Grey Monarch and Azurious
David Lloyd - Grey Monarch
Kim Chalmers - Azurious
David: Yes, most definitely. This change has come from two main areas; the most obvious being the press coverage and Worldwide SAP user group sessions about Indirect Access and some of the eye-watering figures around non-compliance in this area. But also, we are seeing far more extended audits in place of self-submissions resulting in a much more detailed audit from SAP, often leading to non-compliance claims.
Kim: Seven out of ten of our customers have experienced non-compliance issues following theirannual audit. This is a significant increase over recent years because the audits are becoming more detailed and onerous. They are now also consuming massive amounts of time and effort due to the complexity which is making them more difficult to defend.
One of our recent clients received a demand from SAP for $3.4 million, made up of several claimed non-compliant elements.Using our expertise, we whittled these down by research and development of sound business arguments to a settlement fee of $360,000, saving over $3 million and over $500,000 a year in Maintenance.
David: Firstly, there is a disconnect between the technical and commercial aspects of an SAP licence audit.
SAP customers too often think of the annual SAP licence audit as a Technical Activity that is left to the SAP Basis or SAP security team to action - there is often no final commercial or contractual scrutiny of the results, and that required scrutiny is not typically within the skillset of the technical teams. Secondly, SAP licence audits are massively time consuming often meaning that SAP customers rarely allow enough time to complete the audit, and definitely not enough time to check or mitigate any potential exposures or anomalies.
Kim: The SAP Audit is an annual and evolving event. Many organisations do not have clear stakeholder ownership and view it as a technical exercise. In addition, those responsible for preparing the audit easily forget what to do and how to collect the data. Both of these factors lead to enormous amounts of time and effort being wasted. An audit response is not an automated process and often involves different people each year. Rarely is there anyone who has knowledge of everything that needs to be done, how best to do it and finally to correctly validate all the data before submission to SAP.
David: I would say no later than 8 weeks prior to the audit is the optimum time. For licence optimisation, we would typically pull in the previous 90 days worth of real user activity data, analyse it, work with the customer to understand any SAP licensing constraints and finally optimise the licence classification. All being well this still leaves the customer a month before the audit deadline for any other follow-up or further preparation.
Kim: It is best to monitor all key Licence Metrics regularly and to make corrections on an on-going basis. In large, complex landscapes between 3 to 6 months to gather all the information, make corrections and validate prior to submission. It’s never too soon, and a proactive approach to the SAP Audit will always reach the best outcome, avoiding any serious unbudgeted financial burden.
David: The biggest pitfall for an SAP customer is not truly understanding their actual usage of SAP and how that compares to their Usage Rights. We can help by firstly automating the collection of data each month and analysing the actual usage of every type of access into the SAP digital core systematically, whether that be ahuman (named user), an SAP application/engine, or a third-party system (Indirect/Digital Access). We compare this access and usage to their Bill of Materials to provide a detailed insight into where they currently stand from a compliance perspective.
On top of this we will work with the customer to model any Licensing conditions and propose optimisations to their licence distribution to maximise the value of their inventory. We do this by mapping employees to all their user accounts, re-classifying user licences according to their actual usage, identifying dormant accounts, and duplicate accounts etc. This will mitigate, and often eradicate, any potential non-compliance issues.
Kim: We have the expertise and knowledge to forensically examine every SAP Agreement and create a fully validated baseline against which to measure use. We then ensure that all relevant measurements are carried out correctly. If we uncover issues we provide advice on how to remediate them and mitigate or eliminate any risks of non-compliance. Even where financial exposure remains, we have the skill, knowledge and experience to help you minimise it through negotiation support.
Grey Monarch and Azurious Limited provide software and expertise in all aspects of SAP Licensing, from licence requirements analysis, licence optimisation, preparations for licence audits and compliance, licence contract management, and compliance defence. Our services are tailored for each organisation and can range from ad-hoc advice to a fully managed service.
Please contact us for a no-obligation exploratory conversation.
If you need expert assistance in this then why not get in touch with us for an exploratory discussion