Ensuring compliance through the USMM and ServiceNow
If you enjoyed the webinar, check out our eBook – SAP’s Hidden Treasures: 12 USMM Gems You’re Missing Out On.
If you manage SAP licenses, you’re probably very familiar with USMM – SAP’s required tool for annual software audits. But are is your organization aware of the helpful data that lies beneath that dense encoded file?
Join Anglepoint’s experts and our friends at ServiceNow for our webinar on how to help ensure your organization is in compliance through USMM and ServiceNow. We will be answering the important questions and providing a deep dive into how you can get the maximum value outof USMM, SAP’s tool.
Here’s a high-level view of a few points we’ll cover:
- Understanding USMM and how to perform a health check to ensure measurements are correct and accurate.
- Avoiding surprise measurements and Avoiding confusion if inaccuracies are present.
- Accessing valuable data to stay ahead of your next audit.
- Using ServiceNow to enhance your data collection and to optimize your information.
- And more…
Watch the webinar today!
Meet the Presenters
Welcome to our webinar where we’re going to discuss how to get the maximum value from the USMM. As we go through the presentation, we have a few polling questions just to warm up the crowd, so to speak. And we’ll go through introductions first.
So I’ll introduce myself and then we also have with us Akash Mehta from ServiceNow. So, we’ll do a couple introductions and then we’ll move on to the polling questions.
So, my name Jeremy Tarwater. I’m the director here of our SAP practice at Anglepoint. And my background is I was an auditor for SAP in 2010, basically to 2014, 2015.
And then I joined KPMG where I worked in the software asset management space there, helping customers implement Flexera and Snow and other tools and helped build their software asset management program. And then I joined Anglepoint where I’ve now been focused primarily on SAP and supporting ServiceNow and helping ServiceNow and creating their tool around SAP and yeah it’s a great place to be.
Lots of opportunity within SAP and its licensing, opportunity for optimization, cost savings, cost avoidance. Yeah, looking forward to the presentation today. Akasha, if you want to take a couple minutes.
Appreciate it, Jeremy. Thank you very much. Akasha Mehta I am an inbound product manager With ServiceNow.
I’ve been with ServiceNow for about eight and a half years. I’ve been in the asset space for over 20 some odd years doing mostly implementations even at ServiceNow. I came from expert services implementing the asset management products whether it be hardware asset management or software asset management.
And then last year, moved into a product management role. And so, to take that experience and bring it to helping continue to mature the product and improve the overall software asset management product for everyone. Working with our different sales teams and customers and, internal folks it’s been a lot of fun and I had an opportunity to work with you a few times, especially on this last release.
And so that’s been a lot of fun as well.
Excellent. Thank you, Akash. Quick agenda and then Braden, if it’s okay, we’ll move to our polling questions. And really what hopefully we get out of this webinar and the focus of why we’re talking about the USMM is we realized quickly that a lot of our customers want to get some quick value, right?
Software asset managers want to get some quick wins. They want to get quick visibility. And then if they can discover that there’s room for opportunity and room for improvement, then we can talk about a broader project. And the USMM is really where we believe our software asset managers who don’t have a whole lot of visibility, or people who want to just get some, quick wins for SAP, you can start with the USMM.
As we go through this agenda, we basically have two different, for every one of these topics, we’re going to be talking about those quick to market, quick to win, high value, low effort.
And then we will have the ServiceNow component where we’re going to talk about long term. If you want just a quick win, of course the USMM can help you. The ServiceNow tool on the other hand, is a longer play where you’re going to implement this product and it will help you implement processes that will help you manage the license in perpetuity.
So with that, we’re going to look at users within the SAP system, how the USMM can help you find that. Same with ServiceNow the audit relevant clients. So why that’s important and why customers should pay attention to that. And again, where you can find that in ServiceNow, the USMM Health Check.
So basically, there’s a variety of different data points that you should be reviewing in the USMM. Again, similarly in ServiceNow, you’ll find the same type of data points. We’ll talk about inactive users, engine measurements, and then hopefully we have some time for Q&A at the end.
