sap license audit
DESCRIPTION
SAP Licensing is a challenging area for many SAP customers. One of the common challenges is that overrun of licenses is first discovered when SAP sends a request for the yearly license reporting. In these cases the number of licenses has already been reported to SAP and it is impossible to adjust the licenses according to the use of the systems. I would like to lay out a process that can be used for staying informed about the license usage so it is possible to reassign users to the appropriate license categories and purchase additional licenses at the normal SAP discount, if needed. The process is divided into 4 steps. 1. Define license audit processes and responsibility 2. Perform quarterly license reporting 3. Adjust users’ license category based on actual usage 4. Do the License audit reporting to SAPTRANSCRIPT
Compliance Designed WellAuditBot
AuditBot Overview• AuditBot provides…• expertise in intelligently identifying and responding to risks that impact SAP
System.
• So that…• organizations can automatically identify, manage and prevent Risks that result
in…– … user having excessive Access– … poor SAP security design– … risk due to security vulnerability– … costly audit findings
• We do this by providing…• a SAP Audit software solution that delivers precise, actionable and auditable
intelligence of control breakdowns across systems, processes and transactions
Automate Compliance
Improve Operations
Reduce Risk & Fraud
SAP Certification
Metropolitan Fire Brigade-Australian Government Agency
"This is a simple but very versatile software suite addressing all SAP GRC features and much more.
It is an ABAP suite fully incorporated with the SAP application." said Upul Prematunga, Manager - Financial Compliance at the Metropolitan Fire
Brigade-Australian Government Agency.
5
• “All the audit programs are written in ABAP Program”
• “All the audit logs are gathered and recorded into custom table for unlimited use
ABAP Based
No New Hardware
Quick Implementation
• “Solution can be deployed in SAP System on the exiting hardware.”
• Existing company resource can support the product
• “Solution can be implement Quickly some time even within one day.”
• “Training the internal audit team is quick as the report are one click execution.”
Architecture
6
• User who is authorized to perform operational-related and system administration / management roles supported by the licensed software, and has also been given the rights granted under the SAP Application Limited Professional Use
Professional User
Limited Professional
User
Employee User
• User who is authorized to perform limited operational roles supported by the licensed software.
• User who is authorized to perform the following roles supported by the licensed software, all solely for such individual’s own purpose and not for or on behalf of other individuals.
User Types
7
• What is the Number of license you have purchased Your License
Count
Assign License Type
User Count in the System
• Assign Proper license type to users
• User left blank are automatically assigned to Professional users
• Review the User ids in the System
Diagnosis
USMM Report on User with License Type
9
• “What is your Company Policy regarding InactivityCompany Policy
Review Frequently
Lock and Remove Roles
• Analyze the inactivity on regularly and lock users.
• User SUIM standard Transaction
• Solution can be implement Quickly some time even
User Inactivity
SUIM Report for Looking at User Inactivity
AuditBot Auto Lock Tool
User Inactivity
Cross System User License Classification
Duplicate Users
Role based License Assignment Transaction LICENSE_ATTRIBUTES
Transactions in Role Vs Actual Usage