The Effective License Position, the ELP, is the single most important document in a Microsoft license audit, and the most misunderstood. It is the reconciliation of what you have deployed against what you are entitled to use. Customers often treat the ELP an auditor produces as a verdict. It is not. It is an opening position, built on Microsoft's methodology and Microsoft's data, and it is negotiated after it lands. Understanding what the ELP is, and whose ELP it is, is where end customer audit defense begins.
What an ELP actually is
An ELP reconciles two things. On one side is your deployment: every installation and use of Microsoft software across your estate. On the other is your entitlement: the licenses you own through your agreements, including any rights that come with them. The ELP is the net of the two. Where entitlement covers deployment, you are compliant. Where deployment exceeds entitlement, the ELP shows a shortfall, and that shortfall is what an audit prices. Simple in concept, the difficulty is entirely in the measurement.
Whose ELP is it
This is the distinction that decides outcomes. When a formal audit runs through a third party accounting firm under the MBSA audit clause, the auditor produces an ELP using Microsoft's counting methodology and Microsoft's own data, drawn from Azure, Microsoft 365, and management tooling. That ELP reflects Microsoft's view of your deployment. It is not neutral, and it is not final. You are entitled to build and present your own ELP, reconciled from your records and your reading of your entitlements, and the gap between the two is the negotiation.
This is also why a clean ELP produced by a SAM tool is not, on its own, audit defense. The tool reports what it sees through its own lens. Microsoft uses its own methodology and its own data, and where the two differ, Microsoft's calculation governs the conversation. A SAM tool ELP is a useful internal input. It is not a shield.
How the three verification routes reach an ELP
Microsoft verifies end customer licensing three ways, and all three converge on an ELP. A SAM engagement is voluntary and sales led, presented as a free optimization but used to find gaps. A self verification is a contractual demand under your agreement and is not optional. A formal audit runs through the third party firm under the MBSA clause. The route shapes the tone and the leverage, but each one ends in a reconciliation of deployment against entitlement that you can challenge.
- SAM engagement, voluntary and sales led, where you can decline or control the motion
- Self verification, contractual and not optional, where the demand still rests on a reconciliation you can rebuild
- Formal audit, run by a third party firm under the MBSA clause, producing the ELP that anchors the settlement
Why the ELP is not the final sentence
The number the auditor presents is an opening position designed to be high. The contract clause behind it has teeth: if unlicensed use reaches 5 percent or more of total use, the customer reimburses Microsoft's verification costs and acquires the missing licenses at 125 percent of the current price. That makes the difference between a defended ELP and an undefended one large. But the ELP is reached through assumptions about deployment, about entitlement, and about how products are counted, and every one of those assumptions can be examined and, where wrong, corrected.
A worked view of the gap
The figures below are indicative and chosen only to show where an ELP can move, not to quote any real position.
| Element | Auditor opening ELP | Defended ELP |
|---|---|---|
| Deployment counted | Microsoft data and methodology | verified against your records |
| Entitlement recognized | narrow reading | full rights claimed |
| Shortfall shown | maximized | reduced to the real gap |
| Position that governs | opening number | negotiated outcome |
Indicative illustration of where an ELP can move, not a quoted position.
Build your own ELP first
The strongest defensive move is to know your real position before Microsoft sets the number. Running your own internal assessment first, with independent help, means that when a demand arrives you respond from a controlled position rather than reacting to the auditor's figure. You can decline the initial SAM review, assess yourself, and meet any formal demand with your own reconciliation already in hand. The customer who walks in with a defensible ELP negotiates. The customer who walks in with nothing accepts.
For the wider context of how an audit unfolds and how to defend it end to end, the Microsoft audit material sits alongside this guide. For why a SAM tool result does not substitute for defense, and for the move of assessing yourself first, the pillar covers the full method.
The next step
The ELP is where a Microsoft audit is won or lost, and it is won by the side that prepared its own. The Effective License Position Guide sets out how an ELP is built, where the auditor's assumptions can be challenged, and how to assemble your own position before a demand lands. Download the guide and know your number first.
Know your number first.
The Effective License Position Guide sets out how an ELP is built, where the auditor's assumptions can be challenged, and how to assemble your own position before a demand lands.
Download the Effective License Position guideIf you would rather not face that alone, our ELP exposure modeling service builds your own defensible position first.