Introduction – Why SAP LAW and USMM Matter in Compliance
If your organization runs SAP, you know an audit is inevitable. But an SAP audit doesn’t start when the official letter arrives – it starts the moment you run SAP’s measurement tools. SAP’s built-in license measurement programs, USMM and LAW, form the foundation of every compliance check.
They determine what SAP sees as your usage. By understanding and controlling these tools, you can stay ahead of SAP. Accurate internal measurements protect you from over-licensing (buying more than you need) and under-licensing (using more than you bought). In plain terms: when you manage USMM and LAW proactively, you’re steering the audit process rather than being a passenger.
Many companies treat SAP’s user counting as a once-a-year chore. A better approach is to treat USMM (User Measurement) and LAW (License Administration Workbench) as continuous compliance tools. Read our ultimate guide to SAP License Measurement Tools.
They are meant to help you tally your SAP licenses, but their default settings favor SAP’s interpretations. With a bit of strategy and skepticism, you can turn these tools into your compliance advantage.
Let’s break down what USMM and LAW do, how they interact, and how you can use them on your terms.
What is USMM? – The System-Level Measurement Tool
USMM is SAP’s User and Software Measurement tool that runs on each SAP system to gather raw license data. Think of USMM as the local audit for a single system. When you execute transaction USMM in an SAP system, it scans that system’s user accounts and certain usage metrics (called “engines” or packages).
The result is a count of how many users of each license type exist in that system, along with any measured quantities for engines (such as the number of sales orders, CPUs, etc., depending on what your SAP solutions measure).
How USMM works in a nutshell: First, USMM needs to know what license types and price list to use. This is configured in the system based on your SAP contract or the standard price list for your software version. Choosing the correct price list is critical – if you select the wrong one (say, an older price list that doesn’t match your contract or S/4HANA system), the tool might misclassify many users.
Once configured, USMM evaluates each user’s roles and activity to propose a license classification (for example, distinguishing a “Professional User” from an “Employee” or “Limited” user based on what transactions they use).
It’s important to note that USMM’s classification is a starting point – you, as the administrator, should review and adjust these before finalizing the count. For instance, if USMM flags a user as Professional but you know they only need a Limited license, you can change their classification in the system before measurement.
Before running USMM, savvy admins will clean up the user list. That means locking or deleting obsolete accounts (especially dialog users who have left the company or duplicate test users). USMM will count every active user by default.
If you skip cleanup, inactive users or old test accounts could inflate your counts and make it look like you need more licenses than you actually use. It’s perfectly fine (in fact, recommended) to run USMM in test mode first, fix any issues (reclassify users, apply corrections), and then run it again for a clean result.
Checklist: Running USMM Successfully
- Verify Price List & License Types: Ensure the system’s measurement program is using the correct SAP price list version and user type definitions that match your contract (ECC vs S/4HANA, industry-specific licenses, etc.). An outdated definition can miscount your users.
- Classify Users Properly: Review each user’s license type assignment in the user master data. Map users to the right license categories (e.g., Professional, Limited Professional, Employee, Developer) according to their actual job role.
- Exclude Technical IDs: Mark system/service accounts and test users appropriately (as “technical” or test users) so they aren’t counted as full named users. Only really productive users should consume a license.
- Execute USMM in Each System: Run transaction USMM on all productive SAP clients as required. Double-check you’re measuring only the systems obligated by your contract (usually production; sandbox or development systems might be excluded if your contract says so).
- Review the Local Results: After running, examine the output. Look for anomalies like users in the wrong category or unexpectedly high engine counts. If something looks off, correct the data (or user classifications) in that system and re-run USMM for a clean result.
- Export the Measurement File: Once you’re satisfied, export the USMM results (usually an XML or text file). This file will later be fed into LAW for consolidation.
Pitfall to avoid: Running USMM with the wrong settings can result in hundreds of users being placed in an “unclassified” bucket or all being counted as expensive license types. Always verify the settings before you hit execute.
One common mistake is forgetting to update the SAP measurement program after a system upgrade.
For example, if you move to S/4HANA, you need to apply SAP’s notes so that USMM knows about new S/4HANA user categories; otherwise, your S/4 users might all be lumped as “Professional” by default. A ten-minute check upfront can save you from a nightmare of inflated counts later.
