How to use this assessment: Work through all 25 items in sequence. For each item, mark it as compliant (✓), non-compliant (✗), or unknown (?). Items flagged HIGH risk demand immediate attention — they represent the most common triggers for Oracle audit findings and reinstatement demands. When finished, tally your score against the guidance at the bottom of this page. If you identify gaps, download our Oracle Audit Defence Kit or speak with a Redress adviser.
Section 1
Licence Set Foundation
01
You have a complete, current register of every Oracle product covered by each Customer Support Identifier (CSI) in your estate.
High
Expert note: Without a CSI-level inventory, you cannot identify licence set boundaries — and therefore cannot evaluate MSL exposure. Oracle's Technical Support Policies define a licence set as all licences for a given product line, regardless of how many ordering documents they were acquired under. Many organisations discover their CSI structure only when Oracle raises a compliance query. Request your full CSI mapping from Oracle My Support or your Oracle account team today — do not wait for an audit request.
02
You can confirm that all licences within each CSI are currently on Oracle Premier Support — with no partial terminations.
High
Expert note: Oracle's MSL policy is categorical: all licences within a licence set must be supported at the same level. If you terminated support on even one processor licence within a CSI while other licences on that CSI remain active, Oracle can deem the entire set non-compliant. This is not a theoretical risk — it is one of the most common audit findings we see in engagements involving organisations that have attempted partial cost-reduction strategies without specialist advice.
03
You understand which of your ordering documents are in the same licence set, even where licences were purchased years apart or through different channels.
High
Expert note: A licence set is not limited to a single ordering document. If you purchased Oracle Database Enterprise Edition under one order, Partitioning under a second, and Standard Edition Two under a third, all three sets of licences may form a single licence set for MSL purposes. This cross-order bundling surprises most procurement teams who track licences at the invoice level rather than the policy level. Map your ordering documents against Oracle's licence set definitions before making any support decisions.
04
You have identified any CSIs that contain shelfware or low-utilisation licences mixed with production licences.
Medium
Expert note: Mixed CSIs are a compliance trap. If shelfware and production licences share a CSI, you cannot terminate support on the shelfware without also affecting the production entitlements — unless Oracle agrees to restructure the CSI assignment, which is possible but must be negotiated explicitly during a commercial discussion. Identify all mixed CSIs now and assess whether restructuring is feasible before the next renewal cycle.
05
New Oracle licence purchases are deliberately structured onto separate CSIs to preserve future support flexibility.
Medium
Expert note: CSI structure is determined at the point of purchase and is very difficult to change afterwards. Before signing any new Oracle order, request that net-new licences be placed on a dedicated CSI separate from legacy entitlements. This gives you the option to terminate support on the new CSI independently in the future, without triggering MSL obligations on your existing estate. This is a simple procurement hygiene step that most organisations overlook entirely.
Oracle audit approaching? Get our expert-led MSL and audit defence briefing.
Confidential 30-minute call. No commitment required.
Section 2
Support Termination and Reinstatement Risk
06
Any support termination in the past 5 years was executed as a complete CSI-level termination — not a partial reduction of licences within a CSI.
High
Expert note: Partial support terminations — where some licences within a CSI are dropped but others remain — are the single most common MSL violation we encounter. Oracle will typically accept full CSI terminations (all licences, all support) but will challenge any partial termination as a breach of MSL. If you have partially terminated support in the past without simultaneously terminating the corresponding licences, you may have an outstanding reinstatement liability that Oracle has not yet surfaced.
07
You have calculated the potential reinstatement fee exposure for any licences currently lapsed or where support was terminated without corresponding licence termination.
High
Expert note: Oracle's reinstatement formula is: back support fees for the entire lapsed period plus 150% of the last annual support fee for the relevant programme. For example, a £400,000 per annum support line lapsed for two years generates: (2 × £400k) + (150% × £400k) = £1.4 million in reinstatement costs before any current-year support fees. Model this scenario for every CSI where support was reduced or terminated without equivalent licence surrender.
08
Where support was legitimately terminated (full CSI termination), the corresponding licences were also formally surrendered or acknowledged as terminated in writing by Oracle.
