Building a software license position during diligence is the step that produces the number everything else depends on, because a license position is the measured truth of what a target deploys against what it is entitled to use. Without it, the deal team has contracts on one side and systems on the other and no bridge between them. With it, the team has a per publisher compliance gap that can be priced, indemnified or made a condition of close. This reconciliation is the analytical core of software due diligence, and it is what separates a real exposure estimate from a guess.
An effective license position, often shortened to ELP, is built from four inputs: entitlement, deployment, the metric rules that connect them, and the reconciliation that produces the gap. Each input has a source and a method, and the discipline is in doing all four defensibly rather than relying on the target own assurance that it is compliant. The steps below set out how the position is built and why each one matters.
Building a software license position during diligence
Building a software license position during diligence means establishing entitlement from the contracts, measuring deployment from discovery data, applying the correct metric rules, and reconciling the two into a compliance gap per publisher. Entitlement comes from the agreements, order forms and purchase history. Deployment comes from discovery tools and system records. The metric rules, drawn from publisher policy and the contract definitions, decide how each unit is counted. Reconciling deployment against entitlement on those rules produces the gap, and pricing the gap produces the exposure.
The order matters. Entitlement is established first, because it defines what the target is allowed to deploy and on what metric. Deployment is measured second, against that metric rather than a generic count. The reconciliation is third, and it is where the gap appears. Quantifying that gap into a range, list price, likely settlement and cost to cure, is the final step, and it is described in quantifying software audit exposure before you sign.
Why entitlement is harder than it looks
Establishing entitlement sounds like reading the contracts, but in practice it is rarely that simple. Entitlement is scattered across master agreements, order forms, amendments, and the purchase history of software the target acquired through its own past deals. A target that has grown by acquisition often holds entitlement under several entities, with overlapping and stranded licenses that no one has consolidated. Reconstructing the true entitlement is a research task in itself, and it draws directly on the contract reading described in reading a target software contracts in due diligence.
Why deployment must be measured, not asked
The second input, deployment, is where most positions go wrong, because the target own view of what it runs is usually incomplete. Deployment has to be measured from discovery data and system records, not taken from a spreadsheet the target maintains. The most common surprise is virtualisation: an Oracle or IBM workload on a virtualised cluster can pull far more capacity into scope than the target believes, because the metric counts physical cores the target did not think were relevant. Measuring deployment on the publisher own rules is what turns an optimistic self assessment into a defensible count.
Key takeaways
- A license position is the measured truth of what a target deploys against what it is entitled to use.
- It is built from four inputs: entitlement, deployment, the metric rules, and the reconciliation.
- Entitlement is scattered across agreements, order forms and inherited licenses, so it must be reconstructed.
- Deployment must be measured from discovery data on publisher metrics, not taken from the target own view.
- The reconciliation produces a per publisher gap that is then priced into an exposure range.
Why the position must be defensible
A license position is only useful if it can withstand challenge, because it will be challenged twice: by the seller in negotiation and, potentially, by the publisher in an audit after close. Every figure should show its working, the metric applied, the deployment data behind it, and the entitlement it was measured against. A position that cannot show its basis collapses at the first push and takes the buyer leverage with it. As of mid 2025, SAP pursued AB InBev for a reported 600 million dollars and Diageo for a reported 60 million in disputes tied to indirect and inherited licensing, the kind of claim a defensible position is built to withstand.
How the position becomes a deal lever
Once built, the license position stops being an analysis and becomes a lever. A quantified gap can be priced into the model, converted into a specific indemnity, or made a condition of close that the seller must remediate. A surplus, where the target is over licensed, can be a saving the buyer captures after close. Either way the position gives the deal team a number to negotiate around, and the way that number is carried into the committee is described in how to present software risk to an investment committee.
Recommendations for buyers
- Build the position in order: entitlement first, deployment second, reconciliation third, exposure last.
- Reconstruct entitlement across every entity and inherited license, not just the headline master agreement.
- Measure deployment from discovery data on publisher metrics, paying close attention to virtualisation.
- Document every figure so the position is defensible against both the seller and a later publisher audit.
- Convert the gap into a priced lever: a price adjustment, a specific indemnity, or a condition of close.
A defensible license position is the deliverable that makes the rest of the software due diligence method actionable, because it is the number the deal turns on. The full workstream is delivered through our software due diligence service.