What is an effective license position?

An effective license position is your entitlements minus your deployments, measured in the unit each contract uses. It is the single number that tells you whether you are over-licensed, under-licensed, or balanced for every product, and it is the baseline a vendor audit, a renewal, and a budget all start from.

How is an effective license position different from a software inventory?

An inventory lists what is installed. An effective license position compares that deployment against what you are contractually entitled to use, in the metric the contract names, after applying use rights such as mobility and second use. Inventory is an input. The position is the answer.

Why does the license metric matter so much?

The metric decides what gets counted. A per processor product counts cores and core factors, a per user product counts named or concurrent users, and a per employee product counts total headcount. The same deployment can produce very different bills depending on which metric your contract uses, so metric mapping is where most overpayment is found.

How often should an effective license position be refreshed?

Refresh the position quarterly for the largest vendors and before every renewal or true-up date. Deployment changes constantly through virtual machine sprawl, new hires, and cloud scaling, so a position more than ninety days old is a guess rather than a baseline when a vendor letter arrives.

Can an effective license position reduce a true-up bill?

Yes. A clean position lets you reclaim inactive licenses, pool entitlements across business units, and true down where a contract permits before the count is locked. Done before the vendor sets the number, these moves shrink the chargeable gap rather than disputing it after the invoice.

What data do you need to build an effective license position?

You need the contract entitlements with their metrics, discovery data from your deployment tools, identity and HR data for user and employee counts, and the use rights that apply such as mobility, multiplexing, and virtualization rules. Missing any one of these produces a position that a vendor can challenge.

Effective License Position Handbook, Atonement Licensing

Executive summary

Your effective license position is your entitlements minus your deployments, expressed in the metric each contract names, and it is the single number every audit, renewal, and budget decision should start from. Most enterprises cannot produce that number on demand, so they negotiate from the vendor's count instead of their own, and the vendor's count is built to sell. This handbook works through what an effective license position is, how each license metric counts, how to reconcile entitlements, how to collect deployment data you can defend, how to map deployment to the contract unit, and how to forecast and refresh the position, with the mechanism named in each section.

Our advisors build and contest license positions on the buyer side only. Across more than 500 enterprise engagements, the buyers we advise have negotiated over $2.4 billion in software and cloud contracts at an average saving near 38 percent, and our audit defence work averages a 72 percent reduction against the initial claim. The figures below summarize that record and the mechanics that frame a clean position.

$2.4B

Contracts negotiated

38%

Average savings

72%

Average audit-claim reduction

90 days

Position refresh, indicative

1. What an effective license position is, and why it is the master number

An effective license position, often shortened to ELP, is the reconciled comparison of what you are entitled to use against what you have actually deployed, measured product by product in the unit each contract uses. A positive position means you hold more than you use and can reclaim or pool the surplus. A negative position means you are exposed and a true-up or an audit finding is waiting to be priced.

The position is the master number because every commercial event references it. A renewal sets price against the gap between entitlement and use. An audit tests the same gap with the vendor's tools rather than yours. A budget forecast extends the gap forward. If you cannot state the position yourself, each of those events is decided by whoever can, and that is the account team.

Inventory is not a position

A software inventory lists what is installed. It is an input, not an answer. The position only exists once that inventory is compared against entitlements, in the correct metric, after the use rights that change the count have been applied. Many organisations own discovery tooling that produces a confident inventory and still cannot produce a defensible position, because the contract layer is missing.

The three records that have to meet

A position is the meeting point of three records that usually live apart. Entitlement sits with procurement and legal. Deployment sits with IT operations and the cloud team. Usage sits with the application owners who know which seats are real. When those three records never meet, the position is never assembled, and the first time anyone tries to join them is under audit pressure with a deadline set by the vendor.

The value of the position is not only the number but the act of joining the records on your own timetable. A buyer who has already reconciled entitlement, deployment, and usage walks into a renewal with an answer. A buyer who has not is handed the vendor's reconstruction, which is built from download logs, install scans, and headcount figures the vendor chose. The difference between the two positions is often the difference between a measured true-up and a punitive one.

Takeaway. Treat the effective license position as the master number for every vendor relationship. Build it before the vendor does, because the party that controls the count controls the conversation.

