Using SAP LAW Tool Effectively for Internal License Audits
SAP’s License Administration Workbench (LAW) is a critical tool for CIOs and CTOs to manage SAP software licenses proactively.
By consolidating user counts and engine metrics across all SAP systems, LAW helps organizations run internal audits, eliminate duplicate license counts, and ensure compliance.
An effective LAW-driven audit regime can uncover cost savings, prevent compliance surprises, and strengthen your position in SAP contract negotiations.
SAP’s LAW Tool and Why It Matters
The SAP License Administration Workbench (LAW) is designed to centrally consolidate license audit data from multiple SAP systems. In practice, you first run the System Measurement program (transaction USMM) on each SAP system to gather data on named users (by license type) and engine usage for that system.
LAW then aggregates these USMM results into a single combined view, deduplicating users who exist in multiple systems and summing up engine metrics.
This consolidated view is what SAP audits ultimately seek – a comprehensive user count and usage report for your entire SAP landscape.
Using LAW internally (often via transaction SLAW or SLAW2 for LAW 2.0) allows CIOs to see their enterprise’s exact license consumption before SAP does.
In short, LAW matters because it ensures one employee isn’t counted multiple times and that your usage of SAP modules (“engines”) is accurately measured, enabling you to catch and correct issues well ahead of any official audit.
Read SAP License Optimization Through Periodic User Classification Reviews.
Reconciling User Counts Across Systems
In large SAP landscapes (ECC, S/4HANA, BW, CRM, etc.), the same person often has multiple user accounts across different systems. Without consolidation, a user with three accounts might be counted as three separate users, potentially tripling license costs.
LAW effectively reconciles user counts by linking these accounts and counting each person only once. To achieve this, you must define a unique identifier for matching (for example, email address, employee ID, or a consistent username).
This identifier must be maintained uniformly across all systems; otherwise, LAW may not recognize two accounts as belonging to the same individual. By reconciling duplicates, LAW prevents over-counting (and over-paying).
For example, if User A appears in SAP ERP, CRM, and BW, LAW can merge those entries so that User A is allocated only one appropriate license, rather than three. This reconciliation not only saves money on license fees but also provides an accurate view of the number of distinct people using SAP.
Internally, CIOs should mandate running USMM and LAW across all production systems at least annually (many experts suggest quarterly checks) to continuously eliminate duplicate accounts and align the user counts with reality.
The result is a clean, consolidated user list that forms the foundation of compliant and cost-effective SAP licensing.
Optimizing License Classification and Cleanup
Accurate license classification of each user is vital when running LAW audits. SAP provides a range of user license types (Professional, Limited Professional/Functional, Employee Self-Service, etc.), each at very different price points and permissions. Misclassifying users can either inflate costs or create compliance risks.
For instance, assigning a costly Professional User license to someone who only needs basic inquiry access wastes budget; conversely, giving a “power user” a low-level license could violate contract terms.
An internal audit using LAW should therefore review every consolidated user and verify their license type against their actual usage. Many organizations map job roles to license types as a guide (e.g., a finance manager typically requires a Professional license, whereas a clerk may need a Limited license).
By using the LAW consolidation output, you can spot anomalies, such as a user counted as Professional in one system and Limited in another. LAW will default to the highest license type for that user, so it’s essential to ensure that the highest classification is truly necessary.
Equally important is user cleanup before and after running LAW. SAP’s named-user licensing counts all active users, even those who haven’t logged in recently.
It’s common to find that 10–15% of accounts are inactive (ex-employees, contractors, test accounts) that still consume licenses. Internal audits should identify and remove or lock these dormant users.
For example, if 200 SAP accounts haven’t been used in over 6 months, retiring them could immediately free up licenses and cut support costs. One global company reduced its named user count by 12% by removing inactive accounts, resulting in substantial annual maintenance savings.
Regular cleanup ensures that LAW’s consolidated count reflects only current, needed users. It’s best practice to tie this cleanup into HR offboarding processes (so departing staff are promptly deactivated) and to run periodic reports for unused accounts.
By optimizing user license assignments and eliminating outdated accounts, organizations can avoid incurring unnecessary costs and maintain compliance.
Read Cross-Functional Governance for SAP Licensing Across the Employee Lifecycle.
Tracking SAP Engine License Metrics
Beyond user licenses, SAP also sells engine (package) licenses, measured by specific metrics, such as the number of employees for SAP Payroll, orders processed in SAP SD, and total database size for SAP HANA, among others.
LAW supports consolidating these engine measurements as well, but it’s up to your team to interpret and act on them.
During an internal LAW audit, you’ll collect engine usage data from each system (USMM captures many metrics automatically).
