SAP Enterprise Management SOC 1 Audit Report 2025 H2

  • SAP Advanced Financial Closing

  • SAP Asset Performance Management

  • SAP Business ByDesign

  • SAP Group Reporting Data Collection

  • SAP Integrated Business Planning

  • SAP Marketing Cloud

  • SAP Project and Resource Management

  • SAP S/4HANA Cloud Public Edition*

  • SAP S/4HANA Cloud Public Edition, Finance Base

  • SAP S/4HANA Cloud Public Edition, Finance Premium (as part of SAP Finance Premium)

  • SAP S/4HANA Cloud Public Edition, Supply Chain Base (as part of SAP Supply Chain Base)

  • SAP S/4HANA Cloud Public Edition, Supply Chain Premium (as part of SAP Supply Chain Premium)

  • Core S/4HANA Cloud Public Edition tenant (as part of Core: GROW with S/4HANA Public Edition, base)

  • Core S/4HANA Cloud Public Edition tenant (as part of Core: GROW with S/4HANA Public Edition, premium)

  • Core S/4HANA Cloud Public Edition tenant (as part of Core: GROW with S/4HANA Public Edition, base (CN))

  • Core S/4HANA Cloud Public Edition tenant (as part of Core: GROW with S/4HANA Public Edition, premium (CN))

  • Core S/4HANA Cloud Public Edition tenant (as part of Core: RISE with SAP S/4HANA Cloud and experience management)

  • SAP S/4HANA Cloud, Digital Access

  • CPEA Voucher

  • SAP S/4HANA Cloud for cash management

  • SAP S/4HANA Cloud for receivables management

  • SAP S/4HANA Asset management for resource scheduling

  • SAP S/4HANA Cloud for contract accounting and invoicing

  • SAP S/4HANA Cloud for contract and lease management

  • SAP S/4HANA Cloud for treasury and risk management

  • SAP S/4HANA Cloud for financial asset management

  • SAP S/4HANA Cloud for advanced payment management

  • SAP S/4HANA Cloud for advanced variant configuration, standard version

  • SAP S/4HANA Cloud for advanced variant configuration, professional version

  • SAP S/4HANA Cloud for group reporting

  • SAP Document and Reporting Compliance for S/4HANA Cloud

  • SAP S/4HANA Cloud for product compliance

  • SAP S/4HANA Cloud for upstream contracts management

  • SAP S/4HANA Cloud for upstream oil and gas revenue management

  • SAP S/4HANA Cloud for advanced ATP

  • SAP S/4HANA Cloud for enterprise contract management

  • SAP S/4HANA Cloud for central procurement

  • SAP S/4HANA Cloud for intelligent accounting automation

  • SAP S/4HANA Cloud for EHS environment management

  • SAP S/4HANA Cloud for EHS workplace safety

  • SAP S/4HANA Cloud for retail, fashion, and vertical business

  • SAP S/4HANA Cloud for asset retirement obligations

  • SAP S/4HANA Cloud for field equipment and material logistics planning and execution

SAP Enterprise Management cloud services are offered out of below locations and infrastructures. For a detailed listing please refer to section III of the SOC report. Not all SAP Enterprise Management cloud services run in each location.

 

  • Amsterdam, The Netherlands

  • Canada Central

  • Colorado Springs, CO, United States

  • Dubai, United Arab Emirates

  • Frankfurt, Germany

  • Northern Virginia, VA, United States

  • Quincy, WA, United States

  • Riyadh, Saudi Arabia

  • Shanghai, China

  • St. Leon-Rot, Germany

  • Sterling, VA, United States

  • Sydney, Australia

  • Tokyo, Japan

  • Toronto, Canada

  • Walldorf, Germany

  • US East N. Virginia – only AWS

 

Google Cloud Platform

  • Council Bluffs, IA, United States

  • Eemshaven, The Netherlands

  • Dammam, Saudi Arabia

  • Mumbai, India

Microsoft Azure

  • Amsterdam, The Netherlands

  • Quincy, WA, United States

  • VA, Unites States

  • Virginia, United States

SOC 1 reports are prepared pursuant to AT-C Section 320 and International Standard on Assurance Engagements No. 3402. SOC 1 reports are specifically intended to meet the needs of the entities that use service organizations (user entities) and the CPAs that audit the user entities’ financial statements (user auditors).  Please note that this examination's scope does not include the controls and related control objectives of any subservice organizations. SOC 1 Type 1 report on the fairness of the presentation of management’s description of the service organization’s system and the suitability of the design of controls to achieve the related control objectives as of a specified date, whereas a SOC 1 Type 2 also includes the operating effectiveness of controls to achieve the related control objectives throughout a specified period.

 

SAP Enterprise Management has regularly prepared SOC 1 Type 2 audit reports by an independent 3rd party accountant. This version of the report covers the audit period April 1st, 2025 to September 30th, 2025.

 

The use of these reports is restricted to the management of the service organization, user entities, and user auditors. A copy of this report is available for all SAP Enterprise Management customers who had productive and had financially-relevant systems during the audit period covered by the report.