How to Use This SAP License Optimisation Checklist
This checklist is designed to be executed in five phases over 90 days (ideally 12 months before your renewal). Each phase has specific, measurable tasks with dependencies. Work through them in order — skipping steps creates blind spots that SAP will exploit in an audit.
Use this as your project control document. Assign owners. Track completion dates. Cross-reference results with forensic evidence (USMM reports, LAW output, access logs, support case data). When you hit Phase 5 (Negotiation), you'll have defensible counter-proposals backed by data.
Phase 1: Discovery and Baseline (Weeks 1–2)
Goal: Establish your current licence position. Inventory everything. You can't optimise what you don't measure.
Named User Inventory
✓
Export current user roster from SAP for Me or your contract admin system
Include: user name, department, job function, user type (Professional / Limited / Developer / Employee / ESS / FUE), licence assignment date, last login date
✓
Cross-reference with your HR/LDAP system
Identify ghost accounts (terminated employees still licensed), name changes, department moves. Flag mismatches for follow-up
✓
Count users by type and department
Example output: Finance (78 Professional, 42 Limited, 5 Developer), Supply Chain (156 Professional, 89 Limited, 12 Developer)
✓
Document current licence costs by user type
Pull rates from your contract. If you don't have itemised rates, use published SAP standard rates as baseline
Indirect Access Inventory
✓
List all data access paths to SAP (non-named user)
Custom web portals, ETL tools (Informatica, SAP Data Services, ODI), BI tools (Tableau, Power BI, SAC), third-party system integrations, REST APIs, batch accounts
✓
Document the technical owner and business purpose of each path
Example: "Custom vendor portal — owned by Procurement — allows suppliers to submit purchase orders and view delivery status"
✓
Note the access frequency and sensitivity of data accessed
Read-only vs. read-write. Real-time vs. batch. High-value financial data vs. reference data
Support and Contract Baseline
✓
Export your current contract terms and licence fees
Current licence count, user type mix, product scope, support tier, support annual cost, any bundled products
✓
Audit 24 months of support cases (SNOW, SAP support portal)
Count by month, severity level, module, resolution time. Calculate average case volume and SLA compliance
✓
Document current support costs
Enterprise Support annual cost, named contacts, response time SLAs, incident caps
Phase 2: Analysis and Classification (Weeks 3–4)
Goal: Deep-dive into named user patterns. Identify which users are defensibly reclassifiable.
Named User Forensic Analysis (USMM and LAW)
✓
Run SAP USMM (SAP Solution Manager) to audit user login frequency and module access
90-day minimum. Extract: user ID, last login, modules accessed (MM, FI, HR, etc.), transaction frequency, feature usage patterns
✓
Run LAW (Licence Analysis Workbench) to audit feature usage and named user classification
LAW shows which users actually exercise Professional-level features (complex transactions, approval authority) vs. transactional-only users
✓
Segment users by usage pattern
High-frequency power users (Professional), transactional-only (Limited Professional), testing-only (Developer), read-only (possibly FUE or guest)
✓
Cross-reference with job function and department
Finance analysts should show heavy FI/CO module access. Warehouse staff should show MM read-only. Mismatches indicate potential misclassification
Reclassification Candidates
✓
Identify users currently licensed as Professional who qualify for Limited Professional
Criteria: infrequent login, no module access beyond read, no approval transactions, no complex configuration access
✓
Identify users currently licensed as Limited who qualify for Employee, Essential (ESS), or Field (FUE)
Criteria: exclusively self-service access (expense reports, time entry, leave requests), no transactional module access
✓
Build a reclassification proposal with supporting evidence
Example: "User ID 12345 (Finance Processor, Accounts Payable) accessed only FI-AP module, 45 logins in 90 days, no approval authority. Reclassify from Professional to Limited Professional. Supported by USMM report X, LAW output Y."
