The simple example of time recording in a company shows how complex licencing really can get. [shutterstock: 691957093, Martin Janecek]
In this case study on SAP licence management, three different scenarios are used for illustration purposes, to look at the exampleof time recording in more detail and understand when an in-house solution causes acompliance breach. Afterwards, we have summed up the expert recommendations from KPMG.
This article is part of a series! If you would like to continue reading the series, please use the navigation buttons in the middle of the screen on the left and right side.
This E-3 Special is available for download at the bottom of the page and was co-authored by KPMG Partner Carsten Lang and Assistant Manager Justina Kurzawa.
To keep a record of time worked, employees of a company use time recording software that has been developed in-house or by a third-party producer. The data is input via SAP P1 into the SAP system provided.
Scenario 1: All users who use the time recording software would thus be subject to a licence. The exact number of named user licences needed would require an analysis to examine whether the users already have named user licences and whether the rights contained in these licences are adequate. In addition, licensing of the in-house or third-party application (time recording) with SAP NetWeaver Foundation for Third-Party Applications will be required.
Scenario 2: A possible interposition of message queues that forward the data via PI to the SAP system only in bulk, or with a time delay, could represent a solution that does not necessarily classify the users as relevant in terms of licensing. However, this potential technical solution requires at least two preconditions:
- Contractual preconditions must exist in appropriate form;
- Functions of the non-SAP software must not already be contained in available SAP solutions.
However, this type of licensing has not been clearly established, meaning that, if there is any doubt, there is at least a licence obligation as in scenario 1 if SAP software offers the same functionalities. A corresponding licence for message queuing used may have to be added here. It is important to analyse this in cases of doubt.
Scenario 3: The interposition of an employee from HR or a shared service employee who records the data from the reports from the non-SAP application manually into SAP might represent another solution. This employee would have to be licensed, and it will be important to ensure that the correct licence has been assigned. An SAP professional user licence would generally come into consideration for a member of the HR staff.
Recommendations for functional licence management
The recommendations for a functional licence management organisation are the same for SAP, with minor exceptions, as for any other vendors.
The basic principle for any good licence manager is to have proper knowledge of commercial rights of use, identify information on the type of technical use and the volume of use and finally compare these with each other. Moreover, it is important to recognise developments and changes in licensing rules and metrics and implement these in the in-house environment.
Moreover, it is important to recognise developments and changes in licensing rules and metrics and implement these in the in-house environment.
Information can thus be gained on any over-licensing or under-licensing. The following section provides a brief overview of topics that should be observed in order to ensure the required level of transparency.
Transparency is necessary in technical terms or in terms of technical use, as the basis for assessing the use can be guaranteed only when there is extensive knowledge of the following points. Depending on the individual customer and IT structure, this has to be supplemented by further required knowledge:
- Knowledge of infrastructure design
- Knowledge of technical process/organisation of relevant usage scenarios
- Knowledge of the type of data/information exchanged and direction of the data flow
- Comparison of external/existing users
- Identification/analysis of the use, permissions, roles, user groups in the relevant external application environment (AD, ZENworks, management console of the external application)
- Review of the use of middleware, etc. (note: only in conformity with the underlying LPC and the T&Cs as well as the SUR)
Commercially required transparency as the basis for assessing the comparison with technical use can be achieved only with extensive knowledge of the points below for the rights of use acquired in each case:
- Complete contract overview
- Knowledge of contract governance (whether some contracts contain clauses that impact on other contracts)
- Knowledge of any database use rights that may have been acquired (type, runtime vs full use, etc.)
- Knowledge of the underlying GTCs
- Knowledge of the underlying lists of prices and conditions (LPCs)
- Knowledge of applicable software use rights (SUR)
- Knowledge of any side agreements and customer specifics within the points listed above
Recommendation: Transparency when it comes to indirect use
Depending on the respective case of use and the underlying circumstances, the indirect use of SAP systems should be considered individually in the course of a scenario analysis. The following reference process has been established for this purpose and is tried and trusted in practice. As a first step, it is important to initiate and implement the initial data collection from all live, development or alternative use-related systems relevant for measurement.
Depending on their size, companies can feature several dozen or even hundreds of different data sources. This multiplicity and complexity is one of the primary reasons why carefully planned and designed data collection/consolidation as well as a subsequent analysis are essential.
Continue reading by clicking on the arrow on the right side of the screen.