Straight to the point. A SPLA audit notice is a short, formal letter, but every clause in it sets a boundary you can use. Reading it precisely, rather than reacting to it, tells you the scope, the authority, the timetable, and the room you have to respond on your own terms.
What the notice actually is
The notice is Microsoft exercising the verification right in your Microsoft Business and Services Agreement. It is not an invoice and it is not a finding. It is the opening of a process that will run through an appointed third party, normally a Big Four firm, and end in a reconciliation that Microsoft turns into a commercial outcome. Treating the notice as the start of a defined process, not as a verdict, is the right frame from the first read.
The clauses to read closely
A typical notice is built from a small number of standard elements. Each one carries meaning:
- The appointing language, which names or refers to the independent auditor and confirms they act under the agreement. This tells you who you will deal with on mechanics.
- The scope statement, which sets the products and the period under review, normally the 36 month lookback. This is the boundary you hold the auditor to.
- The cooperation and notice terms, which describe reasonable notice, business hours, and reasonable cooperation. These set the pace you are entitled to.
- The data expectations, which preview the records the auditor will request. This is your early warning of what to reconstruct.
- The contact and response window, which proposes how and by when you reply. This is a proposal, not a fixed sentence.
Reading scope as a boundary
The single most important line is the scope. It defines which products and which months are in play. Anything outside that scope is outside the audit until the scope is formally widened, and widening it is a conversation you are part of. A precise scope read lets you answer fully on what is in and decline, politely and properly, to volunteer what is out.
What the notice does not mean
| It may feel like | What it actually is |
|---|---|
| An accusation of under licensing | A verification right being exercised, with no finding yet |
| A fixed, immediate deadline | A proposed window you can reasonably shape |
| A demand for all your data | A request bounded by the stated scope and period |
| A bill | The start of a reconciliation that precedes any number |
The first moves the notice should trigger
A precise read should set off a precise response. Acknowledge the notice professionally and within the window. Nominate a single point of contact. Ask for the data requests in writing, mapped to product and month. Request a confidentiality agreement before customer data moves. And, in parallel and out of sight of the auditor, begin reconstructing your monthly position across the lookback from your operations data. The notice is the starting gun for your reconstruction, not for a scramble to hand over raw infrastructure exports.
Why the way you respond shapes the number
The auditor will build their figure from your infrastructure data, which tends to read high because it counts capacity rather than licensed consumption. Your reconstructed monthly position, built from operations data and documented evidence, is what you put beside it. Back fees at the price file rate follow the reconstructed consumption and are not negotiable, so accuracy there is permanent value. The uplift of 25 to 125 percent is negotiable, and a disciplined, good faith response from the first letter is exactly what argues it down.
What to do with the notice in hand
If a notice has arrived, the time to act is now, while scope and timetable are still being set. Get a Quote and we will read the notice with you, shape the response, and start the reconstruction before the auditor's number hardens.
If you want a second set of eyes first, our SPLA audit defense team challenges the counting before back fees are set.