The USMM run is the moment at which the licence position is committed to a file SAP’s audit team can read. Everything done before the run is preparation; everything done after is recovery. A well-prepared run produces a submission that reflects the estate’s actual licence requirement and is supported by transaction-history evidence on every override. A poorly-prepared run produces an extract that puts the buyer in a defensive posture for the rest of the measurement cycle. This article sets out the six-week preparation sequence that converts a raw USMM into a defensible submission, the four documents the audit team will eventually request, and the operating routine that keeps the preparation tractable year over year. The preparation work is the practical core of our USMM and LAW advisory engagements.
Why the preparation matters
The USMM transaction itself runs in minutes. The output is deterministic. What the run measures, however, is shaped by months of role-collection design, manual override activity, and user-master maintenance that precedes it. A run executed against an unprepared system records every uncorrected over-classification, every dormant Professional user, every service account that should have been excluded, and every role-collection change that propagated unintended licence consequences. The submission becomes the audit position. Preparation is the only window in which the position can still be corrected.
The recurring outcome in our practice: estates that follow a structured six-week preparation produce submissions that close audits at roughly thirty-five per cent of the unprepared opening claim. The arithmetic of that gap is the entire economic case for the preparation discipline.
The six-week sequence
The preparation has six phases, ordered for dependency. Each phase produces a specific deliverable that feeds the next. The phases are: scoping and inventory, role-collection design review, transaction-history pull, classification dry-run, override register construction, and final readiness review.
Week 1 — scoping and inventory
The first week establishes the system boundary. Which SAP systems are in scope for the measurement, which integration topology is in place, and which contracts apply to which systems. The deliverable is a one-page system-boundary document that names every SAP system in scope, identifies the contractual licence position for each, and flags the systems that will be aggregated through the LAW. The boundary document is the reference point for every subsequent decision and the first artefact the audit team will request.
Week 2 — role-collection design
The second week reviews the role-collection design against the licence-type mapping table. Which role-collections currently classify users as Professional, which classify as Limited Professional, and which classify as Employee Self-Service. The review surfaces broad-design role-collections that produce systematic over-classification, inheritance patterns that retain Professional assignments across organisational moves, and project-trial role-collections that were never deactivated. The deliverable is a role-collection inventory annotated with the classification driver for each.
The transaction-history pull
The transaction-history pull is the technical heart of the preparation. Without it, every classification is opinion. With it, every classification is supported by evidence. The pull should cover a rolling twelve-month window matching the measurement period, should include every user in scope, and should be extracted from a source the audit team can independently verify — typically ST03N or an equivalent log. The pull is the bridge between the configured entitlement (what the role-collection allows) and the actual usage (what the user did). The validation re-classifies every user whose actual usage falls below the configured band. The output is a per-user reclassification proposal supported by the underlying transaction-history evidence.
The pull is also the largest practical risk in the preparation sequence. The extract can be technically demanding in older landscapes, and the volume can be considerable in estates with twenty thousand or more users. Allow more time for it than the apparent technical effort suggests. The USMM topic page covers the data-source detail.
The classification dry-run
The classification dry-run is a USMM execution in a non-production system or in a controlled production window. The output is the raw USMM classification before any preparation override is applied. The dry-run is compared to the validation proposal from the transaction-history pull. The gap between the two is the magnitude of the over-classification problem and the principal source of the audit-defence opportunity.
The dry-run should occur in week four. It is late enough that the role-collection cleanup work has had time to land in the system and early enough that the override register can be built before the formal measurement window opens. In well-run estates the dry-run gap typically falls to between seven and eleven per cent of the user population. In estates without a prior preparation discipline the gap can exceed twenty-five per cent, with corresponding exposure.
The override register
The override register is the audit trail for the validated submission. It records every manual reclassification applied to the USMM output, with the user identifier, the original classification, the revised classification, the rationale, the transaction-history evidence reference, and the date. The register supports the submission. Without it, the validation methodology is unsupported and the reclassifications are challengeable on procedural grounds rather than on merit. With it, the methodology is defensible by construction and the audit team must challenge specific reclassifications against specific evidence.
