HANA database licensing sits at the intersection of infrastructure, application licensing, and third-party integration — which is precisely why so many enterprises discover compliance exposure only when SAP's audit team arrives. This tool gives you the same framework our advisers use when onboarding a new SAP client: a structured review across 22 dimensions, each with the expert commentary needed to act on what you find.
Work through each section systematically. For every item where you cannot answer "yes" with evidence, treat it as a gap requiring immediate attention. Our experience across 500+ engagements suggests that most enterprises carry between three and six active exposure points in their HANA estate at any given time.
How to Use This Checklist
Mark each item as Confirmed ✓, Partial ~, or Unknown ✗. Count your confirmed items at the end and use the score guide below to assess your licensing health. Any item marked Unknown should be escalated to your SAP licensing team or an independent adviser before your next renewal or audit window.
18–22
Strong Position
Licensing well-managed. Focus on monitoring and annual review.
10–17
Review Required
Material gaps present. Independent review recommended before renewal.
0–9
Audit Risk
Significant exposure likely. Engage specialist support immediately.
Group 1 — License Type & Scope
01
Confirm whether you hold a HANA Runtime or HANA Full-Use licence — and that the licence type matches your actual usage
This is the single most common source of HANA compliance exposure. Runtime licences are significantly cheaper — typically priced at around 15% of your S/4HANA licence value — but they carry a strict restriction: HANA may only be used as the database engine for SAP applications. If any non-SAP system, custom application, or direct query tool accesses HANA outside of SAP's published interfaces, you are in breach of the Runtime terms and require Full-Use licences, which are priced on a per-GB memory basis at list price with minimal discount opportunity. Confirm this in your contract, not just verbally with your account manager.
⬤ High Risk
02
Map every application — SAP and non-SAP — that connects to your HANA database
Many organisations discover non-SAP workloads on HANA only during an audit. Common culprits include custom Python or SQL reporting tools, data lake pipelines, RPA bots querying HANA tables directly, and BI tools such as Tableau or Power BI connected via ODBC. Each of these may constitute Full-Use territory if your licence is Runtime. Build and maintain a connection inventory using HANA system views (M_CONNECTIONS, M_SESSIONS) and cross-reference against your contracted licence scope.
⬤ High Risk
03
Verify that any BW/4HANA or BW on HANA deployment is separately licenced where required
SAP BW running on HANA is treated as a distinct application with its own licence entitlement. Some customers assume the BW workload is covered under the S/4HANA Runtime licence — it is not. If BW and S/4HANA share a HANA platform licence, confirm the specific contract language permits this. In many cases, a combined HANA licence covering both workloads must be explicitly purchased. The distinction matters because SAP's audit programmes routinely check the HANA Technical System Landscape ID to validate which applications are authorised per licence.
⬤ Medium Risk
04
Check whether HANA Extended Application Services (XSA or XSC) are deployed and covered under your current licence
HANA XSA (Extended Application Services, Advanced Model) enables custom application development directly on the HANA platform. Using XSA to build and run non-SAP applications requires a Full-Use licence. If your team has developed internal microservices, APIs, or data applications that run inside the XSA framework, and you hold only a Runtime licence, you have a compliance gap. Review your HANA system landscape for XSA deployments and cross-check with your licence agreement.
⬤ Medium Risk
Group 2 — Memory Sizing & Calculation
05
Calculate your current HANA memory usage and compare it against your licenced capacity
For Full-Use licences, HANA is licenced in memory blocks — typically 64 GB increments with list prices of $40,000–$60,000 per block. Query the M_HOST_RESOURCE_UTILIZATION system view to obtain real-time memory consumption. The critical metric is not total server RAM but the HANA instance's allocated and consumed memory. Many organisations grow their datasets over time without re-checking their licenced capacity, and SAP's audit programmes now specifically target memory overage. If you are within 10% of your licenced limit, initiate an optimisation review immediately.