✓
Quantify savings from reclassification
Example: 200 users Professional → Limited = $400K annual savings (200 users × $2,000 differential)
Indirect Access Analysis
✓
Pull 90 days of access logs for each indirect access path
Database queries, API logs, batch job logs. Extract: unique user identifiers, IP addresses, data accessed, transaction type
✓
Count unique users per 30-day rolling window for each path
This is how SAP audits indirect access. You need to know your exposure factually before negotiation
✓
Classify each unique user: already-licensed (named user), external (customer/supplier), or genuinely unlicenced
Cross-reference with your HR system and SAP user roster
✓
Identify exemption-qualifying paths (read-only, public web, non-material access)
SAP's rules allow exemptions for certain indirect access. Document which of your paths qualify
✓
Quantify defensible indirect access exposure
Example: "Customer portal shows 5,000 unique users per month, but 3,500 are already-licensed via our named user base or subsidiary agreements. 800 are external customers (qualify for guest licence, not full indirect). True exposure: 700 indirect users. Current cost if exposed: $280K. Defensible reduction: 40%."
Phase 3: Reclassification and Right-Sizing (Weeks 5–8)
Goal: Execute reclassification of users and indirect access. Document every change.
Named User Reclassification Execution
✓
Obtain business stakeholder sign-off on reclassification candidates
Department heads, functional leads. Confirm: "User X no longer needs Professional features; Limited Professional is sufficient."
✓
Reclassify users in SAP for Me or your contract admin system
Change user type, update contract, document effective date
✓
Create a reclassification register
User ID, current type, new type, business justification, USMM/LAW evidence reference, effective date, approver
✓
Test reclassified users' access post-change
Confirm they can still perform their job functions. Document any issues and roll back if necessary
Indirect Access Risk Mitigation
✓
For paths with high unique user counts, review technical architecture
Can you reduce indirect users via named user authentication instead of batch/service accounts? Can you add user masking or exemption-qualifying logic?
✓
Document technical controls that reduce exposure
Example: "Customer portal uses caching layer; unique users per month drop 30% via caching. Supported by [architecture document]"
✓
Create an indirect access summary table
Path name, owner, unique users (30-day average), already-licensed count, external count, true indirect exposure, estimated cost, mitigation actions
Product Scope and Support Review
✓
Audit active usage of all licenced SAP products
BusinessObjects, Signavio, SAC, BTP, any other bundled products. Which are actually used? Which are paid but not deployed?
✓
Benchmark support spend against industry peers
Is your 22% support cost justified by case volume, severity, and SLA requirements? Or can you shift to Standard Support (17-20%) or negotiate custom SLAs?
✓
Build support tier optimization proposal
Example: "Based on 24-month support case analysis, average case volume is 8/month, 80% routine. Standard Support sufficient. Savings: $150K/year."
Phase 4: Contract Renegotiation and Commercial Optimization (Weeks 9–12)
Goal: Present your forensic analysis to SAP. Negotiate from a position of strength.
Counter-Proposal Development
✓
Build a detailed BOM (Bill of Materials) counter-proposal
Named users: [count by type], Indirect Access: [count + exemptions], Products: [itemized], Support: [tier + SLAs]. Include line-item costs and evidence references
✓
Create a supporting evidence package
USMM reports, LAW output, indirect access logs, support case analysis, business justifications, stakeholder approvals
✓
Quantify total savings from optimisation
Example: Named user reclassification ($400K) + indirect access reduction ($200K) + support tier shift ($150K) = $750K annual recovery
✓
Model trade-offs: accept lower licence reductions in exchange for extended terms or bundled products
SAP prefers multi-year commitments and bundled value. Use that leverage
Negotiation Execution
✓
Schedule negotiation kickoff with SAP Account Executive (AE)
Timing: 4-6 months before current contract end. Position it as renewal optimization, not audit preparation
✓
Present counter-proposal with evidence. Lead with data, not demands
"Based on USMM analysis, we've identified 200 Professional users who need only Limited Professional features. Here's the forensic evidence."
✓
Be prepared to defend each line item
SAP will push back. Have your USMM reports, LAW output, indirect access logs, and business justifications ready
✓
Negotiate reduction targets iteratively
Start with full forensic reduction. Accept smaller cuts in exchange for contract certainty or other value
✓
Lock in final position in renewal contract
Itemize every user type count, product, and support term. This becomes your baseline for audit defense
Phase 5: Governance and Ongoing Optimisation
Goal: Sustain optimisation. Prevent licence creep. Stay audit-ready year-round.