Number one, do you understand how to interpret the outputs of the USMM and the LAW reports? Yes. No.
All right. It looks like we split it pretty even a third. Yeah, so that’s good. Hopefully this presentation’s going to help get more yeses. But of course, if the answer is no for you or ServiceNow and Anglepoint, excellent places to look for support in, interpreting those outputs.
All right, next one. Has your organization ever terminated any products or contracts with SAP? Yes. No, or I don’t know.
All right. So the reason that we wanted, we were curious, the population that was joining this presentation about this particular topic is, that there is quite a bit of confusion whether you can terminate products with SAP or not.
And it’s something that we help our customers with pretty regularly. We were curious who has experience with it and who doesn’t, and who doesn’t know, so yeah.
Great. Let’s go ahead and dive in. Thank you for your responses. We appreciate those responses. And hopefully it’s, like I said, hopefully it’s warmed up the crowd a bit.
SAP USMM: How Many Users Are In the SAP System
You’re awake and ready for what we’re going to share with you today. First topic here is how many users are in the SAP system. As you can see, this screenshot is from the USMM one, so the very first USMM and now there’s USMM two, and so there’s different versions, so I don’t want anybody to get caught up on the screenshot here.
We’re talking about how to find users in the SAP system. Now, when we compile an audit report for SAP, you dump it into the LAW. The LAW is a consolidation tool where it takes the USMM data and dumps it into a funnel, if you will, and then it spits out a consolidated report where it tells you how many unique users you have and the licenses they’re consuming.
However, before you do that, within the USMM, you can see how many users are in each system, and you can collect all sorts. Good data, interesting information, useful information to make changes in the USMM per system. First and last names, email addresses, user types, license types, finding duplicates in the USMM.
You can do that, right? You can look and see, okay, I’ve got my user IDs, do I have duplicate email addresses? And if you do well then maybe you need to change the criteria in the LAW tool on how that consolidation is being done. There’s a treasure trove of information in the USMM. As it relates to users, and we always encourage our customers look in the USMM first and evaluate those users in that system first.
And do that by system. And then once you’re comfortable with that, then you can move them into the LAW and consolidate and provide your reports to SAP. So, with that this is quick, right? This is. Should be done annually for sure on an annual audit basis. But this can be done monthly, weekly, whatever you want to do.
We wouldn’t recommend any more frequently than that. Just because things don’t change that quickly. But looking at these users is the bread and butter of what the USMM can do with that. Akash, take us through the ServiceNow.
Yeah. And that’s very important to be able do.
You’re probably doing this on an annual basis already, just because from an audit perspective, but to be able to see that on an ongoing basis. And that’s where ServiceNow and the integration that we have with the, with SAP to bring that data into ServiceNow so you can be able to see that in an ongoing basis.
You can see that information, especially for, let’s say your software asset managers who may not have that visibility into SAP. All the time that you have that single pane of glass to your entire software asset management landscape, right? And SAP for a lot of customers is a large portion of that landscape.
We do we have an ABAP program, which I believe the link to that in the ServiceNow store has been posted. We have an ABAP program that gets deployed on the SAP. And one of the programs that runs is capturing the individual or capturing the users from each system and bringing that into ServiceNow.
So, each particular system and the users associated to it. And so we’ve got a couple screenshots. Obviously, they’re small, but the users that you have there the engine usage, things like that, which we’ll get into down the road. Additionally, we have some optimization on our optimization dashboard.
So some of the things to look at is inactive users, locked out users. Again, we’ll get deeper into that in the in the presentation. But we have a lot of those already preconfigured to identify those. So you can see that more on an a more frequent basis versus, on an annual.
Awesome. And I think that it’s very clear here, the USMM to get to the USMM, you have to have an SAP license. You have to have SAP access, you have to have the proper authorizations to get into that system and collect that data. Of course, most software asset managers don’t have that access.
They’re not going to have that regular access, and so they rely on, basic admins or security admins to get them that data. That’s why a tool like ServiceNow is so important for software asset managers on a long-term basis, that if you want access to this information on a regular basis, whenever you want to see it, this is the best way to do that.
