Buyer side advisory. 500+ enterprise clients across 11 vendor practices. Contact Us →
White Paper · IBM

Pass an IBM Audit: The 90 Day Readiness Checklist

The pre audit preparation checklist for IBM software estates. ILMT compliance, sub capacity documentation, deployment evidence ready in 90 days.

Portrait of Morten Andersen
Written byMorten AndersenCo Founder · ex IBM, ex Oracle
Read Time20 Minutes
Last UpdatedMay 2026

Now that you have the framework

Apply it to your IBM situation.

25 minute call with our IBM practice lead. We will walk through your specific renewal, audit, or contract and tell you what we would do next. No follow up sales pressure unless you ask for one.

Schedule a 25 Minute Review Contact Us
HomeIBM HubWhite PapersPass an IBM Audit: The 90 Day Readiness Checklist
The Short Version

If you read nothing else

Bottom Line

IBM audit defense begins before the audit notice arrives. Customers with current ILMT compliance, documented sub capacity, and prepared evidence packs defend successfully. Customers without that preparation pay the full processor count whatever the actual deployment looks like.

Key Takeaways

Five conclusions

Readiness is preventive, not reactive. The audit notice arrives with a tight response window; preparation must precede.
ILMT compliance is the foundational requirement. Without current ILMT data, sub capacity licensing reverts to full host.
Sub capacity rules vary by platform. VMware, PowerVM, Nutanix all have distinct configuration and documentation requirements.
Evidence pack assembled in advance saves time. Server inventories, cluster definitions, options usage all assembled before LMS engagement.
Recurring cadence holds readiness. Quarterly review prevents drift between audit cycles.
Recommendations by Role

What to do this quarter

CIO
  1. Commission audit readiness assessment before any LMS engagement.
  2. Build readiness review into the operating cadence.
  3. Engage independent advisory before notice arrives.
VP Procurement
  1. Document audit clause provisions in current contracts.
  2. Pre-position contractual scope limits.
  3. Reserve negotiation leverage for actual audit moments.
Software Asset Manager
  1. Maintain ILMT current at all times.
  2. Document sub capacity configuration per platform.
  3. Run quarterly compliance review.
CFO
  1. Reserve provisional audit liability in the operating plan.
  2. Capitalise audit readiness program separately.
  3. Track readiness ROI quarterly.
The Framework

Eight ideas

Readiness is preventive

IBM audit notices arrive on a 30 day response calendar. The window is too tight to assemble evidence reactively. Customers who prepare in advance defend successfully. Customers who do not pay the difference between actual deployment and the full processor count.

ILMT compliance is foundational

IBM License Metric Tool (ILMT) deployment is required for sub capacity licensing of PVU products. Compliance requires current ILMT data, quarterly SCRT reports, and two year report retention. Without compliance, sub capacity reverts to full host counting.

Sub capacity rules by platform

VMware sub capacity requires capped clusters with documented affinity. PowerVM sub capacity requires explicit LPAR profiles. Nutanix sub capacity requires specific configuration. Each platform carries distinct documentation requirements; the framework includes platform-specific checklists.

Evidence pack in advance

Server inventories at host level. Virtualization cluster definitions at logical layer. Options usage telemetry at product level. Manual measurement substitutes where automatic measurement gaps exist. The pack assembled in advance saves three weeks of audit response time.

Quarterly governance cadence

Readiness drifts between audit cycles. New deployments, organizational changes, virtualization reconfigurations all change the compliance posture. Quarterly review prevents drift; without it, the next audit finds gaps.

Pre audit self assessment

Run IBM measurement tools yourself before LMS does. The results identify exposure gaps at the customer side, allowing remediation before audit. Most customers skip this step; the customers who run it produce materially better audit outcomes.

Documentation governance

Audit defense relies on documentation. Server build records, change management logs, virtualization configuration history all support sub capacity defensibility. The framework includes the documentation taxonomy.

IBM's audit triggers

IBM audit selection follows patterns: contract renewal proximity, M&A events, public news of organizational change, ILMT non-compliance signals. Knowing the triggers allows preemptive readiness investment.

Reference

Acronyms

ILMTIBM License Metric Tool.
SCRTSub Capacity Reporting Tool.
PVUProcessor Value Unit.
RVUResource Value Unit.
LMSLicense Management Services.
PAPassport Advantage.
LPARLogical Partition.
WPARWorkload Partition.
ELAEnterprise License Agreement.
BATNABest Alternative To a Negotiated Agreement.
Methodology & Sources

This white paper draws on Redress Compliance engagements, public vendor documentation, and the active Redress benchmark program.

Portrait of Morten Andersen
About the Author

Morten Andersen

Co Founder, Redress Compliance
Connect on LinkedIn →
Audit notice in your inbox?
Start a Conversation
Related

Continue

Oracle
Oracle ULA
Oracle flagship.
 Microsoft
Microsoft EA
Microsoft flagship.
 IBM
IBM Audit Defense
IBM flagship.
 SAP
SAP RISE
SAP flagship.
 AWS
AWS EDP
AWS flagship.
 Index
All Papers
Browse the library.
Skyscraper
Ready?

Stop overpaying. Start negotiating.

We work for the buyer. Always. There is no other side of our table.

Contact UsSee Engagement ResultsSubscribe to Newsletter

The Licensing Insider Newsletter

What we are seeing across 500+ enterprise clients, delivered monthly. Free.