Licence Governance Framework
✓
Establish a quarterly licence review process
Track new user additions, reclassifications, terminations. Document justification for each change
✓
Assign licence owner and governance committee
Typically: Finance (budgets), IT/Basis (technical), Operations (user administration), Procurement (contract)
✓
Create a licence change request template
New user: job function, module access, justification, approver. Reclassification: reason, USMM evidence, stakeholder sign-off
✓
Track indirect access changes (new integrations, modified access patterns)
When IT adds a new custom portal or ETL tool, log it. Audit its unique user counts quarterly
Ongoing Audit and Refresh
✓
Run USMM and LAW annually, 12 months before renewal
Identify new reclassification opportunities. Compare year-over-year usage patterns
✓
Audit support case history quarterly
Is your support tier still appropriate? Can you negotiate further reduction?
✓
Review indirect access user counts monthly
Alert when new integrations or spikes in unique users occur. Proactively manage exposure
✓
Maintain a live audit-readiness document
Current user BOM, reclassification register, indirect access summary, support case data, contract terms. Updated quarterly. When SAP audits, you hand them this
SAP License Optimisation: 90-Day Action Plan Summary
| Week(s) |
Phase |
Key Tasks |
Deliverable |
| 1–2 |
Discovery |
User inventory, indirect access mapping, support baseline |
Baseline report (user count, cost, risk) |
| 3–4 |
Analysis |
USMM/LAW audit, reclassification candidates, indirect access quantification |
Forensic analysis report with evidence |
| 5–8 |
Reclassification |
User reclassification, stakeholder approval, access testing |
Reclassification register, updated BOM |
| 9–12 |
Negotiation |
Counter-proposal development, SAP negotiation, contract execution |
Renewed contract with locked-in optimisation |
| Ongoing |
Governance |
Quarterly reviews, annual USMM/LAW refresh, audit readiness |
Living audit-readiness document, quarterly reports |
FAQ: SAP License Optimisation Checklist Questions
Can we do this without external advisors?
Yes, if you have SAP BASIS expertise and access to USMM/LAW. But external advisors bring credibility with SAP, institutional knowledge of audit tactics, and independent audit evidence that carries more weight in negotiation.
How long does this really take?
This checklist is designed for 90 days if you're well-resourced (3-4 FTE). If you're doing it part-time internally, expect 6 months. The earlier you start before renewal, the less time-pressured you are.
What if SAP won't accept our reclassifications?
If you've executed this checklist with proper forensics, you have defensible evidence. SAP can't reject USMM/LAW output or documented business justification. Worst case, you compromise on percentage reduction. But your starting position is data-driven.
What if SAP audits us mid-cycle?
If you've maintained the governance framework (quarterly reviews, living audit-readiness document), you're prepared. Hand SAP your documentation: reclassification register, USMM/LAW evidence, indirect access analysis. This cuts audit duration and exposure risk significantly.
How much should this programme cost?
Internal programme: 3-4 FTE × 3-6 months = $150K-300K in labour. External advisors: typically 5-15% of identified savings (many work on success-fee basis). ROI is 3-5 months for mid-market customers, making optimisation self-funding.
Ready to Optimise Your SAP Licences?
Our independent advisory team will execute this checklist, audit your position, and negotiate a defensible optimisation with SAP. Average recovery: $2-8M for enterprise customers.
Get SAP Licensing Insights in Your Inbox
New guides, case studies, and audit defence strategies delivered monthly.
We respect your privacy. Unsubscribe anytime.
Real Results: Enterprise Optimisation in Action
See how our clients reduced SAP licence spend by $2-8M through forensic analysis, user reclassification, and strategic support cost reduction. Our SAP licensing case studies show exactly how this checklist works in practice — and how to defend your position against SAP audits.
Related SAP Licence Optimisation Content
Not Sure Where to Start?
Schedule a free 30-minute consultation with our SAP licensing experts. We'll walk you through this checklist, identify your top optimisation opportunities, and outline a defensible path forward. Book your consultation here, or review our SAP licensing basics guide to get grounded on licence types, audit rules, and negotiation strategy.