2. The metric taxonomy: how each license model counts

The metric decides what gets counted, and the same deployment produces very different bills depending on which metric the contract names. Before any reconciliation, classify every product by its licensing metric, because a position built in the wrong unit is not wrong by a little, it is meaningless.

Most enterprise software falls into a handful of metric families. Per user models count named or concurrent identities. Per device models count endpoints. Per processor or per core models count compute, often with a core factor or a virtual core rule. Per employee models count total headcount regardless of who touches the software. Consumption models count usage units such as API calls, gigabytes, or compute hours.

Table 1. The common license metric families
Metric family	What it counts	Where the count moves
Named user	Distinct named identities granted access	Joiners, leavers, and dormant accounts
Concurrent user	Peak simultaneous sessions	Shift patterns and peak load windows
Per device	Endpoints, servers, or named machines	Refresh cycles and shared device counts
Per processor or core	Physical or virtual cores, with factors	Virtualization, host moves, and chip changes
Per employee	Total organisation headcount	Hiring, acquisitions, and contractor scope
Consumption	Usage units such as calls or compute hours	Demand spikes and autoscaling

The risk is mixing metrics inside one position. A team that counts named users for one product and installed seats for another, then compares both against a single entitlement pool, produces a number no vendor will accept and no auditor will trust. Classify first, count second.

Insider note. The metric attached to a product can change at renewal even when the product does not. A vendor that moves a per processor product to a per employee subscription is changing your entire counting basis, not just your price. Re-classify the metric every time a contract is signed, and keep the metric version with the entitlement record.

3. Entitlement reconciliation: turning contracts into a clean baseline

Entitlement reconciliation is the work of turning a pile of contracts, amendments, and order forms into one clean ledger of what you are allowed to use. It is the half of the position that lives in paper, and it is the half most teams skip because it is slow and unglamorous. Skipping it means the deployment side is compared against a guess.

The reconciliation has to resolve three recurring problems. Entitlements are scattered across original agreements, true-up records, and reseller order forms. Versions and editions drift, so a count of one product silently includes downgrade or prior-version rights. Transfers from mergers, divestitures, and renewals move entitlements without anyone updating a central record.

Building the entitlement ledger

Gather every signed agreement, amendment, and order form for the vendor, including reseller paperwork held outside procurement.
Record each entitlement with its product, edition, quantity, metric, and the use rights that apply, not just the quantity.
Trace transfers from acquisitions and divestitures, because an entitlement you assume you hold may have left with a sold business unit.
Date stamp the ledger and name an owner, so the next renewal updates a record rather than rebuilding from nothing.

Takeaway. A position is only as trustworthy as its entitlement ledger. Reconcile the paper first, record the metric and use rights alongside the quantity, and keep one dated owner for the ledger.

4. Deployment data collection: discovery you can defend

Deployment data is the other half of the position, and the standard required is not completeness but defensibility. A vendor auditor will probe how the data was collected, what it missed, and whether it can be reproduced. Discovery that cannot answer those questions is a liability, because gaps get filled with the vendor's assumptions, and vendor assumptions favour the vendor.

Most estates draw deployment data from several sources that rarely agree. An endpoint management tool sees workstations. A virtualization platform sees hosts and guests. A cloud provider sees instances and tags. An identity directory sees accounts. Each source has blind spots, so the defensible position triangulates rather than trusting any single feed.

Table 2. Deployment data sources and their blind spots
Source	What it sees well	What it misses
Endpoint management	Installed software on managed devices	Unmanaged machines and bring-your-own devices
Virtualization platform	Hosts, clusters, and guest placement	Per application usage inside a guest
Cloud provider tagging	Instances, sizes, and runtime hours	Untagged or shadow accounts
Identity directory	Accounts and group membership	Whether an account is actually active

The standard to hold

Treat the deployment dataset the way an auditor will. Record the source, the collection date, and the coverage of every feed. Reconcile the feeds against each other and resolve the disagreements before the position is published, not after a vendor points them out. A dataset with a known and stated coverage gap is far stronger than one that claims a completeness it cannot prove.

Insider note. The most expensive discovery gap is the dormant account. Identity directories carry accounts for leavers, service identities, and test users that a named user count will charge for unless they are filtered. Reconcile the directory against current HR records before the user count is finalised, because a vendor will happily count every account you leave in.

