SAP SAM RISKS OVERVIEW
SAP’s ERP system is licensed by named users and reported in the LAW (License Administration Workbench) report. There are a host of risks associated with providing the LAW report output to SAP, namely that users can be misclassified, unmaintained, or performing activities which could instigate an indirect access audit. Ensuring proper maintenance, classification of named users, and limiting certain user activities would limit shortfalls in the event of an audit or mitigate exposure to indirect access findings.
In this SAP report, we identify the top SAM areas that ClearEdge consistently helps its clients work through with SAP to mitigate risk and protect against long-term financial cost. The SAP SAM risks that are addressed in this report include:
1. SAP Validity Dates
As new employees start and existing employees leave, not properly maintaining the validity dates of named users could inflate the count of users needing to be licensed during an audit. Named user license shortfalls are charged at list price
when they are found in an audit, so organizations risk paying hefty premiums for named users who no longer exist at the organization. This section identifies the best way to mitigate this risk.
2. SAP Classification vs. Authorization
Each Named user classification (employee, professional, developer etc.) is allowed to perform a specific set of functions within SAP from a licensing perspective. Users with authorizations allowing functionality outside of their named user
classification will require those users to be upgraded at list price if found during an audit. This section outlines a process for streamlining your organization's classification process.
3. SAP Unclassified Users
Organizations with many employees often have users who have no named user classification within SAP. Regardless of the functionality being accessed by these named users, they would be classified as Professional users in the case of an audit. Professional users are one of the most expensive user types in SAP, so applying this license type to every unclassified user quickly increases the cost of licensing named users. This section explains how to identify and address unclassified users to help customers save time and money in case of an audit.
4. SAP User Activity Indicating Indirect Access
Indirect access with SAP can occur when a system is accessed or queried through a 3rd-Party application, interface, gateway, middleware, or automated process (i.e., bot/RPA). In situations like these, a single user account in SAP’s system could actually represent hundreds of unseen users that need to be licensed. As a result, compliance fees can easily be accrued for those that do not have a defined process in place to monitor and limit user access and maintain harmony with license agreements. This section outlines the most common named user activities that can trigger an SAP audit and explains how SAP customers can mitigate this risk.
The best defense against an SAP audit is a strong software asset management function. Understanding the main tactics and pitfalls within SAP’s licensing will enable you to identify risk and optimize your environment before an SAP audit. If you’re under the threat of an SAP audit or want to stress test your SAM program now, contact us today to learn how our team of subject matter experts can help your organization.