Unless you’re really small organization and it’s really easy for you to get access to those SAP documents it’s going to be easier in the long term to do it this way. Having said that I think that hopefully we’re making that clear, right? Short-term gain versus long-term play.
SAP USMM: Which Clients Are Relevant For Audits?
Yeah. Next one. Which clients are relevant for the audit? So, this is really important. A lot of our customers struggle with this, where they’re including clients that are referenced or they are not relevant to the audit, and it adds users to the measurement. And so, it’s really important. This is a really easy one where customers can go in and make sure that when you’re running the USMM, you need to make sure that only the relevant production or in development case, only the relevant development clients are selected.
I’m not going to go into what a client is or, dive into the technical aspects of an SAP system. Just suffice it to say that when you are looking at a USMM report that you need to pay attention to which clients have been selected so that the report that pops out once you run the measurement is accurate.
It’s correct. It’s not over-inflating, what your user population is or what the engine measurements are. So pretty simple one here. Akasha onto you.
And kinda like what you just said, right? We want to make sure that we’re utilizing or we’re calculating this off the relevant systems relevant clients.
We utilize the RC program in SAP to identify what we want to bring into ServiceNow. We automatically bring in development, QA, QE production systems. But when we are doing the reconciliation, we are only taking into account production and development for, users and so on and so forth, as well as the engines on the production side.
That’s what we’re really calculating against, but we do want to see those other clients, what users are associated there and what kind of assignments that have been given and so on and so forth. We do identify, we do bring in all of the data because that is your landscape. But then we do specifically identify through the reconciliation, through the optimizations more those relevant type of clients.
SAP USMM Health Check
Yeah. That’s awesome. And I think what I’m hearing is you cast a much wider net than you need to make sure that you’re collecting everything, which is fantastic. It’s a great approach. It’s what we recommend for all of our clients.
All right. Next one. USMM Health Check. So there are a bunch of different data points that we recommend that our customers look at to make sure that the measurements are correct.
And again, what we’re trying to do is help software asset managers or people managing the SAP licenses. We’re trying to help them gather data points that could be indicators for problems, issues, and things that need to be fixed and corrected. Now, I’ve got them listed here on the slide.
We’ve got measurement data. We want to make sure that, that measurement has been run within 30 days if it hasn’t. So, you’re working with your team and they pull the data and they send it to you.
You want to look at that measurement date, and if it’s not within that 30 day period, first of all, SAP usually doesn’t like that. They don’t want to see that. They want to see it more recent than that. But also, you want to work with data as close to up to date as possible. So ideally within, just the last few days or whenever you requested the data from the basis admins or security admins, but check that date, make sure that it’s relevant.
Background jobs. So it’s very typical that we look at USMM reports and the, they’ve been pulled or you’re looking at data where background jobs didn’t complete successfully, so there will be an error or there will be, it’s still running or it’s delayed, or whatever it is, or it didn’t, it just didn’t run successfully.
You want to make sure you go through the engine report and make sure that if there are errors or if there are problems with the engine being run. That, you follow up with that and you figure out, okay, do I have notes that need to be applied or do I have to wait longer for the data to be pulled or what have you?
But you want to make sure those background jobs were completed successfully. The other thing is stamp dates for engines. So, as you can see from this screenshot on the right, you can see those stamp dates from 2013. Most engines should be a calendar year or a rolling 12 months. So, whenever you pull that, you want to make sure that if today is 2013, obviously these stamp dates fit, right?
It’s exactly what we would expect. But if it’s 2022 and you pull this report and it says 2013 on it, that’s an issue. That’s a problem. That means it’s pulling data from, way back when, which obviously isn’t relevant and needs to be corrected. The price list selection. We want to make sure that’s consistent across all of your SAP landscape.
So, as you’re going through the USMM and you’re selecting the different criteria, inputs to pull those data points or pull the report, you want to make sure that the price list is selected. So, price list is a little bit of a misnomer. Priceless. In the normal environment it’s about pricing.
