A global industrial manufacturer remediated 3,400 shared SAP user accounts ahead of an audit cycle, restructured the underlying access controls, and removed $4.2M of exposure on the shared-user rule.
Every result on this site is anonymised at the client's request. Specific figures are real and verifiable through a confidentiality-protected reference call arranged on request.
The manufacturer runs a mixed ECC 6.0 and S/4HANA brownfield estate across plant floors, warehouse operations, and back-office finance with approximately 14,200 active SAP users. A pre-audit compliance review surfaced 3,400 shared user accounts across the plant and warehouse environments — accounts shared by multiple shift workers, plant supervisors, and warehouse operators on shared terminals.
Under the SAP Named User rule, shared accounts are prohibited and the consequence at audit is that the licence is required for every person who has used the shared account during the measurement period. The internal exposure modelling, based on logon evidence from the prior twelve months, projected $4.2M of audit exposure across the shared-account population.
The Group SAM function engaged us with a remediation brief: clean the shared-account population before the audit cycle, restructure the access controls that had driven the shared-account use, and document the remediation defensibly.
Shared accounts in plant and warehouse environments are almost always operational decisions rather than compliance failures. The drivers in this case were three: shift-handover workflow on shared terminals where individual login was operationally disruptive; shared expense-reporting accounts in field-service teams; and break-room kiosks for time-recording where individual login at the start of every shift was being skipped.
The compliance position is unambiguous — shared accounts are licensable per person. The operational reality is that single sign-on, badge-based login, and shift-aware authentication had not been implemented at the points where shared accounts had proliferated.
The remediation work therefore split into two: the licensing remediation of the existing population to a defensible state, and the operational rebuild that would prevent recurrence after the audit closed.
Four remediation tracks ran in parallel over a twenty-two-week programme.
All 3,400 shared accounts were inventoried with logon evidence, terminal location, and a documented business reason. The inventory was reconciled against HR data to enumerate every person who had used each shared account during the prior twelve months.
Individual user accounts were provisioned for every shift worker, plant supervisor, and warehouse operator who had used a shared account. The classifications were assigned on activity-evidence basis: most were Employee Self-Service or Operational, with Limited Professional where job role required.
Badge-based single sign-on was implemented at all plant terminals and warehouse kiosks with a 90-day rollout. Shift-handover workflow was rebuilt to support fast user-switching without compliance compromise.
All 3,400 shared accounts were retired with documented sign-off from the relevant operational owners. The retirement was sequenced to follow the individual-account provisioning and the authentication rebuild to maintain operational continuity.
The subsequent audit cycle opened with a LAW snapshot showing zero shared accounts and a Named User population of 17,600 individual accounts — below the contracted entitlement of 18,400. The shared-account exposure that had been modelled at $4.2M did not appear in the audit settlement.
Contractually, we secured an agreed shared-account remediation methodology referenced in the next renewal, an authentication-architecture commitment from SAP recognising the badge-based SSO as a compliant per-person login mechanism, and a documented audit-defence position on shift-handover workflow.
The internal SAM function adopted a quarterly shared-account audit using terminal-level logon analytics to detect any drift back into the practice. The authentication rebuild became a programme template for future plant deployments.
The shared accounts were not a compliance failure, they were a workflow failure. We fixed the workflow first and the compliance numbers followed.
Pre-audit examination of Named User populations, shared-account inventories, and authentication architecture across plant and warehouse environments.
Read the brief →Continuous account-hygiene programmes including shared-account drift detection and quarterly authentication audits.
Read the brief →The shared-account rule, the per-person counting basis, and the authentication architecture that supports compliant operations.
Reference on the indirect-access rule, the shared-account counting basis, and the authentication architecture decisions.
How a national retailer rationalised CUA across thirty-eight system IDs and cleaned the shared-account population.
It is the opening position of a negotiation. Speak with a specialist before responding. The first conversation is at no cost and under privilege.
Contact Us →Every Wednesday. Field reports from active matters, decoded SAP communications, and what to look for in the next audit cycle. Work email only.