The Three Names You Need to Know
When Oracle contacts your organisation about licensing, the email or letter may come from someone representing LMS, GLAS, or SIA. To the uninitiated, these sound like different products or programmes. In reality, they are different faces of the same Oracle function: identifying licensing gaps and converting them into revenue.
Understanding what each team does — and what the differences in approach imply for how you should respond — is one of the most practical pieces of Oracle licensing knowledge a commercial or IT leader can have. Receiving the wrong kind of contact without that knowledge has cost organisations tens of millions of dollars in avoidable settlements.
LMS: Oracle's Original Audit Function
License Management Services, universally known as LMS, is Oracle's original software audit team. LMS has operated in its current form since the mid-2000s and is the function most enterprise customers encountered during Oracle's aggressive audit expansion period through the 2010s.
LMS auditors work under Oracle's contractual audit rights. Most Oracle licence agreements contain a clause permitting Oracle to audit a customer's deployment with reasonable notice — typically 30 to 45 days. LMS is the team that exercises those rights. When LMS formally invokes an audit, the customer is legally obligated to cooperate and provide deployment data within the scope of the audit notice.
LMS auditors are trained specialists. They understand Oracle's complex licensing rules in detail: processor definitions, virtualisation policies, Named User Plus minimum requirements, management pack triggers, and the specific counting methodologies for each Oracle product. They use Oracle's own collection scripts — now distributed as the Oracle LMS Collection Tool from My Oracle Support — to gather deployment data directly from customer databases. The resulting data is then analysed by LMS to calculate a licence position.
What an LMS Audit Looks Like in Practice
A formal LMS audit typically begins with a letter or email from Oracle Legal, referencing the audit clause in your Oracle licence agreement and providing formal notice of audit. This is not a request — it is the exercise of a contractual right. The notice will specify the scope (which products, which entities, which time period) and request that you nominate a primary contact.
LMS will then request that you run their collection scripts across your Oracle database and middleware estate. Once submitted, LMS analyses the data, identifies any deployment that exceeds your licence entitlement, and presents a findings report with an associated compliance position. The report includes a financial exposure — the cost to buy the licences Oracle believes you owe, plus back support at the current annual support rate.
LMS audits typically take three to nine months from formal notice to findings report, depending on estate complexity and how efficiently your team provides data. Customers who engage experienced independent advisors at the outset typically achieve materially better outcomes than those who engage Oracle directly without preparation.
GLAS: The Rebrand That Changed the Acronym, Not the Function
In approximately 2019, Oracle reorganised and rebranded LMS under a new umbrella organisation called Global Licensing and Advisory Services — GLAS. The rebrand was accompanied by a deliberate shift in external messaging: GLAS was positioned not purely as an enforcement function but as an "advisory" service that helped customers understand and optimise their Oracle investments.
Internally, the change was largely structural. GLAS became the umbrella organisation that housed the audit function (which retained the LMS name in many internal contexts) alongside a new customer-facing advisory arm. The audit team's methodology, authority, and objectives did not change in any meaningful way. GLAS auditors have the same contractual rights as LMS auditors. A GLAS audit notice carries the same legal force as an LMS audit notice.
Do not assume that receiving contact from "GLAS" rather than "LMS" means the engagement is voluntary, advisory, or lower risk. GLAS has the same audit authority as LMS. A GLAS engagement that begins as advisory can transition to a formal audit at any point. Treat all GLAS contact with the same seriousness as an LMS audit notice.
The practical significance of GLAS as a brand is that Oracle can now approach customers for conversations that are framed as licensing reviews or investment optimisation discussions — without immediately invoking the word "audit." This framing lowers the customer's initial defensive response, which serves Oracle's interests in the early stages of an engagement.
SIA: The Soft-Audit Mechanism
The Software Investment Advisor (SIA) function is the most misunderstood element of Oracle's audit landscape, and therefore the most dangerous for unprepared organisations.
SIA is positioned by Oracle as a free, advisory service. Oracle sales teams and account managers will introduce SIA as a resource to help you understand your Oracle estate and plan future investments — essentially a free licensing health check. The framing is consistently collaborative and non-threatening. In some cases, the introduction of SIA is made as a favour, as if Oracle is proactively helping you avoid compliance issues.
What SIA Actually Does
SIA personnel are, in most cases, former LMS auditors or people with deep Oracle licensing expertise working under Oracle's commercial umbrella. Their technical knowledge of Oracle licensing rules is equivalent to that of a formal audit team. The tools they use to assess your estate are the same collection scripts used in formal audits. The data they gather and the analysis they conduct produces the same licensing gap analysis that an LMS audit would produce.