High
Expert note: Oracle's MSL policy requires that if you cancel support for a product within a licence set, you must also terminate the underlying licence. Verbal agreements or informal understandings do not protect you. Obtain written confirmation from Oracle — on Oracle letterhead or via a formal amendment to your ordering document — that both the support and the corresponding licence have been terminated. Without this documentation, Oracle retains the right to assert that the licences remain active and support is owed.
09
You are aware of Oracle's repricing right when licences or support are partially reduced — and have modelled its financial impact.
Medium
Expert note: Even when a partial support termination is technically permissible (for example, where separate CSIs exist), Oracle reserves the right to reprice support for the remaining licences at current list price rather than at the historical discount rate applied at purchase. This repricing right can completely negate any savings from dropping support on a portion of your estate. Always model both the savings from termination and the potential repricing impact before committing to any support reduction strategy.
10
Your legal team has reviewed the specific termination and reinstatement language in your Oracle master agreement against the current Oracle Software Technical Support Policies.
Medium
Expert note: Oracle updates its Software Technical Support Policies periodically. The February 2026 version contains subtle but important changes to reinstatement and MSL language compared with versions from 2022–2023. Contracts referencing older policy versions may contain different reinstatement terms. Ensure your legal team has reviewed both the contractual terms and the current published policies, as Oracle has historically applied the version most advantageous to itself when disputes arise.
Section 3
Third-Party Support and Alternative Support Models
11
Before moving any Oracle product to third-party support (TPS), you have conducted a full MSL analysis to confirm which licences can be moved without triggering cross-set obligations.
High
Expert note: Third-party support providers — including Rimini Street and Spinnaker — offer 50% or more cost savings versus Oracle Premier Support. However, the MSL policy applies equally to TPS transitions: you cannot move some licences from a licence set to TPS while leaving others on Oracle support. The entire set must move, or you must terminate the licences you want to move. Failure to follow this logic is the most common reason TPS transitions generate Oracle audit activity.
12
You have assessed the compliance monitoring gap that arises when Oracle support is terminated — specifically, the loss of Oracle-guided compliance guidance during audits.
Medium
Expert note: Under Oracle Premier Support, your account team will typically alert you to usage patterns that could trigger an LMS script. Without an active Oracle support contract, compliance gaps discovered during an audit cannot be negotiated in the context of a renewal discussion — Oracle's only lever becomes a formal audit finding with a back-billing demand. Organisations on TPS must invest in independent licence monitoring tools and periodic health checks to maintain the compliance visibility that Oracle support previously provided.
13
You have documented and preserved all Oracle licence entitlement records in case Oracle initiates an audit following a support termination or TPS transition.
High
Expert note: Oracle's audit activity typically increases within 12–24 months of a customer terminating Oracle support or moving to TPS. Licence documentation — original order forms, amendments, proof of licence (PoL) certificates, and upgrade history — must be secured and retained indefinitely. Once Oracle support is terminated, you lose access to Oracle's My Support portal, which holds digital copies of your entitlement records. Download and archive these before any termination takes effect.
14
Your TPS contract (if applicable) explicitly excludes Oracle from claiming that TPS constitutes a breach of your Oracle licence agreement.
Medium
Expert note: Oracle's standard licence agreements typically permit third-party support — you own your licences and have the right to choose your support provider. However, Oracle has historically attempted to argue that certain TPS activities (e.g. providing custom patches that include Oracle code) constitute licence violations. Review both your Oracle master agreement and your TPS provider's contractual protections to confirm you are not inadvertently exposing yourself to an intellectual property claim alongside the audit.
15
If considering a return to Oracle support after TPS, you have modelled the full reinstatement cost including back-support fees and the 150% surcharge.
High
Expert note: Reinstatement after TPS is possible — and in practice, Oracle reps have discretion to negotiate or waive the 150% surcharge for large enterprises, particularly during OCI or cloud migration discussions. However, the published policy requires back support for the entire lapsed period plus 150%. A £1M per annum support estate on TPS for three years would face a theoretical reinstatement cost of £4.5M. Always enter reinstatement discussions with independent cost modelling and experienced negotiating support.
"In every Oracle audit we have managed involving a prior support termination, the MSL analysis was the first document Oracle's LMS team requested. If you do not have it, Oracle writes it for you — and they will not write it in your favour." — Morten Andersen, Redress Compliance
Section 4
Cloud and Hybrid Deployment Compliance
16
All Oracle workloads deployed on AWS, Azure, or Google Cloud are licensed under a model that Oracle recognises as compliant — with support contracted accordingly.
