When you purchase software, you’re purchasing a right to use that software. The right to use the software is often a license, but that’s changing with software-as-a-service (SaaS) and various forms of third-party software management services. It’s critical that every device using the software has a license associated with it.

The Business Software Alliance audits reported cases of violations, which are most commonly brought about by disgruntled current or former employees. A good way to prevent these expensive audits is to have a strong software asset management program in place.


The general reason that you want software is to help solve a problem. Having a clear definition of the problem enables your business to focus on its components, which are about the data needed to help solve the issue across departments. Include as many representatives as needed, and keep in mind that, at this point, you’ll be getting both a needs list and a wish list.

  1. For each component, determine how the data will solve the problem and the risk associated with having that data. Although data storage itself is cheap, the human portion of going through the data may not be, depending on any number of factors.

Look at the essential components from the customer point of view. For example, customers will want to know why their location and contacts are needed for a financial planning application.

  1. Each requested component needs to fit into privacy guidelines. These include General Data Protection Regulation, and, if you do business in a number of U.S. states, each state’s own privacy guidelines.

  1. Think about who requires or receives the reports, their needs, and any mandatory formats.

  1. Set in place the priorities of these components. Which are the must-haves, and which components can be added later?

Once these questions are answered, set a plan to deal with scope creep. At this stage, you’ve developed most of the request for proposal (RFP). The document should be reviewed by multiple individuals at different levels of the organization for thoroughness, priorities, and risks. If you have a procurement department, make sure it’s involved and committed. Some organizations will bring in corporate counsel at this stage so that they understand potential contract and license issues.

Work with IT and finance to develop rough costs for this procurement. Costs will include the costs of the software licenses and potential upgrades of hardware, the network, and monitoring. Other costs to include are estimated development and hosting costs.


This is the “fun” part of obtaining the software. Research what’s available and what others think of the software. Much of this can be done by an online search to identify the various vendors. When you see what’s available, then read the marketing information. Make a list of the company and your first impression of the company, the software, and the overall website and support listed. Some websites have a small demonstration of the software for a user to try. Look up the company and software product on Gartner, Forrester, or PCMag to read their reviews or, where applicable, if you have a subscription, you can discuss the software and licensing with one of their experts.

Be aware that the vendor will assign a team of experts to work with your organization. Make sure you sign a nondisclosure agreement with the organization that covers both its presentation to you and your RFP with them. The vendors should conduct a formal presentation of the software to those who worked on the RFP, representatives of those who will use the software, and a person who will ensure that the presentation covers the RFP. Make sure the presentation is in your native language, not in some form of tech speak. Deciding which software to buy will be based on your RFP, ease of use of the software, and how much support the vendor plans to provide to make the software work in your environment.


The two most common ways to purchase software are on an individual basis or through SaaS. Individual software involves a direct purchase of the license. The advantages of this include the option to only obtain what you need and control over the use of that software. Generally, you have ownership over the data, with the ability to change software at any time. The disadvantage is that you need to make sure patches are current, that the highest level of software security is maintained, and that the number of copies of the software in use doesn’t exceed the number paid for. Also, when you have an upgrade, you’ll need to buy all new copies. The vendor will often provide software maintenance, which is around 30% to 40% of the original price per year, that will include the ability to upgrade. You rarely have control over that contract.

A SaaS provider is sometimes referred to as a cloud provider. The plus to keeping your software in the cloud is that the provider maintains the patches and upgrades. The provider is responsible for the software security and is constantly monitoring its use. For smaller businesses, the software license and contract aren’t generally negotiable. For medium-sized organizations or larger, the provider will often negotiate the terms and conditions. The downsides to using SaaS providers include the need to negotiate ownership of data and making changes with the provider.

Procuring software takes time and patience. A good RFP, research on the software and the vendor companies, and knowing what works best in your organization will make it easier to solve your business problem.

The opinions included are those of the author and not necessarily those of Oregon Department of Transportation or any agency in the State of Oregon.

About the Authors