Oracle audit defense is the buyer side process of controlling the scope, reviewing the findings line by line and negotiating the settlement, and an independent line by line review typically cuts a preliminary Oracle claim 60 to 80 percent.
What is Oracle audit defense?
Oracle audit defense is the work of turning an inflated opening claim into a defensible number you can stand behind. An Oracle audit is a negotiation dressed up as an inspection, and the preliminary figure is an opening position, not a bill. Oracle runs audits through GLAS, the team formerly known as License Management Services, under the audit clause in the Oracle Master Agreement. Defense means managing that process on the buyer side: confirming what is in scope, reviewing every measurement, separating policy from contract, and settling on terms that reflect what you actually deployed.
Audits are also a sales channel. Findings feed ULA renewals, OCI commitments and Java subscriptions, and analysts estimate that 20 to 30 percent of Oracle's on premises license revenue flows from audits. Reading the process this way changes how you respond to it.
What triggers an Oracle audit?
Oracle audits rarely arrive at random, and the common triggers are virtualization changes, Java downloads without a subscription, mergers and acquisitions, declining support spend, rejected sales proposals and cloud migrations. Any of these can move you up the list. If one is on your roadmap, the time to get your position in order is before the notice arrives, not after.
| Trigger | Why it draws attention |
|---|---|
| Virtualization on VMware | Oracle argues for cluster wide licensing under its partitioning policy |
| Java downloads | The per employee subscription counts your whole workforce |
| Merger or acquisition | New entities and estates fall outside the original agreement |
| Falling support spend | Signals a possible move to third party support or de support |
| Cloud migration | Counting rules change and back licensing claims appear |
How long is the Oracle audit response window?
The Oracle audit response window is usually 30 to 45 days from the formal notice, and you can negotiate the timeline and the scope before you agree to anything. The clock in the letter is a starting point, not a fixed deadline. Use the early days to confirm the named entities, products and time period, to assign a single point of contact, and to agree how data will be gathered. Pace matters: a measured response protects you, a rushed one helps Oracle.
Which findings does Oracle lean on?
The classic findings are processor core shortfalls against the core factor table, options and management packs enabled by accident, cluster wide virtualization claims, Named User Plus undercounts against the minimums, and disaster recovery mistakes around the 10 day rule. Each one is a place where the opening number inflates and where a careful review brings it back down.
Options and packs are the most common surprise. A single click in Enterprise Manager can register usage of Diagnostics Pack or Tuning Pack, and many options install by default. Usage that was never operationally meaningful still shows up in Oracle's collection scripts, which is why every detected feature deserves an evidence test before you accept it.
Should you run Oracle's scripts?
Running Oracle's collection scripts at all is a decision, not an obligation, and the output should be reviewed before submission because those scripts can overcount across virtualization layers. Script results are raw data, not a verdict. Review them against your entitlements, strip the double counts, and document anything that misrepresents real deployment. What you submit frames the entire negotiation, so it pays to get it right.
Does Oracle policy beat your contract?
No. The policy document is not the contract, and contract language beats policy where the two disagree. Oracle's cluster wide virtualization claims rest on partitioning policy papers that are often weaker than the signed agreement, because Oracle's partitioning policy does not recognise VMware, Hyper V or KVM as hard partitioning. When a finding rests on policy rather than on a term you actually signed, that is a finding you can challenge. This is contract dependent, so the first step is always to read your own agreement.
What is the disaster recovery 10 day rule?
The disaster recovery 10 day rule lets you run Oracle programs on an unlicensed failover node for up to 10 separate days in a calendar year for testing or actual failover, and exceeding that can create a licensing requirement on the standby. Many estates trip over this without noticing, because routine failover testing quietly accumulates days. The buyer move is to track failover usage against the 10 day allowance, document it, and confirm how your own agreement defines the right, because this is contract dependent and the detail varies between agreements.
How much can a line by line review cut a finding?
An independent line by line review of Oracle findings typically cuts the claim 60 to 80 percent, because preliminary findings arrive inflated at list price. The reductions come from recomputing the core factor correctly, disabling and disputing options that were never meaningfully used, replacing cluster wide virtualization assumptions with what your architecture can actually demonstrate, and correcting user counts. None of this is adversarial toward Oracle. It is simply holding the number to the contract and the evidence.
The buyer moves, in order
Defending an Oracle audit follows a clear sequence, and each step protects the next.
- Acknowledge the letter, name one point of contact, and confirm the scope in writing.
- Read the Oracle Master Agreement and the ordering documents before producing any data.
- Decide what to measure and how, and review script output before it leaves the building.
- Test every finding against the contract, separating policy claims from contractual ones.
- Rebuild the number line by line and present a defensible position.
- Negotiate the remediation, not the list price, and settle on terms that fit your roadmap.
Read the deeper playbook in our Oracle License Compliance Guide, see how we work in Oracle Audit Defense, or download The Audit Letter Response Kit.