For example, USMM might report that your SAP Payroll system has 1,050 active employee records, against a license entitlement of 1,000 – a red flag indicating that you’ve exceeded your licensed metric.
Similarly, an SAP Warehouse Management engine might be licensed for five warehouses, but LAW’s data shows six configured. By reviewing these LAW-consolidated engine figures, CIOs can pinpoint where actual usage is approaching or violating licensed amounts.
It’s wise to include a table or spreadsheet of “licensed vs. used” metrics for all engines in each internal audit report.
Below is an example of tracking key engine licenses:
| Engine License (Metric) | Entitlement (Purchased) | Current Usage (LAW Audit) | Status |
|---|---|---|---|
| SAP HCM Payroll (Employees) | 1,000 employees | 1,050 employees | Over limit (5% over) |
| SAP WM (Warehouses) | 5 warehouses | 6 warehouses | Over limit (1 extra) |
| SAP HANA Database (Memory) | 2 TB memory | 1.8 TB used | Within limit (90% used) |
| SAP Sales and Distribution | 10,000 sales orders/yr | 9,500 orders/year | Within limit (95% used) |
In the example above, the internal audit would flag the Payroll and WM engines as areas to address (either by optimizing usage or purchasing additional capacity) before an official SAP audit does.
Regularly tracking engine metrics through LAW (and supplementing with manual checks if needed) helps avoid costly “true-up” bills.
It also provides insight for future growth – if you project increasing to 1,200 employees next year, you can proactively negotiate an expansion rather than paying penalties later. Remember that some engine metrics might not be automatically measured; those may require manual data input (often called self-declaration).
Always include engines in your LAW audit scope to maintain a comprehensive compliance picture, not just user counts.
Common Challenges and Best Practices for Using LAW
While LAW is a powerful tool, using it effectively requires planning and expertise. One common challenge is defining the consolidation criteria correctly. LAW lets you choose how to match users (by username, email, user ID, etc.).
A best practice is to use an attribute that is consistently reliable across the enterprise (for example, corporate email or a personnel number). If different systems have slight naming differences for the same person, LAW may fail to merge them, resulting in an inflated user count.
To avoid this, ensure your SAP Basis team coordinates a uniform user naming convention or synchronization across systems (some companies use identity management solutions to keep usernames and emails consistent in SAP).
Test the consolidation on a subset of users first to confirm it links as expected.
Another challenge is dealing with the LAW tool technical issues. Many customers have encountered errors or bugs when running LAW, such as incomplete data imports or crashes during the consolidation process.
These issues can often be resolved by applying the latest SAP support notes or patches related to license measurement.
Always run LAW in an up-to-date environment; SAP’s newer LAW 2.0 (accessible via transaction SLAW2) offers a more modern interface and better support for current products (like SAP HANA or cloud metrics) compared to the older LAW 1.0.
However, LAW 2.0 is only available on newer SAP Basis releases (NetWeaver versions from ~2013 onward). If your environment is older, you may be using LAW 1.0, which is still functional but requires more manual effort and has some limitations.
Ensure your team is trained on whichever version is in use. If possible, upgrade to LAW 2.0 for a smoother experience (it can handle multiple consolidation scenarios and has improved reporting).
Expert oversight is another best practice. Interpreting LAW results isn’t trivial – the tool will output combined user counts and lists of engines with technical names. Have a licensing expert or SAP administrator review the results.
They should verify that each user was classified correctly and that no anomalies exist (e.g., a single user showing up as two entries due to a spelling discrepancy).
If the LAW output reports any errors or warnings, resolve them rather than ignoring them. It’s wise to perform a trial run of LAW and share the results with an internal SAP licensing specialist or third-party advisor before submitting anything to SAP.
In other words, never blindly hit “Send to SAP” on the LAW results without a thorough internal review.
This double-check can catch miscounts (for example, a batch of users unassigned to a license type will default to the highest category, skewing the totals – something you’d want to fix).
By following these best practices – consistent criteria, up-to-date tooling, and expert review – you can trust your LAW data as a true reflection of your compliance position.
Leveraging LAW Data for Cost Optimization and Negotiations
Performing regular internal audits with LAW isn’t just about avoiding compliance failures – it’s also a strategic way to optimize costs and prepare for negotiations with SAP.
First, by identifying unused or underutilized licenses (such as dozens of Professional user licenses assigned to individuals who barely use SAP), you can consider reharvesting or reallocating them to new users instead of purchasing more.
Many enterprises institute a “license recycling” program: when an employee leaves or changes roles, their SAP license is returned to a pool for reuse.
