13 Jul 2018

SAP’s new Indirect / Digital Access Model. Stick or twist?

THE BOTTOM LINE –

“SAP’s new indirect access model gets rid of Named User licenses for indirect access and is fully based on documents created. This raises the choice between staying with your old model, or going with the new model.”

Depending on your contract and your scenarios, the cost difference between the two choices can be substantial and it can fall either way. You can make an informed decision by reviewing your indirect access use cases against both models. SAP is developing a measurement tool for indirect access, so they are serious about compliance on this topic.

What’s new, What’s the fuss?

April 10th, SAP has finally come out with a new licensing and pricing model for indirect/digital access. The move addresses long-standing confusion among SAP customers on this topic. SAP also aims to calm their customer base after their successful high profile €60M court case against Diageo, and the settled $600M claim against Anheuser-Busch InBev.

There have been lots of reactions to the news and the accompanying organisational changes, mainly on a high level and to the extent that it’s a step in the right direction but much remains to be worked out. Now the dust has settled, I will dive a little deeper into the practicalities and argue that all SAP customers will have a complicated and impactful choice to make between staying with the old model or going with the new.

First, what has changed in the new model?

Named User licensing for indirect access is out the window. So far, human access has been the basis for licensing, at least in a large majority of indirect use cases. Not anymore, welcome to Document-based licensing. It is very similar to the latest licensing of Order-to-cash (O2C) and Procure-to-Pay (P2P), which are based on the sales order and purchase order documents when entered indirectly into S/4HANA.

SAP customers will have a complicated and impactful choice to make between staying with the old model or going with the new.

O2C and P2P will be morphed into one new Document-based model, together with 7 further functional areas (e.g. manufacturing and financial) which were previously licensed by Named Users. Documents in any other area will be free-of-charge. Also new is that the 9 areas will count towards one single license type, the Digital Access Document. There is still some pricing differentiation between the 9 areas in how they are counted.

The next big change is that only the initial creation of documents is counted. Subsequent reads, updates and deletes are included. High impact! I have assessed many hundreds of indirect access cases and of those which needed a license, a very large portion had to do with users changing or reading existing documents. Those would be free-of-charge in the new model.

SAP highlighted many times that automatically created follow-up documents are free-of-charge. For example, you would pay for an initial sales order, but not for the following invoice if this was created automatically without more external input. This may sound good, but you will still need a second license when a follow-up document is triggered by external input. Whereas in the old model you can recycle a Named User license over multiple use cases.

Do I like the new model? Well, I like that it’s an outcome-oriented model, counting actual business value. Also, the concept is simplified.

The new indirect access measurement functionality will have many complications, but SAP will use it to chase revenue nonetheless.

On the other hand, I am worried about the vital practicality of counting the beans. It will have to be determined which documents have been created via an external interface (new Document licensing), versus those created in SAP (Named User licensing). For the 7 years, I spent as a licence auditor at SAP, the sales order processing measurement was declared ˝unreliable”. Then about 2 years ago, the long-awaited and by SAP sales execs much-anticipated new functionality finally became available – only to be downgraded by SAP to “unreliable” a few months later… This serious difficulty will now be extended to all 9 indirect access areas. Be prepared that as a customer, you will end up having to do the work of counting correctly. Still, you can rely on SAP to use the measurement to start a discussion on indirect use, even if you remain on the old model.

Also, SAP have not published the list price of the Document license, but I expect it to be rather high. We’ve seen in the indirect use roll-out of May 2017 that the prices for sales orders skyrocketed by a factor of 6 to 300 for B2B and 2 to 10 for B2C, and purchase orders by a factor 5 to 25, depending on which volume tier you’re looking at. The fact that sales and purchase orders will be counted per line item in each order must result in some reduction of the unit price. I expect the Documents to be priced a few times higher than the pre-2017 sales orders.

How about the old model?

