Introduction – Why Run SAP USMM Internally
If you don’t run SAP’s license measurement (USMM) before SAP does, you’re letting them define your compliance. Proactively using USMM for an internal “shadow” audit gives you control.
By measuring your SAP use on your own schedule (ideally quarterly and always before a renewal or official audit), you uncover misclassified users, duplicate accounts, and untracked engines early.
This means no surprises when SAP’s auditors come knocking. Think of it as checking your homework before the teacher grades it – you can catch and correct errors. The goal is simple: measure before you’re measured. Read our ultimate guide to SAP License Measurement Tools.
Running USMM internally is a smart license control practice. It reveals where your user classifications might be wrong (e.g., someone flagged as a costly Professional user when they only need a cheaper license type), finds inactive accounts that could inflate counts, and highlights any engines or packages consuming more than expected.
Armed with this data, your SAP Basis and Software Asset Management (SAM) teams can fix issues in advance. In short, self-auditing is your best defense – it ensures that when SAP runs its audit, your numbers are clean, accurate, and on your terms.
Understanding USMM’s Role
USMM (User Measurement) is SAP’s built-in tool for tracking license usage. It’s available in every SAP system (client-specific) via transaction code. USMM. Read our tools overview, SAP LAW & USMM Overview: How SAP’s License Measurement Tools Work Together.
When you run USMM on a system, it captures a snapshot of two things: named user license data and engine usage metrics.
- User License Data: USMM scans all user accounts in the system and records each user’s license classification. These are the license types, such as Professional, Limited Professional, Employee Self-Service (ESS), Developer, etc., that you assign in the user master record. USMM tallies how many users fall into each category. (Important: if a user has no license type assigned, SAP will count them in the highest-cost category by default – usually Professional. So classification is critical!)
- Engine Metrics: USMM also measures “engines” or package-based licenses. These are SAP modules licensed by metrics (not per user) – for example, the number of sales documents in SD, the number of payroll employees, or the database size. USMM will gather usage figures for these metrics where it can. USMM automatically counts some engine metrics, while others might require you to enter data manually if not tracked in the system.
- System Information: The tool records system metadata too – like the System ID (SID), client number, system role (production, test, development), and the price list version active for that measurement. The price list tells USMM which set of license definitions to use (more on this later). It also notes the measurement date and any comments.
USMM’s output is essentially a report of how many users of each type you have in that system, plus any package/engine consumption figures. For one system, that’s useful, but most companies run many SAP systems. This is where LAW (License Administration Workbench) comes in. USMM feeds into LAW – you run USMM on each system to collect local data, then consolidate everything in LAW to get an enterprise-wide view. LAW will combine the USMM files, cross-check for duplicate users across systems, and produce one unified compliance report. In summary, USMM is the data collection engine, and LAW is the consolidation engine.
Checklist: What USMM Collects
- Named User counts per license type (based on your classifications in the system)
- Engine/package usage metrics (e.g., number of SD documents, HR records, etc.)
- System details: System ID, client, and whether it’s Production, QA, Dev, etc.
- Price list version used for the measurement (to ensure correct license categories)
- Timestamp of measurement (date the run was executed)
Understanding USMM’s role is fundamental – it’s the cornerstone of SAP license compliance tracking. Use it to your advantage by ensuring it’s configured to mirror your contract (right user types, right metrics). That way, the data it collects will be relevant and accurate for your organization.
Preparing for a USMM Run
Think of preparing for USMM like cleaning your house before an inspection.
A little work up front will save headaches later. Before you hit the “Measure” button, follow these preparation steps:
- Review and Clean User Accounts: Identify any users who have left the company or haven’t logged in recently (e.g., in the last 90 days or more). Lock or disable those accounts ahead of time. SAP auditors typically ignore users who have been inactive for a long period, but only if they are properly locked or marked inactive. Don’t wait until the last minute to do a massive cleanup – large, sudden deletions right before an audit can raise flags. Instead, build this into a regular quarterly process.
