changes where you apply effort. If the finding is going to become the negotiating anchor, the time to influence it is during construction, not after. Every population correction, every metric clarification, and every challenged indirect claim that lands before the finding is finalised reshapes the anchor itself. By the time the conversation reaches the conversion phase, the most valuable work is already done. This is why reconstruction precedes negotiation in a disciplined defense, and why conceding data early in the construction phase is so costly later.
What the structure means for your response
Because the process is organized and repeatable, your response should be too. The vendor benefits from a buyer who answers each request in isolation, hands over data early, and treats the finding as fact. You benefit from the opposite: one controlled channel, a narrow reading of the audit clause, an independent reconstruction of the position, and a refusal to accept the finding as settled before it has been tested. The contractual basis the team relies on, that compliance is the sole responsibility of the licensee, is examined in why compliance is the sole responsibility of the licensee. The limits on what the team can demand are set out in what OpenText can and cannot demand during an audit.
Meeting an organized function with an organized defense
The compliance team has done this hundreds of times. Most buyers have done it once. The way to close that gap is to bring experience that matches the vendor's own, which is the reason this firm was founded in 2020 by former vendor compliance leadership. We know how a finding is assembled because the method is familiar from the inside. For the full sequence across every product line, see the complete OpenText audit defense playbook. If a review has opened, you can open a case and we will take over the channel within the notice window.
If you have received an OpenText or Micro Focus audit notice, the first seven days matter more than any week that follows. OpenText Audit Defense is an independent, buyer side practice founded in 2020 by former vendor compliance leadership. We have defended more than 200 audits, reduced the average finding by 68 percent, and mitigated more than $90M in claims against vendor positions. We do not resell OpenText software and we are not affiliated with OpenText Corporation. To open a case, use the contact form on this site.