Changes to IBMs PA Agreement

Why. So. Serious ??

Changes announced under revision 11 to the Passport Advantage® Agreement (IPAA) and Passport Advantage Express Agreement (IPAEA) are likely to prove onerous to all.

Tucked away (as usual) outside the summary of updates is clause 4.1 - License Verification and to a lesser extent 10.2 - Client's Reporting Responsibilities (applicable to sub-capacity licensing), which compound compliance and reporting obligations - lets take a look.

Firstly, clause 4.1.(a) states the "Client will, for all Programs at all Sites and for all environments, create, retain, and each year provide to IBM upon request with 30 days' advance notice: i) a report of deployed Programs, in a format requested by IBM, using records, system tools output, and other system information; and ii) supporting documentation (collectively, Deployment Data)". Unlike version 10 of the PA Agreement (November 2017) which contained a much more lenient requirement that "Client agrees to create, retain, and provide to IBM and its auditors accurate written records, system tool outputs, and other system information" which would occur simply "on reasonable notice" rather than a regular, annual basis.

Adding to this, where running under sub-capacity licensing as before you are then required to "properly install, run, and maintain the most current version of the applicable license reporting tool within 90 days of Client's first deployment and produce a report. Unless IBM approves a different reporting tool, the Client agrees to the following tools.

• Sub-Capacity Products -Client will use the IBM License Metric Tool (ILMT) and to subscribe to the ILMT support notifications at http://www.ibm.com/support/mynotifications and promptly install any updates.
• Container Products – Client will use the IBM License Service tool and Client is responsible t to correctly configure according to the Eligible Container Product's documentation"​

Ok, no real change there and easy enough right? Well yes, you're still required to run and keep reports at minimum quarterly and retain for a two year rolling period - and remember to have an individual(s) who is assigned the "authority to manage and promptly resolve questions on reports or inconsistencies between report contents, license entitlement, and the applicable license reporting tool". Better check that's been added to the appropriate JD's along the way.  The new clause 10.2.(e), is somewhat favorable to the client in that it provides an avenue to address (with IBMs consent) deviations from the sub-capacity model, which in most cases would probably result from  operating systems becoming non-eligible over time.

What we (and others) have always attested to though is being solely reliant on one reporting tool, like ILMT, can prove very problematic in that where improperly configured you could easily be over-reporting and paying much more than you should - having an independent product (like ComplianceWare) is often the best - or only - way to reconcile outputs and ensure accuracy.

so ... when does all this start?

Well, basically now:

• from 1 February 2023 for new IPAA Client enrollments and new IPAEA transactions; and
• from 1 May 2023 for current IPAA Clients notified on 1 February 2023 of the new terms which will be effective for them on 1 May 2023 per the terms of IPAA.