Guide to Non-Disclosure Agreements in an IBM License Audit

Guide to Non-Disclosure Agreements in an IBM License Audit

One of your early challenges in the IBM license audit journey will be to draft and get agreement on the Non-Disclosure Agreements (NDAs). As your organization braces for a Software License Review (SLR), our comprehensive guide aims to illuminate the significance of tailored NDAs and equip you for the upcoming journey.

Introduction: Preparing for an IBM License Audit

As the formal notice of an IBM License Audit arrives, anticipation builds. The subsequent Kick-off and Scoping email from the IBM licensing representative signals the initiation of the audit process. However, before your scheduled meeting, initiating the preparation of NDAs specific to the license audit project becomes a critical step.

In this blog post, we aim to provide a detailed understanding of why NDAs matter and how crafting them meticulously can influence the trajectory of the audit and subsequent negotiations with IBM.

Reasons for an NDA Specific to a Software License Audit

Reasons for an NDA Specific to a Software License Audit include:

  1. Any existing NDA may not have clauses included to protect the client in the event of a license audit.
  2. The NDA proposed by the auditor are often too general and do not have restrictions on what may be shared with publisher, IBM.
  3. You will want to control of what information may be share at all stages in the audit to ensure expectations are managed with the publisher.  It is particularly important that the preliminary findings are not shared with the publisher.
  4. You will want to maintain control on when the audit report is considered complete and to be released to publisher.  Not at the discretion of the auditor.
  5. You will want the retain the power to include qualifications, additional evidence or explanations in any reports released to the publisher.
  6. Controlling the timing of when data is released is critical to negotiations with the publisher.
  7. There may be specific information that you are prevented from sharing due to regulatory, national security or other reasons that must be explicitly stated in the NDA.
  8. The auditor’s company may provide consultancy to another part of the client’s business and have access to information the client does not wish to share with the audit project.
  9. There may be specific exclusions that need to be included to scope.  For example, a tender or purchase of software or services from the publisher (IBM) may be influenced.
  10. The process proposed by the auditor may not be acceptable to the client.  For example, interviewing the client’s staff or remote access to sensitive networks.
  11. You might want the audit report released to IBM after a particular date.  There may be a variety of business reasons for this request. M&A, public listing, tender award or similar event that might be influenced by the results of an audit.

Points to Consider in an IBM License Audit NDA

Points to Consider in an IBM License Audit NDA include:

  1. Information Sharing Control:
    • Explicit written agreements for sharing information with IBM or any third party.
    • A stringent approval process for sharing information with third parties, ensuring client consent and control.
  2. Technical Details Protection:
    • Limiting the sharing of technical details, permitting the auditor to share only summary calculations with IBM.
    • Restricting the sharing of specific audit snapshot files generated from tools like BigFix / ILMT.
  3. Organizational Confidentiality:
    • Restricting information sharing within the auditor’s organization, outside the named audit team, without prior written agreement.
    • Ensuring the audit NDA terms complement and supplement other NDAs signed previously with the auditor.
  4. Expiration and Review:
    • Defining an agreed timeframe for NDA expiration, with the client having the final say on report releases.
    • Establishing that the client approves all reports released to the publisher.

Negotiating the NDA in an IBM LIcense Audit

When negotiating the NDA in an IBM License Audit:

  1. Expect Pushback:
    • Anticipating resistance from the auditor and IBM on various points in your initial NDA draft.
    • Acknowledging that reaching a mutually acceptable NDA is a nuanced negotiation process.
  2. Effective Communication:
    • Regular, transparent communication with the auditor is crucial for successfully agreeing on a mutually acceptable NDA.
    • Balancing firmness and flexibility in negotiations to reach an agreement that serves both parties.

Using NDA in an IBM audit Strategically

  1. Setting the tone of audit:
    • Getting agreement on the NDA will be the first opportunity to negotiate with the IBM auditor. How this is handled will set the tone for the reset of the project.
  2. Delaying the Audit:
    • Leveraging NDA negotiations strategically can be used to potentially delay the audit, providing your organization with additional preparation time.
    • Exercising caution with this strategy to avoid escalations to higher executive levels if delays become prolonged.


Agreeing to the software license audit NDA marks the initial, and crucial, step in a series of confrontations during the audit process. While the negotiations can be time-consuming, they are an investment in securing your organization’s interests. This comprehensive guide aims to assist in NDA preparation and negotiations, providing valuable insights for your journey through the IBM license audit process.



Leave a Comment