It’s units and metrics and the products and how much they cost and all that. Goodness, that’s not what we’re talking about here. Price list refers to a type of user that a customer has purchased from SAP, so it’s usually within a certain date band. 2010 to 2015 would be SAP application users, for example.
And so then we would make sure that the USMM has that price list selected. The reason it’s important to make sure that’s consistent across all of the different systems is that when you start looking at the users and which licenses they’re consuming. If the price lists are mismatched, you may have duplicates.
So, the licenses won’t consolidate together correctly because the hierarchies are different across priceless. So that can cause issues when you finally consolidate it within the LAW, where SAP may count multiple times, or there may be, some incongruencies around how the users should consolidate in the hierarchy of the license types.
So, make sure that those price list are selected across the landscape that will help. With the overall health of your USMM report and being accurate and complete, and making sure that you’re going to be able to identify truly how many licenses are being consumed over your SAP landscape.
From a ServiceNow perspective, for each individual system, we do gather engine data as well. We identify first thing is those engine metrics as part of our content library is downloaded directly from SAP. A lot of the information that you were showing around those metric IDs and so on and so forth, that information is stored in ServiceNow as well as content data.
And then when we bring in that engine data to create a usage record, what we call a usage record in ServiceNow, we will go ahead and generate a new software model for it to allow you to identify a software license against that software model so you can do the reconciliation. It gives you the ability to take a look at that engine usage and then see where you are from a usage perspective against what you’ve purchased from SAP.
Additionally, we also have where we are tracking, because we’re pulling this down on a typically on a weekly basis, we are identifying anything that is reaching 90% or above, right? So, you can take a look at that over time and see where you are from an engine usage perspective.
SAP USMM Inactive Users
Yeah, that’s great. This next section here is probably where I we find the most opportunity when we start talking to our customers who don’t have a whole lot of visibility into their SAP landscape. It’s last log on dates. It’s inactive users. It’s trying to find users that are in the system. Who just don’t use it.
SAP licenses are very expensive, so we want to make sure that we minimize the number of users that are in the system who are not using it. Now, if there are any SAP security people on this call, or people familiar with how SAP works, there very likely is already a process in place. There are already settings in the SAP system that will automatically remove users after, 30 days or 60 days of inactivity.
And that’s totally great and it works for the most part. However, I have yet to see a customer that has that process and it’s perfect where we don’t find inactive users. This is a really easy low hanging fruit where you can look at the USMM report, which has the last log on dates in that report.
You can look at it and you can just simply filter and see, okay, how many users don’t have log on dates or haven’t logged in a long time, and you can select that date. You can base it on whatever you think is a proper time period. What we recommend for our clients is usually a 60-to-90-day period.
Somewhere in that range balances an aggressive approach where you’re pushing users out that you don’t want to pay for with a conservative approach of making sure that we’re paying what’s due to SAP or we’re properly reporting what is being consumed now.
If the log on date is not there, that’s a different discussion. You’ll probably have to reach out to your SAP security team and discuss why these users do not have log on dates. A lot of times it has to do with some sort of technical configuration where those users don’t get a log on tracked. Like it doesn’t track the log on when they go into the SAP system, either from, their front-end system is a little bit different or the backend system is a little bit different, and so therefore, just because the log on date is not there, it doesn’t necessarily mean that you can remove those users from the SAP system.
Having said that, I think that this is, if nothing else comes out of this, is why you should pull the USMM reports as a quick win, right? Pull the USMM reports. Look at the last log on dates. And if you find 5000 users, 3000 users, 2000 users, however many users, if you find any users with last log on dates larger than 60, that 60 to 90 day period, that’s a quick win.
You can say, “hey, Mr. Security person or Mrs. Security person, please go through and remove these users on this system.” And hopefully once that all consolidates together in the LAW, you’ll reduce the license types or reduce the overall users in your environment. Akash, I’m sure that there’s lots that we can learn from not just the last log ons, ServiceNow tool.
Take it away.
