In MAS, the security model is the license bill.
AppPoint consumption is set by each user's tier and access type, and tier and access are set by security. You cannot size the license without designing access, and you cannot design access well without knowing the AppPoint consequence. This is the Workshop that diagnoses it, the Playbook that builds it, and a set of free tools that get you a real number before you commit to either.
Most teams treat licensing and security as separate projects owned by separate people. In MAS they are the same project. A single field on each security group, its license impact, sets that group's MAS tier. The tier and the access type then drive how many AppPoints each user consumes. Design the groups without watching the tier, and you have designed the bill without reading it.
There is a direction to this that catches people out. Adding a user to another group can only widen what they can reach, which can only hold or raise their tier and their AppPoint cost. Data restrictions narrow what a user sees inside that access, but they do not lower the license tier the access sits on. So the instinct to "just add another group to be safe" is the instinct that quietly inflates the license.
The artifact that makes this concrete is the Access-to-AppPoint Impact Matrix: every role and group shown next to its tier and its AppPoint cost, so the consequence of an access decision is visible at the moment you make it. That matrix is the spine of the Playbook, and the free tools below are how you start building toward it.
The universal clock: IBM's stated path forward for every Maximo customer is MAS, and the older Maximo and MAS 8.x versions have moved past their primary support dates. There is a separate, finite window for moving onto the AppPoint license model itself. If you are still on an older release, the question is not whether you move, only when and how cleanly.
The federal accelerant: MAS as a Service for Government reaching its FedRAMP authorization put a firm horizon under federal environments that older arrangements do not satisfy. Regulated industries face the same pressure from a different direction, since unsupported software is its own audit exposure under ISO, FDA, and NERC CIP.
The exact dates move, so I keep the current timeline in the news-pegged article rather than baking it into this page. The planning point does not move: the migration is not optional and the window is not open forever, so sizing the license correctly is worth doing once, properly, instead of porting an oversized model onto a more expensive platform.
These two guides are built as a pair. The Workshop is the diagnose-and-decide half: it tells you where you stand and what the right model looks like. The Playbook is the execute half: it builds that model in MAS, down to the security configuration and the consumption tracking. A junior consultant can run either one and a senior consultant still learns something from both.
A structured session that assesses your current access and license model, scores it against a weighted question bank, and turns the results into a roadmap and a leadership-ready case. This is where the reduce, hold, or redeploy decision actually gets made, with the scenarios and the growth math behind it.
The build guide. Inventory access and consumption, design the target role model, translate access into AppPoints, validate against entitlement and budget, build it in MAS, then govern and true up. The security art lives here: the three layers, how data restrictions actually work, and the assigned-storeroom solve worked end to end.
Both guides and their companion kits are being finished now. If you want a heads-up when they land, tell me what you are running and I will point you to the right starting place in the meantime.
You do not need either guide to start. These three tools are free, they run in your browser, and they store nothing. Use them to get a defensible ballpark, then bring the hard decisions to the Workshop.
Model every role together: tiers, authorized versus concurrent, install reservations, and a shared concurrent pool. The anchor tool, and where your right-sized consumption number comes from.
Open Estimator →A ten-question self-assessment that tells you whether your security and license model is ready to migrate, or whether you would be porting a mess onto a new platform.
Open Quick-Score →Settle authorized versus concurrent for any role, with a live break-even line and a shift model that derives real peak demand. One of the biggest sources of recoverable capacity.
Open Calculator →Before any of the detailed work, leadership usually wants one number: how much AppPoint capacity is sitting between what we license and what we would actually use. This teaser answers that from two inputs and names three honest ways to use it, without increasing your current entitlement. It is the ballpark, not the decision. The decision is the Workshop.
This is the home for the full offering. As each piece is finished it lands here. Today the free tools are live; the rest is in production.
Run the free tools to get your ballpark. When you are ready to turn it into a defensible plan you can take to renewal, that is the Workshop, and that is what I do.