High
Expert note: Oracle's cloud licensing policies are highly restrictive on unauthorised public cloud environments. On AWS and Azure, Oracle limits BYOL to specific instance types and requires Named Cloud Provider agreements. More critically, if your cloud deployment uses Oracle licences from an on-premises CSI that also contains production on-premises licences, the MSL policy extends to those cloud deployments — you cannot selectively support on-prem licences while leaving the cloud portion unsupported, or vice versa.
17
Oracle Database deployments on AWS RDS, Azure SQL Managed Instance, or similar managed services have been reviewed against Oracle's BYOL authorised cloud provider list.
High
Expert note: Oracle authorises BYOL on AWS, Azure, and Google Cloud only for specific service types. Using Oracle Database on a service type not listed in Oracle's Authorised Cloud Environments document constitutes an unlicensed deployment — regardless of whether you are paying Oracle support. These unlicensed deployments compound MSL exposure because they represent both a licence compliance gap and a support coverage gap simultaneously. Audit every cloud environment against the current authorised service list.
18
Oracle middleware products (WebLogic, SOA Suite, Integration Cloud) deployed on any cloud platform have support contracted at the same level as on-premises middleware licences in the same licence set.
High
Expert note: Oracle middleware licensing contains intentional ambiguity — particularly around WebLogic and SOA Suite processor counts in virtualised and containerised environments. When middleware is deployed across hybrid environments, the licence set boundary frequently spans both on-premises and cloud deployments, making MSL compliance particularly complex. Oracle's LMS team treats middleware audits as a high-value target precisely because the complexity of the environment makes it easy to identify discrepancies.
19
Oracle workloads migrating to OCI are covered by a dedicated OCI licensing agreement or Universal Credits, separate from the BYOL CSIs that cover your on-premises estate.
Medium
Expert note: Migrating to Oracle Cloud Infrastructure under BYOL using existing on-premises licences can inadvertently create MSL complications if those licences are part of a licence set that also includes products remaining on-premises. Oracle will argue that support must be maintained for both the cloud and on-premises instances of products in the same licence set. Where a migration is underway, negotiate dedicated OCI entitlements that are structurally separate from the existing on-premises licence set to maintain clean MSL boundaries.
20
Any Exadata Cloud@Customer deployment is covered by a specific support agreement that addresses both the hardware and software components — with MSL alignment confirmed in writing.
Medium
Expert note: Exadata Cloud@Customer (ExaCC) combines hardware and software support in a single Oracle-managed contract. However, where customers also run Oracle Database licences outside of ExaCC — on other servers or in the cloud — those licences may fall within the same licence set as the ExaCC deployment. If the ExaCC contract lapses or is restructured, it can affect the MSL compliance of the entire associated licence set. Confirm in writing that Oracle treats ExaCC deployments as a distinct licence set boundary.
Section 5
Audit Readiness and Governance
21
Your organisation has a documented Oracle licence management process that is reviewed at least annually and includes MSL compliance as an explicit control objective.
Medium
Expert note: MSL compliance is not a one-time assessment — it is an ongoing governance obligation. Every licence acquisition, support renewal, virtualisation change, or cloud migration has the potential to alter your licence set boundaries or support coverage. Organisations with mature Oracle licence management processes review MSL exposure as part of every significant infrastructure decision, not just in response to audit letters. Build MSL checks into your ITAM and procurement workflows as a standing control.
22
If you have received an Oracle audit notification, your response process includes an immediate legal hold on all Oracle licence documentation and a specialist review of MSL exposure before any data is provided to Oracle LMS.
High
Expert note: Oracle's LMS audit process is structured to extract maximum information before you have had an opportunity to assess your exposure. The LMS Collection Tool (OLCT) and associated scripts are designed to capture deployment data across your entire environment — not just the specific products under review. Before responding to any audit request, conduct an internal MSL analysis to understand your exposure, and engage specialist Oracle licensing counsel. Never run Oracle's collection scripts without an independent review of what they will capture.
