① Journal · Audit defense
The audit notice arrives years after the deal closed. By then the terms that govern it are already fixed, in a clause almost nobody negotiated. Most audit exposure is created at signature. This is the language that decides who controls the audit, and what to change before you sign again.
An audit is won or lost in the contract, not in the audit. The clause you skimmed at signature is the one that governs the fight.
When a mainframe vendor exercises its audit right, the buyer's room to maneuver is almost entirely defined by language agreed years earlier. Who picks the auditor, what data must be produced, how measurement is defined, how much notice you get, how findings are priced, how disputes are resolved: all of it sits in a clause that most buyers treat as boilerplate at signing. It is not boilerplate. It is the single most consequential paragraph in the agreement for the day the notice lands, and it is commonly observed to be the least negotiated. The vendor drafts it to maximize discretion. The buyer signs it because the price was the headline and the audit felt theoretical.
The asymmetry is the point. At signing, the buyer is focused on cost and the vendor is relaxed about terms. At audit, the positions reverse, and by then the terms are locked. The fix is to treat the audit clause as a live negotiation at signing, when you have leverage, rather than a problem to solve at notice, when you have almost none. For the response side once a notice is real, see mainframe audit defense.
| Term | Vendor default | What to negotiate |
|---|---|---|
| Notice period | Short notice, vendor timing | 30 to 60 days written notice, your fiscal calendar respected |
| Frequency | Audit at will | No more than once per year absent reasonable cause |
| Auditor selection | Vendor or vendor appointed firm | Independent auditor, conflict free, NDA bound |
| Measurement basis | Vendor tooling and definitions | Agreed tools, defined metrics, your SCRT data accepted |
| Findings pricing | List price plus back maintenance and penalties | Pre agreed rates, no retroactive penalty, cure period |
| Dispute resolution | Vendor findings stand pending payment | Good faith dispute window before any payment is due |
Clause behavior described reflects patterns commonly observed across mainframe agreements, not a fixed vendor policy. Specific wording and enforceability vary by contract and jurisdiction; your agreement governs.
Two of these six matter most. Measurement basis decides whether the audit runs on your data or the vendor's interpretation, and findings pricing decides whether a shortfall is settled at a pre agreed rate or punished at list plus back maintenance. A buyer who fixes only those two has removed most of the discretion that makes audits expensive. The rest, notice, frequency, auditor independence, and a real dispute window, convert the audit from an ambush into a process you can run. None of this is exotic. It is simply the work that does not get done because, at signing, the audit feels like someone else's future problem. For the full clause level treatment see mainframe contract clauses that cost millions.
Audit notice already in hand? We mobilize within 48 hours to read the clause you signed and run the response. Start with mainframe audit defense.
Every issue of the journal, plus renewal benchmarks we do not publish on the site. No vendor sharing, ever.
More from the journal: IBM contract traps to avoid, when a 60 percent uplift lands, and why renewal preparation starts at 18 months. Guides: mainframe contract clauses that cost millions. Service: mainframe audit defense.