How to Prepare for an IBM Software License Review/Audit

IBM software license audits can be complex and time-consuming, but proper preparation can help ensure a smooth process and minimize risks. Below is a step-by-step guide to help your organization prepare for an IBM audit.

1. Understand the IBM Audit Process

• Frequency of Audits: IBM typically audits organizations every 3-5 years.
• Purpose: The audit ensures compliance with IBM’s licensing terms and validates license consumption.
• Scope: IBM may review all software deployments, entitlements, and sub-capacity compliance (if applicable).

2. Review Your IBM Agreements and Terms

• Passport Advantage Agreement: Understand your licensing obligations, including ILMT usage for sub-capacity licensing.
• Sub-Capacity Terms: If you are using sub-capacity licensing, ensure compliance with ILMT reporting requirements.
• Entitlement Records: Verify your entitlements match your deployment environment.

3. Conduct a Baseline Assessment

• Inventory Review: Compile an up-to-date inventory of all IBM software deployed across your environment.
• Entitlement Verification: Match entitlements (licenses purchased) with your deployment data.
• Identify Gaps: Look for potential compliance gaps, such as over-deployment or untracked licenses.

4. Ensure ILMT Compliance

• Install and Configure ILMT: Verify that the IBM License Metric Tool is installed and properly configured.
• Generate Quarterly Reports: Ensure that ILMT is scanning deployments and generating reports at least once every 30 days.
• Retain Reports: Keep ILMT reports for a minimum of two years, as required by IBM.

5. Validate Sub-Capacity Licensing

• Ensure Accurate Reporting: Confirm that ILMT is capturing all virtualized environments accurately.
• Check Processor Core Counts: Ensure correct reporting of processor values to avoid inflated license usage.
• Address Non-Compliance: Rectify any issues identified in ILMT reports before the audit begins.

6. Organize Documentation

• Deployment Records: Ensure documentation of all software installations, usage, and configurations.
• Entitlement Records: Collect contracts, Proofs of Entitlement (PoE), and any renewals or changes.
• License Keys: Maintain a record of all license keys for easy reference.

7. Conduct Internal Audits

• Simulate an Audit: Perform an internal audit to identify any compliance gaps.
• Review with Teams: Engage IT, procurement, and SAM teams to validate data accuracy.
• Resolve Issues: Address discrepancies in deployments, entitlements, or ILMT reporting.

8. Develop a Response Plan

• Designate a Point of Contact: Assign a dedicated person or team to communicate with IBM auditors.
• Non-Disclosure Agreement: Request or provide the auditors with a NDA.
• Prepare Responses: Anticipate common audit queries and have answers ready.
• Document Processes: Maintain clear documentation of how your organization manages IBM licensing.

9. Engage Expert Support

• Consult IBM SAM Specialists: Engage software asset management experts to review your IBM environment and provide guidance.
• Leverage Legal Expertise: Consult legal advisors if there are disputes or ambiguities in licensing terms.
• Audit Defense Services: Consider partnering with a vendor offering IBM audit defense to mitigate risks.

10. Maintain Ongoing Compliance

• Monitor Deployments: Regularly track new installations, upgrades, and decommissions of IBM software.
• Update ILMT: Keep ILMT updated to ensure accurate tracking of deployments and entitlements.
• Train Teams: Educate your IT and SAM teams on IBM’s licensing terms and compliance requirements.

Conclusion

Preparing for an IBM software license review or audit requires proactive management, accurate data, and clear documentation. By following these steps, you can reduce the risk of non-compliance, minimize financial exposure, and ensure a smoother audit process. If necessary, seek expert guidance to navigate complex licensing scenarios and maintain ongoing compliance with IBM’s policies.