Skip to Content
Fale conosco
Chat online Chat off-line
Converse conosco para comprar soluções SAP.
Fale conosco
Envie-nos e-mails com comentários, questões ou feedback.

SAP Trust Center

SAP Trust Center

Find the information you need on cloud performance, security, privacy, and compliance.

Compliance

SAP regularly undergoes audits and reviews of its policies and controls, including data security and privacy regulations worldwide.

Image of a hand and shield representing trust

On this page:

Compliance Certificates, Reports, and Attestations

ISO/BS Certificates Service Organization Control Reports Other Certifications and Attestations

Find below the available ISO and BS certificates for SAP solutions. Click on “find a certificate” to see a list of the available documents to view and download.

ISO/IEC 9001

Quality Management System

Find a certificate
ISO/IEC 27001

Security Management System

Find a certificate
ISO/IEC 22301

Business Continuity Management System

Find a certificate
BS 10012

Personal Information Management System

Find a certificate
ISO/IEC 27018

ISO 27018 Code of practice for personal DATA protection

Find a certificate
ISO/IEC 27017

Code of practice for Cloud service information security

Find a certificate

SAP offers Service Organizational Control (SOC) reports to provide insights into the design and operating effectiveness of internal control systems implemented within cloud delivery units. For legal reasons, you will need to give further information when requesting some of the SOC reports. For any questions, please click on the contact us box on this page. 

SOC 1 Reports
Find all SOC1 Reports
SOC 2 Reports
Find all SOC2 Reports
SOC 3 Reports
Find all SOC3 Reports

Besides ISO standards and SOC reports, selected cloud solutions from SAP provide additional certifications and attestations.

Payment Card Industry Data Security Standard (PCI DSS)
Find all PCI DSS Attestations
Good Practice Quality Guidelines and Regulations (GxP)
Find all GxP documents
Cloud Computing Compliance Controls Catalogue (C5)
Find all C5 Reports
Trusted Information Security Assessment Exchange (TISAX)
Find all TISAX Assessments
Federal Service for Technical and Export Control (FSTEC)
Find all FSTEC certificates
Cloud Security Alliance (CSA)
Find all CSA certificates

My SAP Trust Center

Additional access to documentation

The support portal edition of the SAP Trust Center extends the public offering by granting access to additional information, documents, and other content available only to SAP customers and partners with a valid SAP user ID. Sign in and learn more. 

  • Statement of Applicability (SoA)
  • Evidence documents from SAP partners

Compliance FAQ's

Frequently Asked Questions

Is SAP ISO certified?

Since 1998 SAP has held an ISO 9001 certificate. We are also certified according to ISO 27001, ISO 22301, and BS 10012. All locations worldwide work according to one common process framework, including data security and privacy regulations. We regularly check compliance though internal reviews and audits.

Learn more

What Exactly Is BS 10012:17 from BSI and What Does It Provide?

It specifies a framework for implementing a personal information management system (PIMS)2 in compliance with the General Data Protection Regulation (GDPR) and mandates the implementation of such a system within corporate security programs. It describes a framework to manage the privacy of personal data and implement necessary policies, procedures, and controls to help ensure compliance with the GDPR.

Read more

How can I request ISO certificates/SOC requests?

Go to the Compliance Finder web page and search for the document you need.

What is the difference between a SOC 1 and SOC 2 report?

A SOC 2 report, similar to a SOC 1 report, evaluates internal controls, policies, and procedures. However, the difference is that a SOC 2 reports on controls that directly relate to the security, availability, processing integrity, confidentiality, and privacy at a service organization.

Back to top