LAW’s annual usage reports help pinpoint such opportunities by showing exactly how many users were active and in what capacity.
For example, suppose LAW indicates that you have 500 Professional users licensed, but only 400 have logged in this year (and the rest were inactive).
In that case, that’s 100 expensive licenses that could potentially be dropped or downgraded at renewal – a significant cost savings.
Second, LAW data strengthens your hand in contract negotiations with SAP. When you have an accurate, internally validated count of users and engines, you control the narrative. Rather than waiting for SAP’s auditors to tell you (and potentially trying to upsell licenses), you can approach SAP proactively with the facts.
Suppose your LAW audit indicates you are under-consuming certain licenses. In that case, you might negotiate a reduction or rebalancing in your contract (for instance, converting surplus licenses into a different product or getting credits).
Conversely, if you know you’ll need more licenses (e.g., a new project will add 100 users next year), you can negotiate those ahead of time, often at better discount levels, instead of reacting under audit pressure.
Having historical LAW audit records (showing trends of usage) also helps in discussions, as you can demonstrate your efforts in proper license management – this builds credibility.
Additionally, internal law audits can reveal compliance risks (such as indirect usage scenarios or engine overage) that you can resolve through contract amendments or new license purchases on your own timeline.
It’s far cheaper to address these proactively than to pay audit penalties or back-maintenance.
CIOs and CTOs should treat the LAW reports as a baseline for any true-up negotiations: if SAP’s official audit numbers differ, you’ll have your detailed data to identify why.
In some cases, companies have avoided multi-million-dollar audit fines by using internal law data to contest SAP’s claims and demonstrate compliance (or by identifying issues early and addressing them).
In summary, leveraging LAW effectively means you’re never caught off guard by SAP’s figures – you’ll already have the answers and a plan, turning what is often a reactive scramble into a controlled, strategic process.
Recommendations
- Run LAW regularly, not just annually: Establish a quarterly or biannual internal audit cadence using USMM and LAW. Frequent checks catch compliance drift early and make annual true-ups routine rather than rushed fire drills.
- Maintain a single source of truth for users: Implement consistent user IDs or email addresses across all SAP systems to ensure LAW can accurately consolidate duplicate accounts. Regularly sync identity data to prevent one person from appearing as multiple users.
- Proactively clean up dormant accounts: Before each LAW run, remove or deactivate users who no longer require access. Tie this cleanup to HR offboarding. This immediately lowers license counts – often by 10% or more – and reduces security risk.
- Verify and optimize license classifications by Cross-Checking LAW results with actual user activity. Reassign users to the correct license type if LAW highlights misclassifications. Downgrade users who don’t require full licenses and upgrade those who do – this ensures compliance and cost efficiency.
- Track engine usage against entitlements: Include engine metrics in every internal audit. Create a simple table of licensed capacity vs. current usage. If any metric exceeds 100% of entitlement, take action (reduce usage or purchase additional rights) before SAP flags it.
- Use LAW 2.0 and apply updates: Leverage the latest version of SAP’s tools (LAW 2.0) if your environment supports it, and keep SAP measurement notes up to date. The improved interface and functionality can prevent consolidation errors. If you are using older systems, be meticulous with LAW 1.0 and consider upgrading your Basis version.
- Conduct a thorough pre-audit review: Always analyze LAW output internally (with experienced licensing staff or consultants) before sending the results to SAP. Investigate any anomalies or errors in the data. This internal review is your opportunity to address issues or document valid justifications, thereby avoiding surprises during a formal audit.
- Document and retain audit records: Keep detailed records of each internal LAW audit, including how users were matched, any adjustments made, and the final consolidated figures. This documentation is invaluable for year-over-year comparisons and for defending your license position during negotiations.
- Integrate license management into IT operations: Treat license compliance as an ongoing process. Train admins to assign correct license types when creating users, and monitor usage continuously (using SAP’s tools or third-party solutions). This way, your LAW audits become validations of a well-managed system rather than emergency discovery missions.
- Leverage insights in vendor negotiations: Use the knowledge gained from LAW to negotiate with SAP proactively. If you’re underutilizing licenses, consider discussing the option to reduce or swap them. If you need more licenses due to growth, negotiate volume discounts in advance. Your credible internal data can secure more favorable contract terms.
FAQ
Q1: How often should we run SAP’s LAW for internal audits?
A: Ideally, run LAW consolidations at least once a year, and more frequently (quarterly if possible) for larger environments. Regular internal audits ensure you catch any license usage changes early and stay continuously compliant.
Q2: What’s the difference between USMM and LAW in SAP licensing?
