Skip to main content
💰 No Save, No Pay — We negotiate your software contracts. You keep 75% of savings. Zero risk. How it works →
IBM · Audit Defence · 12 min read

IBM Audit Defence Negotiation: ILMT, Sub-Capacity and License Compliance

Published ·Last updated

IBM audit defence negotiation is the practice of containing the financial exposure of an IBM software compliance review while using the audit's leverage moment to renegotiate the underlying enterprise licence agreement. IBM audits are leverage events, not compliance reviews. The vendor's opening compliance claim on a mid-sized enterprise typically runs 1.5x to 6x the customer's annual IBM spend; the settled figure with effective defence usually lands between 0.2x and 0.8x of annual spend, paired with a forward ELA at improved terms. The gap between those two numbers is where this work earns its return.

FF
Fredrik Filipsson Founder, NoSaveNoPay · LinkedIn
Published 18 May 2026 · Last reviewed 18 May 2026
Get a Free IBM Audit Estimate → See Audit Defence Service

This guide is the long form of the workflow NoSaveNoPay applies inside paid audit-defence engagements. The commercial model is 25% gainshare against the gap between IBM's opening claim and the settled figure — the mechanics are documented on the audit defence service page and the IBM negotiation service page. The full reference for the gainshare model itself lives on the gainshare pillar.

1.5–6x
Opening compliance claim vs annual IBM spend
9 mo
ILMT reports required for sub-capacity entitlement
$0
NoSaveNoPay fee if no claim reduction is delivered

What an IBM software audit actually is

IBM audits are formal compliance reviews triggered by IBM's Software Asset Management (SAM) or, more commonly, an IBM-engaged third party — Deloitte and KPMG are the most frequent. The audit is contractually authorised by the customer's Passport Advantage Agreement or specific licence agreement. The auditor's task is to compare deployed and accessible IBM software against current entitlement. The output is a compliance gap report, which then forms the basis of a settlement claim.

Two structural facts shape every IBM audit. First, IBM's commercial team is almost always involved in the settlement, even when the audit is nominally a compliance exercise. Second, the auditor's findings — particularly around PVU sub-capacity and ILMT — are easier to dispute than IBM's commercial team admits in opening conversations. Both facts matter for defence strategy.

Why audits are triggered (in order of frequency)

The risk-scoring signals IBM uses to prioritise audits are documented across multiple published sources. In our deal data, the most frequent triggers, in order:

  1. Missing or non-compliant ILMT reports. Sub-capacity entitlement is contractually conditional on quarterly ILMT reports retained for two years. Customers who cannot produce nine months of report history are the highest-probability audit targets.
  2. Dropped IBM maintenance. Customers who recently terminated S&S on previously licenced products draw audit attention because the move suggests internal pressure on IBM spend.
  3. End-of-support migrations. WebSphere, Db2, and MQ end-of-support events trigger audits because customers commonly run unlicenced "transitional" deployments.
  4. M&A activity. Acquisitions create entitlement-transfer questions IBM uses as audit predicates.
  5. Mid-cycle ELA review. Long ELAs (5+ years) almost always face an audit at year three or four.

ILMT — the pivot point in any sub-capacity defence

The IBM License Metric Tool is the only IBM-approved tool to measure sub-capacity processor value unit consumption in virtualised environments. Sub-capacity entitlement allows the customer to licence PVU products based on actual core consumption rather than the full physical capacity of the underlying hardware. On a VMware cluster with 256 physical PVUs that allocates 32 PVUs to a single Db2 VM, sub-capacity entitlement reduces the required licence from 256 PVUs to 32 — an 8x difference. On a 16-node cluster, that gap easily exceeds 20x.

The contractual condition for sub-capacity entitlement is the production of quarterly ILMT reports retained for two years. Customers who cannot produce nine consecutive months of ILMT history forfeit sub-capacity entitlement under audit and are recalculated at full physical capacity. This is the single largest financial swing in most IBM audits.

Three ILMT remediation moves that work even mid-audit:

  • Backfilled deployments. ILMT can be deployed during an audit and the resulting reports begin to accrue immediately. Most audits run six to twelve months — long enough for nine months of ILMT history to be produced. IBM typically accepts forward-looking ILMT remediation in exchange for settlement concessions, even where the historical position was non-compliant.
  • Discoverable PVU re-counting. Auditors regularly count PVUs on hardware that does not actually run the audited software. Each questioned core saves between 70 and 120 PVUs depending on chip family. A thorough re-count typically removes 15–25% of the initial PVU claim before any commercial negotiation.
  • Bundle credit application. IBM Cloud Pak entitlements include sub-capacity rights that are often missed by auditors comparing legacy entitlements. Cross-referencing Cloud Pak entitlement against allegedly under-licenced legacy products can absorb 10–40% of an opening claim.

The four phases of an IBM audit and where leverage sits

Audits run on a predictable cadence. Knowing which phase you are in determines which moves are available.

PhaseDurationWhat the customer controls
1. Notification & scoping2–6 weeksAuditor selection, scope, methodology, NDA, contractual notice period
2. Data collection2–4 monthsWhich scripts run, what data leaves the environment, ILMT remediation
3. Findings & rebuttal1–3 monthsLine-by-line dispute of the auditor's PVU counts, entitlement re-mapping
4. Commercial settlement2–6 monthsSettlement structure (lump-sum vs ELA conversion), forward terms, MFN

Phase 1 is the single most underused leverage moment. Customers who push back on auditor selection, scope, and methodology in the first three weeks routinely close out at a fraction of those who accept IBM's default terms. Phase 4 is where the majority of dollars are decided — and where the audit can be converted into a renegotiated ELA that materially improves forward economics.