The critical difference between SIA and a formal LMS/GLAS audit is not the technical process — it is the legal and commercial context. A formal audit is contractually governed, time-bound, and subject to negotiated process controls. An SIA "advisory" engagement is governed by whatever informal terms you agree to when you let SIA into your environment. Oracle is under no obligation to treat the findings as final, to limit the scope of what they look at, or to provide you with the same protections that apply in a formal audit process.
Any data SIA collects from your environment — including licensing gaps they identify — can be used by Oracle's sales team and, subsequently, a formal audit team. There is no firewall between the SIA advisory function and Oracle's enforcement capacity. In practice, SIA findings that identify significant licensing exposure are routinely transitioned to formal GLAS/LMS audit processes once Oracle has established the scale of the gap.
Agreeing to an SIA "advisory" engagement without independent counsel is equivalent to voluntarily submitting to an Oracle audit with no process protections. Any licensing gap SIA identifies will be used against you commercially. If you want to understand your Oracle licence position, conduct the assessment internally or with an independent advisor — not through Oracle's own advisory arm.
Comparison: LMS vs GLAS vs SIA
The following table summarises the key differences across Oracle's three audit-related organisational identities:
| Dimension | LMS | GLAS | SIA |
|---|---|---|---|
| Full Name | License Management Services | Global Licensing and Advisory Services | Software Investment Advisor |
| Positioning | Audit enforcement | Audit + advisory umbrella | Free advisory service |
| Legal Authority | Full contractual audit rights | Full contractual audit rights | No formal audit rights (but data shared with sales/enforcement) |
| Engagement Type | Formal audit notice | Formal audit or advisory framing | Voluntary advisory (opt-in) |
| Tools Used | Oracle LMS Collection Tool (694+ SQL scripts) | Oracle LMS Collection Tool | Same collection scripts |
| Output | Formal compliance findings report | Formal findings or licensing review | Licensing gap analysis (shared internally) |
| Customer Obligation | Contractually obligated to cooperate | Contractually obligated to cooperate | No obligation — entirely voluntary |
| Recommended Response | Engage independent counsel immediately | Treat as formal audit — engage independent counsel | Decline or strictly scope and control access |
How Oracle Uses the Three Structures Together
In practice, Oracle uses SIA, GLAS, and formal audit processes as a progression of escalating pressure rather than separate, unrelated activities. The typical pattern observed across hundreds of customer engagements runs as follows.
First, Oracle introduces SIA through the account management relationship, framing it as helpful advisory. If the customer engages and SIA identifies significant licensing gaps, that information is used by Oracle's sales team to create renewal or expansion conversations. If the customer does not engage commercially in response to those conversations, a formal GLAS audit notice follows. This audit is informed by whatever data SIA already gathered, giving Oracle a significant head start on the findings analysis.
Organisations that declined SIA but received a formal GLAS notice are often surprised to find that Oracle seems already familiar with their estate. In some cases this is because Oracle's own product telemetry (particularly from cloud-connected Oracle systems) provides indicative deployment data. In other cases it reflects the informal knowledge accumulated through account management interactions.
How to Respond to Each Type of Contact
Responding to an LMS or GLAS Audit Notice
A formal audit notice from LMS or GLAS is a legal document that triggers your contractual obligations. Your first action should be to engage independent Oracle licensing counsel — not Oracle's own advisory team, and not your general counsel alone unless they have specific Oracle licensing expertise. The steps that follow should include acknowledging receipt of the notice without making any substantive commitments, negotiating the scope and process of the audit against the specific wording of your licence agreement, and conducting an internal licence position assessment before providing any data to Oracle.
The most important thing to understand about a formal Oracle audit is that the process is negotiable. Oracle will present its preferred audit methodology and timeline, but customers have contractual and practical levers to control the scope, the data collection process, the analysis methodology, and the settlement negotiation. Customers who engage without independent counsel frequently accept Oracle's framing on all of these dimensions, which consistently produces worse outcomes.
Responding to an SIA Contact
When Oracle introduces SIA through your account manager or directly through an email offering a free licensing assessment, you are not obligated to engage. SIA is a voluntary programme. The correct response depends on your current licence position and risk appetite. If you have high confidence that your Oracle estate is compliant, you may choose to decline SIA simply as a matter of policy — there is no commercial benefit to Oracle identifying a compliant deployment. If you have concerns about your licence position, you should address those through an independent internal or third-party assessment before engaging with Oracle in any form.
If you do choose to engage with SIA for legitimate advisory reasons, you should establish clear written terms about what data will be collected, how it will be used, who it will be shared with inside Oracle, and what the scope of the engagement is. Oracle will be reluctant to agree to strict data governance terms for an SIA engagement — which is itself instructive about the nature of the programme.
