IBM Audit – What You Need to Know to take control in 2024

An IBM software audit is:

  • Compliance Check: A formal review by IBM to ensure customers comply with software licensing terms.
  • Verification Process: Involves verifying the number of installations and licenses in use.
  • External Audit: Often conducted by a third-party firm on behalf of IBM.
  • Frequency: Can occur every one to three years or triggered by specific events.

Understanding IBM Audit

ibm audit

IBM software audits are comprehensive reviews conducted by IBM or a third-party auditor to verify that an organization’s use of IBM software complies with the licensing agreements.

These audits can be triggered by various factors, such as the end of a licensing agreement, a significant change in the organization’s infrastructure, or a routine compliance check.

Why IBM Audit is Different

IBM software audits differ from other software compliance audits for several reasons. Firstly, IBM conducts audits approximately once every four years, often using third parties like Deloitte and KPMG.

Secondly, the complexity of IBM’s products and licensing metrics and the diversity of contracts make IBM software license management challenging.

These factors increase the possibility of non-compliance, making IBM audits feel different from those of other software vendors.

Common IBM Contracts

ibm licensing agreements

IBM offers several contracts, but the most common are the Passport Advantage (PA) and the Enterprise Software & Services Offering (ESSO).

  • Passport Advantage (PA) Contract: This is IBM’s standard contract. Under a PA contract, a customer can purchase a license entitlement to use a product and/or optional maintenance, which must be renewed annually on the total purchased licenses.
  • Enterprise Software & Services Offering (ESSO) Contract: This contract is sometimes used as a global contract framing several contracts of the same group.

IBM’s Main Licensing Metrics

IBM uses various licensing metrics, broadly categorized into hardware and user-related metrics.

  • Hardware Metrics: These include metrics like Processor Value Unit (PVU), which is based on the number of cores of a server multiplied by a coefficient according to the type of processor, and Storage Capacity Unit (SCU), which differentiates three classes of storage.
  • User-related Metrics: These include Authorized User, which is related to the number of people who can access the solution, and Floating User, which depends on the number of users connected simultaneously.
ibm licensing metrics

Strategic IBM Software Audit Defense

ibm software audit

When facing an IBM software audit, strategic defense is crucial.

There are two modes of audit, depending on the size of the company and the products used:

  • Self-declaration: In this mode, the client declares its use and right of use to IBM.
  • Full Audit: In this mode, IBM conducts all audit stages.

Preparing for an IBM Audit

Upon receipt of the audit notification letter, it’s advisable to appoint a team in charge of the audit to ensure its smooth running. This team should include stakeholders from purchasing, deployment, and legal experts.

Before sharing data with IBM, it’s essential to have a clear view of IBM installations and to verify that the data is accurate and complete.

Common Reasons for Non-compliance

ibm licensing compliance risks

Non-compliance during an IBM audit can occur due to several reasons:

  • Misunderstanding of Licensing Models: IBM’s licensing models can be complex, and a misunderstanding of these models can lead to non-compliance.
  • Inaccurate Record Keeping: Inaccurate or incomplete record-keeping can result in discrepancies during the audit, leading to non-compliance.
  • Inadequate Management of Product Deployment: Improper management of product deployment can lead to unauthorized use of software, resulting in non-compliance.

IBM License Audit Process

ibm license audit process
  1. Audit Initiation: IBM initiates the audit process by sending a notification letter to the customer. This letter outlines the scope of the audit, the target legal entity, and the auditor’s name. The customer needs to verify that their existing license agreements authorize the scope of the audit.
  2. Data Collection: The customer is then required to gather information about all of their IBM software installations and licenses. This includes data about hardware, software, users, and other relevant information. IBM provides instructions for this data collection process.
  3. Audit Execution: The audit is conducted either through a self-declaration process, where the customer declares their software usage and rights of use, or a full audit, where IBM conducts all audit stages. This is typically determined by the size of the company and the products used.
  4. Audit Report: After the audit, IBM provides a draft audit report. This report reflects IBM’s perspective and may not consider all mitigating factors. Customers must review these findings carefully and object to anything they disagree with.
  5. Settlement Negotiation: If non-compliance is found, IBM may propose a monetary settlement, including retroactive maintenance fees and license costs. The customer has the right to negotiate this settlement. Customers who believe their license costs are too high can consult an IBM expert for guidance.
  6. Resolution: Once the audit findings are agreed upon, the customer may need to purchase additional licenses to cover any shortfalls, extend their subscription further, or pay any penalties imposed. The final resolution will depend on the specific circumstances of the audit.
  7. Post-Audit: After the audit, it’s recommended that the customer continue monitoring their IBM software usage and maintain accurate records to ensure ongoing compliance and readiness for any future audits.

