SAP Business ByDesign SOC 1 (ISAE 3402) Audit Report 2023 H2
SAP Business ByDesign is a cloud-based Software-as-a-Service (SaaS) ERP offering for mid-market companies and subsidiaries, powered by SAP HANA®. With SAP Business ByDesign (ByD), organizations can manage their entire business with a single cloud ERP solution. It is suited for mid-market companies and subsidiaries of large corporations. This complete and integrated Software-as-a-Service (SaaS) suite supports financials, human resources, sales, procurement, customer service, supply chain management and more. Additionally, ByD has integration capabilities with a variety of SAP’s LoB based cloud solutions like SuccessFactors, Concur etc.
SAP ByD infrastructure is located at the following SAP-owned data centers, colocation, and SAP Converged Cloud (managed by SAP Cloud Infrastructure - SCI) data centers listed below:
DC Locations |
Colorado Springs, USA |
Frankfurt, Germany |
Shanghai, China |
Sydney, Australia |
St. Leon Rot, Germany |
Walldorf, Germany (geographically separated) |
SOC 1 reports are prepared in accordance with AT-C section 320, Reporting on an Examination of Controls at a Service Organization Relevant to User Entities’ Internal Control Over Financial Reporting, and evaluate the effect of the controls at the service organization on the user entities’ financial statements. SOC 1 reports are specifically intended to meet the needs of the entities that use service organizations (user entities) and the CPAs that audit the user entities’ financial statements (user auditors). SOC 1 Type 1 report on the fairness of the presentation of management’s description of the service organization’s system and the suitability of the design of controls to achieve the related control objectives as of a specified date, whereas a SOC 1 Type 2 also includes the operating effectiveness of controls to achieve the related control objectives throughout a specified period.
SAP Business ByDesign has regularly prepared SOC1 Type 2 audit reports by an independent 3rd party accountant. This version of the report covers the audit period 1. April 2023 to 30. September 2023.
The use of these reports is restricted to the management of the service organization, user entities, and user auditors. A copy of this report is available for all SAP Business ByDesign customers who had productive and had financially-relevant systems during the audit period covered by the report.
SAP Business ByDesign is a cloud-based Software-as-a-Service (SaaS) ERP offering for mid-market companies and subsidiaries, powered by SAP HANA®. With SAP Business ByDesign (ByD), organizations can manage their entire business with a single cloud ERP solution. It is suited for mid-market companies and subsidiaries of large corporations. This complete and integrated Software-as-a-Service (SaaS) suite supports financials, human resources, sales, procurement, customer service, supply chain management and more. Additionally, ByD has integration capabilities with a variety of SAP’s LoB based cloud solutions like SuccessFactors, Concur etc.
SAP ByD infrastructure is located at the following SAP-owned data centers, colocation, and SAP Converged Cloud (managed by SAP Cloud Infrastructure - SCI) data centers listed below:
DC Locations |
Colorado Springs, USA |
Frankfurt, Germany |
Shanghai, China |
Sydney, Australia |
St. Leon Rot, Germany |
Walldorf, Germany (geographically separated) |
SOC 1 reports are prepared in accordance with AT-C section 320, Reporting on an Examination of Controls at a Service Organization Relevant to User Entities’ Internal Control Over Financial Reporting, and evaluate the effect of the controls at the service organization on the user entities’ financial statements. SOC 1 reports are specifically intended to meet the needs of the entities that use service organizations (user entities) and the CPAs that audit the user entities’ financial statements (user auditors). SOC 1 Type 1 report on the fairness of the presentation of management’s description of the service organization’s system and the suitability of the design of controls to achieve the related control objectives as of a specified date, whereas a SOC 1 Type 2 also includes the operating effectiveness of controls to achieve the related control objectives throughout a specified period.
SAP Business ByDesign has regularly prepared SOC1 Type 2 audit reports by an independent 3rd party accountant. This version of the report covers the audit period 1. April 2023 to 30. September 2023.
The use of these reports is restricted to the management of the service organization, user entities, and user auditors. A copy of this report is available for all SAP Business ByDesign customers who had productive and had financially-relevant systems during the audit period covered by the report.