What is LAW? – The Consolidation & Deduplication Engine
If USMM is the local counter, LAW is the master aggregator. The License Administration Workbench (LAW) is a tool designed to combine multiple USMM results into one comprehensive report.
Think of LAW as the central reconciliation hub for your entire SAP landscape. In a company with several SAP systems (ERP, CRM, BW, etc.), a single person might have user accounts in each system. SAP doesn’t expect you to pay for separate licenses for each account that person has – you pay for one license per unique individual. LAW helps achieve that by deduplicating users across systems.
Here’s how LAW works: You typically run LAW in one central SAP system (often your Solution Manager system or your main ERP system designated for license consolidation). From within LAW, you import the measurement files from all the systems you measured with USMM.
The tool then lists all the users from all systems and starts matching them to find duplicates. LAW’s primary job is to identify the same person appearing in multiple places. By default, it might match on identical user IDs. Suppose your landscape has a centralized user ID policy (e.g., the user “jsmith” exists in every system for John Smith). In that case, LAW will automatically identify the issue and merge those entries into one user in the consolidated count.
However, in many landscapes, user IDs aren’t consistent, so LAW provides matching rules – for example, you can tell it to consider two users the same if they share a Personnel Number or email address. You can also manually tell LAW that two accounts are the same person if the automatic logic misses it. The goal is to ensure each actual human is counted only once in the final tally, no matter how many systems they use.
Another crucial aspect: when LAW merges duplicate users, it assigns the person the highest license type needed among their accounts. For example, suppose John Smith is a “Professional User” in System A but only a “Limited” user in System B. In that case, LAW will count John as a Professional only once (since a Professional license would cover his highest usage).
This prevents under-counting license requirements. It means you must be careful – one heavily-authorized account for a user will bump them into a higher license category globally.
Checklist: LAW Consolidation Workflow
- Collect USMM Files from All Systems: After running USMM on each system, gather the export files. Make sure you have results from every in-scope system (usually all production systems). Missing a system’s data will skew the consolidation.
- Load Results into LAW: In your chosen central system, open LAW (transaction
LAWorSLAW/SLAW2depending on the version) and import all the USMM files. Verify that each file is loaded and identified with the correct system name. - Define Deduplication Rules: Set the matching criteria for duplicate users. If your users have identical usernames across systems, this is simple. If not, choose another key (Personnel Number, email, or an external mapping file) to help LAW match accounts to the same individual.
- Execute Consolidation: Run the consolidation process. LAW will automatically merge users it deems the same. Review the preliminary matching – if LAW shows two entries you know are the same person not merged, use the manual mapping feature to link them. Likewise, if two users were mistakenly merged (perhaps two different people share a generic ID like “admin”), separate them.
- Review Consolidated Summary: Once deduplication is done, check the LAW summary report. It will list total unique users per license type across the whole landscape, and totals for each engine metric combined. Look for red flags such as a total user count much higher than expected or engine numbers that don’t make sense. Ensure no user was counted twice or placed in the wrong category after the consolidation process.
- Do Not Auto-Submit: LAW often has a feature to transmit or mark the results for SAP. Hold off on any submission until you thoroughly validate the data internally. The LAW output should be considered a draft until your team signs off on its accuracy.
One key insight to remember: LAW’s goal is to merge data, not interpret it. The LAW tool will not tell you if a particular user is misclassified or if an engine count includes test data – it simply aggregates what USMM provided. The interpretation and validation are your job as the license owner.
Treat the LAW report as the truth that SAP will see. If something looks wrong in LAW, you must fix it either by adjusting the source data (re-running USMM after corrections) or tweaking the consolidation (merging/splitting users correctly). Never assume “LAW must be right” – always cross-check with your own understanding of your user base.
How to use SAP USMM for a self-audit: Running SAP USMM for Self-Audit: How to Gather Accurate License Data.
