A Microsoft true-up catches most enterprises unprepared. The contractual obligation to report all deployments annually — and to pay for any excess above your EA baseline — generates significant unplanned cost for organisations that have grown, acquired businesses, or deployed cloud services without tracking the licence implications. Managed correctly, true-up exposure is contained. Managed poorly, it becomes a seven-figure settlement. This hub covers the complete true-up and audit defence landscape.
Every Microsoft Enterprise Agreement includes a true-up obligation — an annual reconciliation of the number of licences deployed against the number purchased at the start of the EA term. If you have deployed more than you purchased, you owe the difference at current commercial rates. If you have deployed less, you receive no refund. The mechanism is one-directional by design, and it is structured to favour Microsoft's commercial interest in every scenario.
The true-up surprise pattern is consistent across industries and organisation sizes. Organisations grow through organic headcount addition, acquisition, or technology deployment without maintaining a real-time licence inventory. When the annual true-up date arrives, the gap between deployment and entitlement is calculated by Microsoft — typically using their internal tooling, which captures deployment data from sources the customer has no direct visibility into — and a bill is presented. The bill is frequently the first time the customer has a complete picture of their own Microsoft deployment.
The organisations that avoid true-up surprises do so through a combination of continuous inventory management — keeping a live count of deployed versus entitled licences for every EA product — and pre-true-up audit preparation, which involves running an independent deployment count at least 60 days before the true-up date, identifying remediation opportunities (licence reassignment, product downgrade, entitlement offsetting), and entering the true-up discussion with a validated position rather than accepting Microsoft's calculation.
A true-up is a scheduled, contractual reconciliation that happens annually during an EA term. A Microsoft audit is a formal compliance review initiated by Microsoft outside the true-up cycle — typically triggered by specific events such as significant headcount growth, a public merger announcement, a change in the reseller relationship, or a previous true-up that Microsoft's internal analysis flagged as potentially understated. Audits involve a more formal process — notice, a defined scope, Microsoft-approved audit tools, and a formal findings report — and carry more significant exposure, since they can cover historical deployment periods rather than only the current year.
Both mechanisms require the same fundamental preparation: an independent, validated deployment inventory. The difference is that a true-up gives you a predictable date to work toward, while an audit may give you 30–60 days notice. If your organisation has received a Microsoft audit notice, the first priority is understanding your contractual rights before any deployment data is shared.
M365 seat counts are relatively straightforward to audit — the M365 admin centre provides assignment data. The complexity in true-up calculations typically lies in server workloads, particularly SQL Server and Windows Server, where the per-core licensing model, virtualisation deployment patterns, and the interaction between physical and virtual licences creates a calculation that most internal IT teams have not been trained to perform correctly. We consistently find that the largest true-up exposure items in enterprise organisations are SQL Server deployments that were originally sized under the old per-processor model and never recalculated under per-core, and virtualisation environments where guest VM licence counts have not been reconciled against the physical host licence entitlements.
These guides cover the complete true-up and audit defence framework — the preparation methodology, the exposure quantification process, the server licensing complexity, and the audit contractual rights that every enterprise buyer should understand.
The complete independent guide to surviving a Microsoft true-up with the minimum possible cost. Covers the four main exposure categories — seat products (M365), server products (SQL, Windows), virtualisation environments, and cloud service deployments — the exposure quantification methodology for each category, the pre-true-up remediation options available to most organisations, and the negotiation framework for the true-up settlement discussion. Includes the pre-audit framework for managing situations where a formal audit has been triggered.
Access Free →Microsoft audits are more manageable than they first appear — if you understand your contractual rights before the audit begins. This guide covers the audit trigger categories, the contractual notification requirements, your right to use your own SAM tooling rather than Microsoft-specified tools, the scope limitations you can assert, the exposure quantification methodology you should complete before providing any data, and the settlement negotiation framework that applies once findings are issued.
Access Free →SQL Server licensing is the most complex element of most true-up calculations — and the one where the difference between a correctly calculated exposure and an over-estimated one is typically the largest. This guide covers the per-core model, physical versus virtual licence requirements under different virtualisation scenarios, Azure Hybrid Benefit activation, Software Assurance requirements, and the pre-true-up SQL audit methodology that identifies all remediation options before the true-up date.
Access Free →Windows Server licensing under the per-core model has significant complexity in virtualised environments — the Datacenter edition unlimited VM rights, the Standard edition per-physical-server limits, and the CAL requirements for remote access all interact in ways that create true-up exposure for organisations that have not specifically audited their Windows Server deployment against the current licensing rules. This guide covers the complete deployment audit methodology and the most common exposure categories.
Access Free →These case studies document real true-up and audit defence engagements — the initial exposure estimate, the preparation methodology, and the final achieved settlement. Identifying details changed to protect client confidentiality.
Healthcare system facing a Microsoft-estimated true-up exposure of $3.8M. Pre-true-up audit identified 3,400 recoverable M365 seats, SQL Server licensing errors in three virtualised environments, and $620K in entitlement offsets. Final true-up payment: $1.1M — a reduction of 86%.
Read Case Study →University with a legacy SQL Server deployment originally sized under per-processor licensing. Recalculation under per-core model with Datacenter edition for virtualised clusters reduced the licence requirement by 40%. Per-core restructure also resolved a pending true-up exposure of $340K.
Read Case Study →Government agency with a complex M365 GCC deployment and a pending annual true-up. Pre-true-up licence audit reclaimed 4,200 assigned seats. GCC tier redesign reduced the average per-seat cost by 18%. Final true-up was a credit against the following year's billing cycle.
Read Case Study →The true-up date is fixed. The exposure is not. Here is the 90-day preparation methodology that consistently reduces true-up costs by 60–86% for enterprises that begin preparation early enough.
Read Article →Enterprise buyers have more contractual rights during a Microsoft audit than Microsoft's initial correspondence implies. Here is what your EA says about scope, tooling, and timeline — and how to assert those rights.
Read Article →SQL Server per-core licensing in virtualised environments creates the most complex and most frequently miscalculated true-up exposure. Here is the calculation methodology and the most common errors.
Read Article →M&A activity is one of the most common true-up triggers. Here is the licence portability framework, the true-up exposure quantification process for acquired entities, and the EA consolidation strategy.
Read Article →True-up settlements are negotiable. Here is the commercial framework — including payment structure, forward-year pricing adjustments, and contractual concessions — that changes the settlement outcome.
Read Article →SAM tooling is a genuine investment. Here is the honest analysis of when a formal SAM programme is commercially justified versus when a periodic licence audit produces equivalent true-up protection at lower ongoing cost.
Read Article →Our true-up defence engagement combines an independent deployment audit with a remediation programme and true-up settlement advisory. Most engagements reduce initial exposure by 60–86% — for a fraction of the cost avoided. If you have received a Microsoft audit notice, the first conversation — which establishes your contractual position and immediate priorities — happens within 24 hours.
Microsoft Negotiations has advised on 500+ enterprise Microsoft engagements since 2016. We bring deal intelligence, benchmark data, and negotiation strategy to your specific situation — whether you're in renewal, facing a true-up, or restructuring your licensing model.
Est. 2016 · $2.1B Managed Spend · 32% Avg Cost Reduction · 100% Independent