When SAP's measurement team arrives, every data point you submit feeds their commercial pipeline. Our SAP audit defence team — former SAP auditors themselves — protects your position, challenges every claim, and negotiates settlements that reflect what you actually owe.
52% of SAP customers have been audited more than twice in the last 18 months. SAP's initial compliance gap claim is, on average, 3–5× the amount the customer actually owes after expert challenge.
SAP's annual system measurement — run using USMM (User and System Measurement) or the LAW (Licence Auditing Workbench) — is framed as a routine compliance exercise. It isn't. Every output from these tools feeds directly into SAP's commercial organisation, which uses the data to construct a back-licence claim and negotiate an expansion.
The measurement tools themselves have well-documented over-counting issues. USMM captures every system access without applying contractual context — meaning a user who accessed SAP once for a password reset can appear as a fully-licensed Professional User. SAP's STAR (SAP True-Up and Reconciliation) tool then aggregates these figures across your entire landscape, including subsidiary systems, acquired businesses, and third-party integrations, producing an Effective License Position (ELP) that frequently bears little resemblance to your actual contractual obligations.
The damage compounds when indirect access enters the picture. If your systems — Salesforce, ServiceNow, a custom portal, a third-party MES — interact with SAP data, SAP's audit team will attempt to count every document those integrations generate (Orders, Deliveries, Invoices, Material documents) under the Digital Access metric. Digital Access claims have generated over $1B in additional licence revenue for SAP since 2017, and the majority go unchallenged because the enterprise's IT and procurement teams do not understand SAP's measurement methodology.
Our indirect access advisory service specifically addresses this exposure before and during audit proceedings.
From the moment SAP's audit notification lands to final settlement — we manage, challenge, and resolve on your behalf.
Within 24 hours of your notification, we assess your exposure landscape — reviewing your Order Forms, licence types, user classifications, and integration architecture. You get a clear picture of your risk before SAP's team runs a single query.
We run our own Effective License Position analysis using your actual usage data, applying your contractual licence definitions — not SAP's broadened interpretations. Our ELP identifies every legitimate challenge point before you submit anything to SAP. Learn how to build your own counter-ELP with our guide: How to Build Your SAP Effective Licence Position.
SAP's measurement tools regularly misclassify users and inflate counts. We forensically review every USMM and LAW output, identifying technical errors, duplicate counting, and contractually unsupported classifications — then document each challenge with evidence. For a full technical explanation, see our guide: SAP USMM & LAW Tools: The Complete Enterprise Guide.
Professional licences cost 3–5× more than Limited Professional. We review every user's actual transaction footprint against your licence definitions and reclassify any user whose assigned type is not contractually supported. This single step reduces most audit claims by 20–40%. For a full breakdown of the classification rules and reclassification methodology, see our guide: SAP Professional vs Limited Professional: Key Differences.
We represent you directly in negotiations with SAP's commercial team. Armed with our independent ELP and documented challenge positions, we negotiate the final settlement amount — typically achieving outcomes 60–80% below SAP's initial claim.
Post-audit, we ensure your Order Form contains protective clauses that limit SAP's ability to re-audit on the same basis, define your measurement methodology, and provide certainty on indirect access treatment for your specific integration architecture.
Within 24 hours of your enquiry, a senior expert reviews your notification letter, your SAP landscape overview, and your Order Forms. We identify the highest-risk areas — indirect access exposure, user count discrepancies, subsidiary inclusions — and define the immediate actions you should (and critically, should not) take before responding to SAP.
We conduct our own independent system measurement using your data. This means running an analysis against your actual contractual licence definitions — not SAP's expanded interpretations. We build an independent ELP that forms the basis of your negotiation position and documents every area where SAP's measurement methodology diverges from your contractual rights.
Every challengeable element of SAP's claim is documented with evidence: contractual references, SAP's own published licence definitions, technical data from your systems, and relevant precedent from prior settlements. We prepare a formal challenge position paper that becomes your response to SAP's initial compliance gap notification.
We represent you in direct negotiation with SAP's commercial and audit teams. Our team includes former SAP account executives and audit managers who understand exactly how SAP's settlement process works, what their internal approval thresholds are, and how to structure a resolution that protects your position for the next three to five years.
A settled audit is only valuable if the settlement prevents a repeat. We ensure your Order Form amendments include measurement methodology definitions, indirect access carve-outs, re-audit limitations, and a documented baseline that prevents SAP from reopening the same issues at your next renewal. See our SAP contract negotiation service for the full scope of contractual protections we secure.
The data you submit in the first 48–72 hours will define the entire audit trajectory. Before your team runs USMM or sends a single spreadsheet to SAP's measurement team, get an expert review of what you're about to share — and what your contractual obligations actually require you to disclose.
