Pennsylvania manufacturer IBM audit. 96 percent exposure reduction.

How a Pennsylvania manufacturing group cut an IBM audit claim from 32 million to 1.3 million dollars by rebuilding the capacity evidence the claim assumed away.

What was the starting position?

A leading Pennsylvania manufacturing group received an IBM audit claim of 32 million dollars, built mostly on full capacity licensing of virtualized middleware. The estate ran WebSphere and Db2 across a dense VMware farm, with ILMT coverage incomplete during a consolidation period.

The auditor priced every gap at full machine capacity under PVU licensing, treating contested ILMT coverage as a waiver of sub capacity rights.

The claim at a glance

• Headline: 32 million dollars, dominated by PVU full capacity findings on virtualized estates running entitled software from IBM Fix Central builds.
• Core dispute: whether sub capacity terms held during periods of incomplete ILMT reporting.
• Secondary findings: bundled components counted standalone, plus VPC conversion gaps on newer products.

How did the defense run?

The defense rebuilt the deployment record independently rather than contesting the auditor's spreadsheet line by line. Historical virtualization data, ILMT snapshots where they existed, and infrastructure change records established what capacity was genuinely available to IBM workloads through the audit period.

Entitlements were reconstructed in parallel from Passport Advantage records, including bundle definitions that the standalone findings had ignored.

Attacking the full capacity math

The claim assumed full capacity wherever ILMT coverage broke. The defense demonstrated continuous sub capacity eligibility from infrastructure evidence: host configurations, cluster boundaries, and virtualization logs that reconstructed effective capacity for the disputed period.

Dismantling the bundling findings

Several findings priced components that were entitled parts of licensed bundles. Producing the bundle entitlement paper removed those lines entirely, a pattern we see in most IBM audits.

Which buyer side moves won the reduction?

The decisive move was replacing the auditor's capacity assumptions with an independent evidence record. Every other lever worked because the baseline dispute was won first.

1. Rebuild, do not rebut: the defense presented its own deployment history instead of marking up the auditor's.
2. Restore the bundles: entitlement paper removed standalone findings on bundled components.
3. Correct the metrics: PVU and VPC math was redone on accurate ratios and capacity.
4. Trade at the close: the residual gap settled alongside a support renewal, converting a penalty conversation into a commercial one.

Where the common advice on IBM audits is wrong

The standard advice is that missing ILMT coverage means full capacity liability, so settle quickly before it gets worse. We disagree. In roughly 20 of the 25 to 35 IBM defenses Fredrik Filipsson worked in 2024 to 2025, sub capacity eligibility was successfully evidenced for disputed periods using infrastructure records even where ILMT was incomplete. IBM's own licensing documentation treats ILMT as the standard evidence mechanism, not the only admissible evidence. The buyer side move is to reconstruct effective capacity from virtualization data before accepting any full capacity number. The 96 percent reduction in this case was built on exactly that reconstruction.

The audit claim was an opening position priced on missing evidence. Once the capacity record existed, 96 percent of the claim went with it.

What was the commercial outcome?

The 32 million dollar claim settled at 1.3 million dollars, a 96 percent reduction, with the settlement folded into a renewal the manufacturer would have signed anyway. ILMT coverage was remediated as part of closure, making the next cycle defensible by default.

• Settlement: 1.3 million dollars against a 32 million dollar claim.
• Structure: closure tied to a support renewal on negotiated terms.
• Residue: audit ready ILMT reporting and a maintained entitlement baseline.

What the settlement structure preserved

The settlement preserved the manufacturer's sub capacity position going forward and avoided any admission on the disputed period. Remediated ILMT coverage was funded inside the renewal, so the fix cost discount, not budget.

What to do next

1. Verify ILMT coverage on every virtualized IBM workload today, before any notice.
2. Archive virtualization configuration history; it is your capacity evidence.
3. Keep bundle entitlement paper retrievable; standalone findings die against it.
4. If a claim arrives, rebuild the deployment record independently before responding.
5. Redo every PVU and VPC calculation on your own math.
6. Settle the residue inside a renewal, never as a standalone penalty.

The IBM practice runs audit defense as a fixed scope engagement, and Vendor Shield keeps the position maintained year round. More client outcomes sit in the case study library.

Frequently asked questions

How much was the IBM audit claim reduced?

The claim fell from 32 million dollars to a 1.3 million dollar settlement, a 96 percent reduction, achieved by rebuilding capacity evidence, restoring bundle entitlements, and correcting PVU and VPC math.

What drove the original 32 million dollar claim?

Full capacity PVU licensing applied to virtualized middleware wherever ILMT coverage was incomplete. The auditor priced every disputed core at machine capacity, inflating the claim far beyond the real position.

Does missing ILMT coverage mean full capacity liability?

Not automatically. In this defense, sub capacity eligibility was demonstrated from infrastructure records: host configurations, cluster boundaries, and virtualization logs that reconstructed effective capacity for the disputed period.

How were the bundling findings removed?

By producing the bundle entitlement paper. Several findings had counted entitled components of licensed bundles as separate unlicensed deployments, and the documentation removed those lines entirely.

How was the final settlement structured?

The residual gap settled alongside a support renewal the manufacturer would have signed anyway, converting a penalty demand into a commercial negotiation and funding remediated ILMT coverage for the next cycle.