University of Oregon. IBM audit exposure cut 85 percent.

The University of Oregon faced an IBM audit claim shaped by research computing and decades of distributed purchasing. Recovering the scattered entitlement record cut the exposure 85 percent.

Why did IBM audit the University of Oregon?

IBM audited the university because its visible deployment far exceeded what central records could explain. SPSS ran across research units and teaching labs, while Db2 and WebSphere supported administrative systems.

Research computing buys software the way research happens: per grant, per lab, per semester. Almost none of that purchasing reached the central record the auditor reconciled against.

• Audit trigger: deployment visible campus wide, paper visible nowhere central.
• Publisher position: undocumented installs are unlicensed installs.
• Customer reality: labs and grants had bought their own coverage for years.

How was the IBM audit claim defended?

The defense ran a campus wide recovery of IBM purchase records: research group archives, grant expenditure files, and departmental procurement systems, consolidated against Passport Advantage records into one institutional baseline.

1. Canvass research units, labs, and departments for IBM purchase evidence.
2. Mine grant expenditure records for software line items.
3. Reconcile recovered purchases against Passport Advantage site numbers.
4. Correct academic program terms misapplied in the opening claim.
5. Re run the gap analysis and settle the documented residual.

What made research computing purchases recoverable?

Grant accounting. Research spending is audited money, so the purchases lived in expenditure records even when the license paper was lost. An SPSS line item in a grant file is entitlement evidence an auditor has to engage with.

Why are research universities hard audit targets?

Research universities are hard targets because their disorganization is shallow. The estate looks chaotic, but accountable money bought most of it, and accountable money leaves records. The auditor's gap analysis collapses as the records surface.

Did academic program terms change the numbers?

Materially. Teaching and research use qualified for academic terms the opening claim had priced at commercial rates, and the correction compounded with every entitlement the recovery surfaced.

What was the commercial outcome for the university?

The audit closed 85 percent below the opening claim, settled on the documented residual under academic terms, with a consolidated baseline and a standing rule that grant funded software lands in the central record.

• Claim reduction: 85 percent off the opening position at close.
• Settlement basis: documented residual, academic terms applied.
• Forward posture: grant funded software purchases now register centrally at acquisition.

Did the audit change how research computing buys software?

No, and that was deliberate. Labs still buy what research needs when it needs it. The only change is a registration step, so the paper that always existed now exists in one place.

Where the common advice on university software audits is wrong

The standard advice tells universities to lock research computing into central procurement to prevent audit exposure. We disagree. In roughly 15 to 25 education and public sector IBM defenses Morten Andersen supported in 2024 to 2025, centralizing research purchasing slowed science and did not close the record gap, because the exposure was never about who bought. It was about where the paper landed. The buyer side move is to leave research buying alone and centralize only the record: a registration requirement on grant funded software costs nothing and removes the gap analysis the next audit depends on.

What the engagement data shows

Three cuts of our advisory engagement file frame the size of the opportunity.

What to do next

Six moves turn this case into a smaller number on your own institution's exposure.

A sequence you can run this quarter

1. Canvass research units and labs for IBM purchase evidence, grants included.
2. Mine grant expenditure files for software line items going back a decade.
3. Consolidate everything against Passport Advantage site numbers.
4. Verify academic program terms across teaching and research deployment.
5. Add a registration step so grant funded software lands in the central record.
6. If an audit letter arrives, route everything through one channel with legal review.

White Paper · IBM

IBM Audit Defense Guide

The buyer side framework we use with Fortune 500 clients defending IBM software audits. Read it free.

Read the white paper

Frequently asked questions

What triggered the IBM audit at the University of Oregon?

Campus wide deployment that central records could not explain triggered it. Research computing had bought correctly for years, but the paper never reached one record.

How much was the IBM audit exposure reduced?

The exposure closed 85 percent below the opening claim, settled on the documented residual under academic terms after the recovery consolidated the baseline.

Are grant funded software purchases valid IBM entitlements?

Yes. Purchases made on grant budgets are valid entitlements, and grant expenditure records often prove them even when the original license paper is lost.

Do academic program terms apply in IBM audits?

They apply wherever the use qualifies, and opening claims frequently ignore them. Correcting the program terms reprices the alleged gap before negotiation.

Should universities centralize software purchasing after an audit?

Centralize the record, not the purchasing. A registration requirement for grant funded software closes the audit gap without slowing research.