So definitely for the inactive users, we identify that from a 90-day perspective. This can be configured if you want to shorten that up or whatever, but these are what you’re talking about, the low-hanging fruit. This is especially useful for our software asset managers that don’t have access to SAP and can see this information.
And then you can run processes against that on the ServiceNow side. Whether you want to create a task for your SAP team to go do something like those security folks, create those tasks and the workflow to be able to handle this. Updates on the SAP side. We don’t directly update SAP to do any of this.
But we do, we have the ticketing engines and the workflow engine to be able to task this stuff out to the appropriate folks. But, because we’re gathering that data, we’re able to see that over. This is one of, definitely one of the indicators that is helpful to our customers to identify those inactive users.
Additionally, if you have locked out users or something like that, that we identified those as well.
Yeah, and just a quick anecdote we had a customer who told us “look, all of the users in our SAP system are active for sure. They all need licenses. If they’re in there, our security team does a good job and they remove all of them.” Come to find out that the process that they had in place was around the employee status.
So when a user left the organization, their status within the HR environment was set to terminated or, whatever that flag was, and that is what kicked off the system to go in and remove all their authorizations and their access and then, remove them from the system outside of that, the user was there in perpetuity.
We ended up running these reports and looking at it. And we identified that they had over the past 25 years of this SAP system that they had somewhere in the range of 15,000 clients or contractors, people that were not employees who were still in the system. And because they were not employees, they didn’t get that flag of termination.
Their contract ended and they left, but they weren’t in the HR system, and so they never got that flag. So, it just accumulated and grown. They couldn’t believe that they had that many users. But it also made sense because when we pulled the reports and we started adding up all the users, we saw that they had more users in SAP than they had employees and they just could not understand how that was even possible.
I’m sure even that as you move from role-to-role and the type of things that you’re doing, even if you haven’t been terminated, right? You just moved from department-to-department role to role and your job function changes, right? And those are also things that you want to make sure if they’re just not using the system, who are those users? And can we apply those can we give that to someone else, right? Those particular licenses.
SAP USMM Engine Measurements
Yeah, totally agree. Okay, next section. So, I know we talked a little bit about the engines and the stamp dates, but this section is becoming more and more problematic for our customers.
SAP has been updating the USMM for years. And it used to be that for the most part, the engines didn’t collect a whole lot and the things they did collect weren’t necessarily usable. As you can see here from little screenshot, there’s basically three types of measurements that you’re going to get for engines, relevant, not relevant, and threshold value, which basically is an indicator and not relevant.
There was a lot of them, and relevant. There wasn’t that many. And then these indicators, they were there, it usually didn’t 100% mean that they were licensable actions, but that has changed over the years. SAP has been doing a better, much better job of updating their USMM functionality so that it’s collecting more and more engine measurements.
We hear from our customers all the time, “we’ve done this every year. We’ve never had a compliance issue with our engines, and now all of a sudden, the USMM is measuring something new. It’s collected this data that it’s never collected before, SAP’s never asked for it before, and now all of a sudden we’re being hit with a compliance finding.”
The reason that this is a quick win is that you can look at the USMM and look at the engines and if any of them are on there that weren’t on there in the previous years or any that you don’t recognize. It’s really important that you go through them and you find out, okay, what is this measuring?
You go on the SAP portal, you find those customer information sheets, you open it up, find the engine ID. Figure out what is this measuring, what is it trying to tell us, and what possibly could it be telling SAP about your usage of their software. So, this section it’s becoming more and more relevant for our customers where, it’s new functionality, things are being updated.
The USMM is updated with patches, right? So as anytime your IT environment is being upgraded or updated or patched or bug fixes or whatever, a lot of times the USMM functionality is included in that so that it automatically updates. Just make sure that as you go through the USMM pay attention to the engines, try to find any engines that are inaccurate or new to this version and compare that against your entitlements to make sure that there’s no compliance issues. ServiceNow does very similar work here as well. Akash.
