>
Journal · Audit Readiness
Audit Readiness

Post settlement: build a standing defense.

Settling the audit is not the end. IBM keeps the right to come back, and the estate keeps changing. Here is how to turn a one time defense into a permanent posture.

May 2026 · 7 min read · Audit Process and Defense

Most companies treat a settled audit as a closed chapter. IBM does not. Support non renewal, three years of silence, or a spike in high risk product use can put you back in scope, and a fresh audit will start from wherever your estate has drifted since the last one. A standing defense keeps that drift under control.

Carry the settlement discipline forward

The work that won the audit is the work that prevents the next one. The entitlement ledger you built, the corrected tool data, and the deployment map are assets, not deliverables to be archived. Keep them live.

  • Keep ILMT clean. Continuous scans, corrected categorizations, stale machines purged, quarterly reports retained. A healthy tool is the foundation of every sub capacity claim.
  • Maintain the entitlement ledger. Reconcile against Passport Advantage on a schedule, and capture every new purchase, migration, and acquired entitlement.
  • Put change control on IBM software. New deployments, host resizes, and virtualization changes all move your PVU. Review them before they become next year's finding.

Watch the reaudit clause

The settlement letter itself can carry forward risk. A broad reaudit clause lets IBM return on short notice with the terms tilted in its favor. Where it cannot be removed, it should be narrowed: a defined scope, a reasonable notice period, and limits on how soon a follow up can occur. The settlement is the moment to fix this, not after.

Make compliance a standing function

Assign ownership. Someone needs to own IBM license posture the same way someone owns security posture, with a regular review rather than a scramble when a letter arrives. A short quarterly check on tool health, entitlement reconciliation, and deployment change is far cheaper than the lookback it prevents, which can run two to five years of back charges at full capacity rates.

A standing defense changes your position permanently. Instead of reacting to IBM's timeline, you set your own, and the next audit becomes a confirmation of records you already trust rather than a discovery of problems you forgot.

What this means under audit

A settled audit is a pause, not an ending. Keep ILMT clean, the entitlement ledger live, and change control on IBM software, and narrow any reaudit clause in the settlement itself. A standing defense turns the next audit into a confirmation rather than a discovery.

Related reading
Avoiding the Reaudit Clause in a SettlementThe Self Audit: Find It Before IBM DoesWho Should Be in the Room for an IBM AuditService: Audit Defense
Talk to Audit Defense →Get audit help now

The IBM Audit Brief

Audit triggers, ILMT pitfalls, and settlement tactics for IBM software buyers.

IBM Audit

Independent, buyer side IBM software audit defense and negotiation. Not affiliated with IBM Corporation.

Services
Audit DefenseAudit NegotiationILMT RemediationSub-Capacity Defense
Products
WebSphereDb2CognosCloud Pak
Company
AboutContactJournalWhite Papers
Independent. Not affiliated with IBM Corporation.Buyer Side · Est. 2019