How LAW and USMM Work Together During an Audit
During an official SAP audit (or the annual license statement process), USMM and LAW work in tandem as follows:
| Step | Tool | Activity | Outcome |
|---|---|---|---|
| 1 | USMM | Measure each SAP system’s users and engines | System-level results (raw counts in each system) |
| 2 | LAW | Consolidate all system results, deduplicate users, and aggregate metrics | Landscape-level summary (one combined compliance report) |
| 3 | SAP Audit | SAP reviews the LAW consolidation you submit, looking for overuse or misclassification | Official audit analysis (delta report comparing usage vs entitlements) |
In practice, the company runs USMM on every relevant system (typically all production systems and any others required by contract). Then the results are fed into LAW to generate one unified report. This LAW report is what you provide to SAP’s auditors. SAP’s audit team will take that data and compare it to your license entitlements on record. Any gap between what you purchased and what the law says you’re using becomes the focus of audit findings.
It’s easy to see how the accuracy of USMM directly determines the accuracy of LAW, which in turn determines what SAP thinks you owe. Errors multiply across systems – if one system overcounts 50 extra Professional users due to a mistake, and you have five systems, you might end up with a consolidated overcount far beyond 50 if those errors aren’t caught. That’s why careful attention at the USMM stage (system cleanup, correct classification) and at the LAW stage (deduplication checks) is so important.
Also, note that you usually only include productive systems in LAW for the audit, unless your contract specifies otherwise. Non-production systems (development, test, QA) often don’t require full license counting for users, or you might have a clause that allows free usage there.
Always double-check your contract: if it states you only need to report on Production, exclude the non-prod systems from LAW to avoid counting users who only exist in test environments. (However, engine metrics sometimes still need to include certain test usage if it draws on productive data – clarify these details with SAP if in doubt.)
The LAW & USMM workflow essentially hands SAP a blueprint of your license usage. That’s why you want to be in control of drawing that blueprint correctly. Before clicking “Submit” or sending off that LAW file, ensure you’ve internally audited the audit data.
Common Errors and Misunderstandings
Using USMM and LAW can be tricky, and several common mistakes can trip up even experienced SAP administrators.
Here are some frequent errors and how to avoid them:
- Wrong Price List or License Metrics Loaded: As mentioned earlier, using an outdated price list in USMM or failing to update the measurement program after a major SAP version change can lead to misclassification. For example, in an S/4HANA system, if you don’t load the S/4-specific license definitions, USMM might not recognize newer license types like “Digital Access” or “FUE categories” and classify everything as a generic type. Avoidance: Always apply the latest SAP notes for license measurement and select the price list that matches your contract (e.g., if your contract is based on the 2025 SAP price list, ensure USMM reflects that). Double-check the license type catalog in USMM before running.
- Including Inappropriate Users in the Count: A classic misunderstanding is counting system users, test users, or inactive users as if they were active employees. For instance, background jobs might run under a technical user ID. If that ID is classified as a dialog user, USMM will count it as a named user needing a license. Similarly, demo or training accounts often get forgotten. Avoidance: Review all user accounts before measurement. Mark technical users with the correct user type (SAP has a user type for communications/technical that typically isn’t counted in license audits) and lock or delete any test or obsolete accounts. Ensure only real, active business users remain as dialog users for counting.
- Not Merging Duplicate Users Properly: LAW can miss duplicates if user identifiers aren’t consistent. If you don’t help LAW by providing matching info or by standardizing usernames, you risk counting the same person two or three times. We’ve seen companies receive an audit finding for “extra” users, only to realize that one employee’s three accounts were counted as three people. Avoidance: Before running LAW, try to have a common identifier for users across systems (such as a personnel number). During LAW consolidation, use the tools provided to merge any stragglers. If two accounts belong to the same person, make sure LAW knows that. Document these manual merges for future reference, so you don’t have to rediscover them next time.
- Sending Data to SAP Without Internal Validation: This is more of a process mistake, but a serious one. Some admins run USMM/LAW and send the results to SAP without a thorough internal review, perhaps trusting the tools blindly or rushing to meet a deadline. The risk is that any errors (those inactive users, duplicates, etc.) are now in SAP’s hands, and you’ll have to explain them after the fact. Avoidance: Never submit LAW results to SAP immediately. Always pause and review internally with your SAM (Software Asset Management) team, Basis team, and possibly an expert advisor. Check if the totals make sense compared to last year or to your own expectations. Scrutinize any big changes or surprising figures before SAP does.