- Exclude Technical and Test Users: USMM will count all user accounts unless configured otherwise. This means that system accounts, background users, communication users (for integrations), and test users could end up counted as named users, which you don’t want. Ensure these accounts are identified and assigned the correct user type (e.g., “System” or “Communication” user types in SAP that are excluded from license counts). They should not have dialog login capabilities if they don’t need them. For example, an RFC user or background job user should be a technical user type, so USMM doesn’t include it as a normal human user in the count.
- Verify User Classifications: Go through your user master data (
SU01or via mass tools) and ensure every active user has a correct license type assigned according to their role and your SAP contract. If your contract defines certain users as Employee Self-Service or Limited Professional, ensure they are applied to the correct users. Any “unclassified” user will default to an expensive category in USMM – avoid this by classifying everyone. This is a critical step to prevent over-counting. Coordinate with HR or identity management teams if needed to confirm users’ roles or identify duplicate individuals. - Identify the Correct Price List Version: In USMM, you must select the price list that matches your contract’s user definitions. Using the wrong price list is a common pitfall. SAP updates license definitions over time – for example, S/4HANA introduced new user categories like “Advanced” or “Core” user instead of the classic Professional/Limited. If your system is using an old default price list that doesn’t reflect your agreement, the measurement could map users to the wrong categories. Always check the price list/version in USMM settings and choose the one that aligns with your purchase. (E.g., if you’re on S/4HANA with an FUE-based contract, activate the S/4HANA price list so those user types appear. If you stick with the ECC price list, all those new user types might end up counted as “unclassified” or default Professional users – a licensing nightmare.)
- Confirm System Role Flags: Make sure each system knows its role – production or non-production. USMM and LAW use the system designation (set in SAP system parameters) to decide how to count users. Only production systems’ users should count toward license totals in most contracts. If a QA system is mistakenly flagged as production, you might end up double-counting users. Check your system settings (in transaction SCC4 or system measurement settings) to ensure test and development clients are marked appropriately so their users can be excluded or treated correctly in consolidation.
- Coordinate on Duplicate Users: Although the LAW consolidation will ultimately handle duplicate user removal, it helps to prepare for this process. Work with HR or your identity management to find users who might have multiple accounts across systems or within the same system. Ensure their usernames, personnel IDs, or email fields are consistent if possible. Consistency will help LAW automatically match them later. For instance, if John Doe has two accounts in one system (not ideal, but sometimes happens for separate job functions), consider if both are needed or if one can be retired. At a minimum, ensure they have the same name or email so you (or LAW) can link them as one person when consolidating.
Pitfall → Fix Examples:
- Pitfall: USMM counts all users, including technical/system accounts, as license-consuming users.
Fix: Mark technical and communication users with the appropriate user type (e.g., “System” user type) and remove dialog login rights. This way, they won’t appear in the USMM named-user count at all. Double-check that test users or training accounts are locked or deleted before measurement. - Pitfall: Reference users (intended for authorization grouping) are appearing in user lists because someone logged in with them.
Fix: Never allow direct logon for reference users. Audit your user list for any reference-type users and ensure they cannot log in (no password or set to a technical user type). Reference users should only be assigned to other users for roles; they shouldn’t be real users themselves. If you find any reference user with dialog activity, investigate and correct it (it might indicate misuse of accounts).
By handling these prep steps, you set the stage for an accurate USMM run. Essentially, you’re taking out the trash and tuning the engine before running the meter. A pre-run checklist for convenience:
Pre-Run Checklist:
- Clean up inactive users and obsolete accounts (lock or delete as per policy)
- Exclude technical IDs from user counts (proper user type, no dialog access)
- Classify all users with correct license types (no one left as “unclassified”)
- Verify the price list in USMM matches your contract’s user license model
- Check system settings for the correct system role (Prod/QA/Dev)
- Note potential duplicates and ensure consistent naming for easier consolidation
Time invested in preparation pays off by preventing incorrect license count surprises. Now, with a clean dataset, you’re ready to actually run USMM.
How to use non-SAP tools, Using SAM Tools with SAP: Managing Licenses Beyond USMM and LAW.
Step-by-Step: Running USMM
Running USMM is a straightforward process once your system is prepped.