SAP have stated the obvious in that customers can choose to stay with their current contract and user-based licensing for indirect use. Given the complications outlined above, aren’t you better off just staying with the old model? Well, you would continue to pay for scenarios where documents are indirectly changed, read or deleted, unlike under the new model. As said, this affects a large portion of indirect scenarios, so this aspect has the potential for very substantial savings when changing to the new model.

Another point is that your indirect use may have been under the radar for a long time, but with the new measurement functionality planned for release in November 2018, this will likely change. It won’t matter if the indirect use will be measured in the metric of the new model or that it’s inaccurate, if there’s a lot of smoke then SAP will start looking for fires. Currently, if you review your indirect access cases and proactively approach SAP to solve compliance gaps- any back maintenance will be waived; whereas this is unlikely if gaps are uncovered in the annual audit via the new measurement.

SAP has also published an indirect access audit practice for the old model. The aspect I find most interesting is that SAP will not pursue licenses for creating and changing non-transactional data – that’s any data which is not business-process centric, rapidly changing or event-driven. A substantial concession!

As part of the audit practice, SAP have formulated an indirect access assessment decision tree. I am skeptical of its accuracy. If you follow it for the example of automated writing of sensor data to SAP, the tree would tell you that you need a dedicated license. In my opinion, such fully-automated use cases do not need an indirect use license under the old model, as a Named User is for human individuals (though great care is needed in assessing such scenarios). So on this aspect, the new model is worse as it requires a Document license.

Coming to the crux of the matter, SAP has outlined 2 options for moving to the new model: 1) license exchange within your current contract and 2) contract conversion. License exchange means that you will get a credit (of up to 100%) of licenses you no longer need for indirect access (users, sales orders and purchase orders). Contract conversion is quite drastic and means moving to S/4HANA with a whole new contract.

In a webcast by the Americas’ SAP Users’ Group, I heard that SAP are not unwilling to consider mixed legacy/new licensing on a case-by-case basis. Very interesting! I see how this could be very advantageous depending on the customer situation and I think it can be done without adding much complexity.

I envisage a few tricky scenarios as customers sign new agreements. For example, what happens if you stay with the old model and at some stage sign a new agreement for unrelated products? We advise SAP customers to read all the fine print, to ensure that they don’t inadvertently sign up to the new model, especially regarding indirect use scenarios with a go-live after April 2018.

The third option is to do nothing. Decision time!

Should I stay, or should I go?

An informed decision whether to stay with the old or go with the new will require careful review of all scenarios against both the old and the new model. Even if you are compliant now, you may uncover more surplus assets and take the one-time opportunity of trading this in for a new roll-out, e.g. a new cloud application. Normally this opportunity only exists when you make a substantial new investment.

Summarising the main benefits and drawbacks, I currently see that the old model performs better on fully-automated indirect access scenarios, price per document (O2C, P2P), and multi-scenario double-licensing. The new model scores better on the scope of licensable activities (document creation only), the scope of functional areas, simplicity of concept and measurement functionality (however poor it may be).

Both models have grey areas in assessing if (and how) indirect access needs to be licensed, but in my opinion, the new model is in this aspect.

How this all pans out for you will depend heavily on your system architecture and your current contract. It will also depend on the list price and on which discount can be negotiated. Your appetite for S/4HANA and your roadmap may make the difference.

Some attention points

1. The old model: Keep paying for changing and reading data, mainly via user licenses. Writing of non-transactional data will be waived.

2. The new model: Document-based licensing. Limited to 9 functional areas. Creation of documents only.

3. New measurement functionality for indirect access is planned for Nov 2018. Back maintenance probably won’t be waived if discovered in the annual audit.

Take away message

Ignoring the new indirect/digital access model is not a good idea – the new measurement functionality may uncover pre-existing indirect use you were not even aware of, whereas compliant customers may miss out on an attractive opportunity.

Evaluate your indirect use cases against both the old and the new model.

