For the SAP SE confidentiality, availability and integrity of information have great value. We have taken extensive measures on protection of customer information. Therefore, we follow the question catalogue of information security of the German Association of the Automotive Industry (VDA ISA). The TISAX (Trusted Information Security Assessment Exchange) Assessments are conducted by the accredited audit providers that demonstrate their qualification at regular intervals. The result is exclusively retrievable over the ENX Portal: https://enx.com/tisax.
The scope of this assessment includes the SAP Cloud Platform services hosted in SAP SE's data centers St. Leon–Rot, Germany and in the co-location data centers Amsterdam, Netherlands. The SAP Cloud Platform services are operated from SAP headquarter Walldorf (Germany) as well as in the SAP subsidiaries Bangalore (India), Paris (France), Ra'anana (Israel), Sofia (Bulgaria), St. Leon-Rot (Germany), and Vancouver (Canada).
SAP uses other cloud providers (Microsoft Azure, Amazon Web Services and Google Cloud Platform) to enable hyper-scaling for its services provided by SAP Cloud Platform.
SAP Cloud Platform is the SAP Business Application Platform-as-a-Service (PaaS) offering. As an essential part of SAP’s cloud strategy, it enables SAP and its partners and customers to develop, deploy, run, operate, and use applications in a cloud environment. SAP Cloud Platform is a multitenant public cloud offering which allows application providers, including SAP itself, to build lightweight, collaborative, network-oriented applications to complement and extend existing SAP solutions.
The ENX Association supports with TISAX on behalf of VDA the common acceptance of Information Security Assessments in the automotive industry. TISAX and TISAX results are not intended for general public.