A: USMM is the SAP system measurement tool that you run per individual system to collect user and engine data. LAW is the Workbench that consolidates these results from all systems into one unified report, eliminating duplicate users and combining all usage. In short, USMM gathers local data, and LAW aggregates global data.
Q3: Can LAW help with indirect access (third-party interfaces) licensing?
A: Not directly. LAW focuses on named user counts and engine metrics. Indirect access (where external systems use SAP data) is measured via SAP’s Digital Access tools or separate estimators. However, as part of your internal audit, you should inventory indirect usage as well – it just won’t show up in LAW’s user counts. You can use SAP’s Digital Access Evaluation tool in conjunction with LAW for a comprehensive compliance check.
Q4: What if LAW shows we are over-licensed or under-licensed?
A: If LAW reveals you have significantly more licenses than active users (over-licensed), it’s an opportunity to optimize – you might negotiate the removal of unused licenses or reduce maintenance costs. If it indicates that you’re under-licensed (i.e., more usage than entitlements), treat it as a warning to address the gap before SAP’s official audit. This could involve reallocating licenses, purchasing additional ones, or revising the classification of users. Either way, LAW gives you the foresight to act on the findings rather than reacting to an SAP compliance letter.
Q5: Are LAW results 100% accurate?
A: LAW is only as accurate as the data and criteria you put into it. It reliably consolidates USMM data, but errors can occur if, for example, users aren’t consistently identified across systems or if certain license classifications are left blank. Technical bugs are rare but possible, especially on older versions of the software. It’s essential to sanity-check LAW’s output (e.g., does the total user count align with the headcount?). With careful setup and review, LAW’s figures will be a very close reflection of your actual usage.
Q6: Do we need external tools, or is SAP’s LAW enough for license management?
A: SAP’s native tools (USMM/LAW) are sufficient for performing compliance measurements and are the official basis for audits. Many organizations successfully manage with LAW alone, supplemented by good processes. However, third-party license management tools (from vendors such as Snow and Flexera) can provide additional analytics, continuous monitoring, and simulation features beyond what LAW offers. If you have a very large or complex SAP landscape, these tools can complement LAW by providing real-time alerts and optimization suggestions. They’re not required, but can enhance governance between LAW audit cycles.
Q7: How does LAW 2.0 differ from LAW 1.0?
A: LAW 2.0 is an updated version of the License Administration Workbench introduced in newer SAP releases. Functionally, it still consolidates user and engine data, but it offers a more user-friendly, web-based interface and can handle new product metrics (like HANA database usage) better. It also allows you to set up scenarios and retain data for comparisons. LAW 1.0 (the classic SLAW transaction) is compatible with older SAP GUIs and may require additional manual steps. If your SAP system is on a recent version, using LAW 2.0 can simplify the consolidation process and reduce errors.
Q8: Who in our organization should own the LAW audit process?
A: Typically, a Software Asset Management (SAM) or license compliance manager will coordinate LAW audits, working closely with the SAP Basis administrator for execution. In practice, it’s a cross-functional effort: Basis or IT runs the USMM/LAW tools, functional managers verify user roles against license types, and procurement and finance review the findings for contract implications. Ultimately, CIOs/CTOs should sponsor this process to ensure it has executive visibility; however, day-to-day ownership may reside with an IT asset management or compliance team.
Q9: Should we proactively share internal LAW results with SAP?
A: Generally, no, not proactively. Internal LAW audits are for your organization’s eyes to remediate issues internally. You are only required to submit measurement results to SAP during the official audit (or annual license measurement) as specified in your contract. It’s advisable to use internal results to fix problems first. Once you are confident the LAW output is clean and accurate, you then submit the official LAW report to SAP’s license auditors at the required time. Think of internal runs as rehearsal – you wouldn’t send rehearsal notes to the examiners.
Q10: How can LAW audits save us money on SAP licensing?
A: By using the law, companies have saved money in several ways. Firstly, catching and removing inactive users reduces unnecessary license maintenance costs (each named user license incurs 20% annual support fees – cleaning up 100 unused users could save tens of thousands of dollars over time). Secondly, right-sizing license types (e.g., downgrading 50 users from Professional to Limited where appropriate) can avoid overspending on expensive license categories. Thirdly, avoiding compliance penalties is a huge cost saver – a pre-audit via LAW means a bill for unlicensed usage won’t blindside you, because you’ll have already identified and addressed it (or budgeted for it in advance). Lastly, armed with accurate usage data, you can negotiate volume discounts or concessions from SAP, ensuring you only pay for what you need. In sum, LAW audits create transparency that translates into financial control over your SAP investment.
Read about our SAP License Optimization Service.