 

Share this
09 Oct 2017

SAP Licensing Compliancy and Vendor Audit Risk

Software License Audits are on the increase bringing unwanted business disruption and costly unbudgeted license fees. Can your business afford to be non-compliant?

Software vendors are increasingly resorting to licensing audits as a source of revenue with high fees being levied against the non-compliant use of their software. With SAP licensing models amongst the most complex and challenging to manage it is vital SAP end-users understand the main risk factors to ensure they are compliant and vendor audit ready.

In this article, JNC will draw on their extensive knowledge and experience of SAP license management, audit preparation and audit defence to highlight the key risk and issues around SAP licensing compliance and license audits.

SAP licensing compliance is certainly a high-profile issue. There is always plenty of noise in the media, and throughout the SAP end-user eco-system in general, regarding aggressive and costly license audits and high-profile court cases. This might be cause for concern for many SAP customers but do they fully understand the extent of the issue? Is it really enough to drive SAP customers to take action?

The fact of the matter is the problem is far more widespread than perceived. Only a few cases ever reach court with many more licensing disputes settled out of court before they make it that far. So in general SAP customer only see and hear is only the tip of the iceberg.


“The fact of the matter is the problem is far more widespread that perceived”


Why don’t we hear more about Licensing Disputes?

This is a product of how the vendor presents the dispute and what they do to achieve a settlement. From our experience SAP raise a dispute by presenting a headline figure, which is the maximum licensing fees they would be entitled to relate to the under-licensing detected and their interpretation of the customers SAP licensing contract. Typically, it comes unexpectedly from left field and is presented either as an order form with a deadline to sign or by way of a letter written to the finance director or another high-ranking company official. This creates a sense of concern and urgency and puts pressure on those responsible to resolve the issue.

When an offer is made to settle in a short time-frame for an amount significantly less than the “headline” figure, many firms sign on the dotted line as a quick and convenient way of avoiding prolonged business disruption and mitigating a potentially significantly higher cost. SAP much prefer a quick settlement over a difficult, time-consuming, resource-sapping and uncertain legal dispute. This can result, for argument’s sake, in the offer of a settlement for half to a third of the much more daunting “headline” figure.

As a consultancy, we tend too much busier around SAP’s end of quarter and end of the year. This is indicative of sales target shortfall and the vendor actively seeking revenue to hit sales targets.  Otherwise, there would be no such pattern to these events, which draws into question the integrity of the claims that are being made.


“This is indicative of the vendor actively seeking revenue to hit sales targets”


When JNC are called in to help customers in this potion we see the same pantomime played out time and time again. Thankfully our knowledge and experience of licensing and vendor tactics help customers get the bottom of their actual compliancy position paying significantly less and sometimes even nothing where compliant usage is successfully proven. Sadly, without expert help, most customers are not able to mount an effective defence to these scenarios and don’t have many alternative options.

Most firms also don’t like to broadcast non-compliance as it affects business reputation, stakeholder confidence and even share price. Most settlements are also made under strict NDA so the vendor holds just enough equilibrium to press ahead with this strategy without causing too many waves. Customers, therefore, feel they are in isolation whereas many other customers are in a very similar position.

In knowing, or having learned, how customers are likely to respond to this kind of tactics, could SAP be guilty of taking advantage? I’ll leave you to draw your own conclusions, however, If SAP customers were more aware of the hidden reality then licensing compliancy would probably rank much higher on the list of IT Director’s and CIO’s priorities.


“If SAP customers were more aware, licensing compliancy would probably rank much higher on the list of IT Director’s and CIO’s priorities”


So, how do licensing disputes to come about in the first place?

Typically, a licensing dispute arises from under-licensing detected as a result of an annual measurement or an SAP License Audit. Many SAP customers mistake their annual measurement with a license audit and it is important to understand they are two very different things as the risk is completely different. I have spoken to many SAP customers who claim they are fine with SAP licensing because they are audited every year. However, what they are referring to is the annual measurement, which is not comparable to a License Audit.

