Recently we hear about large SAP accounts being accused of not paying license fees to SAP for accessing their system using third party applications. The most known example case is SAP vs. Diageo from February 2017 (click here), but more recently another case has made headlines. SAP is accusing brewing company Anheuser-Busch (click here) of similar practice. In SAP jargon this is called “Indirect Access” and we, at Xpandion started hearing about this from our customers around the world approximately 3 years ago. Being that we are a software vendor used for optimizing SAP licensing, we couldn’t ignore this issue therefore we created a special extension for Indirect Access so customers may assess their risk and know what they might face in case of an SAP audit.Continue reading
I’ll give you a minute to think.
Can you name three? Four? Your average SAP customer might list “employee,” “limited professional,” “professional,” or even “employee self service,” but these types are just a few of the wide range of licenses out there. The problem with not knowing your SAP license
There’s a tricky little process with an innocent-sounding name, and it’s something that goes on in your organization far more frequently than you’d imagine. Can you guess what it is? It’s called “IT Access” (AKA “Emergency Access”) – and auditors love it.
There comes a point in time when an organization discovers it needs additional SAP licenses or that its current licenses are no longer covering its actual needs.
In most cases, a deep analysis of a company’s SAP licenses is conducted before the actual SAP audit occurs. The organization receives a letter from SAP regarding self-assessment and the CFO orders an internal inspection. Then the gaps are revealed.
If your organization has run an SAP system for three years or more, you probably suffer from what we like to refer to as “Deceiving Authorization Roles syndrome.”
Whether you’re familiar with this pesky problem or not, maintaining authorization roles for a few years, adding and removing activities and authorization objects, and creating new ones and deleting others all create situations in which authorization roles have names that incorrectly represent their content. This can lead to SAP admins unintentionally granting users with the wrong authorizations.
Programmers, have you ever wondered what the fastest way to scare a business user is? It’s easy – just put a breakpoint in your code so that when someone uses it, the program stops and reverts back to code level.
This is a surefire way to freak out business users, SAP implementers and even SAP authorizations users. From our experience, there’s nothing scarier for a non-programmer than to think their software is “broken.”
“Leaving us so soon, Mr. Solo?” This famous quote might sound good in the movies, but in a business environment, the event of an employee leaving your company can cause some serious security issues if not treated properly. Let’s talk about why and what you can do to prevent these risky situations.
Two Types of Employee Leave
In general, there are two types of leave: planned leave and unplanned leave. Both are different and should be handled accordingly.Continue reading
Say the word “workflow” and most people would probably think you mean a step-by-step process that involves logistics processes or financial modules. Well… this is mostly true, but what about a workflow process for SAP licensing? From our experience, using a workflow here could lead to very interesting and surprising cost saving situations.
SAP Licensing and Authorizations Managers: How do you know that your final report is not relying on corrupted data? Maybe you have a software tool that analyses the data for you – but is any data missing or corrupted to begin with? How do you know?