Skip to Content

SAP S/4HANA Cloud C5 Audit Report 2020

The scope of this C5 report includes the SAP S/4HANA Cloud as offered in the primary data centers in Ashburn (US), Colorado Springs (US), Dubai (United Arab Emirates), Frankfurt (Germany), Moscow (Russia), Osaka (Japan), Riyadh (Saudi Arabia), Shanghai (China), St. Leon-Rot (Germany), Sterling (US), Sydney (Australia), Tokyo (Japan), Toronto (Canada) and in Google Cloud Platform data centers Council Bluffs (US), Sao Paulo (Brazil) and Frankfurt (Germany).

SAP S/4HANA Cloud (SAP Business Suite 4 SAP HANA Cloud) is providing a new generation of business applications – simple enterprise software for big data and agility. SAP S/4HANA Cloud is fully built on the in-memory platform SAP HANA. Using the advanced potential of SAP HANA, SAP S/4HANA Cloud is designed for business and provides an instant insight by using a single source of truth, real-time processes as well as by dynamic planning and analysis. With SAP Fiori user experience and less complex data model it is designed to run simple, and in parallel reduces the data footprint of your company. SAP S/4HANA Cloud is also already connected to business networks and company-internal collaboration networks (for example, SAP Jam Collaboration) and prepared for the Internet of things. With all these aspects, SAP is protecting your investments by facilitating next generation business applications. SAP S/4HANA Cloud is available as software-as-a-service.

SAP Marketing Cloud
SAP Marketing Cloud enables marketers to understand the real-time intent of individual customers to dynamically deliver contextually relevant experiences across channels, devices, and throughout the entire customer journey. 

The Cloud Computing Compliance Controls Catalogue (abbreviated “C5”) is intended primarily for cloud service providers as well as their customers and auditors. It is defined which requirements (also referred to as controls in this context) the cloud providers have to comply with or which minimum requirements the cloud providers should be obliged to meet. The catalogue is divided into 17 thematic sections (e.g. organization of information security, physical security). The surrounding parameters provide additional information on the data location, provision of services, place of jurisdiction, certifications and duties of investigation and disclosure towards government agencies and contain a system description.

SAP S/4HANA has prepared C5 Type 2 audit reports by an independent 3rd party accountant. This version of the report covers the audit period 1. November 2019 to 31. October 2020, the primary data centers in locations Ashburn (US), Colorado Springs (US), Dubai (United Arab Emirates), Frankfurt (Germany), Moscow (Russia), Osaka (Japan), Riyadh (Saudi Arabia), Shanghai (China), St. Leon-Rot (Germany), Sterling (US), Sydney (Australia), Tokyo (Japan), Toronto (Canada) and in Google Cloud Platform data centers Council Bluffs (US), Sao Paulo (Brazil) and Frankfurt (Germany).

The use of this report is restricted. A copy of this report is available for all SAP S/4HANA Cloud customers with productive systems. This report is also available for prospective customers under the signed non-disclosure agreement.

Back to top