SAP runs annual audit measurement on every customer. Customers who treat it as a procurement exercise hold settlements close to actual usage. Customers who treat it as IT compliance hand SAP eight figure findings.
SAP runs annual audit measurement on every customer carrying an active maintenance agreement. The audit looks like a routine compliance exercise on the surface and behaves like an SAP commercial event in practice. Customers who treat audit measurement as a procurement exercise consistently turn it into a settlement that stays close to actual usage. Customers who treat it as an IT exercise hand SAP an opening to convert technical configuration drift (extra named user roles, indirect access on Salesforce or Workday, Digital Access on bot generated documents, engine consumption above contracted levels) into eight figure settlement bills. This pillar sets out the ten step audit preparation toolkit, the LAW report mechanics, named user mapping discipline, indirect and Digital Access defense, engine usage reconciliation, and the eleven move buyer side response that holds settlements to 15 to 50 percent of the SAP opening position. For surrounding context read the SAP services practice, the SAP knowledge hub, the SAP RISE Negotiation Guide, the SAP Audit Defense Service, and the SAP Indirect Access and Digital Access guide.
The License Administration Workbench (LAW) is the SAP tool customers use to consolidate user and engine measurement across their estate. The output is the customer's official submission to SAP for annual audit measurement. Three principles matter. First, the LAW report is the customer's document, not SAP's; the customer chooses when to run it, what to include, and how to classify users. Second, raw LAW output without cleansing routinely overstates licensable consumption by 15 to 30 percent due to dormant users, misclassified roles, and orphan accounts. Third, SAP receives only the LAW output the customer submits; field measurement only happens if SAP escalates beyond LAW review. Run LAW 90 days before SAP requests it, cleanse the output, and submit the cleansed version.
SAP named user license types follow a hierarchy with material price differential. Professional User (typically $4,500 to $5,500 list per user) sits at the top with full transactional access. Limited Professional User (typically $2,500 to $3,500) covers production line and retail roles. Employee User (typically $250 to $400) covers self service ESS/MSS access. Developer User covers ABAP development access. The buyer side opportunity is to right size every assigned license against actual usage. Three structural patterns drive overcounting: assignment of Professional User where Limited Professional or Employee would suffice; orphan accounts left active after employee departure; users assigned to multiple SAP systems with the highest license type carrying across.
| Named user type | Indicative list per user | Best fit |
|---|---|---|
| Professional User | $4,500 to $5,500 | Full transactional access, finance, supply chain power users |
| Limited Professional User | $2,500 to $3,500 | Production line, retail, restricted transaction set |
| Employee User | $250 to $400 | ESS/MSS self service, expense reports, time entry |
| Developer User | $3,500 to $4,500 | ABAP development, customization access |
Indirect access is the SAP licensing rule that requires a Named User license for any human or system that "uses" SAP, even when accessing through a third party application. The classic example is Salesforce sales reps creating orders that flow to SAP for fulfillment; SAP's position is that every Salesforce user creating those orders requires an SAP Named User license. Indirect access settlements are routinely the largest line in SAP audit findings, sometimes running into eight figures for high transaction volume customers. Two structural defenses matter. First, document every integration architecturally with input volumes and user counts; vague integration scope favors SAP's expansive interpretation. Second, evaluate Digital Access conversion; SAP's Digital Access pricing converts indirect access exposure to per document pricing that is often more favorable than per user.
Digital Access is SAP's 2018 successor licensing model for indirect access. Instead of licensing every external user touching SAP, customers license the documents created by external systems. Nine document types fall under Digital Access: sales documents, invoice documents, purchase documents, service and maintenance documents, manufacturing documents, quality documents, time management documents, financial documents, material documents. Pricing is typically $0.10 to $0.40 per document per year depending on volume tier. The Digital Access model is more favorable than per Named User indirect access for high volume bot driven document creation; less favorable for high user count low volume integrations.
SAP engines (HANA database, BW/4HANA, IS-U for utilities, SAP Hybris, etc.) license separately from named users. Each engine has a distinct measurement metric. HANA licenses by memory (typically $5,000 to $7,000 per 64GB block at list). BW/4HANA licenses by memory similarly. IS-U licenses by meter point. The audit measures engine consumption against contracted entitlement. The buyer side preparation is to measure each engine quarterly, document the actual consumption against contract, and resolve any drift before SAP measurement begins.
For settlement modeling, the indicative anchors below reflect what we see on SAP audit settlements in 2026.
Redress runs a four phase SAP audit preparation engagement. Phase one is the proactive LAW review, which generates and cleanses the LAW report 90 to 180 days before SAP measurement. Phase two is the indirect and Digital Access exposure assessment, mapping every integration and modeling both pricing options. Phase three is the audit response when SAP measurement begins, managing the LMS engagement and resisting scope expansion. Phase four is the settlement negotiation, converting findings to forward consumption commit where possible and bundling with renewal discount. Read the Vendor Shield program, the SAP Audit Defense Service, and the SAP License Optimization Service.
Redress is independent and 100 percent buyer side. Industry recognized, 500 plus enterprise clients, $2B plus under advisory across 11 vendor practices. Read the SAP services practice, the SAP knowledge hub, and the case studies library, or contact us to scope an SAP audit preparation engagement.
A buyer side framework for the SAP renewal cycle, the SAP master agreement, and the broader SAP commercial framework.
Independent. Buyer side. Built for SAP customers running the next renewal cycle.
Open the white paper in your browser. Corporate email only.
Open the Paper →SAP came back with a $14M indirect access finding tied to our Salesforce integration. Redress walked us through the actual document flow architecture, modeled both Digital Access and Named User pricing, cleansed the LAW report, and converted the finding to a forward Digital Access commit bundled with our renewal. Final settlement: $3.2M, with a clean three year SAP contract and the indirect access scope finally documented in writing.
Confidential consultation. No follow up sales call unless you ask for one.
Vendor signals, commercial signals, settlement signals, and the broader competitive leverage signals across all eleven vendor practices.
Once a month. Audit patterns, renewal benchmarks, vendor commercial signals across Oracle, Microsoft, SAP, Salesforce, IBM, Broadcom, AWS, Google Cloud, ServiceNow, Workday, Cisco, and the GenAI vendors. No follow up sales pressure.
Free providers (Gmail, Yahoo, Outlook) cannot subscribe. Work email only. Unsubscribe in one click.
