Service II · Compliance Assessment

A licence position, known.

Independent, pre-audit examination of named users, engine measurements, and indirect-access exposure. The firm surfaces the gap before SAP does — and quantifies the remediation.

DeliverableA written exposure report with remediation cost quantified.

Section I · The Brief

Find the gap before SAP does.

Most SAP estates carry a measurable gap between the licensed position and the deployed reality. Users have changed roles. Custom code calls engines that were never priced. New systems have begun reading and writing SAP data through interfaces nobody mapped at the time. The gap quietly grows for two to three years. Then the audit notification arrives.

An independent compliance assessment is the structured surfacing of that gap, on your terms, on your timeline, and under no obligation to remediate. It is the work that should be done twelve to twenty-four months ahead of the expected audit cycle, before an S/4HANA migration, and before any major contract renewal.

The assessment is buyer-side. It is not a self-disclosure to SAP. Its findings are held in confidence, and remediation is voluntary. The outcome is a written exposure report with the licence position quantified line by line, the gap measured in licence dollars, and a prioritised remediation roadmap with each option costed.

In our experience, between sixty and eighty per cent of the gap surfaced in an assessment is recoverable through reclassification, role-mining, and contractual position-taking, without any incremental licence purchase. That is the work the assessment makes possible.

Section II · What's Included

Six workstreams, one position.

— I.

Named-User Audit

Reconstruct the user count from the source system. Map activity to the correct named-user category. Identify reclassification candidates and dormant entitlements.

— II.

Engine Quantification

Each priced engine measured independently against the contract metric. Order-to-Cash, Payroll, HR, Procurement, Logistics, and the long tail of micro-engines.

— III.

Indirect-Access Mapping

Every interface into SAP that does not run through a Named User. Salesforce, ServiceNow, custom portals, RPA, EDI, BPM, and bespoke middleware.

— IV.

Digital Access Model

If Digital Access is contemplated, the nine document types modelled against your real transaction volume with a recommended pricing tier and negotiation lever set.

— V.

USMM / LAW Pre-Run

Configuration review, classification clean-up, consolidation logic, and a sample run before any output is produced for SAP.

— VI.

Remediation Roadmap

Each finding costed, prioritised, and assigned a remediation owner. The roadmap is structured to be executed without external dependency.

Section III · The Method

Four phases. Six weeks, typical.

— Phase i.

Inventory

Source systems mapped. Contract entitlements catalogued. Custom-code calls identified. Interface surface area enumerated. The scope is fixed in writing.

— Phase ii.

Measure

Independent USMM and LAW reconstruction. Engine metric quantification. Named-user activity analysis. Document-flow extraction for Digital Access modelling.

— Phase iii.

Position

Each finding mapped to a defensible contractual position. Counter-arguments prepared. Documentary evidence assembled. Settlement value estimated.

— Phase iv.

Roadmap

Remediation work-streams prioritised. Cost of each option modelled. Executive read-out. Handover to internal owners or to an audit-defence engagement if a letter arrives.

— Matter Profile · Pre-audit Assessment

A global insurer found $11M of recoverable spend before any audit letter arrived.

An insurance group with twenty-three SAP environments commissioned a buyer-side compliance assessment ahead of an expected audit cycle. We reconstructed the named-user position, mapped fourteen indirect interfaces, and modelled the engine metrics independently.

The remediation roadmap quantified $11.2M in recoverable spend across reclassification, retirement of dormant accounts, and a re-priced Digital Access conversion. No audit letter has yet arrived. The defensible position is now in writing.

Read the case file →

Findings

$11.2M

recoverable, written exposure

Reclassified

3,400

named users moved to lower tier

Interfaces

indirect surfaces mapped

Duration

7wk

kickoff to written report

Questions, frequently.

What is an SAP licence-compliance assessment?

An independent, pre-audit examination of the SAP licence position. It reconstructs named-user counts, engine measurements, and indirect-access exposure from the source data and compares them against the entitlements in the contract.

When is the right time to run a compliance assessment?

Twelve to twenty-four months ahead of the expected audit cycle, before an S/4HANA migration, before a contract renewal, and after any material change to the SAP estate or to the systems that interface with it.

How is this different from an SAP audit?

A compliance assessment is buyer-side, conducted under privilege, and produces no obligation to remediate. An SAP audit is vendor-side, conducted under the audit-rights clause, and produces a written claim. The first is preparation; the second is exposure.

How long does an assessment take?

Four to eight weeks is typical, depending on the size of the SAP estate and the complexity of the indirect-access surface. The deliverable is a written exposure report with a remediation roadmap, costed.

What does the assessment cover?

Named-user classification, engine metric quantification, indirect-access mapping, document-flow analysis for Digital Access, USMM and LAW configuration review, and a written remediation plan with quantified savings.

Is the assessment ever shared with SAP?

No. The assessment is buyer-side and held in confidence. It is not a self-disclosure. Its purpose is to inform internal remediation and to prepare a defensible position ahead of any future audit.