We all know that when it comes to an SAP audit, it’s not a matter of if they audit you, but when. This may be of little comfort, but it does demonstrate the importance of being prepared. It is, after all, a better strategy to fortify yourselves before the opposition arrives, rather than defend yourself when they’re already at the door.
A longstanding customer of ours received the email that nobody wants. SAP was raising an audit against them. The organisation in question was already working with us, so fortunately it had someone on its side from the start.
SAP carried out its audit causing the expected amount of inconvenience, and ultimately raised one key issue.
Based on our customer’s self-declaration, SAP found them to be under-licensed across key areas such as payroll. Before continuing, the organisation would need to increase its licence grant and pay a fine.
SAP was also difficult in negotiations. The organisation advised that nothing had changed since its previous declaration. In fact, it hadn’t made any licence changes for roughly three years. If anything, it had reduced its usage, not increased it.
SAP unhelpfully replied stating that the organisation never sent the previous self-declaration on time, so it didn’t accept the issue as resolved.
After a lot of back-and-forth with SAP, we worked with the organisation as part of our ongoing third-party support relationship. Our team at Support Revolution have over 22 years of experience working with SAP and Oracle customers; our experts are well-experienced in SAP’s business practices.
We knew straight away that the error was on SAP’s part, and not our customer’s. We advised our customer on the key areas of SAP’s regulations. Specifically, because the organisation was not using an SAP-supplied self-service tool, SAP should therefore permit it to correct any errors in its self-declaration.
The final result? Our customer paid no fine, they didn’t need to procure any additional licences, and SAP closed the case against them without further incident.
What are the key lessons to be taken away from this example? It comes down to three essential tips to defend yourself against SAP:
Obvious, maybe. Ensure that you and your teams understand what you are entitled to and understand your contractual rights. Vendors are known to pounce on organisations stating they have two days before they begin a licence review. However, their contracts permit them much more time than that. This is just one example of vendors ignoring their own contracts.
Take measures in advance to understand your own estate and usage. If nothing else, knowing you’re correctly licensed means less to worry about, and it puts you in a stronger position to fight from if SAP decides to make an issue over something.
SAP and Oracle have dedicated audit teams that are prepared to work against you. They are not doing this in your best interests. That’s why we recommend that you build your own dedicated defence team. You can source internally at first with a dedicated point of contact. We recommend looking externally too; experts such as Gartner, Forrester, and Palisade Compliance are organisations that specialise in understanding SAP/Oracle contracts and can detangle an audit fast!
Our example shows that an audit is not necessarily reliable, which you need to bear in mind should one arise. Don’t immediately give in and pay the fine just to make the audit go away.
And remember that an SAP audit is inevitable. You may not know when it’s coming, but act as though the audit email could arrive at any moment. Plan ahead, accept nothing at face value, and seek help if necessary. You might just come out on top.
It’s for this reason we wrote a guide on SAP and Oracle’s traps. It’s a primer on what to expect from the vendors and how you can fight back. Download it today and begin your first step to joining the Support Revolution.