Yeah. Very true. So we do, like I said previously, we do download those license metrics from SAP specifically, so any changes to those particular engines we’re going to bring that into ServiceNow from a content perspective.
And then your software models if they’re being used, we’ll reflect that as well. The good thing, what you were saying is if there’s new things that are being captured, we’ll generate the software model for that. We’ll generate the usage record for that, but we’ll also identify that from a reconciliation perspective.
Hey, you have engine usage that you don’t have an entitlement for. So it’s a quick flag to be able to see that now you can run reconciliation anytime. You don’t have to wait till that yearly audit to find these things, right? So those are definitely things that you can now start to, to look at and figure out, okay, what is this new particular indicator, what is it measuring, and then, what do I need to set up on the ServiceNow side to make sure that we are compliant with that new engine measurement?
Yeah, and this is really awesome functionality. Engines, as I mentioned they’re tough.
And on our team, we have accumulation of probably 30 years of SAP audit experience between four of us. And I think that, we still, every time we work with a customer and they don’t have a tool like this, and we have to go through the engines, it takes a lot of time.
It’s tough. Yeah. And we’ve got to go through it. And these types of tools really do speed that up once they’re installed and they’re ready to go. Yeah. I love it. It’s great.
All right, so optimization, Akash, I’ll let you start. Yeah.
ServiceNow SAP Optimization
So again, we’ve been talking about a lot of things that you can do currently inside of the USMM you can do or maybe with other tools and so on and so forth. To bring that data in to identify some of these issues. We would also want to identify like we are continuously adding new functionality and new capabilities on the ServiceNow side.
And one of those areas that we continuously look at is anything we can do to optimize your different publisher packs different spend with vendors. So we do have specific publishers that we’ve created, optimized capabilities for, so what can we do with some of that? A lot of it is what we’ve talked about, the low-hanging fruit, inactive users and locked out users and so on and so forth.
But we do have a couple of optimization rule engines that will help identify based off of your role mappings to the named user assignments. Looking at all of your different systems, what is the most optimal named user assignment for that particular user?
Are they using the correct name of the user assignment that has been identified with the transactions that are also being looked at as well? So we do bring in user transactions and you can identify. Your minimum transactions that you would like to, that, that need to be executed for that user to keep their, that named user assignment, right?
Being able to look at some of that data and identify those pieces also helps with hoping that you’re reducing your overall spend or optimizing your overall spend with SAP and with your different publishers. Like I said, we have this for a lot of our different publisher packs that we support additionally with the transaction data we’re also identifying indirect access with that as well.
So if there is any potential indirect active access, that will be identified in the reconciliation. So it’s not necessarily on this particular screenshot, but that is in the reconciliation dashboard as well.
So those are kind of things that we’re looking at from an optimization standpoint to not just make sure you’re not overspending, or identifying those areas that are quick wins, but also identifying areas that you might be able to reduce some of that spend going forward.
Awesome. And I think that just to circle back from our original kind of framing of what we’re trying to do here is. Quick wins. If you don’t have any visibility into the SAP environment, or you’re just starting now to evaluate where you are with your SAP licenses, go ahead and pull you those USMM reports at a bare minimum, they’re already there.
They’re already available, so you can reach out to the basis team, and they don’t even have to re-pull it per se. They don’t have to redo the measurement. You can just say, “hey, send me whatever you did in the last audit, send it to me and let me just look at it.” And that is, and then follow these steps we’ve talked about.
Look and see if you can find any issues in those reports. And if you do, then you know, okay, first of all, you can take, pretty quick steps to find that low hanging fruit. But also, now there is a business case for a tool like this that you take to your leadership and say, “hey look, we need to have better visibility into this SAP environment from a licensing perspective.”
And, you can show some of the data points that you’ve found in those USMM reports to justify your position and why it’s so important. What we’ve talked about from a USMM perspective, those low hanging fruits and, simple things that you can do. ServiceNow will take you to the next level.
It’s not going to do just the simple, easy optimization tasks. It’s going to take you to the next level. It’s going to give you role information, it’s going to give you transaction information, it’s going to give you a lot of information where you can take that and make actionable goals, and you can assign those tasks out, and you can make sure that.
