SAP Signavio SOC 1 Audit Report 2025 H1

​Please Note: Starting from 2025 H1, SAP will release new SOC 1, SOC 2 and C5 audit reports called “SAP Central Cloud Services” comprising of SAP Cloud Services (IaaS, PaaS, SaaS) and SAP central services. Customers will automatically receive a copy of this audit report in addition to the requested report(s) to assess relevant controls of the internal subservice organization “SAP Central Cloud Services” as outlined in Section III.

​Learn More: Digital Resources & Enablement

SAP Signavio enables organizations not only to understand their existing business processes but also to proactively manage and optimize those processes, achieving the agility necessary for success and thriving. SAP Signavio reinvents the concept of ‘process outcomes,’ delivering business results that span product and component boundaries — from process mining to process customer journey modeling initiatives. Leveraging customer experience data and process mining allows for an understanding of operational root causes for customer frustration or happiness. Transitioning between tasks seamlessly, set widgets, share modeling feedback and reviews, and collaborate globally without having to worry about the underlying technologies that deliver the experience.

 

SAP Signavio’s distinct products are summarized with the umbrella term “SAP Signavio Process Transformation Suite.”

  • SAP Signavio Journey Modeler

  • SAP Signavio Process Collaboration Hub

  • SAP Signavio Process Explorer

  • SAP Signavio Process Governance

  • SAP Signavio Process Insights

  • SAP Signavio Process Intelligence

  • SAP Signavio Process Manager

  • SAP Signavio Process Transformation Manager

SAP Signavio Process Transformation Suite and SAP Signavio Process Insights data center locations:

Hosted on AWS, SAP Signavio Process Transformation Suite (excluding SAP Signavio Process Insights) multi-tenant cloud instances are located in:

  • Australia: Sydney

  • Canada: Central

  • Germany: Frankfurt

  • Japan: Tokyo

 

  • Singapore

  • South Korea: Seoul

  • USA: N. Virginia

Hosted on AWS and Azure, SAP Signavio Process Insights multi-tenant cloud instances are located in:

  • Australia: Sydney

  • Canada: Central

  • Germany: Frankfurt

  • Japan: Tokyo

  • Netherlands: Amsterdam

  • Singapore

  • South Korea: Seoul

  • USA: N. Virginia

  • USA: Quincy, WA

SOC 1 reports are prepared pursuant to AT-C Section 320 and International Standard on Assurance Engagements No. 3402. SOC 1 reports are specifically intended to meet the needs of the entities that use service organizations (user entities) and the CPAs that audit the user entities’ financial statements (user auditors).  Please note that this examination's scope does not include the controls and related control objectives of any subservice organizations. SOC 1 Type 1 report on the fairness of the presentation of management’s description of the service organization’s system and the suitability of the design of controls to achieve the related control objectives as of a specified date, whereas a SOC 1 Type 2 also includes the operating effectiveness of controls to achieve the related control objectives throughout a specified period.

 

SAP Signavio has regularly prepared SOC 1 Type 2 audit reports by an independent 3rd party accountant. This version of the report covers the audit period 1. October 2024 to 31. March 2025.

 

The use of these reports is restricted to the management of the service organization, user entities, and user auditors. A copy of this report is available for all SAP Concur customers who had productive and had financially-relevant systems during the audit period covered by the report.