What’s the difference then, and what’s the impact?

Annual measurement is the process of reporting software usage data to SAP, where the customer is responsible for performing the measurement themselves. A License Audit is where SAP, either remotely or on-site, gather and analyse data themselves to determine a customer’s compliancy position. The issue is that LAW reporting provides very limited data to SAP, whereas a License Audit allows then to see much more of what is really going on the SAP systems. An example of the difference is that SAP standard audit tools USMM/LAW don’t interrogate user provisioning to determine what license type is required or to cross-check that the license type assigned is correct.

User provisioning is controlled by SAP Authorizations where a customer assigns authorizations to give users access to the transactions they need to be able to perform their job roles using the software. The customer must also assign each user a license type in each SAP system based on the level of authorizations they have. So USMM only reads what license has been assigned but doesn’t give any information on what license should have been assigned. If the licenses assigned match entitlements held the LAW report will not flag any issue. In an SAP License Audit, the auditors will interrogate this data and potentially discover that the license type assigned is non-compliant. So it is possible that licensing data submitted via LAW can hide the true picture. This is just one example of a number of risks which could lead to a costly SAP License Audit.

A practical example of this is where 1000 users are given limited professional licenses where they are authorized to carry out activity associated with full professional use. Where 1000 limited licenses are held and 1000 limited licensed users are measured there appears to be a match where in fact at list price this represents a circa €3 million risks. For discovered (versus disclosed) non-compliance SAP’s policy is to revoke discount, and are not obligated to trade for other unused assets. However, if you were to identify this shortfall position yourselves and notify SAP as such then you would be honouring what is described as their “Trust Model” where discount can be preserved and options of surplus asset trading can be explored. All the more reason to take action on licensing compliancy.


“Many SAP customers mistake their annual measurement with a license audit and it is important to understand they are two very different things”


Why are more companies not taking action?

SAP licensing compliancy is as much to do with attitude and awareness as it is to do with knowledge and Expertise. The purpose of this article, without documenting every risk and issue in detail, is to give Managers and Stakeholders more awareness about the potential risks of non-compliant software usage, inaccurate systems administration and measurement, and the ultimate risk of an SAP License Audit to help then decide if it’s in their interest to address the issue.


 JNC’s SAP License Audit Simulation

JNC’s SAP License Audit Simulation service replicates the processes and methodologies of a full SAP License Audit and provide organisations running SAP with an Enterprise-wide view of the licensing and compliancy position giving them the insight and intelligence they need to identify and deal with licensing and compliancy risk in a commercially optimal way and mitigating the risks of an on-site audit.

 JNC’s SAP License Audit Simulation Service Click to find out more

5 Signs You Could be Non-Compliant – Read the article

 

Share this
01 Mar 2016

SAP Named User Measurement Explained

What does USMM tell me about named user licensing?

Put very simply USMM is SAP’s measurement program and it lists the users, their licence type, and chargeable objects for each engine on the system.  It must be run on each system individually. In this blog I’ll focus on users, or more to point named users.

Named users are the people in your organization who use SAP and thus need a licence.  The LAW tool is then used to consolidate the USMM reports and report the highest licence type per user to SAP. SAP uses this data to determine if you have enough entitlement to cover your licensing requirements, a.k.a a license audit and will use it to determine if you owe them licensing fees for unlicensed or non-compliant usage.


 “If a user is using multiple systems the one where they have the highest access rights and permissions will take precedence for determining what named-user license they require”


What USMM isn’t

Although a user’s licence type should reflect their capability in the system and be in line with your contract; USMM will not automatically reflect changes made to a user’s roles or authorisations.

USMM isn’t what you might call an intelligent auditing tool. There is no dynamic link between a user’s capability and their licence type. A user’s licence type is a static piece of data in the system much like their name. The license type assigned to a user must be maintained by the customer.  Good system administration will update a user’s licence type periodically to reflect their current capabilities, but often it is a process which falls between the cracks.


