Indirect Access Metrics in SAP Licensing
- Track External Data Connections: Identify how third-party applications access SAP.
- Measure Volume of Data Transfers: Monitor data usage between systems.
- Categorize Interaction Types: Differentiate between read, write, and processing actions.
- Assess Impact on Licenses: Link indirect access to appropriate license types.
- Leverage Auditing Tools: Use tools to evaluate access compliance.
SAP Indirect Access Metrics
SAP licensing can be a labyrinth for many organizations, but nothing sparks more confusion than indirect access metrics.
The complexity of licensing for non-SAP interfaces and third-party systems leads to substantial compliance and cost concerns.
Let’s dig deep into SAP’s indirect access licensing metrics, covering traditional models, the Digital Access model, and strategic actions organizations can take to stay on top of their licensing needs.
What Is Indirect Access in SAP?
Indirect access occurs when SAP data is accessed, modified, or created through non-SAP applications. Unlike direct access via a direct SAP login, indirect access involves third-party systems performing actions in the SAP environment without an explicit SAP user license. This can happen in several ways:
- A third-party tool pulling customer data from SAP for analytics.
- Data can be entered into SAP through an external system, such as an online order form.
- Viewing SAP data through non-SAP dashboards or reports.
Essentially, any access to SAP-stored data that does not use an SAP front end can fall under indirect access.
Traditional SAP User-Based Licensing
Historically, SAP licensing focused on named user licenses. These licenses allowed specific individuals to access SAP systems. But the twist? Named user licenses are applied to both direct and indirect users.
Under this model, every person accessing SAP data, whether directly through an SAP GUI or indirectly through a third-party system, requires an appropriate named user license. This metric was relatively easy to measure when all users logged in directly. However, indirect access created confusion.
Indirect Access: The Challenge of Measurement
Measuring indirect access has proven challenging for SAP customers. SAP’s standard measurement tool, USMM, focuses on direct users, meaning it cannot track users and transactions initiated via non-SAP interfaces.
Companies are often required to self-declare indirect use, which presents complexities around accurately determining the number of indirect users.
This gap has exposed many SAP customers to unexpected compliance issues. Imagine a non-SAP system automating customer orders into SAP without proper licensing, which can result in millions in compliance penalties.
Read about SAP license optimization via metrics.
Enter the Digital Access Model
To address these challenges, SAP introduced the Digital Access Model in 2018. This model offers a more transparent and predictable approach to indirect access licensing, shifting from user-based to document-based metrics.
How Digital Access Works
Instead of counting users, the Digital Access Model measures the number of documents created or processed through indirect access. This approach focuses on nine core document types that cover typical business operations, including:
- Sales Orders
- Invoices
- Purchase Orders
- Service Entries
- And more
Whenever a non-SAP system creates or processes one of these documents in the SAP environment, it counts toward the digital access total.
This document-based approach provides several advantages:
- Transparency: Companies can easily understand how documents drive costs.
- Predictable Costs: Companies can forecast costs based on document volumes rather than worrying about the number of users.
- Alignment with Business Operations: The model aligns better with how systems interact in real-life scenarios.
Cost Implications and Compliance Risks
Failure to properly manage indirect access can lead to significant financial risks. For instance:
- In 2017, Diageo was ordered to pay £54.5 million after being found non-compliant with indirect access.
- AB InBev was sued by SAP for $600 million for similar indirect usage violations, which ended in a settlement.
These cases underline the importance of correctly understanding and managing indirect access metrics.
Best Practices for License Management
How can organizations manage SAP indirect access effectively? Here are some best practices:
- Configure Third-Party Systems Carefully: Ensure third-party systems access SAP data compliantly. Restrict third-party access to only necessary users and avoid blanket permissions.
- Audit and Remove Duplicate Licenses: Some users may have direct and indirect access licenses. Conduct regular license audits to identify and remove any duplicates.
- Analyze Real-Time Access Requirements: Depending on your organization’s needs, ensure that SAP access is configured accordingly to avoid unnecessary exposure to indirect usage.
- Conduct Regular Interface Audits. Track all third-party system interactions with SAP to help identify potential indirect access points.
- Use Automation Tools: Automation tools can help track document creation and user activity and ensure compliance. Automated monitoring can reduce manual errors and ensure that systems remain compliant.
Digital Access Adoption Program (DAAP)
SAP also introduced the Digital Access Adoption Program (DAAP) to encourage organizations to transition to the Digital Access model. DAAP offers:
- License at 115% of estimated document use: Get more coverage for less.
- 90% Discount: Organizations that license at 100% of estimated usage can receive a steep discount, helping ease the cost burden during the transition.
The DAAP is a valuable opportunity for businesses to align with the new metrics while reducing compliance risk.
Technical Considerations for Indirect Access
Managing indirect access involves more than just licensing. Organizations must also understand the technical landscape that supports this access. Here’s what to keep in mind:
- Interface Analysis: Understand all third-party applications that interact with SAP. Track data flow patterns, interface protocols, and trigger events that could result in document creation.
- Integration Complexity: Consider the complexities involved in integrating multiple third-party systems. Different third-party applications may have different data standards, which can add layers of complexity to managing indirect access.
- Compliance Monitoring: Perform regular compliance checks, including interface audits, document tracking, and user access reviews. This will help prevent non-compliance from going unnoticed.
- Data Security: When setting up third-party integrations, consider data security. Data transfer and access must comply with SAP licensing and data protection regulations, such as GDPR. This ensures that compliance is inextricably linked to data security.
