IBM License Compliance: Following up on Settlement Obligations
Avoid repeat IBM audit risks by following through on settlement obligations. Learn key steps to implement changes, meet requirements, and stay compliant.
Quick Recap
In our last blog, we explored how licensing alternatives, such as Cloud Pak entitlements or non-production licenses, can dramatically reduce the cost of settling an IBM audit. But settlement is not the end of the journey.
Once terms are agreed, the next crucial step is ensuring you follow through on any obligations. Without diligent follow-up, unresolved issues may resurface in the next audit, often with higher financial and operational consequences.
Why Settlement Follow-Up Matters
Settlement agreements with IBM often include commitments beyond simply purchasing additional licenses. These may involve system changes, reporting updates, or clean-up actions. Neglecting these follow-ups can expose your organisation to repeat findings, wasted investments, and damaged credibility in future negotiations.
Key risks of failing to act:
- IBM may revoke concessions (e.g., waived fees) if agreed changes aren’t implemented.
- Non-compliance issues may resurface in the next audit, compounding penalties.
- License purchases made under settlement may not deliver value if systems remain unchanged.
Three Critical Follow-Up Actions
1. Implement Agreed Changes
If the settlement required uninstalling software, correcting product editions, or changing how licenses are deployed, act quickly. IBM is unlikely to show leniency twice if the same issue appears in the next audit.
2. Meet Sub-Capacity Requirements
If IBM waived full-capacity licensing on the condition that you fix ILMT or other reporting gaps, treat this as a top priority. Ensure updates are made, reports are accurate, and evidence of compliance is retained.
3. Clean Up User Accounts
Inactive or duplicate accounts flagged during an audit often inflate exposure. If IBM agreed not to charge for them, make sure they are deactivated or removed so the problem doesn’t return.
Best Practices for Long-Term Compliance
- Document Everything: Keep a record of the obligations, deadlines, and actions taken.
- Engage Stakeholders: Ensure IT, procurement, and compliance teams are aligned on post-settlement responsibilities.
- Validate Remediation: Use internal audits to confirm that all agreed actions were completed and properly recorded.
- Monitor Continuously: Treat the audit closure as the start of a renewed compliance cycle, not at the end.
Final Thoughts
A settlement should close the book on an audit—not set the stage for the next one. By proactively implementing changes, fixing reporting gaps, and cleaning up accounts, you transform an audit from a short-term cost event into a long-term compliance opportunity.
Looking ahead
In the final part of our series, we’ll discuss how documenting your audit data collection procedures not only strengthens your compliance processes but also prepares you for the inevitable next IBM review.
Want to access the full guide on IBM license compliance audits? Download it here:
Mastering IBM License Compliance Audits
This guide is part of our ongoing blog series that breaks down complex IBM compliance topics into digestible posts, offering practical advice and actionable strategies to help you maintain compliance.
About the Author
Koen Dingjan, IBM Service Director
Koen is a seasoned expert in IBM licensing with nearly two decades of experience. A former Deloitte auditor, he has led over 60 IBM compliance reviews and developed an industry-recognised IBM compliance certification course. At ITAA, Koen helps clients manage IBM license compliance, defend against audits, and optimize license management strategies.