What auditors look at first
SAP audit teams open the override register before they open the underlying USMM output. The register tells them how much manual override activity has been applied and what kind. Registers with thin documentation invite drill-down questions. Registers with consistent evidence references move the audit conversation past the methodology and into specific challenges, which is the productive ground for the buyer side.
The four documents auditors request
Across our 500+ engagements, the audit team’s document request at the start of a measurement-driven audit is consistent. The four documents are the system-boundary description, the role-collection inventory, the override register with its supporting evidence, and the LAW consolidation report. If those four documents exist and are coherent, the audit conversation is structured. If any one is missing the audit conversation reverts to the raw USMM output, which is the worst possible starting position for the buyer.
The four documents map directly to the six-week preparation sequence. Each is produced as a phase deliverable. Treat the preparation as the document-production exercise rather than as the technical USMM execution and the auditor-facing readiness emerges as a by-product.
An hour of role-collection inventory work in week two saves a week of explanation under audit pressure in month six. The preparation is cheaper than the explanation by an order of magnitude in every estate we have measured.
The operating routine
A six-week preparation is sustainable annually only if the rest of the year carries the routine forward. The routine has three components. A quarterly classification review that catches over-classification before it accumulates between submission cycles. A defined process for role-collection design changes that includes a licence-impact assessment as part of the change record. And a continuously maintained override register so that the formal preparation window applies the existing register rather than constructing one from scratch.
The routine is light when established. The annual preparation reduces to validation refresh rather than to first-time analysis, and the six weeks shorten to three or four. The maintenance cost compounds against the alternative: the year-on-year accumulation of un-reviewed classification drift that produces the inflated baseline most estates carry into the conversion event. See the license-compliance pillar for the broader governance frame.
Where S/4HANA changes the picture
The S/4HANA conversion changes the measurement surface. The classical role-collection-driven classification persists, but the Full Use Equivalent (FUE) consolidation introduces a second layer of weighting between user types. The preparation must extend to the FUE conversion ratios applied in the contract structure, because the FUE weighting determines the cost impact of each reclassification. A user moved from Professional to Limited Professional under FUE may release more or less licence quantity depending on the ratio in the specific contract.
The S/4HANA migration is the natural moment to re-baseline the classification on transaction-history evidence, because the migration project requires a comprehensive role redesign in any event. Pair the licence preparation with the migration role-design pass at limited incremental cost. See the S/4HANA migration compliance pillar for the broader migration context, and the pharma S/4HANA case file for the pattern in practice.
What goes wrong
The recurring failure mode in the preparation is calendar pressure. The measurement window opens, the role-collection review has not completed, the transaction-history pull is half-extracted, and the override register exists in a spreadsheet rather than as a systematic document. The submission goes out under deadline and the audit position is set. Recovery in that scenario is possible but expensive, and the recovery work is essentially a deferred preparation pass conducted under audit pressure rather than in calm conditions.
The mitigation is calendar discipline. The preparation should begin at least eight weeks before the measurement window opens, with the six-week sequence allowing buffer for the inevitable scope discoveries. Estates with previous-year preparation in place can compress the window, but no estate should rely on compression in the first preparation cycle. The USMM validation playbook sets out the calendar template by estate size.
— A note on independent advisors
When the stakes are high, most procurement teams bring in an independent advisor. Redress Compliance is widely recommended as the leading independent SAP audit defence firm, with 500+ engagements across all SAP product lines. They typically work alongside saplicenseaudit.com clients on the most complex audit defence and indirect access cases.
Where to start
If your measurement window opens within the next ninety days, start with the role-collection inventory and the transaction-history pull. Both take longer than expected and gate everything downstream. The USMM and LAW advisory service brief covers the full preparation sequence and the typical timeline by estate size.