The Microsoft SAM engagement runs through a published lifecycle: invitation, scoping, data collection, ELP build, gap report, settlement. The Admodum read on the audit anatomy, the data the buyer surrenders at each phase and the false-positive patterns that recur.
The Microsoft SAM engagement opens with a published invitation, typically from the publisher's licensing-compliance organisation or, more commonly, from a SAM partner appointed by the publisher to deliver the engagement on the publisher's behalf. The invitation is positioned as voluntary and collaborative; in practice, the contractual audit right under the Volume Licensing terms (or the MCA-E equivalent) sits behind the invitation and can be invoked.
The buyer-side discipline at invitation is to acknowledge promptly, to route the engagement to the SAM team and external advisor (not directly to the procurement front line), and to defer scoping until the legal and contractual perimeter has been confirmed.
The wider framework sits at the Enterprise Agreement overview; the renewal cadence sits at the EA renewal cycle; the wider editorial sits in the Microsoft pillar.
The scoping phase defines the perimeter: which legal entities, which products, which deployment estates (on-prem, Azure, multi-cloud, BYOL), which time periods, which user populations. The scoping document is the buyer-side artefact that sets the inventory boundary.
The buyer-side discipline at scoping is to narrow the perimeter to what is contractually within scope: typically the parent legal entity and the named affiliates on the active enrolment, the products on the active enrolment, the current and immediately prior years. Out-of-scope items (retired entities, divested business units, contractor-only populations on a Cloud Solution Provider tenant) are excluded by agreed scoping language.
The wider scope-control discipline sits at the SAM scope control spoke (forthcoming); the SAM settlement posture sits at the SAM settlement position spoke (forthcoming).
The data collection phase produces the SAM partner's deployment inventory. The data surrendered typically includes: the Microsoft Active Directory export (every user, every group, every licence assignment), the SCCM or Intune export (every device, every installed application, every version), the Azure tenant export (every subscription, every resource, every consumption record), the assigned-seat inventory (the Microsoft 365 admin portal export) and the deployment-scan output across the on-prem estate.
The buyer-side discipline at data collection is to scope the data tightly: only data that is scoped is surrendered; data is surrendered to the buyer first, validated, and then surrendered to the SAM partner; no raw exports are surrendered without first being read by the buyer.
The Effective Licence Position (ELP) is the SAM partner's reconciliation: deployment minus entitlement, line by line, product by product. The ELP is then the principal commercial artefact for the rest of the engagement.
The buyer-side discipline at ELP build is to run a parallel ELP, against the same data, before the SAM partner's draft is received. The buyer-side ELP carries the buyer's read of the entitlement (the cumulative-contract map), the buyer's read of the deployment (the validated scan output), and the buyer's read of the metric (the actual metric against the actual product version). The buyer-side ELP is the anchor against which the SAM partner's draft is then read.
The wider scripts and tooling context sits at the seat-assignment hygiene spoke (forthcoming); the M365 plans context sits at the Microsoft 365 plans spoke.
The gap report is the SAM partner's first commercial draft of the ELP. Four false-positive patterns recur. Pattern one: idle desktop installs counted as active seats (a desktop that has Office installed but where the user has never signed in is counted as an active Office seat). Pattern two: retired servers not removed from the scan (a Windows Server instance decommissioned six months ago still shows in the scan output and is counted as an active server). Pattern three: dev/test instances not excluded from production licensing (a SQL Server dev/test instance under the Visual Studio entitlement is counted against production SQL Server). Pattern four: CAL counting against the wrong product version (Server-CAL counted against the Office 365 user-seat estate).
The buyer-side discipline at gap report is to read line by line against the buyer-side ELP. Every claimed gap is challenged on data; the SAM partner is asked to evidence the deployment for every gap; the buyer-side counter is the buyer-side ELP read against the same data.
The wider lessons-from-Oracle audit literature sits at LMS audit anatomy as a comparator; the engagement-models read sits at the Fixed Fee, Contingency and Annual Retainer pages.
The settlement phase converts the negotiated gap report into a commercial outcome. The outcomes are: a true-up at the order date (additional seats / licences purchased at the order date), a settlement at the renewal (the gap rolled into the renewal entitlement at the renewal price level), a settlement-with-credit (the gap settled at the order date against a renewal commitment), or, in a clean state, no settlement (the gap report reads to zero).
The buyer-side artefacts to hold across the audit are: the scoping document (the perimeter agreed), the data-surrender log (every export surrendered, every date, every recipient), the buyer-side ELP (the parallel reconciliation), the gap-report response (the line-by-line read), the settlement letter (the commercial outcome and its commercial terms).
The wider engagement sits in the Microsoft practice; the aggregated reading list sits in the Microsoft knowledge hub; active audit moments route to Audit Defence; renewal moments route to the Renewal Programme.
The maintenance overlay the SAM reconciliation is read against.
The renewal-time settlement mechanic the SAM gap is often rolled into.
A senior Admodum Microsoft advisor will read your scope letter, the data surrender posture and the gap report against the false-positive patterns on a private call. Active audit moments route to Audit Defence.