- Misinterpreting “Engine” Metrics: USMM also collects data on engines (like the number of documents, employees, order lines, etc., depending on what modules you use). A misunderstanding here is assuming those numbers are always accurate or automatically exclude irrelevant data. In reality, these raw counts might include items such as test transactions or old data. For example, an engine metric for “number of sales orders” will count every order in the system – including test orders, unless filtered. Avoidance: Understand what each engine metric encompasses. Read SAP’s definition of that metric and compare it with your system’s data. You might need to perform some cleanup or at least be ready to explain why a count is high. If your HR system shows 10,000 employees but your company has only 9,000, find out if the extra 1,000 are former employees not terminated in the system or test entries – and correct it if possible. Engines are a common source of surprise compliance gaps, so give them special attention.
In summary, most errors come down to a lack of preparation or blind trust in the tools. USMM and LAW will do exactly what they are designed to do – but that might not align perfectly with how you use SAP or how your contract is worded. Always apply human judgment to the results.
Performing a Test (Shadow) Measurement
One of the smartest strategies for SAP license compliance is to run “shadow” measurements well before SAP asks you to. A shadow measurement means performing the full USMM and LAW process internally, on your own schedule, as a practice run. This isn’t an official audit submission – it’s your chance to catch and fix issues quietly.
Why do this? Because an SAP audit should never be the first time you discover a license problem. By running a test measurement (say, quarterly or a couple of times a year), you can identify misclassified users, unused accounts, or early growth in usage. It’s much easier (and cheaper) to correct these proactively than to argue with SAP about them later.
How to perform an internal license audit: Treat it exactly like the real thing. Run USMM on all the systems in scope and consolidate with LAW. Instead of sending the data to SAP, analyze it in-house. Look for any areas where you’re over your license allocations.
For example, if your LAW summary shows 120 Professional users but you only own 100, that’s a red flag to investigate. Perhaps 10 of those could be reclassified to a lower tier, or maybe you need to plan for additional licenses – either way, you found out privately. Likewise, examine engine metrics for anything nearing or over limits.
It’s a good practice to document these shadow runs. Maintain a spreadsheet or report of the results and the actions you took (e.g., “March 2025 internal measurement found 50 users as Professional, cleaned up five inactive accounts, and reclassified eight users to Limited – result now 37 Professional”). This builds a historical record that can be invaluable during a formal audit, demonstrating that you take compliance seriously and have rational explanations for your numbers.
Remember: never upload your shadow LAW results to SAP. There’s no obligation to share these interim checks. They are purely for your organization’s benefit.
By the time SAP’s official audit comes around, you will have already rehearsed it multiple times, and the “real” measurement will just be another well-prepared run with no surprises.
Checklist: Internal “Shadow” Measurement Process
- Plan Regular Internal Audits: Decide on a frequency (e.g., every 6 months or quarterly) to conduct a comprehensive review across all systems. Put it on your IT calendar so it isn’t forgotten.
- Run USMM on All Prod Systems: Execute the user measurement in each system as if SAP asked for it. Include all relevant systems in scope.
- Consolidate with LAW: Import all results into LAW for a complete view. Use the same matching logic you would use officially.
- Analyze the Results Internally: Compare the LAW output to your license entitlements. Note any overused categories or unexpected spikes. Investigate those – is it a data issue or truly increased usage?
- Take Corrective Actions: For any issues found, correct them. This could mean cleaning up users (lock/delete extra accounts), adjusting license classifications, providing training to avoid unauthorized usage, or budgeting for more licenses if needed.
- Document and Iterate: Record what the internal audit showed and what you did about it. If major changes were made (like reclassifying many users), consider running USMM/LAW again to see the updated compliance position. Ensure the final internal result looks clean and reasonable.
By performing these drills, you essentially audit-proof your environment. When SAP eventually requests the measurement, you won’t be scrambling; you’ll confidently run it and submit data that you’ve already vetted.
Using LAW/USMM Data with SAM Tools
While USMM and LAW provide the raw counts of your SAP usage, they are not the easiest for ongoing license optimization. This is where third-party Software Asset Management (SAM) tools or ITAM solutions come in. Many SAM tools (such as Flexera, Snow, ServiceNow SAM, USU, etc.) have modules for SAP license management. They can import the results from USMM/LAW and help translate that into actionable insights.