Before engaging with any Oracle audit-related team — LMS, GLAS, or SIA — conduct your own internal licence position review using the Oracle LMS Collection Tool or an independent tool. Knowing your actual position before Oracle does gives you the ability to prepare responses, remediate material gaps quietly, and negotiate from an informed position rather than reacting to Oracle's findings.
The Organisational Structure Behind the Acronyms
Within Oracle's internal organisational structure, GLAS sits within Oracle's global customer organisation and reports through Oracle's revenue assurance hierarchy. LMS is the audit execution function within GLAS. SIA personnel typically sit within the sales organisation or a hybrid sales-advisory structure, with close coordination with both the GLAS audit team and the Oracle account management team responsible for the customer.
This organisational alignment is significant. SIA's primary performance metrics are not advisory quality or customer satisfaction — they are conversion of advisory engagements into commercial outcomes. The people operating SIA are measured on whether advisory engagements result in additional Oracle licence purchases or formal audit outcomes. Understanding this incentive structure clarifies why SIA advisory should be treated with the same caution as a formal audit.
It is also worth noting that Oracle's fiscal year ends on 31 May. The period from March through May — Oracle's Q4 — is the period of greatest audit and SIA activity, as Oracle's revenue targets create internal pressure to accelerate both advisory conversions and formal audit settlements. Organisations that receive audit or SIA contact during this period should be particularly attentive to timeline pressure tactics.
Protecting Your Organisation
The single most effective protection against Oracle audit risk is a proactive licence management programme that maintains a current, accurate understanding of your Oracle licence position. Organisations that know their position before Oracle arrives are consistently better placed to challenge Oracle's findings, negotiate settlement terms, and limit the financial impact of any compliance gap that exists.
This means running quarterly internal licence assessments using Oracle's own collection scripts, maintaining a licence entitlement register that maps every deployed product to a specific licence, and having an established escalation process so that any Oracle contact — whether from LMS, GLAS, or SIA — is handled by people who understand what is at stake and have access to independent expertise.
Independent Oracle licensing specialists serve a specific role that neither Oracle's own advisory teams nor general legal counsel can provide: they understand Oracle's audit methodology in the same technical detail as Oracle's own teams, but they work exclusively in the customer's interest. Engaging independent counsel at the point of first contact, not after Oracle has established its findings, is consistently the approach that produces the best commercial outcomes.
Received contact from Oracle LMS, GLAS, or SIA?
Redress Compliance has supported 200+ Oracle audit engagements. We protect your position from day one.Common Misconceptions Addressed
Misconception 1: "GLAS is More Lenient Than LMS"
The GLAS rebrand was a branding exercise, not a policy change. GLAS auditors operate with identical authority and use identical methodology to LMS. The tone of an initial GLAS engagement may be more collaborative than a classic LMS audit notice, but the legal position and commercial objective are unchanged. Treat GLAS as LMS.
Misconception 2: "Engaging SIA Shows Good Faith and Will Reduce Audit Risk"
Engaging SIA does not reduce the probability of a formal audit. It may increase it, by providing Oracle with the intelligence necessary to construct an audit case. Oracle's decision to initiate a formal audit is driven by its assessment of revenue recovery potential, not by customer cooperation with advisory programmes.
Misconception 3: "We Have a Good Relationship With Our Oracle Account Manager, So We're Protected"
Oracle's account management function and Oracle's audit function are separate organisational structures with separate objectives and separate performance metrics. A strong account management relationship provides no protection against a GLAS audit notice. In some cases, information shared during account management conversations — about planned deployments, estate size, or product usage — finds its way to the audit team. Manage all Oracle conversations with this in mind.
Misconception 4: "Once We've Been Audited, We're Safe for a Few Years"
Oracle's audit rights are continuous and contractual. There is no cooling-off period following a completed audit. Oracle can initiate a further audit at any time, provided it respects the notice requirements in your licence agreement. Organisations that resolve one audit without addressing the underlying licence management gaps frequently find themselves in the same position when Oracle returns two or three years later.
Key Takeaways
Oracle's audit landscape involves three interconnected functions operating under different names and postures. LMS is the historic enforcement arm. GLAS is the rebranded umbrella organisation that houses LMS and has identical audit authority. SIA is the advisory arm — voluntary, customer-facing, and strategically positioned to gather licensing intelligence that serves Oracle's commercial and enforcement objectives.
When any of these teams contacts your organisation, the immediate priorities are the same: do not provide access to your environment without independent counsel, do not make commitments about what data you will provide or by when, and conduct your own licence position assessment before engaging substantively with Oracle's findings. The organisations that manage Oracle audit risk most effectively are those that treat it as a permanent feature of their Oracle relationship — not an occasional crisis to manage reactively.