① Journal · Audit
Reported audit activity jumped from roughly 40 percent of enterprises in 2023 to around 62 percent last year, and mainframe estates sit near the top of the target list. The reasons are commercial, not random. Here are six drivers behind the surge, and the lever on each.
An audit is rarely about compliance for its own sake. It is a revenue tool, and the conditions favor the vendor right now.
Across the market, audit volume has climbed sharply. Surveys put the share of organizations audited by a major software vendor at around 62 percent in the most recent year, up from roughly 40 percent in 2023, with companies over 5,000 employees reviewed at even higher rates. The financial stakes rose with the volume: the proportion reporting audit liabilities above one million dollars more than tripled over two years. Mainframe estates draw a disproportionate share of that attention because the contracts are decades old, the entitlement records are incomplete, and a single misread metric on a large estate recovers more than a year of audits across a desktop portfolio.
The drivers are commercial. Software vendors carry growth targets, and a mature install base on legacy terms is a controlled way to hit them: an audit converts ambiguity into a back charge or a migration onto a richer model. This is most visible after an acquisition, when a new owner inherits a customer base on inconsistent contracts and uses reconciliation to true everyone up. Read this alongside our note on the audit clause you signed and forgot and our mainframe audit defense service.
What we commonly observe · driver and the buyer side lever
| Driver | What it looks like | Buyer side lever |
|---|---|---|
| Post acquisition reconciliation | New owner trues up inherited entitlements after a portfolio changes hands | Rebuild the entitlement baseline before they do |
| Subscription enforcement | Audit used to push legacy customers onto consumption or subscription terms | Separate the compliance question from the model change |
| Revenue pressure | Mature install base mined for growth against quarterly targets | Time the response to your calendar, not their quarter |
| Entitlement decay | Decades of changes leave records the customer cannot fully reconstruct | Maintain a current license record, not a folder of PDFs |
| Estate complexity | Sub-capacity, sysplex, and hybrid deployments create measurement gaps | Validate SCRT and sub-capacity reporting independently |
| Outsourcer and divestiture drift | Capacity moves to a partner or a carve out without license alignment | Align entitlements to where the workload actually runs |
These are patterns we commonly observe, not statements of any vendor's policy. Survey figures are industry reported and vary by sample. Your own entitlement, contract terms, and SCRT data govern; treat the drivers as the questions to walk in with.
Most exposure comes from records the customer cannot reconstruct, not from genuine overuse. A maintained baseline of every product, contract, and entitled capacity turns the auditor's opening position into a claim you can rebut line by line. Build it before the notice lands, because reconstruction under a 30 day clock favors the vendor.
The cleanest record wins the audit.
On the mainframe the number that matters is the measured peak, through SCRT and sub-capacity reporting. Validate it independently rather than accepting the vendor's tooling output. A clean, defensible measurement removes the largest source of inflated findings and sets the floor for any settlement conversation.
Measure your own estate before they do.
When an audit is really a push toward subscription or consumption pricing, the two questions get bundled so the model change rides in on the compliance pressure. Split them. Settle any genuine compliance gap on its own terms, and evaluate a model transition separately on your own consumption data, never under audit duress.
Do not let a finding sell you a new contract.
④ Where the audit is won
An audit is a revenue tool aimed at your records. Keep them clean and the tool loses its edge. Measure first, settle second, change models never under duress.
Mobilization on an audit notice
Mainframe spend negotiated on the buyer side
Engagements delivered since 2019
Industry surveys point that way. Reported audit activity rose from roughly 40 percent of organizations in 2023 to around 62 percent in the most recent year, with larger enterprises reviewed at higher rates still. Mainframe estates are a frequent target because the contracts are old and the recoverable sums are large. Treat it as a planning assumption: assume a review within the term.
A new owner inherits incomplete records and a customer base on legacy terms, and a review is how it reconciles them and steers customers onto current models. We see this pattern most clearly around Broadcom (CA) and Rocket Software acquisitions. See vendor consolidation on the frame.
Keep a current entitlement baseline, validate SCRT and sub-capacity reporting independently, and reconcile deployed product against contracted capacity every quarter. Clean records turn an audit into a routine reconciliation. See license records, the hygiene that wins audits.
Common. Split the questions: settle any genuine compliance gap on its own terms, and evaluate a model transition separately on your own consumption data, never under audit duress. Our audit defense service runs the compliance track while our license negotiation keeps the model change on your timeline.
Related: mainframe audit defense · the audit clause you signed and forgot · license records hygiene · Broadcom (CA) audit defense · the renewal that became an audit
Audit notice or renewal under 18 months out? We mobilize within 48 hours.
Get expert help →