Perform the following steps in each relevant SAP system (usually every production system in scope for licensing):
- Launch the USMM Transaction: Log into the SAP system (use a client that is designated for system measurement, often client 000 or the central client if applicable) and run transaction code
USMM. This opens the System Measurement tool. You’ll typically need appropriate authorization to execute it (SAP_ALL or specific audit roles). - Select Measurement Settings: In USMM, go to the “User Types” or settings section. Here, select the correct Price List/version that corresponds to your contract. Also, ensure the relevant user license types are active (only those you use). For example, if your contract uses Professional and Employee licenses, activate those and deactivate any irrelevant categories to avoid confusion. Double-check the measurement parameters, such as whether the system is production or test (it should show appropriately).
- Choose Measurement Type: USMM can measure different aspects – by default, it will handle named users and engines together. In some versions, you might see options like “Execute Measurement” (for everything) or separate tabs for user measurement and for package measurement. Generally, opt to run a full measurement that covers both users and engines, unless you have a reason to do them separately. Ensure no users are logged in performing unusual activities that could affect counts (though this is rarely an issue; measuring during normal operation is fine).
- Execute the Measurement Run: Start the measurement. USMM will scan the user master records and usage data. This might take a few minutes, depending on system size. Let it complete. If there are any errors or unclassified users, USMM typically will warn or list them. (If you see warnings about unclassified users or inconsistent data, you may pause to fix those and run it again.)
- Review the USMM Results in the System: Once done, USMM will produce results that you can view on-screen. There will be a summary of Named User licenses – e.g., 120 Professional users, 45 Limited Professional, 300 Employee Self-Service, etc. – and a summary of Engine/Package measurements – e.g., Human Resources: 1,200 employees; SD Documents: 25,000; etc. Review this carefully for any surprises. Look for anomalies such as an unexpected spike in one user category or an engine count that seems off. If something looks wrong, investigate: maybe a user was misclassified or a background job suddenly created data, inflating an engine metric. It’s better to identify that now than to pass it blindly to SAP.
- Export the Measurement Results: After validation, export the results file. In USMM, there’s an option to “System Measurement -> Export to LAW” or “Download Results” (it often generates an XML or LAW text file). Do this for each system you measured. Save these files with clear names (for example,
SID_client_prod_measurement_<date>.XML). Do not transmit anything to SAP at this stage – since this is an internal run, you’re just gathering data. The export is used later for consolidation in LAW or for your own analysis. Some admins also print or screenshot the summary for record-keeping and to cross-check that the export file contents make sense.
After completing these steps on all your in-scope systems, you’ll have individual measurement files and on-screen reports for each.
Before we move to consolidation, let’s summarize the key output fields of USMM and common issues to watch for:
| Output Category | What It Means | Common Error | Fix |
|---|---|---|---|
| User Types Count | The tally of users per license category (e.g., 100 Professional, 50 ESS, etc.) in this system. | Misalignment between what the system counted vs. what your contract expects (e.g., system shows “Professional” but your contract calls it “Enterprise User”). Also, misclassified users causing overcounts. | Verify license type mapping before run. Ensure USMM’s user categories match contract definitions. Reclassify any users that seem out of place and rerun if necessary. |
| Engine Metrics | Usage numbers for package-based licenses (e.g., number of documents, employees, CPUs). | Misinterpreting the metric or a one-time data spike skewing the numbers. For instance, a test batch of documents might inflate SD document count. | Consult the module owner to validate the figure. If it’s a known one-time event or anomaly, document it. You may need to manually adjust or explain it in LAW comments. |
| System Role | Indicates if this system was counted as Production or Non-Production. Only production counts typically go toward license totals. | System set to the wrong role (e.g., a QA system marked as Production leading to unnecessary license counts). | Correct the system’s role in SCC4 (or relevant config) and potentially rerun USMM. Always label clients correctly (Production vs. Test) before measurement. |
| Measurement Date | The date (and time) when USMM was executed on this system. | Different systems run on different dates, which can complicate LAW consolidation (user activity might differ between runs). | Try to run all measurements in a short window (ideally same day) to keep data aligned. In LAW, use the closest dates if not identical. For self-audit, consistency is key. |
This table highlights what to look for in the USMM output. The User Types section is perhaps the most critical – it directly shows your license consumption. Always ensure the labels and counts here make sense for your organization.