How this works: Typically, you take the XML output from LAW (or the individual USMM files) and load it into the SAM tool. The tool then maps the measured usage against your license entitlements (which you would have configured in the tool’s database beforehand, based on your SAP contracts).
The SAM tool can automatically flag where you have deficits or surpluses. For example, it might show that you have 200 Professional licenses counted by LAW versus 180 purchased – a 20-license shortfall. Conversely, it might reveal you’re over-licensed in some areas (maybe you bought 50 Developer licenses but only 10 are used, indicating shelfware).
The value of a SAM tool is that it adds a layer of interpretation and optimization on top of the raw data. LAW tells you what SAP sees – SAM tools tell you what you should do about it. A good SAM tool will consider things like if certain users could be reassigned a cheaper license type based on their actual activity (some advanced tools analyze transaction usage per user to suggest optimizations). They also often provide trend reports, so you can see how your SAP user count is growing or shrinking over time, and forecast future needs or true-up costs.
Another benefit is combining data sources. SAM tools might integrate HR data to know if some users are no longer with the company, or they might correlate roles to license types in more detail. They can also keep an eye on indirect usage (e.g., how many documents are created via non-SAP systems) by leveraging SAP’s digital access reports in conjunction with LAW data – giving you a fuller compliance picture.
For your stakeholders (CIO, CFO, procurement), visualizing license compliance in dashboards is much easier via a SAM platform than reading SAP’s LAW text file. It can bridge the gap between IT data and business decisions. If your organization has invested in such tooling, make sure to integrate the LAW/USMM process with it: after each measurement, feed the data into the SAM tool and review the license position it calculates. This double-check can catch issues before SAP does, and it provides a sanity check against SAP’s view.
Checklist: Leveraging LAW Data in SAM Tools
- Automate Data Import: Set up your SAM tool to ingest SAP measurement files whenever you run them. This ensures consistency and saves manual effort.
- Maintain Up-to-Date Entitlements: Keep your SAP contract details (purchased licenses, license types, counts, metrics) current in the SAM tool so it can correctly evaluate compliance.
- Analyze Optimization Opportunities: Use the tool’s analytics to identify if some users are assigned higher licenses than necessary or if unused accounts are consuming licenses. Adjust in SAP accordingly (e.g., change a user from Professional to Employee license if their usage is low).
- Integrate Indirect Usage Metrics: If your SAP setup involves indirect access (e.g. Salesforce creating SAP orders), combine LAW data with any digital access measurements to see the full license requirement picture.
- Report to Management: Take advantage of SAM dashboards to report compliance status to IT and finance leadership. Showing that “we’re at 90% of our SAP license capacity” in a chart can prompt proactive budget or reallocation decisions far ahead of audits.
In short, SAM tools can act as your license co-pilot – interpreting LAW’s raw output and guiding you on how to stay compliant cost-effectively. They don’t replace USMM or LAW (you still need to run those), but they enhance the value of that effort by ensuring the data is used for more than just appeasing SAP – it’s used to optimize your spend.
Best Practices for Managing LAW & USMM
Managing SAP’s license measurement isn’t a one-time event; it should be an ongoing process integrated into your IT governance.
Below are some best practices to make LAW and USMM work in your favor year-round:
- Establish an Internal Measurement Policy: Treat SAP license counting as a routine business process. Define how often you do internal measurements (e.g., annually at minimum, ideally more often) and who is responsible for it. This policy ensures everyone knows an internal “mini-audit” will happen regularly, not just when SAP calls.
- Keep Measurement Tools Updated: SAP occasionally updates how USMM counts certain licenses or adds new license types (especially if you adopt new products). Stay on top of SAP Notes regarding license measurement. Before any measurement run, confirm that the system has the latest measurement updates and that the correct license type catalog (price list) is selected.
- Consistent User Classification: Develop a standard for classifying users into license types across all systems. For example, define what roles or job titles qualify as Professional, Limited Professional, Employee, etc., and apply that consistently. This might involve training your SAP user administrators or using scripts to align classifications. Consistency prevents one system from counting a user as Professional while another counts a similar user as Employee, which could complicate consolidation.
