The compliance gap letter and how to respond.
The compliance gap letter is the moment an IBM audit turns from data gathering into a demand. It arrives with a number attached and a tone of finality, but it is an opening position, not a verdict. How you respond in the first reply sets the ceiling for everything that follows.
By the time the compliance gap letter lands, IBM has run your deployment data through its own reconciliation and produced an effective license position. The letter states the shortfall it believes exists and frames it as the basis for settlement. Read too quickly, it feels like a bill. Read correctly, it is the first formal articulation of a claim that you are entitled to test, dispute, and reduce.
What the letter actually is
A compliance gap letter sets out the products IBM considers under licensed, the quantity it believes you are short, and the metric it used to get there. It is built on assumptions: that every install it counted is in scope, that the PVU and sub-capacity figures it applied are correct, and that no entitlement offsets were missed. Each of those assumptions is a place where the number can move.
Crucially, the letter is not a contract and it is not a finding you have agreed to. It is the vendor stating where it would like the conversation to start. Treating it as settled is the single most expensive reading you can give it.
What to check before you reply
- Confirm every product listed is genuinely in audit scope and named in the original notice, not added partway through.
- Recompute the PVU values against the IBM processor value unit table for your exact hardware rather than accepting IBM's per core figure.
- Verify whether sub-capacity was credited where you held a valid ILMT record, or whether the letter defaulted you to full-capacity.
- Reconcile the claimed shortfall against your entitlements and Passport Advantage records, including offsets and unused licenses IBM may have left out.
- Check the lookback period the letter applies and whether it reaches further back than the contract supports.
The number in a compliance gap letter tends to anchor the negotiation. If your first response concedes the framing and only asks for a discount, you have accepted the gap and are now arguing over price. If your first response challenges the basis of the gap itself, the whole calculation reopens. Anchor before you are anchored.
How to structure the response
The reply should not be a yes, a no, or a request for mercy. It should be a reasoned, evidence backed challenge that disputes the findings line by line. Where a PVU value is wrong, show the correct value. Where sub-capacity was denied, present the ILMT evidence that restores it. Where an entitlement was omitted, produce the proof of entitlement. The goal is to convert a single headline number back into a set of individual claims, most of which can be contested on their own facts.
This is the Challenge stage of our method. Across engagements, challenges land thirty to fifty percent of audit findings on average, and a structured first reply is what makes that reduction available rather than theoretical.
The compliance gap letter is an opening offer dressed as a conclusion. Do not reply to the headline number. Reply to the assumptions underneath it: scope, PVU math, sub-capacity standing, and missing offsets. Reopen the calculation line by line and the gap moves before any discount is ever discussed.