This E-3 Special is available for download at the bottom of the page.
Let’s start with a definition: which term is better suited to the challenge – licence management or software asset management? Carsten Lang clarifies: “In German-speaking regions, we have long since moved beyond the term ‘licence management’, which does not come close to describing the responsibilities of the partners entrusted with this task.”
It is not only in the SAP community that software long ago became one of the largest cost factors in modern organisations and demonstrated its importance as an asset. “Rather than ‘software asset manager’, however, I would prefer the term ‘IT asset manager’, as it is not just software but also services, hardware and other factors that fall within the scope of an IT asset manager’s job profile,” Lang explains, and adds: “I could even see the term ‘IT asset and security manager’ used here in the future, as all forms of threats made possible by the use of today’s software and technologies intersect in this position. If an organisation doesn’t know the software, the releases and version and the patch level that it uses and if you are not able to identify who has installed software without authorisation on the company’s own or hosted devices, it’s almost impossible to identify relevant deficiencies or to control them without IT asset management.”
Starting with R/2 via ERP/ECC6.0 all the way to S/4, the existing SAP customer is seeing not only a fantastic increase in functions and business processes, but also concomitant growth in complexity and networking. Transparency in IT assets and optimisation in the resources deployed are therefore a matter for the entire C level in the company. “At the moment, I see the greatest challenge in the area of transparency,” Florian Ascherl emphasises in the conversation with E-3.
“It’s still the case that responsibility for IT asset management is split up at a majority of the organisations that I know. The licence and software asset manager generally does not bear the responsibility for surveying the SAP system landscape – or if they do, it’s only been for a short time. What’s more, based on our experience; they have, at best, a superficial understanding of the related processes. In most cases, we find the responsibility for SAP licences and measurement located in the area of the SAP organisational unit or in the IT procurement department of the company.
The management of SAP licences is thus a relatively new challenge, even for experienced managers, who now have to deal with the history of the lists of price and conditions, terms and conditions, software use rights and, where necessary, with special licences and side agreements.”
One difference to other software providers is that SAP provides measurement tools as standard. KPMG senior manager Ascherl explains: “But – and this is not a fault of SAP – the best tool that establishes a standard can, of course, not identify any individually agreed contractual constructs and use rights without any adjustments if it cannot learn this in functional terms.”
Practice shows that some heterogeneous licence metrics and models are used in the company for one and the same product, and only those people who have worked in the SAP organisational unit for years are well informed about this. “Transparency, however, is the prerequisite for compliance,” defines Florian Ascherl.
“This forms part of the responsibility of the licensee. Compliance for its part is the indispensable prerequisite for successful and sustainable optimisation. When you look at it in detail, it quickly becomes clear that it would be more sensible to establish appropriate functions and IT asset management governance already while the SAP software is being introduced, in order to be able to respond effectively to requirements for IT asset management that result from the IT strategy.”
Looking back, the question is raised of whether governance and compliance are a trigger for a re-evaluation of the issue of IT asset management. On this, KPMG partner Carsten Lang says: “Software producers developed the first compliance programmes as the global market became saturated. Governance played a fairly insignificant role in this process. Governance was for end customers and outsourcers de facto the logical consequence of the growing number of manufacturers who confronted companies with a verification of their portfolio of licences and a comparison of usage and acquired usage rights.”
And Lang also believes that the issue has been given increasing importance with the evolution of IT infrastructure. The road goes from business enablers to business drivers in the form of today’s heterogeneous system landscapes with a large number of software products in use. Virtualisation, cloud and storage technologies, coupled with statutory retention, data protection and current security requirements have also added to the complexity.
“20 years ago, I, like many of our customers today, knew only vaguely which business possibilities result from the use of SAP software,” summarises Carsten Lang. “At that time, IT asset management and compliance were not actually an objective pursued on a long-term basis for any customers or manufacturers that I knew. In my opinion, however, this was the result of the organisational structures at the time and the focus of the users on the strategic business objective and their own core competencies. Technology was at most a means to an end here.”
The targeted use of software to support a company’s business operations and to increase its internal efficiency has developed into an issue of growth. The deals were a matter of prestige for the sales representatives as much as they were for those who were able to successfully complete a larger-scale implementation project in an organisation.
“Compared to today’s situation, the technical possibilities which were used at the time within the framework of predominantly homogeneous system landscapes can be classed almost as prehistoric,” Carsten Lang explains. “With their all-encompassing portfolio of business possibilities, SAP systems were the ideal front end for customers to tackle the step to automation and business process management. It was simply not the time, so to speak, for thinking profoundly about licences, let alone for establishing an appropriate organisation and structures.”
The KPMG approach
What does KPMG recommend as the best possible licence strategy for compliance, transparency and optimisation? “Time and time again I discover that the cause of risks in the handling of licences, regardless of whether these involve SAP or other licences, can be found in the lack of governance structures,” notes Florian Ascherl, drawing on numerous discussions with clients.
The multi-stage model shows the following: without governance there is no transparency, without transparency no compliance and without compliance no optimisation. “The origin of all potential inconsistencies lies in the issue of establishing appropriate processes and structures that were discussed at the very beginning and then later ignored. This is based on the evolution of the technical infrastructure as we know it today and the transformation of software from a tool that reduced workload to an important asset of the company.”
What’s the next step? “If you don’t know the existing licensing contract structures or your contact partners in your company who manage the flow of a software lifecycle, then you should consider establishing a governance model,” recommends KPMG senior manager Ascherl. “This is the only way that the CIOs can also get the information they need to efficiently follow up on the IT strategy and to ensure compliance and cost efficiency. In principle, we advise every client to carry out an objective self-assessment and to benchmark themselves against competitors in order to identify whether comprehensive IT asset management management is necessary.
“For smaller companies, it would be advisable to draft ‘pin to your desk’ rules, which employees have to adhere to as binding, or alternatively to seek out a partner to take on certain activities and who can provide specialist knowledge in support. These high-level rules alone can help to contain massive licence risks. Otherwise, we are available to answer questions and provide support for clients to organise themselves in a maturity model and draft a suitable, cost-efficient strategy.”
The issue of under-licensing, over-licensing and relicensing is omnipresent in the SAP community. What can be done? “Our recommendation for efficient IT asset managment is to begin by looking at the contracts entered into with SAP,” explains Florian Ascherl. If special use rights have been agreed on, such as configurations or (partial) termination rights, it is naturally incumbent upon the respective client to make use of these rights. It is recommended that the future IT and corporate strategy is kept in mind: “Is there an option to reuse licences that have not been used somewhere else?
Are any rollouts coming up for which the licences can be used to save on future purchases? If there is no option to use them, I tend to advise clients to discuss together with SAP the extent to which existing licence rights and licence rights, that will potentially not be used in the future, can be applied to implement planned strategic IT projects,” advises Ascherl, KPMG senior manager. In any case, the decision on the option and scope of the crediting of licences ultimately lies with the licensor. “In contrast to many other providers and in all cases that I am aware of, SAP has adopted an extremely customer-oriented approach,” notes Florian Ascherl, referring to his contacts with SAP.