IT audits, software audits, and computer hardware audits can all be carried out in Ewida Audit. The solution can be used both by internal IT departments and by companies performing audits for their clients.

In this article, we show two levels of work. First, we organize the planning side and the audit assumptions, and then we move on to the practical execution of the whole process in the application. Because Ewida Audit is a Windows desktop program, the entire workflow is based on working with the local console, scan files, and audit data stored in the user’s environment.

This material applies only to work in Ewida Audit. We therefore focus on the audit procedure, computer scanning, software license compliance verification, license assignment, and preparation of final reports, without referring to other products or other ways of working.

Preparing for the audit

An IT audit should begin with collecting what are often called proofs of license ownership. These may include purchase invoices, license certificates, installation media, COA labels, vendor documents, and other items required by a specific licensing model.

The set of required documents is not always the same. It depends on the vendor, the license type, and the purchasing model. That is why, right at the start, you need to determine what proof of software ownership will be considered sufficient within the scope of a given audit.

A well-prepared initial stage saves time later. Without organizing the documents and defining the rules for assessing license compliance, even properly completed computer scans will not yet produce a reliable final result.

Computer hardware audit

The first round of computer scanning in a company is best based on physically checking each workstation. In practice, this means scanning the computer while at the same time verifying license labels, seals, and other markings that may matter when assessing the environment for compliance.

In Ewida Audit, scanning can be carried out in three ways:

  • remotely with Agents,
  • remotely through DCOM, without installing Agents,
  • locally with Codenica PC Audit Scanner.

The choice of method depends on the scenario. In internal audits, remote communication is often possible. In formal audits, especially those performed at an external client’s site, local computer scanning in the direct presence of the auditor is usually the better approach.

License inventory

License inventory means correctly entering licenses into the program together with purchase information and documents confirming ownership. This is a very important stage, because detecting an application on a computer is not the same as confirming the legal right to use it.

Ewida Audit does not assume that a license exists based on detected software or scanned license keys. That kind of shortcut could lead to wrong conclusions, so every license should be based on actual documents and proofs of license ownership.

In practice, this means that the audit result should combine two layers: technical data from computers and formal data resulting from purchase documents and licensing rules.

Employee records and assignment of responsibility

Maintaining employee records is an additional procedure, but a very useful one. It makes it easier to determine who uses a given computer, what software is assigned to a workstation, and who is responsible for a given set of devices or licenses.

Users can be added manually or imported from a CSV file, from Active Directory, or from the Ewida Standard database. This kind of mapping helps organize the audit result and makes final reporting easier.

How auditing works in Ewida Audit

In the program, you create Hosts that correspond to the computers being scanned. For each host, the application stores the source data separately and then runs a recognition process. In practice, this means converting technical data coming from WMI, the system registry, and scanned files into structured objects such as computer sets, devices, and software.

After the scan results are loaded, you can move on to assigning licenses to detected software. In some scenarios, parts of this process can be supported by automation, but during the first audit it is safer to make the key decisions manually. This gives you better control over the result and reduces the risk of interpretation errors.

Post-audit reports

Ewida Audit provides summaries and reports that can be used when preparing the final report. These may include reports summarizing the number of detected applications, listings of software, licenses, devices, and computers, as well as more detailed reports.

In practice, the final report usually consists of a descriptive section together with attached printouts or summaries. The custom summary mechanism is also important, because it makes it possible to prepare a report that better matches a specific client, audit objective, or preferred way of presenting the results.

Closing the theoretical part

Closing an audit means preparing the final report together with the conclusions resulting from the whole procedure. The report may include a description of the current state, identification of license gaps, proposals for corrective actions, and organizational recommendations for the future.

In many companies, defining the next steps for managing the IT environment is just as important as the audit result itself. The audit should not end with simply pointing out non-compliance. It is better when it also leads to a more orderly approach to software purchasing, license documentation, and planning future reviews.

