diff --git a/rules/community/sap/README.md b/rules/community/sap/README.md
index 86312a7..a4fd1f9 100644
--- a/rules/community/sap/README.md
+++ b/rules/community/sap/README.md
@@ -128,4 +128,10 @@ credentials, or PII.
 | Category | Requirement |
 | :--- | :--- |
 | **Case Sensitivity** | All entries must be in **UPPERCASE**. SAP logs store User IDs, Roles, and Programs in uppercase; lowercase entries will result in missed detections. |
-| **Maintenance** | Lists should be reviewed quarterly or following any major SAP transport cycle where new `Z` programs or roles are introduced. |
\ No newline at end of file
+| **Maintenance** | Lists should be reviewed quarterly or following any major SAP transport cycle where new `Z` programs or roles are introduced. |
+
+[!WARNING]
+ **Test Before Deploying:** These SAP community detection rules serve as
+ foundational templates. Because every SAP environment is unique, you should
+ thoroughly test all rules against historical data and modify their logic as
+ needed to match your specific logging structures and security use cases.