The average SAP audit claim is 3–5× what the enterprise actually owes after challenge. Before authorising any settlement or emergency licence purchase, commission an independent review. The cost of expert challenge is a fraction of the amount at stake in the settlement.
Proactive licence management is always cheaper than reactive audit defence. If you have Salesforce, ServiceNow, or any custom portal accessing SAP data, your indirect access exposure may be material. Our indirect access advisory team can quantify and remediate your risk before SAP does.
SAP's proposed settlement Order Forms contain clauses that routinely disadvantage the buyer — particularly around future measurement methodology, indirect access definitions, and re-audit rights. We review every clause before you sign, and secure the protections your legal team may not know to ask for. Review our SAP licensing case studies for examples of what independent challenge achieves.
Read detailed outcomes in our SAP licensing case studies — including a $48M audit claim reduced to $11M for a global manufacturer.
Every hour you wait, your team may be taking actions that strengthen SAP's position. Our SAP audit defence consultation is free, confidential, and can be arranged within 24 hours. Start your defence before you respond to SAP's first request.
Start Your Audit Defence →Most SAP Master Agreements include an audit right clause that obligates customers to cooperate with system measurements, typically providing reasonable notice and defining the scope. However, "cooperating with an audit" does not mean accepting SAP's interpretation of your measurement results or their proposed compliance gap. You have the right to challenge the methodology, the tool outputs, the user classifications, and the financial demand — and you are not obligated to accept SAP's initial claim. What you submit in response to the initial notification significantly shapes the audit's direction.
SAP conducts two main types of audit. A basic audit involves SAP's measurement team running USMM remotely or on-site and reviewing the output against your licence entitlements. An enhanced audit goes deeper — it includes a review of your system architecture, custom developments, third-party integrations, and subsidiary inclusions. Enhanced audits have a higher probability of generating indirect access claims and are more likely to be conducted when SAP believes you have significant unlicensed usage. Our team has handled both audit types across all major SAP product lines, including ECC, S/4HANA, and RISE with SAP environments.
The timeline varies significantly based on the complexity of your landscape and SAP's commercial position. Simple audits with straightforward licence structures can be resolved in six to eight weeks. Complex audits involving indirect access claims, multiple subsidiaries, or significant Digital Access exposure typically run three to six months. Our objective is always to achieve the strongest possible settlement — not the fastest — but we also work to prevent SAP from using delay as a commercial pressure tactic, which is a common audit strategy.
Internal SAP licence managers are valuable for day-to-day licence administration, but most lack the specialist negotiation experience required for audit defence. SAP's audit teams are commercial specialists who conduct hundreds of audits each year. Their measurement methodology, challenge procedures, and settlement tactics are highly refined. An internal ITAM resource who encounters an SAP audit twice a decade is at a structural disadvantage without external support. Our role is not to replace your internal team — it is to provide the adversarial expertise and negotiating authority that audits specifically require. Review our full range of SAP licensing services to understand how we complement your existing capability.
Yes, SAP is aware of independent audit defence firms, and engaging one is a commercially rational decision that SAP's own account teams will have encountered many times. SAP's commercial team may attempt to discourage you from using external advisors — this is itself a negotiating tactic. Enterprise buyers with independent advisors routinely achieve better settlement outcomes than those who negotiate directly, and a stronger settlement does not preclude a productive ongoing commercial relationship with SAP. Our independence from SAP means we have no account relationship to protect — our only obligation is your outcome. See our about page for more on what our independence means in practice.
A settled audit does not automatically resolve your underlying indirect access exposure. If you have integrations that SAP considered during the audit, the settlement should include a forward-looking licence structure that addresses those integrations — either through a Digital Access licence, an explicit carve-out, or an agreed measurement methodology. Without these protections, SAP can re-raise the same indirect access claims at your next renewal. Our post-audit contract review and indirect access advisory service ensure the settlement creates lasting protection, not just a short-term resolution.
Forensic buyer-side analysis on every stage of SAP audit negotiation. No vendor affiliation.
The first 48–72 hours of an SAP audit define its entire trajectory. The longer you wait to engage independent expert support, the more leverage SAP accumulates. Our free consultation is confidential, structured, and delivered by senior experts — not account managers.
SAP audit rights don't arise at random — they're activated by clauses buried in your original agreement. This guide identifies every red flag before SAP's audit team does.
Read the guide → 💸The ten most financially damaging contract clauses SAP deploys — from broad audit rights language to measurement methodology ambiguities that create maximum audit exposure.
Read the guide → ✅A 40-item interactive checklist covering audit rights, usage measurement, price increase mechanisms, and exit provisions — the same review framework used in pre-audit contract assessments.
Get the checklist →