I understand the pull. The spreadsheet feels like progress, and progress feels like the thing the deadline wants.
Here is the problem. A spreadsheet will hand you a number. It will not tell you whether it is the right one, because sizing AppPoints is a decision exercise, not a data-entry exercise. A structured assessment is not a longer spreadsheet. It is a different kind of work. The number is downstream of a dozen judgment calls, and the calls are where the money is. Make them deliberately, before you quote, and the spreadsheet is just the place you write down the answers. Skip them and you will quote your current mess, sign it, and meet the problems after the contract is locked.
The number is the easy part. The decisions are not.
Multiplying tiers by headcount is arithmetic. Anyone can do it, and a spreadsheet does it instantly. The hard part is everything feeding the arithmetic: which tier each role truly needs based on the work, Authorized or Concurrent for each population, who belongs in Self-Service at zero, how narrow your admin really is, and what each environment costs under your deployment model. Get those decisions right and the math is trivial. Get them wrong and a flawless spreadsheet totals a wrong number flawlessly. The tool is not the risk. The inputs are, and the inputs are decisions.
What a solo spreadsheet pass misses
A spreadsheet only captures what you already thought to put in columns. That is exactly its blind spot, because the decisions you did not know were decisions never show up in it. A few of the ones I see missed most often:
The questions you do not know to ask
If you have not sized a MAS move before, you do not yet know which choices change the number and which do not, so they never make it into a column.
Cross-role interactions
Access is shaped by the combined effect of a user's groups. Higher privileges can prevail, and data-restriction conditions can OR together, so a person's real tier and real reach can come out broader than the row you sized them in, driven by a group you did not account for. A row-by-row estimate cannot see that, because the interaction lives between the rows. This is the mechanism behind the three layers of Maximo security.
Tier floors hidden in add-ons
Some capabilities carry no separate price line but force every user who touches them onto a higher tier. If you did not know to look, your spreadsheet undercounts, and the quote that comes back looks like padding when it is really a floor you missed. That is the same tier-forcing effect behind freeing AppPoints.
The shared concurrent pool
Concurrent is one pool across the whole suite, not a separate pool per role, so you cannot size it role by role in isolation and add it up. The real number depends on when populations overlap, which is the whole point of why Concurrent is a peak-usage bet.
The politics of taking access away
A spreadsheet will happily say "move this manager to Base." It will not warn you that the manager hears that as a demotion, escalates, and unwinds your savings inside a month. That is not a data problem, and no formula catches it.
| Dimension | What a spreadsheet handles | What a structured assessment adds |
|---|---|---|
| Tier times headcount math | Does it instantly | Reaches the same total |
| The decisions you did not know to make | Misses them | Surfaces them |
| Cross-role and combination effects | Cannot see them, they live between the rows | Models them |
| Tier floors in add-ons | Undercounts | Flags them |
| The concurrent pool across roles | Sized role by role, which is wrong | Sizes it together |
| The politics of removing access | Ignores it | Plans for it |
| A defensible roadmap, not just a total | A total | Produces the roadmap |
Quote last, not first
The order is the whole game. Quote your current state and you price the accumulated mess, sign it, and find the problems afterward, when changing them costs a renegotiation. Assess first, design the target model, then quote the designed model, and you sign a number you can defend line by line. The sizing article and the quote article both land on the same point from different directions: the number you hand a reseller should be the number your roles need, not the number your history produced.
What a structured assessment actually does
A structured assessment surfaces the decisions you did not know you were making, weights them by how much they move the number, scores where your access model stands today, and turns that into a roadmap from your current state to a target you can build and defend. The output is the difference between a total and a plan.
It does one more thing that matters more than the math. The missing piece in most sizing is not a better formula. It is getting the people who own access, cost, and operations into the same decision process before the formula runs. A structured assessment puts the security owner, the budget owner, and the operations owner in one room with someone to facilitate, and gets them to agree on the target before anyone starts pulling access, so the reductions survive contact with the organization. A number nobody fought over on a spreadsheet falls apart the first time someone with authority objects. A target the right people signed off on holds.
When a spreadsheet is genuinely enough
I am not going to tell you everyone needs a formal assessment. A small single-site shop with clean roles, no add-ons, and nobody who will fight a tier change can size in a spreadsheet and be fine. Use the right tool for the size of the problem. The structured assessment earns its place when you have many roles, multiple sites, add-ons in play, contested access, or a number you will have to defend to leadership. The more of those you have, the more the spreadsheet is hiding from you.
So before you open the spreadsheet, take an honest read of where you stand. How clean are your roles really. How much access is by title rather than work. How many add-ons are in the picture. How contested the politics will be. That read tells you whether a spreadsheet pass is enough or whether you need the full assessment.
I built a free Access and License Quick-Score for exactly that read. It is a short self-assessment that scores how ready your access model is and tells you, honestly, whether you can size this yourself or whether the structured assessment will pay for itself. Run it before you commit either way.
What this covers, and what the paid material covers
This article makes the case for assessing before you quote and gives you a quick self-score. The weighted question bank, the scoring model, the facilitated session, and the roadmap build are the AppPoints and Security Groups Workshop.
The self-score tells you where you stand. When the answer is "many sites, contested access, a number I have to defend upward," that is the Workshop, run as a structured session, not a spreadsheet you fill in alone the week before the quote is due.
Frequently Asked Questions
Can I just size MAS AppPoints in a spreadsheet?
For a small single-site shop with clean roles, no add-ons, and nobody who will fight a tier change, yes, a spreadsheet pass is fine. The more roles, sites, add-ons, contested access, and leadership scrutiny you have, the more a spreadsheet hides from you, and the more a structured assessment pays for itself.
Why is sizing AppPoints a decision exercise, not data entry?
Because multiplying tiers by headcount is trivial arithmetic; the hard part is the judgment feeding it: which tier each role truly needs, Authorized or Concurrent per population, who belongs in Self-Service, how narrow admin is, and how each environment is priced. Get the decisions right and the math is easy; get them wrong and a flawless spreadsheet totals a wrong number flawlessly.
What does a solo spreadsheet pass miss?
The decisions you did not know were decisions: the questions you do not know to ask, cross-role combination effects where access ORs together broader than the row, tier floors hidden in add-ons, the shared concurrent pool that cannot be sized role by role, and the politics of taking access away that no formula catches.
Should I quote before or after the assessment?
After. Quote your current state and you price the accumulated mess, sign it, and meet the problems once changing them costs a renegotiation. Assess first, design the target model, then quote the designed model, and you sign a number you can defend line by line.
Quick Maximo questions are always free. Reach out on LinkedIn. I never charge for chatting.