⬤ High Risk
06
Apply SAP's compression ratio expectations to your raw data volume to validate your sizing estimate
HANA's columnar compression typically achieves a 4:1 ratio against raw data volume — meaning 1 TB of raw transactional data should require approximately 250 GB of HANA memory. However, compression ratios vary significantly by data type: highly structured, repetitive data compresses well, while unstructured or sparse datasets may compress at only 2:1 or less. Use SAP's Quick Sizer tool and your actual M_CS_TABLES view data to validate your compression baseline before purchasing or renewing capacity. Overstating compression leads to under-licensing; understating it means you are paying for capacity you do not need.
⬤ Medium Risk
07
Confirm that Native Storage Extension (NSE) warm data is correctly accounted for in your licence
HANA's Native Storage Extension allows less frequently accessed (warm) data to reside on persistent storage rather than in-memory, reducing the in-memory footprint and therefore potentially reducing your licenced memory requirement. However, NSE data must still be covered under your HANA licence — the data does not disappear from the licencing scope. Verify with SAP how NSE data is counted in your specific agreement: some contracts count only the in-memory hot data tier, while others count the full managed dataset. Misunderstanding this can result in either over-payment or audit exposure.
⬤ Medium Risk
08
Review your data archiving practices and confirm that archived data has been removed from the HANA memory footprint
Data archiving is one of the most effective levers for reducing your licenced HANA memory requirement. Transactional data from closed financial periods, completed orders, and historical records that are no longer needed for operational reporting should be systematically archived to lower-cost storage. Each GB archived reduces your memory licence cost at renewal. Establish an annual archiving calendar aligned with your HANA renewal cycle, targeting 10–20% memory reduction per cycle where your data age profile allows it.
⬤ Low Risk
Download the SAP Audit Defence Framework
Our 40-page guide covers HANA memory optimisation, indirect access defence, and RISE with SAP contract negotiation — used by 200+ enterprise teams.Group 3 — Indirect Access & Digital Access
09
Identify every third-party system that creates documents in S/4HANA via APIs, middleware, or RPA bots
SAP's Digital Access model charges per document created in SAP by external systems — not per user. The nine core document types include sales orders, purchase orders, delivery documents, invoices, goods movements, production orders, maintenance orders, service orders, and financial documents. If your CRM platform automatically raises sales orders in S/4HANA, or your EDI system creates purchase orders, each of those documents triggers a Digital Access charge unless you have purchased document licences. Without a Digital Access agreement in place, SAP can calculate and bill for all such documents retrospectively during an audit, often with maintenance charges added.
⬤ High Risk
10
Run SAP's Digital Access Adoption programme or an equivalent document count measurement to quantify your indirect exposure
SAP's Digital Access Adoption (DAA) programme offers a structured path for customers to measure and regularise their indirect access position. Participating before an audit puts you in a far stronger negotiating position than having SAP conduct the measurement on their terms. The key metric is annual document volume per type, which then maps to SAP's per-document pricing schedule. Critically, SAP's own estimation tools have been known to overcount documents by treating internally generated SAP-to-SAP transactions as indirect access. An independent measurement often reduces the apparent exposure by 30–50%.
⬤ High Risk
11
Verify that technical users assigned to integration systems are correctly licenced and do not create indirect access gaps
A common misunderstanding: assigning a Named User licence to a technical integration user does not automatically cover the documents that integration system creates. Named User licences cover human-to-system interaction. If a technical user represents a middleware platform creating thousands of sales orders daily, those documents are subject to Digital Access pricing regardless of the technical user licence. Review all technical users in your SAP system (SU01 type I or S users) and confirm whether the systems they represent are creating business documents.
⬤ Medium Risk
12
Check whether your contract predates SAP's 2018 Digital Access model shift and whether legacy indirect access terms still apply
SAP introduced the Digital Access model in 2018 as a replacement for the user-count-based indirect access model. Customers who signed their master agreements before 2018 may still be operating under the older framework, which in some cases provides more favourable terms. Before agreeing to any contract amendment or migration to Digital Access pricing, verify your legacy entitlements with legal support. Some pre-2018 agreements include language that limits SAP's ability to enforce indirect access claims for specific integration patterns.
