There are opportunities at every stage of an IBM audit to reduce the quantity of violations and amount of penalties you will owe.
Here are some tips:
- ILMT report verification – If you’re running ILMT, verify the report. With the complexity of IBM software, their tool may not be reporting the correct number without some tweaks. The ILMT reports are simple to read once you get the tool up and running so it’s possible that you could be on top of any deployment of software using the PVU or processor value unit metric before you receive that audit letter.
- Authorized Named Users – For users where you have authorized name users, if you’re running another software asset management tool in your environment, look at your end user workstations and compare the head count to your licenses. Don’t forget anyone that may be on Citrix, or accessing the software by another method.
- Look at the programs themselves – For example, Lotus Notes has a names.nsf file. How many users are listed there? Are there old employees that need to be cleaned out, or ancient group email boxes that are no longer used? Do you have floating or concurrent user licenses that are not on IBM’s new token metric? Is there a tool that meters the usage so you can compare it to the license entitlements?
These are some simple ways to approach audit shortfalls and possible penalties in advance, but when you’re in the middle of an audit it’s important to just work through the results as best you can. Look for errors at every turn; ask questions for things that don’t make sense. The auditors are patient and will go through it with you. They might even suggest a comparable or upgraded license that can backfill a shortfall.