You’re not just doing the simple, easy, low-hanging fruit, you’re taking it to the max, to the next level. Fantastic presentation. Thank you for that Akash. So with that, we do have we ended pretty much right on time. At least we now have time, at least for Q&A. It does look like we have a few questions in the Q&A that Akash has been answering via the typing, which is great.
Does SAP accept data outside of USMM for audits?
I would actually like to pull a couple of them that you’ve already answered, Akash, if that’s okay. And we can talk about there. So one of them is does SAP accept any data outside of the USMM for their audits and Akash, you already wrote it. They do not. And that is pretty universal for SAP.
They pretty much do not accept any data unless it’s been requested by an auditor, or it’s been produced from the USMM reports. And the reason I say that it’s whatever is asked for is because during even basic audits or enhanced audits, for sure, SAP is going to more than likely ask for more than just the USMM report.
They’re going to ask for more. They’re going to ask you to fill out, processor core worksheets, self-declaration reports, LMBI tool for business objects, HANA reports. They may even talk about cloud and some of those measurement statistics as well. But for the most part, or not for the most part, absolutely.
SAP doesn’t accept anything except for their own stuff. Now, that doesn’t mean that you shouldn’t use a tool to help you optimize what gets be back to SAP. We absolutely recommend that wherever or however you can get the data to make better decisions and optimize the licenses, absolutely you should.
And I think that SAP, obviously they’re investing in their own technologies. They’re investing in their own resources that you can get them to come and help you manage your licenses. But ultimately, at the end of the day, SAP and their customers, they want to make sure it’s right. We’re not paying for stuff we’re not using, and we’re not underpaying for what we are using.
So as long as that is the ultimate goal that we’re trying to get it right, it really shouldn’t matter where the data’s coming from or where the actionable data points are coming from. As long as that’s the goal, we’re trying to just get it right, everybody will be okay. Hopefully that makes sense. Akash, did you want to pick another question out of the hat here?
It looks like we have a few open ones.
Is SAP role-based optimization the same as the transaction license attribute?
Yeah there’s some open ones. Like the role-based optimization, is that the same as transaction license attribute? So the role-based optimization is I’m not a hundred percent sure about the license attributes thing and that might, you might be able to answer that.
But we have two concepts. We have a transaction-based optimization, which is our reclamation candidate, and we identify transactions and minimum transactions to help identify, whether or not. We want to reclaim that particular named user assignment. And then role-based option optimization, which is a little higher level.
We’re looking at your mappings between named user assignments and the roles that you have at that for your organization. And then based off what assignments have been given, what roles have been given within each different system for that user who can help identify any optimizations from a role perspective across those systems.
Yeah, the license attributes is slightly different. The license attributes side of the SAP tool, it really is just giving the customer an opportunity to assign a license type for a particular role that they have.
And, The good part of that is that then as, as long as that role is assigned to a particular user, they automatically will be assigned a license type in the USMM. The problem with that or the issue that we’re seeing with just using that functionality in your SAP environment is that it’s difficult to maintain.
So what ends up happening is that customers will go through and they’ll assign all their roles and they’ll say, okay, we’ve got it all figured out. And then as we run the reports and things need to change or roles have changed, or the license types have changed or something like that, you would have to go back through and make all those adjustments.
And make sure that those mappings are accurate and correct for what licenses are actually being consumed. So we see that as a pretty big challenge. It’s tough for customers to do that on a normal, regular basis. On top of all the other work that they have to do to maintain and manage their SAP environments.
Going through all of the roles that have been assigned to the license types just adds to the complexity and difficult nature of managing those licenses now within a tool like ServiceNow you can do that. It’s more fluid, right? It gives you the opportunity to do that on a more, more regular basis.
And you don’t have to have an SAP security expert there to walk you through it. It has some functionality within there that will help you make those determinations on the fly. And it’s not hard coded into the USMM, which means that. If things do need to change, you can change the license type.