⬤ Medium Risk
Group 4 — Scale-Out, Failover & Multi-Tenancy
13
Confirm that all HANA scale-out worker nodes are included in your licenced memory capacity
Scale-out HANA deployments distribute data across multiple server nodes to handle large data volumes. Each worker node contributes memory to the total HANA footprint, and all worker node memory must be covered by your licence. Standby nodes used purely for failover — with no active data held in memory — are typically covered under standard HA terms and do not require additional licence capacity. However, this distinction must be explicitly confirmed in your contract. If your standby node holds a warm copy of the data in memory, it may be classified as an active node requiring its own licence.
⬤ Medium Risk
14
Review Multi-Tenant Database Container (MDC) configurations to ensure all tenants are covered by your licence
HANA Multi-Tenant Database Containers allow multiple isolated HANA databases to run within a single HANA instance. Each tenant database consumes memory from the shared pool, and the aggregate memory across all tenant containers must be within your licenced capacity. Organisations frequently add tenant databases for development, quality assurance, or sandbox purposes without accounting for their memory consumption. Use the M_DATABASE system view in the system database to audit all tenant containers and their memory allocations.
⬤ Medium Risk
15
Confirm that Development, Test, and QA HANA systems are correctly licenced under your enterprise licence terms
Development and test systems are a significant source of unlicensed HANA usage. SAP's standard licence terms require separate licence entitlement for non-production HANA instances unless your agreement includes explicit development-use rights. Some enterprise agreements include a fixed allowance — for example, one non-production system at up to 50% of the production memory capacity — but this must be confirmed in writing. Organisations operating three or four HANA landscape tiers (production, pre-production, test, development) without licence cover for each tier carry significant audit exposure.
⬤ High Risk
Group 5 — RISE with SAP & Cloud Deployment
16
Understand how HANA database licensing is bundled within your RISE with SAP subscription and what is included vs separately chargeable
In RISE with SAP, the HANA database is included as part of the subscription — you do not purchase a separate HANA memory licence. However, the bundling creates its own complexity: the included HANA capacity is tied to the infrastructure sizing SAP provisions on your behalf, and SAP controls what hyperscaler infrastructure (vCPUs, RAM) is allocated. If your data volumes grow beyond the initial provisioned capacity, SAP may require a contract amendment and an uplift in subscription fees. Negotiate HANA capacity growth rights — and the pricing for exercising those rights — at contract signature, not at renewal.
⬤ Medium Risk
17
Verify that your RISE with SAP contract includes capped annual uplift rates for infrastructure components
SAP's standard RISE renewal terms historically included 8–15% annual infrastructure uplifts. Customers who accept SAP's standard terms commonly experience 15–25% year-on-year cost increases by the time renewal arrives, compounding through the contract term. Negotiate explicit caps — typically 3–5% per annum — on all infrastructure-related line items before signing. Failure to secure this creates a pricing cliff at the end of the initial term that significantly exceeds the expected total cost of ownership presented in SAP's pre-sale business case.
⬤ High Risk
18
Review the data egress and integration costs within RISE with SAP that are not visible in the headline subscription price
RISE with SAP bundles hyperscaler infrastructure, but data egress charges — the cost of moving data out of the HANA environment to external analytics platforms, data lakes, or API consumers — are typically passed through at cost and are not capped in the base subscription. For organisations with high data integration volumes (large ETL pipelines, near-real-time analytics, or significant API traffic), these charges can add 15–30% to the apparent subscription cost. Conduct a data flow mapping exercise before signing RISE to quantify egress volume and negotiate fixed or capped rates where possible.
