SAP Audit Tools: USMM, LAW (SLAW/SLAW2) & Beyond – A Step-by-Step Guide to System Measurement
Why This Matters
SAP license audits can catch you off guard if you haven’t been regularly measuring your own usage.
Without an internal license check, you might only discover compliance gaps (too many users, misclassified licenses, etc.) when SAP’s auditors show up.
By using SAP’s native tools ahead of time, you gain visibility into your license position and can fix issues on your terms. Running USMM and LAW internally before an official audit lets you verify your user counts, correct misclassifications, and avoid last-minute surprises.
For example, one company running five separate SAP systems found that consolidating user measurements with LAW reduced their apparent user count by 12%. Roughly 1 in 8 “users” were duplicates across systems.
This translated to significant savings in license costs and a smoother audit process. In short, a solid measurement practice ensures you only pay for what you use – and it arms you with data to confidently face SAP’s audit process.
Step-by-Step: Running SAP’s Native Audit Tools
SAP provides two main tools for license measurement: USMM (for measuring a single system’s usage) and LAW (License Administration Workbench, for consolidating multiple systems). Here’s how to use them effectively:
USMM – Measure Individual Systems
Run USMM in each SAP system to gather user and engine usage data:
- Preparation: Make sure the system’s measurement program is updated with the latest SAP license definitions (apply any required notes) and that all users are classified with the correct license type. No user should be left “unclassified” – otherwise they’ll count as the highest-cost license by default.
- Run the Measurement: In a production client, execute a transaction USMM and start the system measurement. It counts users per license type and measures any engines in use. When it finishes, review the results. Check for errors or outliers, such as unclassified users or an engine count that appears to be incorrect.
- Export Results: From the USMM menu, export the measurement results to a LAW file. Save the file (usually XML or text format). Do this for every production system you measured – you’ll end up with one file per system, ready for consolidation.
Below is an example of the “Export to LAW File” dialog in USMM. This is where you generate the measurement file that will be imported into the LAW consolidation tool.
LAW/SLAW2 – Consolidate Multiple Systems
LAW combines all those individual results into one consolidated picture (use transaction SLAW2 for LAW 2.0 in newer systems):
- Load Files in LAW: On a central system (e.g., Solution Manager or your main ERP), launch the License Workbench (
SLAWorSLAW2). Import all the USMM result files from each system. - Combine Duplicate Users: Configure how to identify the same user across systems. LAW allows you to match by user ID, full name, email, and more. Select the criterion that best fits your landscape and run the combination step to deduplicate users (one person = one license).
- Run Consolidation: Execute the consolidation to generate a unified report. LAW will output the total unique users per license type across all systems (after eliminating duplicates). Review the consolidated results closely. Ensure that no user is counted twice and that the totals are accurate and sensible. If something appears off – such as a user not being merged or an unexpected count – adjust the data or matching rules and reconsolidate.
- Finalize the Data: When the consolidated report accurately reflects your usage, export the final LAW results. This file can be submitted to SAP during an audit or kept as your internal compliance record.
LAW’s user combination screen (shown below) allows you to select matching rules (by username, name, email, etc.) before consolidation. Using a consistent identifier (like email) greatly improves accuracy when merging users across systems.
In short, run USMM on each system, collect the output files, use LAW to merge and de-duplicate them, and then analyze the combined results for any issues.
Read the SAP Audit Trends.
Consolidating Systems & Spotting Discrepancies
When merging data from multiple systems, watch out for these common issues:
- Inconsistent License Data: If one system is missing the latest license updates, its USMM output might misclassify users. Ensure all systems use the same, up-to-date license definitions to avoid miscounts.
- Duplicate Users Still Appearing: If your consolidated user count is higher than expected, some duplicate accounts weren’t merged. For example,
jdoeandjohn.doemight not be recognized as the same person. Adjust LAW’s matching criteria (or manually map such cases) and reconsolidate to eliminate these duplicates. - Special Accounts & Indirect Use: Identify technical users or service accounts (e.g., interfaces, batch jobs) and handle them appropriately. Some system accounts may not require a full named-user license or might be covered under a separate metric. Also be mindful of indirect usage (external systems creating SAP records) – ensure it’s tracked under the correct model (such as Digital Access documents) and not double-counted as named users.
