High risk IBM products that attract audits.
Not every IBM product carries the same audit risk. A handful of high value, complex to license titles draw the bulk of reviews, and knowing which ones sit on your estate tells you where the exposure lives. Independent and buyer side. Not affiliated with IBM.
Why some products draw more reviews.
IBM audits follow the money and the complexity. The products that combine a high per unit cost with a metric that is easy to under report are the ones a vendor revenue team returns to. When licensing depends on processor capacity, virtual cores, or managed users rather than a simple seat count, the gap between what is deployed and what is entitled is wide enough to be worth chasing.
The usual suspects share a profile: core based PVU pricing, heavy use of sub-capacity, and a tendency to spread across virtual estates where counting gets murky. The middleware and analytics families lead the list.
The products on the watch list.
- WebSphere Application Server and WebSphere ND: PVU based, frequently sub-capacity, and prone to scope creep into bundled components like the HTTP Server.
- Db2 and its editions: PVU based with bundling rules that are easy to exceed when Db2 ships inside another product.
- Cognos and the analytics line: mixed user and processor metrics, where administrator versus consumer roles change the count.
- MQ, Maximo, and the Tivoli and BigFix family: PVU or RVU based, often deployed widely and tracked loosely.
The triggers that put you on the list.
Product mix is only half the story. IBM tends to open a review when a buyer lets support and subscription lapse on a product still in use, when three or more years have passed since the last audit, when support is requested for something that was never licensed, or when a bundled entitlement like the Db2 that ships with Cognos is used beyond its allowed scope. A high risk product plus one of these signals is the combination that draws a notice.
What this means under audit.
If your estate leans on WebSphere, Db2, Cognos, MQ, Maximo, or Tivoli, assume you are a candidate and prepare on that basis. The defensible position is built before the notice arrives: clean ILMT data, retained quarterly reports, and an entitlement record you can produce on demand. When the letter does land, our audit defense team builds your independent compliance position before IBM finishes theirs, so the high risk products on your estate are reconciled on your numbers, not the auditor's.
Know where your exposure lives.
$250M+ in exposure defended across 500+ engagements. We mobilize within 48 hours of an audit notice, independent and buyer side.
Get audit help now →The IBM Audit Brief
Audit triggers, ILMT pitfalls, and settlement tactics for IBM software buyers.
Independent, buyer side IBM software audit defense and negotiation. Not affiliated with IBM Corporation.