header background image

10 Things You Need to Know about SAP License Audits

September 8, 2020

by

Jan Cook

#

SAPAudit

#

SAPAdvisory

SAP customers are required to participate in annual license audits. This is normally performed by running standard SAP audit tools (namely License Audit Workbench – LAW) and sending the data to SAP for review. SAP then respond highlighting any license gaps and charges for additional licenses required. This might seem like a straight-forward process however there are many pitfalls which SAP customers should be aware of in order to ensure compliance and control licensing costs.

1. SAP License Audit Workbench only measures SAP named users based on how customers have classified them.

It cannot identify how users should have been licensed. If customers classify users incorrectly, they may end up buying the wrong licenses! Failing to optimize SAP users can result in significant over-licensing. It is also down to SAP customers to expire unused user accounts. LAW The SAP License Audit Workbench simply counts every “active” user account regardless of whether it is being used or not. By failing to lock and expire a user account properly an account can in effect still be active for licensing purposes and the SAP License Audit Workbench continues to count these users. If customers are licensing according to LAW data without performing thorough checks then they can quickly find themselves over-licensed.

2. SAP License Audit Workbench looks at the highest user classification available in all systems a SAP user has access to.

The highest classification will prevail for licensing purposes. But if you fail to classify an SAP user properly in one single system they will automatically default to a Full Professional which is SAP’s most expensive application user license! The SAP License Audit Workbench simply counts the number of Professional Users. It doesn’t tell you who has been counted that way as a result of a vacant classification. Just another factor contributing the continuous totting up of SAP licenses a customer doesn’t actually need!

3. There are 2 types of SAP license audit; Self-declaration (which happens annually) and an Enhanced SAP License Audit, which SAP can conduct upon providing notice.

Technically, a self-declaration isn’t a proper SAP license audit as it involves the self-declaration of software use based the customers own configurations. An Enhanced SAP License Audit can involve skilled auditors performing more targeted analysis unearthing latent undiscovered licensing risks that the SAP License Audit Workbench doesn’t provide visibility of.

4. Only certain SAP products are in-scope of an annual SAP License Audit.

SAP send out a measurement requests when the self-declaration is due which defines which SAP systems and products need to be measured. The SAP License Audit Workbench currently only measures ABAP systems and not JAVA based systems. Some SAP products are also not yet measurable meaning the SAP license audit only covers maybe 60-70% of the license assets you own. It is crucial to understand which products the SAP measurement tool doesn’t touch and review the compliance of these products separately.

5. SAP License Audit Workbench measurement functionality changes all the time.

With every enhancement pack the measurement tool is updated as well as being updated with various support notes. This means that previously unmeasured products can suddenly become measurable. If these products are unknowingly out of compliance but not previously measured, then seemingly non-existent SAP license issues can crop up completely out of the blue.

No items found.
No items found.
WHITE PAPER – enhance your knowledge!

SAP Access & Authorizations

Learn how to manage your SAP GRC Authorizations

Tablet showing the cover page of the document

6. If you don’t hear back from SAP following your annual license audit does that mean you are compliant?

Sadly not, is the simple answer. SAP simply don’t have the power to review every single annual license audit submission in-detail. It is possible that issues can be missed, results may not even be read at all, or for strategic reasons issues may not be raised with the customer at the time. You can go for years submitting annual license audit results to SAP without issue and then one day suddenly find yourself out of compliance.

7. SAP disclaim the validity of their own standard license audit tools yet so many customers rely on the process as some form of assurance that everything is OK.

SAP’s own Licensing Guide says the following: “Audit tools cannot determine if a customer falls within the scope specified by their software license. Measuring the usage of SAP software is something customers are obliged to do according to their SAP license contract”. Accordingly, I would advise customers to exactly that, don’t rely on the SAP License Audit Workbench results! Produce and maintain your own Effective License Position independent of the annual license audit process based on your exact contractual definitions and metrics.

8. SAP License Audit Workbench measurements aren’t always accurate, and in fact are well-known to have issues when it comes to measuring SAP products accurately.

One issue is the constant changing of SAP license metrics. If a product has historically been licensed on Value of Planned Products, Planning sites and Planning Locations metrics for example then you would have 100’s of customers using the same product but having purchased that product on different metrics. All of them are using LAW, so which metric is LAW counting? It can’t be counting them all. It will of course be counting the most up-to-date metric according to price list and enhancement pack updates. This can cause confusion and can cause compliance issues that shouldn’t even be there. SAP themselves can “inadvertently” over charge by not realising a product measure doesn’t correlate to a customer’s license metric. Customers don’t challenge the fees because they don’t understand how to correlate the SAP License Audit Workbench outputs to the product metrics in their SAP contract.

9. The SAP License Audit Workbench is not a SAM tool!

The measurement tool is used by customers to collect audit data from their SAP systems and send it to SAP. The data is transmitted to SAP in a format that for 99% of SAP application professionals is completely unreadable. The SAP License Audit Workbench is in essence primarily a data collection tool for SAP. It gives customers absolutely no transparency on usage or licensing costs and no functionality to actively manage licenses and configurations. Customers often have to wait for their license audit report to be returned to understand where they stand, and as a result the vendor is in complete control of the license audit process.

10. The SAP License Audit Workbench helps SAP identify indirect access within your landscape!

At least License Audit Workbench 2.0 does and if you are following SAP updates regularly then it’s likely your business is currently running 2.0. It does this by examining transactional load via technical user accounts used to interface third-party systems with SAP. Where there is a high transactional load via a technical account this is a flag to SAP that they should check the interface for possible SAP indirect access. If there is, and the customer isn’t properly licensed, they can find themselves in a big licensing hole that could be very expensive to get out of.

So, if you want to leave yourself at risk with very little visibility or control over SAP licensing compliance then SAP’s self-declaration annual license audit process is tailor made and ready for you! At the end of the day what you don’t know can’t hurt you right.

Don’t risk non-compliance issues and over-licensing for SAP. Click here to find out how automated analysis and optimization of SAP licenses using samQ can help you prepare for your next license audit.

ABOUT THE AUTHOR

Jan Cook

Jan Cook has been Practice Director for VOQUZ Labs inthe UK since 2019. Jan is responsible for sales and delivery operations within the UK market and also operates as Senior Consultant for VOQUZ labs advisory serving customers across EMEA and globally.

SEND US A MESSAGE

Do you have any questions or something to add? Just leave us a message, please! Your message will be delivered by e-mail to us and will not be published.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Illustration of a woman editing documents

Register for our newsletter now!
Keep yourself up to date!

Thank you! Your successfully signed up for our newsletter.
Oops! Something went wrong while submitting the form.

MORE RELEVANT ARTICLES

Thumbnail that links to the post below

Asset Accounting Controls in remQ, and One Do-It-Yourself Control

28.11.2024

|

SAPCompliance

Thumbnail that links to the post below

Streamlining Internal Controls with remQ: An Introduction to a Blog Post Series

15.11.2024

|

SAPCompliance

Thumbnail that links to the post below

Quick Do-It-Yourself Analysis of Single Action Violations in Your SAP System

13.11.2024

|

SAPAuthorization