By identifying these discrepancies internally, you can refine your data (purge old accounts, correct classifications) and rerun measurements as needed. The goal is to have an accurate and defensible license count before reporting it to SAP.
Read about Legal and Contractual Defenses Against SAP Audits.
SAP’s Tools vs. Third-Party Solutions
SAP’s native tools are essential for compliance, but they have limits. Many companies augment them with third-party Software Asset Management (SAM) solutions for deeper insight.
Here’s a quick comparison:
SAP Native Tools – Pros: Free and built-in, providing the official data SAP expects in an audit. They cover the basics (counting users and engines per system) without extra setup.
SAP Native Tools – Cons: Manual and infrequent. USMM/LAW gives you raw data that you must consolidate and interpret yourself. They won’t flag inactive users or optimization opportunities – you get a snapshot, often only once a year.
Third-Party SAM Tools – Pros: Automated and continuous. These tools gather data across all systems and present it in dashboards. They can alert you to anomalies or unused licenses and recommend optimizations (e.g., identifying accounts that could benefit from a more cost-effective license type). They also utilize smarter user matching to avoid duplicate counts. Overall, they let you manage licenses proactively rather than reactively.
Third-Party SAM Tools – Cons: They require budget and setup. You need to configure them to match your SAP contract and maintain them over time. And no matter how good a SAM tool is, you still need to run SAP’s USMM/LAW for the official audit numbers – the third-party tool is for internal use. For a small SAP environment, a SAM tool might not be necessary; for a larger one, the extra insight can be invaluable.
SAP Audit Tool Execution Checklist
Use this checklist when preparing for an SAP license audit:
- Pre-Measurement Preparation: Apply the latest SAP measurement notes in each system and ensure that all users have a correct license type assigned.
- Run USMM in Each System: Execute USMM in all relevant production systems/clients to collect user and engine usage data.
- Export Results Files: Export each system’s measurement results to a LAW file and label them clearly (by system name, date, etc.).
- Import into LAW/SLAW2: On the consolidation system, import all the LAW files into the License Workbench.
- Combine & Consolidate: Set the user matching rules (user ID, email, etc.) and run the consolidation to merge duplicate users and compile totals.
- Review and Adjust: Examine the consolidated output for duplicate users or anomalies. If needed, tweak the data or matching settings and reconsolidate.
- Compare to Entitlements: Compare the final counts to your purchased license entitlements. Note any over-use or under-use.
- Save and Document: Save the final LAW report and document all steps (dates of runs, issues fixed, etc.). Keep this record for audit support and future reference.
Expert Recommendations for Smooth Audits
To wrap up, here are six expert tips to improve your SAP license management and audit readiness:
- Measure Production Only: Run measurements on production systems and exclude non-production or training clients from official counts to avoid skewing data with test users.
- Verify License Schema: Before measuring, confirm each system uses the correct SAP price list and license definitions (so users aren’t misclassified due to outdated data).
- Use Advanced Matching: Leverage LAW 2.0’s rule-based user grouping (or carefully chosen criteria in LAW 1.0) to match the same person across systems by email, employee ID, etc. This minimizes duplicate counting.
- Cross-Check with HR/Security: Don’t rely solely on SAP’s output – cross-reference the user list with HR records or Active Directory (and any SAM tool data) to catch accounts that shouldn’t be counted.
- Keep an Audit Trail: Document each step of the measurement and consolidation process. Keep logs, screenshots, and result files. A clear audit trail makes it easier to defend and repeat your process in the future.
- Monitor Continuously: Treat license management as a year-round activity. Regularly review user activity and license usage (manually or with a SAM tool) instead of waiting for the annual audit. Ongoing monitoring helps you identify and resolve issues early, making the official audit a formality.
In the end, the best SAP audit outcome is a boring one – with proper preparation, your next license audit can be routine and uneventful.
Read about our SAP License Audit Defense Service.
Read our SAP Audit Defense Case Studies.
