Quick recap: In our fourth blog, we tackled the critical step of negotiating the audit scope. We covered how to limit what’s reviewed, set realistic timelines, and choose acceptable data collection methods. Done well, this step gives you a head start by reducing unnecessary risk and defining the boundaries of the audit process.

While defining the audit scope helps set the boundaries, it’s the day-to-day coordination that determines how smoothly things run.

That’s why appointing a central contact person is essential to maintaining control and avoiding costly mistakes.

Why Assigning a Central Contact Person Is Essential

IBM audits often require input from multiple departments—IT, procurement, legal, finance, and software asset management. Without clear coordination, it’s easy for the audit process to spiral into miscommunication, redundant effort, or unverified data being shared with auditors.

Here’s why assigning a central contact person is a smart move:

1. Control the Flow of Information

Audit outcomes hinge on the accuracy and clarity of the data provided. A single point of contact ensures that only validated information is shared—helping prevent unintentional disclosures or inconsistencies that could inflate license findings.

• ✅ Avoid conflicting responses from different teams
• ✅ Ensure every piece of shared information is reviewed and approved
• ✅ Keep a record of what was shared and when

2. Co-ordinate Internal Stakeholders

From technical leads to legal reviewers, different teams will play a role in the audit. Your central coordinator can:

• 📌 Delegate tasks to the right people
• 📌 Track progress on data requests
• 📌 Escalate issues when needed

This reduces delays, prevents duplication, and ensures no important task slips through the cracks.

3. Maintain an Audit Trail

Documenting communications and responses isn’t just helpful—it’s critical. Having a written record of all correspondence can be the key to resolving disputes or justifying compliance positions later in the audit.

• 📁 Keep emails, shared files, and meeting notes organized
• 🛡️ Build a defensible position with documented evidence
• 📁 Use these records to support future compliance assessments

4. Support Audit Processes

The central contact doesn’t disappear when the audit ends. They should retain all records, lessons learned, and procedural insights to improve internal audit readiness going forward. This continuity is essential for long-term compliance management.

Final Thoughts

Think of your central contact person as the project manager for your audit. With the right individual in place, you reduce chaos, improve audit outcomes, and establish best practices for future compliance efforts.

What is Next?

Now that communication is centralized and audit response efforts are coordinated, the next step is to understand exactly what data IBM auditors will request—and why.

In our next blog, we’ll explain how to analyse data requests, challenge unnecessary disclosures, and ensure every piece of information you provide is justified and secure.

Stay tuned!

Want to access the full guide on IBM license compliance audits? Download it here:

Your Email*

Consent*

By submitting this form the entered data will be handed over to and stored by us for contact purposes. You can review additional information about your data and rights in our Privacy Policy.*

Comments

This field is for validation purposes and should be left unchanged.

About the Author

Koen Dingjan, IBM Service Director

Koen is a seasoned expert in IBM licensing with nearly two decades of experience. A former Deloitte auditor, he has led over 60 IBM compliance reviews and developed an industry-recognised IBM compliance certification course. At ITAA, Koen helps clients manage IBM license compliance, defend against audits, and optimize license management strategies.