23
Your SAM tool or ITAM platform is configured to track Oracle support coverage at the CSI level and generate alerts when coverage lapses or is inconsistent across a licence set.
Medium
Expert note: Standard SAM tools are not configured for Oracle MSL compliance out of the box. Most track licence entitlements and deployments but do not map these against CSI boundaries or licence set definitions. You need either a specialist Oracle licence management platform or a custom configuration that models your CSI structure and flags any support coverage gaps. Without tooling, MSL exposure typically remains invisible until Oracle surfaces it during an audit.
24
Finance and procurement teams understand that Oracle's annual support uplift (typically 3–5% per year) applies to all licences in a licence set, and that partial reductions to control costs may trigger MSL penalties that exceed the savings.
Medium
Expert note: The financial logic behind MSL compliance is often misunderstood at the finance level. Procurement teams seeing rising Oracle support costs frequently explore partial reductions as a cost control measure — without realising that Oracle's support uplift model means the marginal cost of maintaining full coverage is often lower than the reinstatement penalty for any gap. Provide finance teams with a clear model showing the true cost of non-compliance versus the cost of strategic support restructuring via a complete licence set exit.
25
You have engaged or have access to independent Oracle licensing specialists — not Oracle sales, not your reseller — to validate your MSL position on an annual basis.
High
Expert note: Oracle's account teams work in Oracle's interests, and resellers are incentivised to maintain support revenue. Neither party will proactively flag MSL exposure that could lead to a reduction in your Oracle spend. Independent Oracle licensing specialists — who operate exclusively on the buyer side — provide the objective analysis needed to identify genuine compliance risk, quantify financial exposure, and design support strategies that reduce cost without triggering MSL violations. At Redress, we have managed over 500 Oracle engagements across every product line and industry. The difference between a managed MSL analysis and an Oracle-discovered audit finding is typically measured in millions.
Interpreting Your Assessment Score
Count the number of items where you are fully compliant. Items marked unknown should be treated as non-compliant for scoring purposes — uncertainty represents unquantified risk.
22–25
Strong Position
Your MSL controls are mature. Schedule an annual review to maintain this standard as your estate evolves.
15–21
Moderate Exposure
Material gaps identified. Prioritise the HIGH-risk items for immediate remediation and commission an independent MSL analysis within 90 days.
0–14
High Exposure
Significant MSL and audit risk present. Do not approach Oracle for any commercial discussion until independent specialists have assessed your exposure. Contact Redress immediately.
Why Oracle MSL Compliance Matters Now
Oracle's audit activity accelerated significantly through 2025 and into 2026, with LMS teams targeting organisations that have made infrastructure changes — including cloud migrations, virtualisation projects, and TPS transitions — in the preceding 24–36 months. The MSL policy is Oracle's most powerful tool for generating incremental revenue from its installed base, precisely because it converts what customers believe were cost-saving decisions into compliance liabilities.
The three most common MSL traps we encounter in advisory engagements are: partial support terminations executed without full CSI-level licence surrender; TPS transitions that moved only part of a licence set to third-party providers; and cloud migrations that inadvertently split licence set coverage across environments with different support arrangements. All three are preventable with early, independent analysis.
Oracle's published reinstatement formula — back support plus 150% — is the starting point for negotiation, not the final word. We have successfully negotiated material reductions in reinstatement liabilities for clients across every sector. However, the negotiating position is dramatically stronger when the client approaches Oracle proactively — before the audit letter — with a clear MSL analysis and a structured commercial proposal. Once Oracle's LMS team has issued a formal audit finding, the leverage shifts significantly.
Next Steps
If this assessment has identified gaps — particularly in Sections 2 (support termination history) or 5 (audit readiness) — the recommended path is as follows. First, commission an independent Oracle licence inventory that maps every CSI, every ordering document, and every deployment to a definitive licence set structure. Second, model your reinstatement exposure under Oracle's published formula for every licence set where support history is incomplete or inconsistent. Third, design a remediation strategy that either brings you into full MSL compliance or structures an exit from Oracle support in a way that is contractually clean and defensible.
Redress Compliance operates exclusively on the buyer side. We do not resell Oracle products or receive any commercial benefit from Oracle. Every assessment we conduct is independent, and every strategy we develop is designed to reduce cost and risk for the client — not to maintain Oracle revenue.