5. Metric mapping: translating deployment into the contract unit

Metric mapping is the step where raw deployment data is translated into the unit the contract charges. It is where most overpayment is found, because the count that matters is rarely the count the discovery tool produces. A tool reports installs. The contract may charge by core, by employee, or by concurrent session, and the bridge between the two is the mapping.

The mapping applies the rules that change the count. Core factors convert physical cores into licensable cores for some products. Virtualization rules decide whether a workload is licensed at the guest, the host, or the cluster. Multiplexing rules pull the count back to the human behind a pooled connection. Each rule moves the number, and each lives in the contract or the vendor's published policy, not in the discovery tool.

Where the chargeable count lands by mapping maturity, illustrative index (raw install count = 100)

Raw install count

100

After dormant filter

After use rights

After core or pooling

Mapping, not raw discovery, sets the chargeable number. Illustrative index, not a quote.

Mapping rules to apply in order

Filter dormant and non-human accounts before any user count is taken as final.
Apply the use rights that legitimately reduce the count, such as second use and downgrade rights, with the clause cited.
Apply core factors and virtualization rules for compute-based metrics, using the published version that matches your contract.
Resolve multiplexing so a pooled connection is counted at the human, not the service account, where the contract allows.

Need the mapping run against your own contracts and discovery data? Our advisors build the position with you.

SaaS License Optimization

6. Capacity versus consumption: two different risk shapes

Capacity-based and consumption-based licensing carry different risk shapes, and a position has to treat them differently. Capacity-based licensing buys a fixed ceiling, so the risk is paying for headroom you never use. Consumption-based licensing charges for what you draw, so the risk is an unbudgeted spike and a bill that arrives after the spend has already happened.

The position for a capacity product asks whether the ceiling matches the load. The position for a consumption product asks whether usage is trending toward a commitment threshold or a tier change. The same handbook covers both, but the question each answers is not the same, and a team that forecasts a capacity product as if it were consumption will mis-budget in both directions.

Table 3. Capacity versus consumption, how the position reads
Dimension	Capacity-based	Consumption-based
What you buy	A fixed entitlement ceiling	Metered usage, often with a commitment
Primary risk	Paying for unused headroom	Unbudgeted spikes and tier jumps
Position question	Does the ceiling match the load	Is usage trending toward a threshold
Lever	True down where the contract permits	Commitment sizing and rate protection

Many vendors now blend the two, selling a committed baseline with consumption above it. The position for a blended model has to track both the commitment burn-down and the overage rate, because the cheapest unit and the most expensive unit can sit inside the same agreement, separated only by a threshold.

Takeaway. Read capacity and consumption with different questions. Capacity risk is unused headroom, consumption risk is the unbudgeted spike, and a blended deal carries both at once.

7. Reclamation, pooling, and true-down: shrinking the position legitimately

A negative position is not always a buying signal. Before any purchase, three moves can shrink the gap legitimately: reclaim licenses that are deployed but unused, pool entitlements that are stranded in one business unit while another is short, and true down where the contract grants a reduction right. Each is a count that goes down without a clause being broken.

Reclamation targets the dormant and the abandoned. A named user license assigned to a leaver, a seat on a tool nobody has opened in ninety days, an instance left running after a project closed, each is a license you are paying for and not using. Harvesting these before a renewal converts waste into headroom, and headroom is the cheapest license you will ever hold.

Pooling and true-down mechanics

Pooling works where entitlements are held at the enterprise rather than the business unit, so a surplus in one division can cover a shortfall in another instead of triggering a purchase. True-down works only where the contract grants it, because most enterprise agreements ratchet up at true-up and refuse to come down. Where a true-down or a renewal reset exists, the count has to be measured and exercised before the lock date.

Table 4. Three moves before any purchase
Move	What it does	When it works
Reclamation	Harvests deployed but unused licenses	Dormant accounts, abandoned tools, idle instances
Pooling	Covers a shortfall from a surplus elsewhere	Entitlements held at enterprise level
True-down	Reduces the committed quantity	Only where the contract grants the right

Insider note. Reclamation has a deadline that pooling and true-down do not. A reclaimed license only helps if it is harvested before the count is locked for a renewal or an audit. Run a reclamation sweep ninety days ahead of any true-up date, because a license freed the week after the count is set saves nothing this cycle.