If anything looks off, you can still go back, fix classifications or settings, and rerun USMM before you proceed. It’s much easier to address issues now than after consolidation or, worse, during a formal audit.
Tip: It’s wise to save a copy of each system’s user measurement report (even just a PDF or screenshot) for your records. This helps when reviewing consolidated results and provides an audit trail of what was done internally.
Reviewing USMM Results for Accuracy
After running USMM, don’t just file away the results – review them thoroughly.
The goal is to verify that the data makes sense and is compliant with your expectations and entitlements.
Here’s how to go about it:
- User Summary Review: Look at the user counts per license type. Do these numbers align with what you know about your user population? For example, if you expected around 100 Professional users but the report shows 130, find out why. Perhaps some users were left classified as Professional when they could be a Limited user. Or maybe temporary project users were created and not removed. Investigate any unexpected spikes or dips. Also, compare the total active users counted to your company’s headcount in that system; if you have more SAP users than employees, something’s definitely off (duplicates or old accounts lurking around).
- Engine Metrics Review: Cross-check the engine measurements with historical data or system owners. If USMM shows that the “Sales Documents” engine count is 50,000 documents, confirm with the sales or IT team if that sounds correct for the period. Sometimes USMM might catch a broader range of data if not configured for a specific timeframe, or a certain configuration might cause double counting. Understanding what each engine metric means in business terms helps – e.g., is that 50,000 sales orders in the last year, or total in the system? If a number looks abnormally high, you might need to investigate if it’s counting old archive data or if someone ran a mass test.
- License Mapping Check: Ensure that the license category names in the USMM output correspond to the licenses you actually own. SAP systems sometimes have slightly different naming conventions. For instance, “Limited Professional” in USMM should map to your contract’s equivalent term (maybe “Associate” user or similar, depending on wording). If something is labeled “Default” or “Basic” and you’re not sure what that is, it could be an unclassified user bucket – which you want to avoid. Make sure every user fell into a legitimate category. If not, you may need to adjust classifications and measure again.
While reviewing, it’s useful to have your SAP license entitlement summary at hand (the quantities of each license type you’ve purchased, and the metrics limits for engines). That way you can immediately see if any measured usage exceeds what you’ve paid for, or if you have headroom.
Checklist for Reviewing USMM Results:
- Compare user counts to HR records or expected workforce numbers. Make sure you’re not counting ex-employees or contractors who left.
- Spot-check high license categories (e.g., Professional users). Are there users in that category who perhaps could be in a cheaper category? Identify potential over-licensing (e.g., someone marked Professional but only uses self-service functions).
- Identify inactive or unused accounts that still show up. If any slipped through, plan to clean them before next run (and ensure they’re excluded next time).
- Cross-verify engine metrics with the respective business owners. If the HR module says 10,000 employees but you know the company has 8,000, find out why (old data? test entries? misconfigurations?).
- Ensure no test or technical users appear in the “dialog users” list. If they do, adjust their settings for future (they might not affect license counts if set properly, but double-check none were mistakenly treated as dialog users).
- Document any anomalies. If you find, say, an engine count overshoot due to a one-time event, write that down. This will help in discussions with SAP or internal reviews.
Remember, even a small discrepancy can have big cost implications. A 10% user overcount can equate to roughly a 30% cost error when true-up fees and support costs are factored in. It’s far better to catch those now. For instance, if you found 50 extra Professional users that are actually unused or should be reclassified, correcting that internally could save a huge bill later.
By carefully reviewing the USMM output, you ensure that your subsequent consolidation (and any reports to SAP) are based on accurate, optimized data. This is your chance to fix the numbers while you have full control over them.
Preparing for LAW Consolidation
Once you’ve validated each system’s USMM results, the next step is to consolidate them using SAP’s License Administration Workbench (LAW). Even though our focus here is on USMM, it’s important to handle the transition to LAW carefully during a self-audit.
