SAP – Top 10 most common compliance issues seen


The first thing that jumps into every SAP customer’s mind nowadays when we ask about the most common compliance issues? Indirect Access. Everything else faded into the background as a result of the court cases between SAP and Diageo and SAP and AB InBev. But what about the costs caused by not correctly classifying the SAP ERP named users? How about an acquisition performed by your company, or a recent merger that leads to an increase of the number of employees? These are just a few questions that form the tip of the iceberg. We encounter many different compliance issues in our day-to-day practice and hear questions from SAP end users who are not sure what’s the best approach to make sure their compliance position is not at risk. Therefore, we put together an overview of the most common license compliance issues seen at SAP customers.

Inaccurate user license assignment

Usually end users acquire SAP Business Suite named user licenses that describe their business need as well as the roles every individual is required to perform. Once a new contract with SAP is signed, users should be classified under the license type they need. The same procedure should be followed every time a new user is created, to ensure that individuals have the proper license type assigned, but in reality, the acquired licenses are almost never correctly distributed and assigned to the users.

Default user classification

When a user is created in SAP, the administrators should classify the user under the license type that is suited for his or her activity. If you do not manually classify a user towards a certain license type, then the system will automatically classify that user under the default license type.

Professional Licenses versus Limited Licenses Ratio

Another compliance issue that we often see is that, in time, end users may not be respecting the Limited Professional Users Classification Ratio, as stipulated in their contract.

Test users in production environments

Classifying users under the test license type in a production environment is a common practice among SAP customers. This situation often occurs when end users are cleaning up the environment and prefer to change the classification of the users who no longer use SAP to Test User instead of terminating their account.

Developer users in production environments

Developer users are defined by two characteristics in an SAP development environment: they are classified under the SAP Business Suite Developer license type and they have a developer license key assigned. Users should be classified as developers in development environments only, as SAP is not allowing users classified as developers in production environments.

SAP Software Engines

The bigger the SAP environment, the harder it is to monitor the installations. SAP Engines measurement and licensing should be straight forward as the usage indicators should be clearly stating the actual usage of an application.

Underestimating the compliance check of the self-declaration engines

During a standard audit, SAP sends a self-declaration form containing a selection of the applications for which usage information will be verified. Software programs licensed on metrics such as Annual Revenue, Number of Employees, Annual Spend Volume, CPU consumption and so on, are targeted to be included in the self-declaration form sent to the end users during an audit.

SAP BusinessObjects Measurement

SAP BusinessObjects Business Intelligence Suite is an analytics platform having as key capabilities reporting and analysis, data visualization and office integration. The BusinessObjects Company has been acquired by SAP in 2007. Before the acquisition, BusinessObjects’ licensing model was based mostly on number of server installations or desktop installations. Before the acquisition, BusinessObjects’ licensing model was based mostly on number of server installations or desktop installations.

SAP HANA Global Allocation Limit

One of the most common compliance issues encountered with regards to HANA is setting up the right global memory allocation limit. The global memory allocation limit represents how much memory SAP HANA is allowed to utilize, according to your contractual agreement.

SAP Indirect Access

SAP’s licensing model has been under public attention for the past 2 years. During this period of time, SAP caused a stir among their end users due to large claims for indirect access. The risk of being exposed to indirect access is high. One of the main reasons why indirect access exposure exists is related to the lack of processes that monitor the applications integration with SAP ERP.

It might seem overwhelming to be always up to date with the changes in the software vendors’ agreements, but you don’t have to walk this path alone. If you’re interested to learn more about how our services may address your specific SAP questions or challenges, feel free to reach out to us and one of our specialists will help you.

This article was published on 11-04-2019