The settlement is always a renewal

The single largest defence mistake we see is settling an IBM audit as a standalone compliance bill. IBM's commercial team has more discount headroom on a forward ELA than on a back-dated compliance settlement, so converting the audit liability into a credit against new spend usually produces the lowest net outcome. A $4.2M opening claim settled as a lump-sum becomes $4.2M (sometimes negotiated to $2.8M). The same exposure settled as part of a forward five-year ELA becomes $1.4M of credit against $14M of new commitment — at terms that include capped escalators, sub-capacity bandwidth, and audit rights that are themselves materially better than the prior agreement. Settle the audit and the renewal together, in the same document, in the same week.

Contractual changes to demand at resolution

Every IBM audit settlement is an opportunity to rewrite the underlying agreement. The contractual changes that produce the largest forward savings:

  • Escalator cap. CPI or 3%, whichever is lower, across all entitlement categories.
  • Sub-capacity entitlement codified for the entire estate — not just the products under audit.
  • Audit cooling-off period. No further audits for 36 months following settlement; reasonable two-year notice on subsequent audits.
  • Right to use IBM's own data. The customer's ILMT environment becomes the source of truth in any future compliance dispute.
  • True-down rights at renewal. Headcount or core reductions produce proportional fee reductions.
  • MFN on PVU pricing against customers in the same industry and entitlement band.
  • Cloud Pak portability. Existing PVUs convert to Cloud Pak entitlement at a stated ratio.
Anchor the renewal in the audit window. The audit's leverage decays the moment settlement is signed. Every contractual change above must land in the same document as the settlement — not in a follow-on negotiation, not in a side letter, not in a future order form. IBM's commercial team is at its most accommodating two weeks before the audit closes; it is at its least accommodating two weeks after. Read more in our IBM negotiation service page and the IBM audit defence white paper library.

What NoSaveNoPay does inside an IBM audit defence engagement

The workflow above is what we execute inside paid engagements. The team is led by former vendor executives and former enterprise CIOs who have themselves been on the customer side of IBM audits. The commercial model is gainshare — 25% of verified savings, where savings are the verified gap between IBM's opening claim and the settled figure plus the present value of forward ELA improvements. The methodology behind savings verification is in methodology; the full how-it-works is at how it works; the contract structure is at pricing. The model is contrasted with hourly and fixed-fee in gainshare vs hourly and gainshare vs fixed-fee.

Related reading

Audit notice in your inbox? Send us the letter.

The first three weeks of an IBM audit are where the financial outcome is decided. We will quote the expected reduction in the claim and the contingent fee — no commitment, no clock running.

Get a Free IBM Audit Estimate → See How It Works

Frequently asked questions

What triggers an IBM software audit?

IBM audits are triggered by a mix of risk-scoring signals: missing or non-compliant ILMT reports, dropped IBM maintenance on previously licenced products, large M&A activity, end-of-support migrations on WebSphere or Db2, and the natural mid-cycle point of long ELAs. Customers with sub-capacity entitlements who cannot produce nine months of ILMT history are the highest-risk audit targets.

What is ILMT and why is it required?

IBM License Metric Tool (ILMT) is the only IBM-approved tool to measure sub-capacity processor value unit (PVU) consumption in virtualised environments. Sub-capacity entitlement is conditional on quarterly ILMT reports retained for two years. Without ILMT reports, IBM is contractually entitled to charge full-capacity PVU — which on a VMware cluster can be 8–20x the actual usage.

How long does an IBM audit typically take?

Six to twelve months from formal notification to settlement on a mid-sized engagement; eighteen months on complex multi-region audits. Most of that time is data collection and negotiation. The initial findings report usually lands two to four months in; the settlement-and-renewal phase is the remaining six to nine months and is where the dollars are decided.

What is the typical financial exposure in an IBM audit?

Initial IBM compliance claims on a mid-sized enterprise audit typically open between 1.5x and 6x the customer's current annual IBM spend. The negotiated settlement on the same audit, with effective defence, usually lands between 0.2x and 0.8x of annual spend — and is almost always paired with a forward ELA at improved discount terms. The gap between the opening claim and the settled figure is where audit defence work earns its return.

Can I refuse an IBM audit?

No. Audit rights are embedded in every IBM passport advantage and standard licence agreement. The customer can, however, control scope, timing, methodology, and which third party (commonly Deloitte or KPMG) executes the review. Each of those four dimensions is negotiable and each one materially affects the financial outcome.

Does sub-capacity always require ILMT?

For most PVU-licenced products, yes. There are narrow exceptions for very small environments (under 1,000 PVUs per server), for some appliance-based deployments, and for specific software where IBM's terms explicitly waive the ILMT requirement. The default assumption in any IBM audit defence is that ILMT will be required and that nine months of quarterly reports must be producible.

What is the best time to settle an IBM audit?

At the same moment as signing a new ELA — and ideally in the final two weeks of IBM's fiscal quarter. IBM's account team has more discount headroom on a forward ELA than on a back-dated compliance settlement, so converting the audit liability into a credit against new spend usually produces the lowest net outcome. The single largest mistake we see is settling the audit as a standalone bill, separately from the renewal.

Should I bring in external IBM audit defence advisors?

Yes, on any audit with potential exposure above $500K. The combination of legal review, ILMT remediation, and commercial negotiation is materially different from running an internal IT compliance project, and the asymmetry of information between IBM's audit team and an unaided internal team is large. NoSaveNoPay's audit defence engagements are run on a 25% gainshare against the gap between IBM's opening claim and the settled figure.

Reviewed by Fredrik Filipsson · Last updated 18 May 2026 · NoSaveNoPay editorial standards: methodology.html