Here’s how to prep:
- Export from All Systems: Make sure you have run USMM on every system in your SAP landscape that counts toward licensing. This usually means all production systems (and any additional systems if your contract requires all to be measured). Export the measurement results from each one. You should now have a set of files (one per system). Double-check you didn’t miss any – a forgotten system could lead to an unpleasant surprise if SAP remembers it later!
- Consistent File Naming: Save the files in a way that makes it clear which system and date they represent. For example, include the system ID, client, and the date of measurement in the filename. This helps avoid mix-ups when you import them into LAW. Consistency is key – for instance:
PROD1_000_USMM_2025-09-30.xmlis instantly recognizable. If you have multiple clients measured (less common except in multi-client setups), note that too. - Centralize the Files Securely: Create a secure folder or directory to collect all these USMM exports. This is now your “internal audit package.” Treat it with care – it’s basically the raw data of your license usage. Do not upload them to SAP or email them to SAP reps as-is; since this is an internal audit, keep the data internal. (Only when you’re ready and confident should any data be officially shared.)
- Review Before LAW Import: Before importing into LAW, take one last glance at each file’s contents if possible (some LAW files are partly human-readable XML). Or use the USMM output summaries you saved to recall what’s inside each. Ensure again that all the measurement dates are reasonably aligned (within the same week or so) to avoid timing issues. If one system was measured a month apart from another, consider rerunning to get them closer, or be prepared to explain differences.
- Plan LAW Consolidation Strategy: Decide which system you’ll use as the LAW consolidation system (often a Solution Manager or one of the ECC systems with SLAW installed). Ensure you have access and authorization there. Also, plan your duplicate user matching strategy (e.g., use email addresses or personnel numbers as matching criteria) and gather any reference data needed for that.
- Communicate with Stakeholders: Let your SAM team or compliance manager know that the USMM phase is done and you’re moving to consolidation. It’s good to have a second pair of eyes at this stage – they might spot something you missed. If you have a compliance tool or an internal auditor, involve them in reviewing the USMM files. Two heads are better than one when interpreting this data.
When all systems are measured and results gathered, you’re ready to feed them into LAW for a combined view. The LAW process (which could be a whole article on its own) will deduplicate users across systems and generate the final consolidated metrics.
But since we’re focusing on USMM, we’ll keep it brief: LAW will only be as good as the USMM data you give it. The work you did, cleaning and reviewing, ensures LAW’s output will be trustworthy.
Checklist: Preparing for LAW
- All relevant systems have been measured (none forgotten).
- Each USMM result file is exported and saved locally (avoid using SAP’s online transmission for internal runs).
- Files are clearly named and organized (so you know which is which).
- Measurement dates are aligned or noted (to account for any differences).
- Basis and SAM teams have reviewed the individual results and are on the same page.
- LAW consolidation system is ready (access granted, updated to the latest version if needed).
- A plan is in place for user matching rules in LAW (e.g., by username convention or email).
- Nothing has been sent to SAP – this is still your internal analysis data.
By methodically preparing for LAW, you ensure that the final “single source of truth” report you get from it will be accurate. You’ll be able to see your overall license position (how many unique users of each type across the whole landscape, and total engine usage) and compare that against your entitlements.
Enhancing USMM Data with Third-Party Tools
SAP’s USMM and LAW are the official tools for license compliance, but they aren’t known for being the most user-friendly or insightful. Many organizations enhance their internal audits by feeding USMM data into third-party Software Asset Management (SAM) tools (like Flexera, Snow, USU, or ServiceNow’s SAM modules).
While this is optional, it can add a lot of value:
- Anomaly Detection: Third-party license management tools can automatically flag anomalies in the USMM data. For example, if one system suddenly shows a 50% jump in users compared to last quarter, the tool can alert you. Or if an engine metric seems off-trend, you’ll get a notification. This saves you from having to manually spot every oddity. It’s like having a second opinion on your measurement.
- License Optimization Insights: These tools often integrate your contract entitlements. They can take the USMM counts and immediately show you where you’re under or over your license counts. Some will even suggest optimizations – such as identifying users who haven’t logged in lately (could be candidates to remove or downgrade) or highlighting Professional users who only perform transactions that an Employee Self-Service user could do (potential downgrades). Essentially, they overlay intelligence on top of the raw USMM data.