Digital Access vs. Traditional Named User Licensing
One significant difference between Digital Access and Named User Licensing is the fundamental metric by which licensing costs are determined. The traditional named user model focused on individuals using the SAP system, directly or indirectly.
Each user required a license, and organizations had to determine how to allocate licenses among their employees, contractors, and third-party users.
The Digital Access Model, by contrast, emphasizes document count rather than specific individuals. This model can often be more cost-effective for organizations with complex systems and many non-SAP users accessing SAP indirectly, but it might be more challenging to manage where document generation is frequent.
To determine which model is suitable for your organization, you need to conduct a cost-benefit analysis of both models:
- Calculate the total number of documents generated through third-party systems annually.
- Compare this number with the cost of licensing individual users for access.
- Assess how frequent document creation is by different business processes, and consider whether scaling up document generation in the future could significantly impact costs under Digital Access.
Organizations with many sporadic indirect users but few documents may find Named User Licensing more practical. Meanwhile, companies with constant document interactions via APIs might find the Digital Access Model the most cost-effective choice.
Future of SAP Indirect Access
The shift to the Digital Access Model is part of SAP’s broader strategy. For organizations migrating to S/4HANA, Digital Access is the only option available for indirect access licensing. Therefore, organizations must prepare and adjust their usage patterns accordingly.
Additionally, exemptions exist for certain scenarios, including:
- Static Read Access: Accessing SAP data without modifying it often does not require a license.
- Error Correction: Activities involved in correcting data or updating errors through licensed interfaces are also exempt.
- Data Enrichment Activities: If external systems access SAP data solely to enrich information without making changes, these activities may also be exempt from requiring additional licenses.
- Archiving and Backup: Data archiving or backup activities not involving ongoing data manipulation or use may be treated differently, though clear policies and documentation are required to claim such exemptions.
Read how to generate a SAP license report.
Strategic Recommendations for Organizations
To successfully navigate SAP indirect access and minimize financial exposure, organizations should:
- Assess the Indirect Access Footprint: Thoroughly assess all third-party integrations with SAP and ensure each one is compliant.
- Document Third-Party Integrations: Maintain a detailed record of all systems interacting with SAP, including data flows, frequency, and document types involved.
- Evaluate Licensing Models: Consider both named user and digital access models. One model may provide significant cost savings depending on your organization’s transaction volumes and document flow.
- Implement Governance Structures: Establish a robust governance framework for managing indirect access. This framework should include regular reviews, license audits, and compliance checks.
- Leverage DAAP Benefits: If transitioning to Digital Access, take full advantage of the DAAP discounts and incentives.
- Collaborate Cross-Functionally: Ensure collaboration between IT, legal, procurement, and business functions to understand the impact of indirect access. Each department’s usage and interaction patterns can differ, and a joint understanding can help better manage licensing needs.
- Vendor Management: If utilizing third-party vendors, establish clear contracts regarding how SAP data is accessed, used, and modified. Ensure that all vendor activity is compliant and documented.
- Regular Training: Train employees and system users on compliance policies concerning SAP licensing. Awareness can prevent unauthorized access and help mitigate risk.
Case Study: Successful Management of Indirect Access
Consider a retail organization with a complex mix of SAP and non-SAP systems. After a detailed audit of its SAP landscape, the organization identified that most of its indirect access came from an e-commerce platform feeding order data into SAP.
Instead of sticking to the named user model, they transitioned to Digital Access, leveraging DAAP. They licensed the anticipated document volumes and received a significant discount, resulting in better compliance, reduced financial exposure, and more predictable costs.
Additionally, this organization took steps to automate its compliance checks, deploying software to track and audit document creation across various systems. They collaborated across departments to align their procurement, IT, and legal teams on licensing requirements, significantly reducing compliance risks and improving overall efficiency.
FAQ: Indirect Access Metrics in SAP Licensing
What is indirect access in SAP licensing?
Indirect access occurs when third-party systems or applications interact with SAP software, potentially triggering licensing requirements.
How does SAP define indirect usage?
SAP considers any use by external applications or users that connect to SAP data or functions as indirect usage, even without direct login.
Why is monitoring indirect access important?
Monitoring ensures compliance with SAP licensing agreements and helps avoid unexpected costs due to untracked usage.
Can all indirect access be licensed the same way?
No, licensing depends on interaction type (read-only, data processing, or full write access) and the agreements in place.
How can businesses identify indirect usage?
SAP’s auditing tools or third-party monitoring solutions can help track and analyze external system interactions.
What metrics are crucial for indirect access?
Key metrics include the volume of data exchanged, the frequency of access, and the nature of system interactions.
How do indirect access metrics affect license costs?
High interaction volumes or complex integrations may require additional licenses, increasing costs.
Is SAP’s digital access model relevant to indirect use?
Yes, SAP’s digital access model is designed to cover document-based interactions that occur indirectly.
What are the consequences of untracked indirect access?
Untracked indirect access can lead to non-compliance, audits, and financial penalties.
Can indirect access be automated for compliance?
Automation tools can help assign licenses dynamically based on real-time access metrics.
How often should indirect access usage be reviewed?
Regular reviews, ideally quarterly, help maintain compliance and adapt to system changes.
What role do third-party tools play in tracking?
Third-party tools can provide detailed insights into data flows and external interactions with SAP systems.
Are there strategies to minimize indirect access costs?
Optimizing data flows and consolidating external system interactions can reduce costs related to indirect usage.
Does SAP provide guidance on indirect access?
Yes, SAP offers documentation and digital access licensing models to guide businesses in managing indirect access.
How can businesses prepare for SAP licensing audits?
Maintaining detailed records, tracking indirect access, and using monitoring tools ensures readiness for licensing audits.