An ITAM Review reader writes:
“IBM contracts state they can use an ‘independent’ third party auditor to conduct software audits on their behalf.
In our case that is KPMG, but is there not a gross conflict of interest when KPMG is clearly working closely with IBM on our commercial interests:
These are not obscure commercial interests unrelated to software risk; KPMG works directly with IBM on GRC and helping clients manage risk. And yet claims to be an “independent” software auditor!!
Is this is not a breach of their own transparency claims?
KPMG will no doubt claim that there is “separation” between these different business units – but it doesn’t wash with me. How can they be independent?
Has anyone in the group been able to kick out KPMG on this basis or taken legal action for commercial bias?”