- Centralize User Management (Where Possible): Using SAP’s Central User Administration (CUA) or Identity Management to standardize user IDs across systems will greatly simplify LAW deduplication. At a minimum, maintain a mapping of user aliases (e.g., an Excel sheet that says User A in system X = User B in system Y) to assist in matching.
- Pre-Audit Cleanup Campaigns: Before any official audit or annual measurement, run a cleanup. This means coordinating with HR to remove users who have left, checking with system owners to purge outdated test accounts, and ensuring all active users have a proper license assignment. It’s much easier to clean up before running USMM than to explain excess usage after.
- Never Submit Without Approval: Implement an internal sign-off process for any data going to SAP. This could involve your Software Asset Manager, a procurement officer, and a legal advisor reviewing the LAW report. They should compare the numbers against your entitlement and against last year’s submission. Any significant change should be understood and agreed upon. Only with this internal approval should you transmit the LAW results to SAP.
- Map Contracts to Measured Data: Maintain a “contract vs usage” log. For each license metric in your contract, know where in USMM/LAW that usage is counted. For example, if you have a contract line for “SAP ERP Limited Professional Users – 100”, you should be able to tie that to the LAW output line for that user category. This mapping helps ensure you’re comparing apples to apples when reconciling figures, and it’s useful evidence if SAP’s interpretation differs.
- Retain Evidence and Documentation: Archive the outputs of every measurement run (USMM logs, LAW files) and the steps you took. If you adjust data (say, manually merge users in LAW or exclude something), make sure to note it down. In case SAP questions the data, you have an audit trail showing you followed a consistent, reasonable process. It also helps next year’s team understand what was done previously.
- Educate Stakeholders: Make sure your internal stakeholders (IT operations, SAM team, finance, etc.) understand what USMM and LAW are and what the data means. When everyone is aware of how license use is measured, they are more likely to keep data clean. For example, if project teams know that every active user counts, they’ll be more diligent in requesting the removal of access for departing users.
- Use LAW Beyond Compliance: Don’t think of LAW output as just a number to give SAP. Use it as a management tool. Analyze it to see if certain systems are growing user counts quickly (perhaps indicating a need for process change or additional licenses soon). Or use it to identify if a particular license type is heavily under-utilized (maybe you can negotiate that down at renewal). In other words, leverage the insight for internal planning.
By following these best practices, you transform license measurement from a reactive task into a proactive discipline. Your goal is to avoid firefighting during audits because you’ve been steadily keeping your house in order.
5 Practical Tips for Using LAW and USMM Effectively
Finally, let’s wrap up with five practical tips that encapsulate effective use of USMM and LAW:
- Align Tools with Your Contract: Don’t rely on SAP’s default settings or assumptions. Configure USMM and LAW to reflect your contract terms (correct license types, excluded systems, etc.). This ensures the measurements are relevant and fair for your situation.
- Deduplicate Proactively: Wherever possible, consolidate user accounts across systems before SAP does. Encourage unique user IDs or maintain mappings. When running LAW, manually merge duplicates that slip through. This way, the consolidated count you present is accurate and defensible.
- Treat Internal Runs Like Audits: Every time you run USMM/LAW internally, handle it with the same rigor as an official audit. Document the process, double-check results, and fix issues. This rehearsal means the official audit will be just another run with no drama.
- Re-Measure After Changes: Significant changes (like implementing a new SAP module, adding 500 new users, or a cleanup of roles) should prompt a fresh USMM run. Don’t wait a full year – a quick measurement after big shifts will show the impact on licenses, letting you react (reallocate or purchase more) in a timely way.
- Get a Second Pair of Eyes: Before submitting any measurement to SAP, have your SAM team or even an external licensing advisor review it. Legal and procurement stakeholders should also sign off. A cross-functional review can catch anomalies or risks that a technical team might overlook. It’s a final safety check to ensure you’re comfortable with every number on that report.
By following these tips, you put your organization in the driver’s seat when it comes to SAP license compliance. USMM and LAW are powerful tools – make them work for you, not against you.
With preparation, consistency, and a bit of healthy skepticism toward the “out-of-the-box” settings, you can confidently use these tools to sail through SAP audits and optimize your license usage year-round.
Read about our SAP Audit Services