Negotiating IBM Audit Settlement

If non-compliance is found during an audit, the next step is negotiating a IBM audit settlement with IBM. This process can be complex and requires a clear understanding of IBM’s licensing models and negotiation strategies.

  • Factors to Consider: When negotiating a settlement, consider factors such as the extent of the non-compliance, the reasons for the non-compliance, and the potential financial impact.
  • Tips for Successful Negotiation: Successful negotiation requires understanding your rights and obligations under the licensing agreement.

FAQs on IBM Audits

What is an IBM software audit?

An IBM software audit is a comprehensive review conducted by IBM or a third-party auditor to verify that an organization’s use of IBM software complies with the licensing agreements.

Why are IBM software audits different from other software compliance audits?

IBM software audits are different due to the frequency of audits, the complexity of IBM’s products and licensing metrics, and the diversity of contracts, which makes IBM software license management challenging.

What triggers an IBM software audit?

Triggers can include substantial business growth, organizational restructuring, IT infrastructure changes, investment stagnation or decline in IBM technologies, cancellation of an IBM product-related project, inadequate ILMT deployment or maintenance, support request for an unregistered IBM product, change in IBM account manager, termination of an IBM Enterprise License Agreement (ELA), and high-risk IBM products.

What are the standard IBM contracts?

The most common IBM contracts are the Passport Advantage (PA) and Enterprise Software & Services Offering (ESSO) Contracts.

What are IBM’s main licensing metrics?

IBM uses various licensing metrics, broadly categorized into hardware and user-related metrics.

What is the role of the IBM License Metric Tool (ILMT)?

The IBM License Metric Tool (ILMT) helps organizations maintain an inventory of their IBM software and measure the Processor Value Unit (PVU) consumption for eligible products.

What factors should be considered when negotiating an IBM audit settlement?

Factors to consider when negotiating are the non-compliance, the reasons for the non-compliance, and the potential financial impact.

What is the importance of proper IBM software audit defense?

IBM software audit defense is crucial to ensure ongoing compliance and avoid potential non-compliance issues.

What is the Passport Advantage (PA) Contract?

The Passport Advantage (PA) Contract is IBM’s standard contract where a customer can purchase a license entitlement to use a product and optional maintenance.

Redress IBM Audit Defense Service

  • Strategic Audit Management: Provides a shield against aggressive IBM auditing tactics, ensuring audits are fair and in line with contractual agreements.
  • Expert Licensing Analysis: Offers in-depth analysis of IBM’s complex licensing terms, protecting clients from potential misunderstandings and non-compliance risks.
  • Comprehensive Documentation Review: Rigorously examines and organizes all relevant software usage and license documents, fortifying against any unwarranted compliance claims from IBM.
  • Negotiation Support: Equips clients with strategic negotiation insights and support, aimed at minimizing the financial and operational impacts of IBM audits.

This service is designed to offer a robust defense against IBM audits, which are often seen as intrusive and demanding, by ensuring that the client’s rights are protected and their business operations are minimally disrupted.

Contact us to get help with your IBM Audit.


  • Fredrik Filipsson

    Fredrik Filipsson brings two decades of Oracle license management experience, including a nine-year tenure at Oracle and 11 years in Oracle license consulting. His expertise extends across leading IT corporations like IBM, enriching his profile with a broad spectrum of software and cloud projects. Filipsson's proficiency encompasses IBM, SAP, Microsoft, and Salesforce platforms, alongside significant involvement in Microsoft Copilot and AI initiatives, enhancing organizational efficiency.