8. License mobility and the move to cloud

License mobility rights decide whether the licenses you already own can follow a workload into a new environment, and they are where a cloud migration either saves money or quietly buys everything twice. Some products grant the right to move an existing entitlement to a third-party cloud. Others tie the license to dedicated hardware or charge again for the same workload in a new location.

The position has to record the mobility right alongside the entitlement, because a migration plan built on the assumption of free movement can collide with a license that does not travel. Reading the mobility clause before the migration, not after, is the difference between reusing an asset and repurchasing it.

Mobility questions to settle first

Does the entitlement grant movement to a third-party cloud, and under what notice or dedication condition.
Does moving the workload restart any minimum term, dedicated host requirement, or re-hosting fee.
Will the metric itself change on migration, for example from a core count to a subscription per user.
Does the destination environment satisfy the vendor's virtualization rules for the original metric.

Mobility also runs the other way. A workload that leaves an on-premises host frees an entitlement that can be pooled or reclaimed, so a migration is both a mobility question for the moving workload and a reclamation opportunity for the host it leaves behind. The position should capture both sides of the move.

Takeaway. Read the mobility clause before the migration. A license that does not travel turns a cloud move into a second purchase, and a workload that leaves a host frees an entitlement worth reclaiming.

9. Forecasting and the review cadence

A license position is accurate only on the day it is built, because deployment changes constantly through hiring, virtual machine sprawl, and cloud scaling. Forecasting extends the position forward so a renewal or a true-up is met with a projection rather than a surprise, and a review cadence keeps the projection honest. A position more than ninety days old is a guess when a vendor letter arrives.

The forecast projects the count forward against known drivers: headcount plans for per employee and per user products, capacity plans for compute-based products, and usage trend for consumption products. The point is not a perfect prediction. The point is to know, before the vendor does, whether the next true-up is a small adjustment or a large one, so the budget and the negotiation can be prepared in time.

Who owns the position

A position fails without a named owner. In most organisations entitlement sits with procurement, deployment sits with IT, and usage sits with the application teams, and nobody owns the reconciliation that joins them. The result is three records that drift apart until an audit forces them together. A single accountable owner, whether an internal software asset manager or an external advisory partner, is the structural prerequisite for a position that stays current and credible.

The owner does not need a large team, but does need authority across the three functions and a fixed cadence for refreshing the position. What matters is that the reconciliation is somebody's job rather than nobody's job. A position that is current is an asset that shortens every negotiation, and a position that is stale is a liability that lengthens every audit. Tooling helps, but a discovery platform with no owner produces data nobody reconciles, which is worse than no tool at all because it creates false confidence.

Tooling supports the owner, it does not replace the work

Software asset management platforms automate the discovery feed and some of the entitlement record, and they are worth having on any large estate. They do not, by themselves, produce a defensible position, because the metric mapping, the use rights, and the contract interpretation still require judgement the tool cannot supply. Treat the platform as the engine for the data and the owner as the one who decides what the data means against the contract.

Table 5. The effective license position review calendar
Cadence	What to do	Why it matters
Quarterly	Refresh discovery and reconcile the largest vendors	Keeps the position current for any audit letter
Pre-renewal, 9 months out	Forecast the count and run reclamation and pooling	Leaves time to shrink the gap before the lock date
Pre-true-up, 90 days out	Lock the entitlement ledger and harvest dormant licenses	Sets the count from your data, not the vendor's
On any major change	Rebuild the affected position after a merger or migration	Entitlement transfers and metric changes move the number

Our recommendation: classify every product by metric, reconcile the entitlement ledger before you trust any deployment count, map raw discovery into the contract unit with the use rights cited, run reclamation and pooling before any purchase, record mobility rights alongside entitlements, and refresh the position quarterly so a renewal or an audit meets a current baseline rather than a guess. The effective license position is the master number, and the buyer who can state it negotiates from evidence while the buyer who cannot negotiates from the vendor's count.

Sources: vendor product use rights and published metric definitions as available at the time of review, applied to buyer-supplied contract and discovery data. Outcome ranges are Atonement Licensing advisory figures, indicative and deal-specific, not a quote.