The IBM 90 Day Evidence Window

Independence statement. IBM Licensing Experts is an independent advisory firm. We are not an IBM Business Partner, reseller, or affiliate. We have no resell margin tied to our recommendations and we do not earn revenue from any IBM product line. Read more on why independence matters.

Why the 90 day window matters.

The 90 day evidence window is the operational deadline the customer commits to when accepting sub capacity. The window converts the abstract sub capacity entitlement into a concrete operational obligation: the customer can produce the ILMT data within 90 days of an IBM request, for any quarter in the two year retention period. A customer that cannot has not met the sub capacity operational requirements and the affected servers are subject to full capacity licensing for the period. The exposure is among the largest avoidable cost lines in the IBM estate. See sub capacity explained for the broader frame and ILMT guide for the tooling.

1. The contractual frame.

The 90 day window is set out in the Sub Capacity Licensing Terms attachment to the Passport Advantage agreement. The terms attachment defines the customer obligations on ILMT deployment, scan coverage, Audit Snapshot generation, retention, and the response to an IBM data request. The 90 day window is the response obligation. The customer agrees, in signing the Sub Capacity terms, that the data will be produced on request within 90 days. The window does not extend automatically and the customer cannot rely on goodwill from the IBM audit team to extend it. See audit legal rights for the broader contractual reading.

2. What evidence IBM expects.

The expected evidence is the four ILMT report set covering each licensed PVU product across the requested period. The Audit Snapshot per product per quarter is the central exhibit. The Software Inventory report and the Hardware Inventory report support the Audit Snapshot by establishing the deployed footprint. The scan log evidences continuous coverage. All four are produced by ILMT directly and can be exported in a portable format.

The expected evidence is not a generated summary or a manual reconciliation. The auditor reads the native ILMT report and reconciles it to the entitlement record. A manual summary is acceptable as a cover note but does not substitute for the native report. See ILMT Deployment Playbook for the operational frame and ILMT best practices for the operating model.

3. The operational discipline.

The operational discipline that keeps the 90 day window open is straightforward. ILMT is deployed and healthy. The scan coverage is at 100 percent on the eligible servers. The Audit Snapshot reports generate quarterly and are retained for two years in a recoverable archive. The team that owns ILMT has documented runbooks and a named successor. The scan coverage and the retention are verified monthly. The work is two to four operational hours per month on a mid sized estate.

The discipline that fails the window is the same in every case. ILMT was deployed once, the team that owned it rotated out, the runbooks were not handed over, the scans drifted, the Audit Snapshot generation stopped, and the gap was discovered only when the IBM audit request arrived. The remediation work to reconstruct the missing periods is sometimes possible (if the ILMT database survived and contains the historical data) and sometimes impossible (if the database was rebuilt or the historical scans never ran). See ILMT expertise page.

4. The window failure pattern.

The window failureThe IBM audit letter arrives. The licensing team requests the ILMT data from the operations team. The operations team discovers that the ILMT environment has not generated Audit Snapshots for six quarters. The ILMT database can be recovered for the most recent quarter but not the historical periods. The customer cannot produce the evidence for the historical periods within the 90 day window. The licensed sub capacity falls back to full capacity for the affected periods. The financial exposure on a mid sized enterprise estate runs into seven figures.

The failure pattern is preventable. The operational verification, the named successor, and the quarterly health review are the three controls. Each is operationally cheap. The cost of any one of them is a small fraction of the failure exposure.

5. The full capacity fallback.

The full capacity fallback is the licensing position for the affected servers when the 90 day evidence cannot be produced. The fallback prices the affected servers at the entire physical capacity of the underlying host, not the virtual workload footprint. On a 2 socket 32 core host, the fallback is typically 16 to 32 times the sub capacity number. The fallback applies for the period the evidence cannot be produced.

The fallback is not a soft consequence. IBM applies it at the audit settlement. The buyer side mitigation is the partial recovery (some periods evidenced, others not) and the negotiation of the settlement on the unevidenced periods only. The mitigation reduces but does not eliminate the exposure. The only complete prevention is the maintained ILMT environment. See audit settlement for the negotiation frame.

6. The window inside an audit.

Inside an audit, the 90 day window is the operational clock the customer is running against. The day count starts at the formal data request, not at the original audit letter. The buyer side action is to confirm the data request scope on day one, set the operational owner, identify the gaps within two weeks, and stand up the remediation work for the recoverable periods within the first 30 days. The remaining 60 days are the data assembly, the cover note preparation, and the buyer side reconciliation. See audit defense playbook and the audit defense service.

Ready to put this work into practice?

An independent senior advisor on your IBM estate. No resell margin, no IBM relationship to protect, no time pressure to push a product. Just the buyer side view.

Schedule a consultation All services

The IBM 90 Day Evidence Window.