If, after the audit, the company wants to maintain a broader record of infrastructure, documents, costs, and equipment in a separate Windows desktop system, it can use Ewida Standard for that purpose.

Assumptions for the practical part

An IT audit can be carried out by a company employee as part of an internal review or by an external audit firm. In this part, we assume the practical scenario of an external auditor performing the audit at the client’s site.

We assume that the terms of cooperation have already been agreed, the client is preparing license and software purchase documents, and they are also providing basic information about the employee structure and the way computers are used. This data is needed at the start, but its accuracy and completeness still need to be verified during the actual audit.

In this model, you can carry out either a basic or an extended audit. The extended version additionally includes more detailed organization of data about hardware, documents, warranties, and costs, so that the audit result remains useful even after the review itself has been completed.

Preparing for the practical audit

Work begins on your own computer, where you install Ewida Audit and prepare the environment to handle the whole process. The program offers three scanning mechanisms: Agents, DCOM, and Codenica PC Audit Scanner.

For external audits, the safest and clearest approach is to use Codenica PC Audit Scanner. Installing Agents on the client’s computers is usually not the best option, because it may conflict with security policies, raise unnecessary formal questions, or simply not be accepted by the client.

In practice, a scanner launched from a USB drive or from a network script is a better fit for the nature of a formal audit, where the auditor should visit the workstation, verify license markings, and personally perform the inspection.

Once the working method has been agreed, you can create a new audit in the program. Choose Menu → Audit → New, start the wizard, and enter the company details that should appear in the reports. Then add the default host required to create the audit workspace, skip Agent installation and remote scanning, and finish the wizard.

At this stage, the key goal is to prepare an organized environment into which scan results, user data, licenses, and relationships between objects will later be imported.

Codenica PC Audit Scanner

The computer hardware audit is carried out using Codenica PC Audit Scanner, a lightweight scanner included with Ewida Audit. The program does not require installation and can be launched from a USB drive, which is especially convenient for on-site work.

The scanner supports startup parameters, so it can also be launched from your own scripts. The most important parameters include:

  • autostart — automatically starts scanning,
  • autoclose — automatically closes after completion,
  • hide — runs without an interface,
  • silent — no completion message window,
  • skipstartupdrive — skips the startup drive,
  • targetdir — sets the save directory,
  • targetfile — sets the scan file name.

If the hide parameter is used, the autostart, autoclose, and silent parameters are also activated automatically.

Scanner configuration and preparation

Before starting work, it is worth reviewing the scanning settings available in the program configuration under the Audit branch. After the first installation, the settings are prepared with default values, but it is still a good idea to at least review their scope and make sure they match the planned procedure.

The configuration options are broad, but in many deployments the default settings are fully sufficient at the beginning. Once the scanning rules have been decided, you can generate Codenica PC Audit Scanner and save it to a USB drive prepared for work at the client’s site.

Scanning computers and processing the results

Once the USB drive with the scanner is ready, you can move on to scanning the client’s computers. It is worth keeping your own notes at the same time and recording at least the host name, user details, and information about COA labels, seals, and any other elements that require additional verification.

On the computer, run the PCScanner.exe file, start the scan, and save the result when it is finished. After returning, import the scan files into Ewida Audit using Menu → Audit → Load scan files. The program will create hosts representing the audited computers and start the data recognition process.

Next, add users and assign them to the correct hosts. The next step is entering the licenses owned by the client. It is especially important to pay attention to the Name, Version, and Number of Seats fields, because they are crucial for later matching licenses to detected software.

After the licenses are added, link them to the hosts. This can be done one by one or in bulk, depending on the type of licenses and the scale of the audit. Next, organize the detected software by excluding from the analysis those items that are not relevant for compliance assessment, such as selected free tools or libraries.

If the audit is the extended version, at this stage you can also organize data about hardware, warranties, documents, and additional organizational information. Thanks to this, the outcome of the work does not end with a one-time report, but becomes useful material for further management of the IT environment.