 “A user’s licence type is a static piece of data in the system much like their name. There is no dynamic link between a user’s capability and their licence type.”


Over the years, I have encountered multiple clients confidence their licensing position was compliant, left utterly confused and bemused by what USMM has told them. Had they run USMM and LAW reports, and not reviewed them before sending them to SAP they would have non-compliant as a direct result of not accurately reporting their system usage to SAP. This inaccurate reporting is a direct result of incorrectly configuring user capabilities to match their role, either in the first instance or because of change, and not properly understanding what USMM is counting and how which would have prompted them to properly manage their user license allocations.

A few recurring USMM issues

  1. Users locked but not expired.
  2. Users having multiple ID’s and therefore being counted by USMM multiple times.
  3. Licence type never populated or poorly maintained.
  4. Little or no licence optimisation over the preceding years.

With little help items 1, 2 and 3 can quickly be resolved and with a bit more detailed work and analysis item 4 can be addressed too such that USMM accurately reflects system usage.


“Over the years, I have encountered multiple clients confident their licensing position was compliant, left utterly confused and bemused by what USMM has told them”


USMM Reporting Risk

As a result of the points discussed above running USMM on your SAP systems and sending this data to SAP can carry significant risk. Simply running USMM, consolidating via LAW and submitting this information is, in essence, carrying out a blind audit. Without knowing if the information is an accurate reflection of how your estate should be licences nor the potential implications of the submission you could be shooting yourself in the foot in a big way.

What SAP receive via LAW and USMM is a direct result of the information that you enter or configure into the SAP system. This is why when JNC carry out an SAP License Audit Simulation we can typically improve the potential outcome of a license audit by measuring the as-is compliancy position, followed by carrying out a programme of remediation in terms of the current as-is configuration. We can then carry out License Optimisation to identify the most cost effective to-be licensing position based on usage and discover what licensing you should actually have in place. This level of accuracy put the customer back in control of licensing and gives them something to work towards when negotiating licensing post-audit or when making any new procurements for licensing.

“We submit LAW every year and haven’t had any issues”

If you are not in control of what USMM is counting and what you are reporting to SAP, then you will not be aware of what information SAP are accruing behind the scenes. It is perfectly plausible that SAP note some level of non-compliancy but do not act on it at the time of discovery, and not doing so does not limit them from doing so in the future either. Perhaps you are a buying customer who is currently on a strong trajectory of growth. Why upset the apple cart? Non-compliancy can be a significant cause for discontent between a customer and SAP so there may be account management or business strategic reasons why non-compliancy is not immediately highlighted. Furthermore, if SAP needs to call in the Global License Audit Services (GLAS) team then they need a reasonable internal business case to justify the effort and resource consumption. Why instruct GLAS to audit if there is not much to find?

I have worked with many global scale organisations with 10’s of thousands of users and these issues can amount to 10’s of millions in non-compliancy. By executing the remediation and license optimisation measures alluded to above JNC have successfully reduced the demand captured by USMM/LAW or indeed an on-site audit by up to 90%. You can do the maths! So, if you are using USMM to determine your own compliance position by rationalising it against your entitlement how can you be sure that USMM is giving you (or SAP) an accurate picture of what needs to be licensed and how?

The issues discussed result in clients paying too much for licensing compared to their usage and actual needs. Managing an accurate licensing position may result in having enough surplus to cover next year’s demand or for that new deployment, which based on your current licensing position you would need to purchase.

Let’s summarize some key points

  1. Understand what USMM does and doesn’t report
  2. Periodically maintain the user licence type on your systems
  3. With the help of an expert, there are some simple exercises which can ensure USMM more accurately reflects system usage

Take Away Message

With regards to named users, USMM simply counts users and their licence type. The Licence type allocated in the system is static data and is not dynamically linked to the roles or authorisations set or if they are changed. Sense check your USMM and LAW results before sending them off as results may not reflect your actual usage and more likely to return a higher demand for licensing than is necessary.