That’s another issue that we’re seeing is even if you go through, let’s say that you find some issues with the USMM report and you want to change a particular license type for a user. If you go in there and you change it manually, as soon as you rerun the USMM and those license attributes, assignments are done in the backend, it’s going to overwrite that, that manual adjustment that you’ve already made.
So it changes your ability. It restricts your ability to make optimization changes when you use that functionality, the license attributes. So it’s the same, but it’s also very different. Hopefully that helped answer that question.
What is a locked out licensed SAP user?
Okay, so next one. What? This is an easy one.
Akash, if you don’t mind, I’ll just answer it and we can move on. What is a locked out licensed SAP user? So SAP has, just like with, your Google accounts or any of the other accounts that you have, if you try too many times you’ve put in the wrong password too many times it will lock you out.
SAP has the same functionality, so if there’s a bunch of different types of lockouts, but if you haven’t logged in for a certain amount of time, that could be part of the process that the SAP team has put in place that if you haven’t logged in, they’ll lock your account first and they’ll let you sit there locked.
Until you reach out and say, “hey, can you unlock me?” Or whatever. And then they’ll decide to remove you. The other option would be incorrect password. You type it in too many times, it kicks you out. Could be that you are on leave of some sort, you’re. You’re on sabbatical or something like that and your account is locked.
The important thing that I want to point out for locked users is that SAP still counts them for licenses. So, if your organization is using that locked feature and you think that is going to reduce the amount of licenses that user will consume, that is in. So, the only thing, the only metric that our data point that you want to change if you don’t want to pay for that license is their valid date, valid through date.
So if you have a particular users that’s been locked and terminated and you know by whatever policy that’s in place, you have to keep that person there for, 30 days or 60 days, or if it’s longer than that. If it’s longer than 60 or 90 days, I would recommend that you proposition to your policy creators, whoever wrote that policy, that lock is not the right way to do it, that you need to do valid to or valid through dates.
Hopefully that answers that question. Looks like there’s one more open one I can attempt to, yeah.
So essentially what this is talking about is the in scope systems. When an audit comes from SAP, they will send you a file and that file will have, all of the in scope systems, you can get that same information from the SAP marketplace.
And coincidentally this is always a sticking point with our customers. Again, I’ve never met a customer or worked with a customer in, 12 plus years that had this absolutely correct, where all the systems that were active relevant for audit were matched what was real and what was on the SAP marketplace.
So SAP does recommend that you maintain that on a normal basis. You go through the SAP marketplace, and you identify which ones are relevant, which ones are not. I guess the question here is, does that information integrate with ServiceNow to, reconcile? Okay, these are the right ones, and these are the wrong ones.
I’m going to say, first of all, the ServiceNow isn’t going to be able to tell that, right? So if SAP is looking for a system and it doesn’t exist and it’s not in the ServiceNow tool isn’t going to know why it’s not going to be able to correct, look into that crystal ball and say it’s been deprecated, or, who knows where it is, but it’s not here.
But at a bare minimum, if you implement the ServiceNow tool, it definitely will tell you which ones are pulling data, which ones are active, live and there. So I guess in that way it integrates, but it, at the same time, it’s not going to reach out and pull that that report from the SAP service marketplace.
That’s exactly. All right, good. I’m glad I guessed on that one. No, you did. Just joking. I’m just joking. Awesome. It looks like we’ve answered all of the questions either in typed out form or verbally. So if there are no more questions, I don’t think we need to belabor the point.
Braden, anything that we need to do to wrap this?
Yeah. Yeah. This. Thank you both so much by the way. Great presentation. Thanks to everyone who attended as well. Great questions, great participation. We really appreciate it. Just want to remind you again that we are going to be sending the recording out tomorrow.
If you have more questions or are looking for more clarification, you can reach out to Jeremy or Akash directly, or you can reach out to us at email@example.com. But that’s all we’ve got for you today. Really appreciate it, and I hope y’all have a great rest of your day.
Great. Thank you all.
Thank you, Jeremy.
Yep. Thank you all. Talk to you soon.