How Audit Findings Are Constructed
Understanding the structure of a vendor audit finding is essential to challenging it effectively. Audit teams compile findings by combining three elements: a deployment footprint (what software they assert you are running), a licence entitlement record (what you are licensed to run), and a pricing model (what the vendor claims the shortfall costs). Each of these elements contains assumptions and choices that are favourable to the vendor and challengeable by you.
The deployment footprint is typically derived from automated scanning tools that identify software installations but cannot accurately determine utilisation, configuration, or licence metric implications. Oracle's LMS tools, for example, detect Oracle software presence but apply worst-case licensing assumptions for virtualised environments unless specific configuration data is provided. The reported footprint often overstates actual licence requirements significantly.
The pricing model compounds this. Vendor audit teams apply standard list pricing — the published rate card before any discount — to calculate the value of the claimed shortfall. Enterprise customers routinely purchase Oracle, SAP, or IBM licences at 40 to 70 percent below list price. Applying list pricing to audit shortfalls inflates the claimed settlement value by a multiple that bears no relationship to what a commercial licence negotiation would produce.
Free Guide
Software Audit Defense Guide
How to respond to a software audit notice, protect your position, and negotiate settlements for less.
The complete audit process framework is detailed in the Software Audit Defense Playbook. This article focuses on the settlement negotiation phase specifically.
Never accept list pricing in an audit settlement. Audit teams present settlement figures based on list pricing as a starting position. Enterprise customers with negotiated agreements have precedent for the discounts they receive commercially. A settlement that reflects your actual commercial discount position is always achievable — but only if you negotiate for it.
The Challenge Methodology
A structured challenge to vendor audit findings follows a consistent methodology: challenge the deployment data, challenge the licence metric interpretation, challenge the entitlement calculation, and challenge the pricing basis. Each challenge layer typically reduces the claimed settlement amount materially.
Challenging Deployment Data
Vendor scan data is a starting point for discussion, not definitive evidence of non-compliance. Common errors in vendor deployment data include: detection of software that is installed but not in use or running, misidentification of product versions with different licence implications, failure to account for dormant or retired installations that have been superseded, and incorrect identification of software as eligible IBM Passport Advantage products when it is actually free or open-source components.
Stay Ahead of Vendors
Get Negotiation Intel in Your Inbox
Monthly briefings on vendor pricing changes, audit trends, and contract tactics. Unsubscribe any time.
No spam. No vendor affiliations. Buyer-side only.
Your own SAM tooling and deployment records should be used to challenge every line item in the vendor's deployment list. Even a partial reduction in the claimed deployment footprint translates directly into a proportional reduction in the settlement figure.
Challenging Licence Metric Interpretation
Licence metric interpretation is often the largest source of inflated findings. Oracle's virtualisation policy, IBM's PVU sub-capacity rules, and SAP's named user categorisation all contain ambiguities that vendor audit teams interpret in their most commercially favourable reading. These interpretations are not always technically correct or contractually mandated.
For Oracle virtualisation findings, the question is whether the specific hypervisor configuration qualifies for hard partitioning treatment. For IBM PVU findings, the question is whether ILMT has been properly maintained and whether the sub-capacity calculation is being applied correctly. For SAP named user findings, the question is whether every flagged user genuinely accesses SAP in a way that requires a chargeable named user licence, or whether some are system accounts, workflow approvers, or read-only access that should be classified differently.
Challenge installed vs. running software, version misidentification, and retired installations. Typical reduction: 10–25% of claimed footprint.
Challenge virtualisation policy application, sub-capacity eligibility, and user type classification. Typical reduction: 20–40% of remaining claim.
Challenge licence entitlement calculation with complete order history, upgrade rights, and contractual licence mobility provisions. Typical reduction: 15–30%.
Challenge list pricing with your actual commercial discount precedent. Settlements should reflect commercially achievable pricing, not vendor wishlist rates.
Entitlement Review as a Settlement Tool
A thorough entitlement review — documenting every licence purchased, every upgrade right exercised, every product substitute used, and every contractual provision that affects the effective licence position — is one of the most reliable tools for reducing settlement figures. Vendor audit teams compile entitlement records from their own commercial systems, which are not always complete or accurately maintained.
Common entitlement gaps in vendor records include: licences purchased through third parties or resellers that were not properly registered with the vendor, licence upgrade rights from older agreements that were never formally exercised but remain contractually valid, product substitution rights that permit different product families to be used against existing entitlements, and licence reassignment rights following infrastructure changes that reduce effective deployment requirements.
For IBM specifically, Passport Advantage entitlement records are notoriously complex and frequently incomplete. IBM's audit team builds the compliance gap from their Passport Advantage records — if those records do not reflect your complete purchase history, the gap is systematically overstated. Every engagement IT Negotiations has conducted involving an IBM audit has identified entitlement gaps in IBM's own records that materially reduced the settlement figure when corrected.
Commercial Framing of the Settlement
After the technical challenges to the findings are exhausted, the remaining settlement amount is a commercial negotiation, not a compliance determination. Vendor audit teams have discretion to settle at figures that reflect mutual commercial interests — particularly where a renewal, an expansion, or an ongoing relationship provides leverage for the customer.
The most effective commercial framing positions the settlement as part of a broader commercial negotiation. Rather than treating the audit and the renewal as separate processes, skilled negotiators link them: the settlement is negotiated as part of an agreement that also covers the renewal terms, future pricing, contractual protections, and audit rights provisions that reduce future exposure. Vendors who want the renewal are more flexible on settlement figures than those who are simply executing an audit with no forward-looking commercial stake.
IT Negotiations manages audit settlements as integrated commercial negotiations — ensuring that the outcome addresses not just the immediate settlement amount but the structural contractual protections that reduce future audit exposure. The audit defense service covers the complete process from notification through final settlement.
Challenge the Finding. Negotiate the Settlement.
IT Negotiations has negotiated audit settlements across Oracle, SAP, IBM, and Microsoft — consistently reducing initial claims by 40 to 80 percent. The first number is never the final number when you know how to challenge it.
Get Audit Settlement Support →