If you have any questions or concerns speak to an actual SAP licensing specialist and have them perform an independent check to ensure that all results are correct. It might just save you a small fortune!

 

Share this
19 Feb 2016

SAP License Audit: LAW Pitfalls Explained

What You Need to Know Before you hit the Send Button!

To begin with, should I rely blindly on the measurement results? …NEVER!

That’s a tough statement, but let me explain. The measurement program, a.k.a transaction USMM for the techies, is a built-in tool that helps all SAP systems produce the information needed to determine the use of the SAP software. The tool only determines the number of users and the used SAP products (the so-called “packages” or “engines”).

The results from your measurement are then compared to the terms of your SAP contracts. SAP’s verdict is often quite straightforward: You are compliant, or you are not … This verdict is based on what you deliver to SAP. So you can hardly underestimate the importance of sending correct info.


“In 2015, SAP released 47 SAP notes on issues related to the measurement program. Not following these developments will only play against you.”


USMM Results

“Where do these results come from?” or “I didn’t know we were using that product, did you?” are questions which are often heard when the USMM results appear on your screen.  In the USMM results, two areas of major importance need your attention: The Users part and the Engines part.

The Users part reflects the different License Types of Named Users and counts the number of users assigned to each of them. An odd situation would be that you see “newcomers”, i.e license types you don’t know. You should investigate what they are. Errors should be corrected as soon as possible or valid new license types agreed on with SAP. If the last situation is correct, you should check your entitlement. Using named user license types which are not known in the agreements between you and SAP, result in non-compliancy.

The Engines part is more difficult to monitor. In fact, there are three scenarios:

  1. Engines which are – according to you – not in use but show results.
  2. Engines which are in use but show strange results (too high/too low).
  3. Engines which are in use but without any results.

Of course, not all of these situations look bad but you should keep in mind that SAP analyses those figures as well. Strange results also trigger their attention.


“Keeping your measurement tools up-to-date is the best guarantee to deliver true and accurate results to SAP.”


So, what can you do?

For engines which are popping up without any immediate explanation or with odd numbers, you should first check the SAP Support Portal for relevant SAP Notes. Tip: search on the engine ID for targeted results. Implement notes if necessary and potentially helpful. Also, check the available information on engines in the SAP Support Portal under Global License Auditing Service. If changes, errors, or updates have taken place for certain engines, information is normally added to the documentation on the engine ID information sheet.

Don’t forget to consult your functional SAP consultants as well. New engine ID’s don’t necessarily mean errors in the program. New functionalities can be in use as well or existing ones can be used more extensively (higher numbers) or are about to retire (lower numbers). All of these scenarios require an appropriate action.

Keep in mind that not everything can be measured by the SAP tools. “OK, so we start counting ourselves?”.  That’s basically it. Engines with an engine ID starting with “N” are to be measured by the client. SAP normally sends out the templates to be filled in together with the yearly measurement request. So, if you see engine ID’s with an “N” without measurement results, you know there’s work to be done!

Key Points

  • Do not push the “send” button right away after the measurement is completed! Challenge the results, and take appropriate actions to ensure that what you are sending to SAP is an accurate reflection of usage.
  • Keep your measurement tools safe and sound. They are SAP programs which need updates/changes/fixes as well.
  • Keep an eye on the SAP Support Portal for detailed information on the measurement process.

Take Away Message

Know your measurement program, don’t just rely on what the output of the tool tells you. Challenge the results and find current information on the SAP license audit and the measurement tools (USMM and LAW – oh yes, that one also!) on the SAP Support Portal. Also, check for SAP Notes regularly. Understand the changes the in the SAP landscape and make sure these are reflected in the measurement plan. Remember, not everything is measurable from within the system and sometimes self-declaration is needed. Be wary, speak to an actual SAP licensing specialist and have them perform an independent check to ensure that all results are correct.

 

Share this

Subscribe to our latest news

Privacy Policy

Click Me