- Duplicate and Indirect Use Analysis: Good SAM tools might help identify duplicate users beyond what LAW does, using more advanced heuristics or linking to HR records. They can also help track indirect usage (like if non-SAP systems are creating documents in SAP – something the Digital Access license covers). USMM doesn’t automatically count all indirect use documents in detail (unless you use SAP’s separate Digital Access Evaluation tool). Still, a SAM tool might correlate different data sources to give a fuller picture.
- What-If Scenario Modeling: One powerful feature is the ability to simulate changes. For example, you can load the USMM results into the tool and then ask, “What if we reclassified 50 Professional users as Limited Professional?” The tool can recalculate the compliance position and show potential savings or shortfalls. This is great for planning – you can model reducing licenses, the effect of moving to an S/4HANA FUE model, etc., in a sandbox without touching the real systems yet.
- Continuous Monitoring and Reporting: Rather than treating USMM as a once-a-year fire drill, some SAM solutions continuously import data (some even connect to SAP periodically to pull measurement data). They provide dashboards that management can review anytime. That way, license compliance becomes a continuous process, not a frantic one. It also means that by the time you formally run USMM for an audit, you’re 99% sure of the outcome because your internal tools have been tracking it all along.
Keep in mind, the official numbers that count in an audit will still come from USMM and LAW. Third-party tools don’t replace SAP’s audit tools; rather, they supplement them. Think of them as a smart overlay that helps you interpret and optimize the data USMM gives you. They add transparency and often catch issues early.
If your organization has invested in such tools, definitely leverage them as part of your USMM self-audit process. Import the USMM results into the tool, review the dashboards or recommendations, and address any red flags it raises. This adds an extra layer of confidence. And if auditors come asking tough questions, you’ll have robust internal reports to back up why your numbers are what they are.
Finally, ensure that any insights gained from third-party tools are fed back into your SAP administration practices. For example, if the tool identifies 100 inactive users, ensure your Basis team locks those users in SAP. The tools can guide you, but you must still execute the changes in the SAP system and then run USMM again to confirm improvements.
5 USMM Audit-Readiness Tactics
To wrap up, here are five proven tactics to ensure you’re always audit-ready when it comes to SAP license measurements:
- Run USMM Regularly: Don’t wait for SAP’s official audit request. Run USMM quarterly and before any anticipated SAP audit or contract true-up. Regular self-measurement means you catch compliance issues early, not after they’ve grown into expensive problems.
- Clean Data Before Measurement: Always clean up users and engine data before you run USMM, never after. Delete or lock dormant accounts in advance, and make sure classifications are up-to-date. Once you run the measurement, those numbers are on record – trying to “fix” them post-run is too late (and won’t fool SAP’s auditors).
- Align USMM to Your Contract: Ensure the USMM settings (price list and user types) match your contract’s terms, not SAP’s defaults. If your contract is based on an older or specialized user classification, use that price list. Never assume the system’s default categories are correct – a mismatch can instantly overcount users in expensive categories.
- Validate and Archive Results: Treat each USMM result file as a critical record. Review it internally with your Basis and SAM teams, and save copies of the outputs securely. Before consolidating in LAW, be confident that each file is accurate. Keeping an archive of each quarterly run also helps track trends and defend your position if questions arise.
- Involve Compliance Stakeholders Early: Before sending any measurement data to SAP, involve your SAM, procurement, or legal teams. Let them vet the numbers and the approach. They can provide a sanity check and ensure nothing sensitive is disclosed inadvertently. This cross-functional review adds a layer of protection – once SAP has the data, you can’t take it back, so have all eyes on it before that point.
By following these tactics, you’ll build a strong, proactive license compliance practice. You’ll always know where you stand with SAP licenses and be ready to face an audit with confidence, rather than dread.
Your organization stays in control of the narrative, armed with accurate data and a well-prepared strategy. Remember, in the world of SAP audits, preparation and knowledge are your best allies. Happy measuring!
Read about our SAP Audit Services
