SAP customers are required to participate in annual license audits. This is normally performed by running standard SAP audit tools (namely License Audit Workbench – LAW) and sending the data to SAP for review. SAP then respond highlighting any license gaps and charges for additional licenses required. This might seem like a straight-forward process however there are many pitfalls which SAP customers should be aware of in order to ensure compliance and control licensing costs.
It cannot identify how users should have been licensed. If customers classify users incorrectly, they may end up buying the wrong licenses! Failing to optimize SAP users can result in significant over-licensing. It is also down to SAP customers to expire unused user accounts. LAW The SAP License Audit Workbench simply counts every “active” user account regardless of whether it is being used or not. By failing to lock and expire a user account properly an account can in effect still be active for licensing purposes and the SAP License Audit Workbench continues to count these users. If customers are licensing according to LAW data without performing thorough checks then they can quickly find themselves over-licensed.
The highest classification will prevail for licensing purposes. But if you fail to classify an SAP user properly in one single system they will automatically default to a Full Professional which is SAP’s most expensive application user license! The SAP License Audit Workbench simply counts the number of Professional Users. It doesn’t tell you who has been counted that way as a result of a vacant classification. Just another factor contributing the continuous totting up of SAP licenses a customer doesn’t actually need!
Technically, a self-declaration isn’t a proper SAP license audit as it involves the self-declaration of software use based the customers own configurations. An Enhanced SAP License Audit can involve skilled auditors performing more targeted analysis unearthing latent undiscovered licensing risks that the SAP License Audit Workbench doesn’t provide visibility of.
SAP send out a measurement requests when the self-declaration is due which defines which SAP systems and products need to be measured. The SAP License Audit Workbench currently only measures ABAP systems and not JAVA based systems. Some SAP products are also not yet measurable meaning the SAP license audit only covers maybe 60-70% of the license assets you own. It is crucial to understand which products the SAP measurement tool doesn’t touch and review the compliance of these products separately.
With every enhancement pack the measurement tool is updated as well as being updated with various support notes. This means that previously unmeasured products can suddenly become measurable. If these products are unknowingly out of compliance but not previously measured, then seemingly non-existent SAP license issues can crop up completely out of the blue.
Learn how to manage your SAP GRC Authorizations
Sadly not, is the simple answer. SAP simply don’t have the power to review every single annual license audit submission in-detail. It is possible that issues can be missed, results may not even be read at all, or for strategic reasons issues may not be raised with the customer at the time. You can go for years submitting annual license audit results to SAP without issue and then one day suddenly find yourself out of compliance.
SAP’s own Licensing Guide says the following: “Audit tools cannot determine if a customer falls within the scope specified by their software license. Measuring the usage of SAP software is something customers are obliged to do according to their SAP license contract”. Accordingly, I would advise customers to exactly that, don’t rely on the SAP License Audit Workbench results! Produce and maintain your own Effective License Position independent of the annual license audit process based on your exact contractual definitions and metrics.
One issue is the constant changing of SAP license metrics. If a product has historically been licensed on Value of Planned Products, Planning sites and Planning Locations metrics for example then you would have 100’s of customers using the same product but having purchased that product on different metrics. All of them are using LAW, so which metric is LAW counting? It can’t be counting them all. It will of course be counting the most up-to-date metric according to price list and enhancement pack updates. This can cause confusion and can cause compliance issues that shouldn’t even be there. SAP themselves can “inadvertently” over charge by not realising a product measure doesn’t correlate to a customer’s license metric. Customers don’t challenge the fees because they don’t understand how to correlate the SAP License Audit Workbench outputs to the product metrics in their SAP contract.
The measurement tool is used by customers to collect audit data from their SAP systems and send it to SAP. The data is transmitted to SAP in a format that for 99% of SAP application professionals is completely unreadable. The SAP License Audit Workbench is in essence primarily a data collection tool for SAP. It gives customers absolutely no transparency on usage or licensing costs and no functionality to actively manage licenses and configurations. Customers often have to wait for their license audit report to be returned to understand where they stand, and as a result the vendor is in complete control of the license audit process.
At least License Audit Workbench 2.0 does and if you are following SAP updates regularly then it’s likely your business is currently running 2.0. It does this by examining transactional load via technical user accounts used to interface third-party systems with SAP. Where there is a high transactional load via a technical account this is a flag to SAP that they should check the interface for possible SAP indirect access. If there is, and the customer isn’t properly licensed, they can find themselves in a big licensing hole that could be very expensive to get out of.
So, if you want to leave yourself at risk with very little visibility or control over SAP licensing compliance then SAP’s self-declaration annual license audit process is tailor made and ready for you! At the end of the day what you don’t know can’t hurt you right.
Don’t risk non-compliance issues and over-licensing for SAP. Click here to find out how automated analysis and optimization of SAP licenses using samQ can help you prepare for your next license audit.
Jan Cook has been Practice Director for VOQUZ Labs inthe UK since 2019. Jan is responsible for sales and delivery operations within the UK market and also operates as Senior Consultant for VOQUZ labs advisory serving customers across EMEA and globally.
Do you have any questions or something to add? Just leave us a message, please! Your message will be delivered by e-mail to us and will not be published.