⬤ Medium Risk
Group 6 — Compliance Monitoring & Governance
19
Establish automated memory usage monitoring with alerts at 80% and 95% of licenced HANA capacity
HANA memory usage can increase gradually through data growth, new workloads, and schema proliferation without triggering any obvious operational event. Without proactive monitoring, organisations routinely exceed their licenced capacity for months before discovering the breach — either through their own governance processes or, more expensively, during an SAP audit. Configure HANA alerts using the HANA Cockpit or an SAM tool to notify your licensing team at 80% capacity (time to plan) and 95% (time to act). At 95%, you should already have an optimisation or expansion plan ready to execute.
⬤ Medium Risk
20
Conduct a formal HANA licence position review at least 12 months before your next SAP renewal or audit window
A 12-month lead time gives you leverage. If you discover exposure with 12 months to renewal, you have time to negotiate a settlement that is structured into the renewal rather than paid as a standalone penalty. Customers who discover issues at 3 months or less have almost no negotiating room — SAP's account team will know you have a deadline and will price accordingly. Build a formal HANA licence review into your annual IT governance calendar, aligned to your SAP anniversary date.
⬤ Low Risk
21
Confirm that your organisation maintains a complete, current inventory of all SAP HANA licence entitlements, including version and metric details
The licence entitlement inventory is your primary defence document in any SAP audit. It should capture: the exact licence type (Runtime or Full-Use), the licenced memory capacity in GB, the authorised application scope, the metric version referenced in the contract, and any supplementary rights or restrictions. Many organisations hold this information across multiple procurement documents, contract amendments, and order forms — but have never consolidated it into a single validated record. Without this, it is impossible to determine your compliance position with confidence, and SAP's auditors will use any ambiguity to their advantage.
⬤ Medium Risk
22
Engage an independent SAP licensing specialist for a pre-audit healthcheck at least once every three years
SAP audits are conducted by professionals who review HANA environments hundreds of times per year. Internal IT teams — however capable — typically lack the frequency of engagement to stay current with SAP's evolving licence definitions, metric changes, and audit methodology. An independent specialist review every three years (or before any major SAP investment decision) provides an objective assessment of your position, identifies issues your team may not know to look for, and produces a documented remediation plan that demonstrates good faith to SAP if an audit does occur. The cost of a specialist review is consistently lower than the cost of a single audit finding.
⬤ Low Risk
"In our experience, enterprises that conduct proactive HANA licence reviews save an average of 22% on their next renewal compared to those who enter the renewal cycle without one. The savings come from optimised memory sizing, corrected licence type, and a negotiating position built on evidence rather than assumption."
What to Do With Your Checklist Results
If you have confirmed 18 or more items, your HANA licensing position is well-managed. Focus your energy on maintaining the monitoring and governance disciplines in Group 6 and revisiting the checklist annually as your environment evolves.
If your score falls between 10 and 17, you have identified material gaps that should be addressed before your next SAP renewal or before you receive an audit notification. Prioritise any items marked as High Risk — particularly licence type confirmation, memory capacity tracking, and indirect access exposure mapping. These are the areas SAP's audit programmes target most aggressively in 2025 and 2026.
If your score is below 10, or if you have answered Unknown to multiple High Risk items, you are carrying active audit exposure that could materialise as an unbudgeted cost event at any time. The indirect access and memory capacity items in particular can generate settlements running into the millions of pounds for mid-sized enterprises. Engaging an independent specialist to conduct a structured HANA licence review is the appropriate next step — not to prepare a defence, but to get ahead of the issue on your own terms.
Speak with a Redress SAP Licensing Specialist
We work buyer-side only. No vendor relationships, no conflicts. We will review your HANA position and tell you exactly where you stand.Further Reading on SAP HANA Licensing
For deeper coverage of specific HANA topics, visit the Redress SAP Knowledge Hub. Key resources include our guides on Runtime vs Full-Use licence comparison, SAP indirect access rules and costs, and RISE with SAP licensing changes and the 2027 deadline.